10731679612889c1c6c9df8c1b6e4456_JaffaCakes118

resource	yara_rule
static1/unpack001/$PLUGINSDIR/md5dll.dll	acprotect

resource	yara_rule
static1/unpack001/$PLUGINSDIR/md5dll.dll	upx

resource
unpack001/$PLUGINSDIR/ShellExecAsUser.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UpdHelper.dll
unpack001/$PLUGINSDIR/md5dll.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/Modules/7z.dll
unpack001/System.Data.SQLite.dll

.exe windows:4 windows x86 arch:x86

7ed0d71376e55d58ab36dc7d3ffda898

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

40:bc:e0:51:c1:08:47:00:02:44:fa:12:54:21:2a:09:0c:ab:5a:f8
Signer

Actual PE Digest

40:bc:e0:51:c1:08:47:00:02:44:fa:12:54:21:2a:09:0c:ab:5a:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathW

SetFileTime

CloseHandle

GetShortPathNameW

MoveFileW

SetCurrentDirectoryW

GetFileAttributesW

GetLastError

GetFullPathNameW

CreateDirectoryW

Sleep

GetTickCount

GetFileSize

GetModuleFileNameW

GetCurrentProcess

CopyFileW

ExitProcess

SetEnvironmentVariableW

GetWindowsDirectoryW

GetTempPathW

SetFileAttributesW

ExpandEnvironmentStringsW

LoadLibraryW

lstrlenW

lstrcpynW

GetDiskFreeSpaceW

GlobalUnlock

GlobalLock

CreateThread

CreateProcessW

RemoveDirectoryW

lstrcmpiA

CreateFileW

GetTempFileNameW

lstrcpyA

lstrcpyW

lstrcatW

GetSystemDirectoryW

GetVersion

GetProcAddress

LoadLibraryA

GetModuleHandleA

GetModuleHandleW

lstrcmpiW

lstrcmpW

WaitForSingleObject

GlobalFree

GlobalAlloc

LoadLibraryExW

GetExitCodeProcess

FreeLibrary

WritePrivateProfileStringW

SetErrorMode

GetCommandLineW

GetPrivateProfileStringW

FindFirstFileW

FindNextFileW

DeleteFileW

SetFilePointer

ReadFile

FindClose

MulDiv

MultiByteToWideChar

WriteFile

lstrlenA

WideCharToMultiByte

user32

EndDialog

ScreenToClient

GetWindowRect

RegisterClassW

EnableMenuItem

GetSystemMenu

SetClassLongW

IsWindowEnabled

SetWindowPos

GetSysColor

GetWindowLongW

SetCursor

LoadCursorW

CheckDlgButton

GetMessagePos

LoadBitmapW

CallWindowProcW

IsWindowVisible

CloseClipboard

SetClipboardData

wsprintfW

CreateWindowExW

SystemParametersInfoW

AppendMenuW

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextW

GetDlgItemTextW

MessageBoxIndirectW

CharPrevW

CharNextA

wsprintfA

DispatchMessageW

PeekMessageW

ReleaseDC

EnableWindow

InvalidateRect

SendMessageW

DefWindowProcW

BeginPaint

GetClientRect

FillRect

DrawTextW

GetClassInfoW

DialogBoxParamW

CharNextW

ExitWindowsEx

DestroyWindow

CreateDialogParamW

SetTimer

SetWindowTextW

PostQuitMessage

GetDC

SetWindowLongW

LoadImageW

SendMessageTimeoutW

FindWindowExW

EmptyClipboard

OpenClipboard

TrackPopupMenu

EndPaint

ShowWindow

GetDlgItem

IsWindow

SetForegroundWindow

gdi32

SelectObject

SetBkMode

CreateFontIndirectW

SetTextColor

DeleteObject

GetDeviceCaps

CreateBrushIndirect

SetBkColor

shell32

SHGetSpecialFolderLocation

SHGetPathFromIDListW

SHBrowseForFolderW

SHGetFileInfoW

ShellExecuteW

SHFileOperationW

advapi32

RegCloseKey

RegOpenKeyExW

RegDeleteKeyW

RegDeleteValueW

RegEnumValueW

RegCreateKeyExW

RegSetValueExW

RegQueryValueExW

RegEnumKeyW

comctl32

ImageList_Create

ImageList_AddMasked

ImageList_Destroy

ord17

ole32

CoCreateInstance

CoTaskMemFree

OleInitialize

OleUninitialize

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ShellExecAsUser.dll

.dll windows:6 windows x86 arch:x86

74eb4c5d129e78f52ccfa28e2d5c44c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

shlwapi

ord176

kernel32

GlobalFree

lstrcpynW

MultiByteToWideChar

WideCharToMultiByte

OutputDebugStringW

DecodePointer

CloseHandle

RaiseException

GetLastError

InitializeCriticalSectionEx

DeleteCriticalSection

SetEvent

WaitForSingleObject

CreateEventW

GetCurrentProcess

GetVersionExW

GetProcAddress

lstrcmpW

SetFilePointerEx

SetStdHandle

GetConsoleMode

GetConsoleCP

FlushFileBuffers

GetStringTypeW

LCMapStringW

WriteConsoleW

GetModuleHandleW

GetCommandLineA

HeapReAlloc

GetCPInfo

GetOEMCP

GetACP

IsValidCodePage

GetModuleFileNameW

WriteFile

FreeEnvironmentStringsW

EncodePointer

HeapFree

CreateThread

GetCurrentThreadId

ExitThread

LoadLibraryExW

RtlUnwind

CreateFileW

IsDebuggerPresent

IsProcessorFeaturePresent

HeapAlloc

ExitProcess

GetModuleHandleExW

HeapSize

GetProcessHeap

EnterCriticalSection

LeaveCriticalSection

SetLastError

UnhandledExceptionFilter

SetUnhandledExceptionFilter

InitializeCriticalSectionAndSpinCount

Sleep

TerminateProcess

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetStartupInfoW

GetStdHandle

GetFileType

GetModuleFileNameA

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

GetEnvironmentStringsW

user32

PostQuitMessage

SetWindowLongW

GetMessageW

DestroyWindow

CreateWindowExW

RegisterClassExW

GetWindowLongW

DefWindowProcW

PostMessageW

DispatchMessageW

TranslateMessage

advapi32

OpenProcessToken

GetTokenInformation

shell32

ShellExecuteW

ole32

CoCreateInstance

CoUninitialize

CoInitialize

oleaut32

VariantClear

VariantInit

SysFreeString

SysAllocString

Exports

ShellExecAsUser

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/StartMenu.dll

.dll windows:4 windows x86 arch:x86

80469f6834e579db68a646d49780b9d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcatW

FindClose

FindNextFileW

lstrcmpW

GetModuleHandleW

lstrcmpiW

MulDiv

lstrcpynW

GlobalAlloc

lstrcpyW

FindFirstFileW

GlobalFree

user32

GetMessageW

TranslateMessage

PostMessageW

DispatchMessageW

GetDlgItem

GetWindowLongW

CheckDlgButton

ShowWindow

LoadIconW

GetClientRect

MoveWindow

DestroyWindow

GetWindowRect

ReleaseDC

GetDC

EnableWindow

SetWindowTextW

SendMessageW

IsDlgButtonChecked

GetWindowTextW

CreateDialogParamW

SetWindowLongW

wsprintfW

ScreenToClient

IsDialogMessageW

CallWindowProcW

gdi32

GetTextMetricsW

SelectObject

shell32

SHGetSpecialFolderLocation

SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Init

Select

Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW

GlobalFree

GlobalSize

lstrcpynW

lstrcpyW

GetProcAddress

WideCharToMultiByte

VirtualFree

FreeLibrary

lstrlenW

LoadLibraryW

GlobalAlloc

MultiByteToWideChar

VirtualAlloc

VirtualProtect

GetLastError

user32

wsprintfW

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/UpdHelper.dll

.dll windows:6 windows x86 arch:x86

d1462a27a934e82a7d14fef4385f692a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\UpdHelper\Release\UpdHelper.pdb

Imports

kernel32

GlobalFree

HeapReAlloc

HeapAlloc

HeapFree

GetProcessHeap

HeapDestroy

InitializeCriticalSectionEx

RaiseException

GetLastError

HeapSize

DecodePointer

DeleteCriticalSection

CloseHandle

GetModuleHandleW

GetProcAddress

WaitForSingleObject

CreateToolhelp32Snapshot

Process32FirstW

MultiByteToWideChar

QueryFullProcessImageNameW

TerminateProcess

Process32NextW

GetCurrentProcessId

OpenEventW

SetEvent

GetEnvironmentVariableW

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

GetLocalTime

SystemTimeToFileTime

FileTimeToSystemTime

LocalFree

lstrlenA

lstrcpynW

WideCharToMultiByte

OpenProcess

GlobalAlloc

CreateFileW

FlushFileBuffers

WriteConsoleW

SetStdHandle

OutputDebugStringW

SetFilePointerEx

GetConsoleMode

GetConsoleCP

LCMapStringW

EncodePointer

GetCommandLineA

GetCurrentThreadId

IsDebuggerPresent

IsProcessorFeaturePresent

ExitProcess

GetModuleHandleExW

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

SetLastError

GetStdHandle

GetFileType

GetStartupInfoW

GetModuleFileNameA

QueryPerformanceCounter

GetSystemTimeAsFileTime

GetEnvironmentStringsW

FreeEnvironmentStringsW

UnhandledExceptionFilter

SetUnhandledExceptionFilter

InitializeCriticalSectionAndSpinCount

Sleep

GetCurrentProcess

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

EnterCriticalSection

LeaveCriticalSection

WriteFile

GetModuleFileNameW

LoadLibraryExW

RtlUnwind

GetStringTypeW

user32

wsprintfW

advapi32

RegOpenKeyExW

RegCloseKey

RegQueryValueExW

ole32

CoInitializeEx

CoCreateInstance

CoInitializeSecurity

CoUninitialize

oleaut32

SysAllocString

VariantInit

VariantClear

SysFreeString

Exports

CreateTask

DeleteScheduledTask

GetParentInfo

GetSchedulerAppName

GetSchedulerPath

RunScheduledTask

StopScheduledTask

StopScheduledTasks

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/md5dll.dll

.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Exports

GetFileMD5

GetMD5

GetMD5File

GetMD5Random

GetMD5String

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

out.upx

.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/modern-header.bmp

$PLUGINSDIR/modern-wizard.bmp

$PLUGINSDIR/nsDialogs.dll

.dll windows:4 windows x86 arch:x86

ec5fddc407d2b4e0a16fc4d786afc555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW

lstrcpyW

MulDiv

lstrlenW

HeapFree

GetCurrentDirectoryW

lstrcmpiW

GetProcessHeap

HeapReAlloc

GlobalFree

lstrcpynW

GlobalAlloc

SetCurrentDirectoryW

HeapAlloc

user32

DestroyWindow

CallWindowProcW

SetCursor

GetPropW

CharPrevW

MapWindowPoints

DrawFocusRect

GetWindowLongW

GetClientRect

GetWindowTextW

GetDlgItem

SetWindowLongW

SetWindowPos

CreateDialogParamW

MapDialogRect

GetWindowRect

SetPropW

CreateWindowExW

IsWindow

SetTimer

KillTimer

DispatchMessageW

TranslateMessage

GetMessageW

IsDialogMessageW

ShowWindow

wsprintfW

CharNextW

SendMessageW

LoadCursorW

RemovePropW

DrawTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW

SHGetPathFromIDListW

comdlg32

GetSaveFileNameW

GetOpenFileNameW

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Create

CreateControl

CreateItem

CreateTimer

GetUserData

KillTimer

OnBack

OnChange

OnClick

OnNotify

SelectFileDialog

SelectFolderDialog

SetRTL

SetUserData

Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$TEMP/$0.nsis

$_43_/Modules/CmlProc.dll

.dll windows:6 windows x86 arch:x86

4b56bfb1791cb484d1b86fbcd632e905

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

56:3b:57:49:e9:3e:a5:cd:1c:f0:c1:e0:e0:0e:a0:80:56:b5:c1:02
Signer

Actual PE Digest

56:3b:57:49:e9:3e:a5:cd:1c:f0:c1:e0:e0:0e:a0:80:56:b5:c1:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\CmlProc.pdb

Imports

kernel32

WideCharToMultiByte

ExitProcess

GetTickCount64

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

Sleep

GetProcAddress

GetModuleHandleW

GetEnvironmentVariableW

LoadLibraryW

FreeLibrary

GetModuleHandleA

GetSystemTimeAsFileTime

GetCurrentThreadId

SetWaitableTimer

WaitForSingleObject

GetLastError

CreateWaitableTimerW

SetLastError

MultiByteToWideChar

GetLocalTime

GetTempPathW

CancelWaitableTimer

GetHandleInformation

InitializeCriticalSectionEx

CloseHandle

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

DeleteCriticalSection

HeapAlloc

HeapReAlloc

HeapFree

HeapSize

GetProcessHeap

RaiseException

EnterCriticalSection

LeaveCriticalSection

HeapDestroy

user32

FindWindowA

advapi32

RegSetValueExW

RegCreateKeyExW

RegOpenKeyExW

RegCloseKey

CryptDestroyHash

CryptReleaseContext

CryptGetHashParam

CryptHashData

CryptCreateHash

CryptAcquireContextW

RegQueryValueExW

shell32

ShellExecuteExW

ole32

CoCreateGuid

StringFromGUID2

msvcp110

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

??_7_Facet_base@std@@6B@

??_7facet@locale@std@@6B@

?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

??_7codecvt_base@std@@6B@

??_7?$codecvt@_WDH@std@@6B@

?_Xinvalid_argument@std@@YAXPBD@Z

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?id@?$codecvt@_WDH@std@@2V0locale@2@A

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

??0?$codecvt@_WDH@std@@QAE@I@Z

?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z

?always_noconv@codecvt_base@std@@QBE_NXZ

?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

?_Incref@facet@locale@std@@UAEXXZ

??Bid@locale@std@@QAEIXZ

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z

?id@?$ctype@D@std@@2V0locale@2@A

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?tolower@?$ctype@D@std@@QBEDD@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_BADOFF@std@@3_JB

?_Xout_of_range@std@@YAXPBD@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

msvcr110

memmove_s

_vscwprintf

vswprintf_s

_purecall

??0exception@std@@QAE@ABQBD@Z

??1exception@std@@UAE@XZ

wmemcpy_s

??0exception@std@@QAE@ABV01@@Z

_errno

strtoul

fgetc

fputc

ungetc

_strlwr_s

strncmp

_ultoa_s

_wtoi

rand

?what@exception@std@@UBEPBDXZ

_lock_file

_unlock_file

fwrite

_fseeki64

fgetpos

fsetpos

setvbuf

fflush

strnlen

fclose

??0bad_cast@std@@QAE@PBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

_vscprintf

vsprintf_s

memchr

_recalloc

calloc

srand

_mbsinc

wcsstr

memset

??1type_info@@UAE@XZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

__CppXcptFilter

_amsg_exit

_malloc_crt

_initterm

_initterm_e

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

_except_handler4_common

__clean_type_info_names_internal

wcsnlen

toupper

malloc

_resetstkoflw

??2@YAPAXI@Z

free

memcpy_s

memmove

??3@YAXPAX@Z

memcmp

__CxxFrameHandler3

_CxxThrowException

memcpy

Exports

Create

Init

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$_43_/Modules/InSes.dll

.dll windows:6 windows x86 arch:x86

da50dcede762476e94f766d98da78b88

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

52:7c:de:2b:e5:13:fd:e3:18:77:e7:79:a6:a1:e7:d9:08:48:10:51
Signer

Actual PE Digest

52:7c:de:2b:e5:13:fd:e3:18:77:e7:79:a6:a1:e7:d9:08:48:10:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetLastError

Sleep

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

msvcr110

__clean_type_info_names_internal

_except_handler4_common

?terminate@@YAXXZ

__crtTerminateProcess

__crtUnhandledException

_crt_debugger_hook

_initterm_e

_initterm

_malloc_crt

free

_amsg_exit

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

_purecall

?what@exception@std@@UBEPBDXZ

vsprintf_s

_vscprintf

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@PBD@Z

memmove_s

fclose

fflush

setvbuf

fsetpos

fgetpos

_fseeki64

fwrite

_unlock_file

_lock_file

atoi

ungetc

fputc

fgetc

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

memcpy_s

memmove

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

_CxxThrowException

__CxxFrameHandler3

memcpy

memset

msvcp110

_Mtx_destroy

_Mtx_unlock

_Mtx_lock

_Mtx_init

?_Throw_C_error@std@@YAXH@Z

??Bid@locale@std@@QAEIXZ

?always_noconv@codecvt_base@std@@QBE_NXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?_Syserror_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_BADOFF@std@@3_JB

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_Xlength_error@std@@YAXPBD@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?_Xbad_alloc@std@@YAXXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

Exports

Create

Init

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$_43_/Modules/ManXec.dll

.dll windows:6 windows x86 arch:x86

3a68ec1026ade049f784dbebe3a83cfb

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

20:17:0b:97:15:50:6e:cd:c1:d4:37:37:6c:fe:75:9e:f7:06:dc:f1
Signer

Actual PE Digest

20:17:0b:97:15:50:6e:cd:c1:d4:37:37:6c:fe:75:9e:f7:06:dc:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\ManXec.pdb

Imports

kernel32

FindResourceExW

InitializeCriticalSectionEx

LoadLibraryA

CloseHandle

WideCharToMultiByte

MultiByteToWideChar

GetModuleFileNameW

GetModuleHandleW

OpenEventW

GetCurrentProcess

FindResourceW

CreateProcessW

WaitForMultipleObjects

GetExitCodeProcess

TerminateProcess

ExitProcess

GetCurrentProcessId

OpenProcess

QueryFullProcessImageNameW

GetEnvironmentVariableW

LoadResource

LockResource

SizeofResource

FreeLibrary

LoadLibraryW

GetTempPathW

GetProcAddress

FindFirstFileW

FindClose

DeleteFileW

CreateDirectoryW

SetFileAttributesW

SetEndOfFile

SetFileTime

SetFilePointer

GetFileSize

CreateFileW

WriteFile

ReadFile

FormatMessageA

LocalFree

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

ResetEvent

SetEvent

WaitForSingleObject

OpenEventA

CreateEventA

GetSystemTimeAsFileTime

GetCurrentThreadId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

advapi32

RegCreateKeyExW

RegQueryValueExW

RegDeleteValueW

RegOpenKeyExW

RegCloseKey

RegSetValueExW

ole32

CoCreateGuid

StringFromGUID2

oleaut32

SysAllocString

VariantClear

msvcp110

?_Syserror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Xbad_function_call@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr110

?terminate@@YAXXZ

_purecall

?what@exception@std@@UBEPBDXZ

??8type_info@@QBE_NABV0@@Z

memmove_s

??0exception@std@@QAE@ABV01@@Z

memcpy_s

memmove

wmemcpy_s

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

__clean_type_info_names_internal

_except_handler4_common

__crtTerminateProcess

__crtUnhandledException

_crt_debugger_hook

_initterm_e

_initterm

_malloc_crt

_amsg_exit

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

memset

vsprintf_s

_vscprintf

_mbsinc

strnlen

vswprintf_s

_vscwprintf

wcsrchr

srand

rand

wcsnlen

_wcsicmp

_resetstkoflw

free

malloc

??2@YAPAXI@Z

_CxxThrowException

__CxxFrameHandler3

memcpy

??0exception@std@@QAE@ABQBDH@Z

strerror

Exports

Create

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$_43_/RtHelp.exe

.exe windows:6 windows x86 arch:x86

b992edd3a85c4b71f2e4ffb360f4cd6d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a6:52:8f:89:b0:01:a8:c0:96:4f:14:37:ab:ca:be:43:e7:5c:75:7e
Signer

Actual PE Digest

a6:52:8f:89:b0:01:a8:c0:96:4f:14:37:ab:ca:be:43:e7:5c:75:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW

LoadResource

CreateProcessW

CreateDirectoryW

OpenProcess

WideCharToMultiByte

SizeofResource

TerminateProcess

MultiByteToWideChar

InitializeCriticalSectionEx

Process32FirstW

LockResource

Process32NextW

GetProcessAffinityMask

CreateToolhelp32Snapshot

GetShortPathNameW

CloseHandle

ExitProcess

WaitForSingleObject

SetEvent

GetFileAttributesW

CreateEventW

FreeLibrary

FindResourceExW

GetProcAddress

GetModuleFileNameW

CreateMutexW

GetTickCount

GetProcessHeap

HeapAlloc

CreateEventA

HeapFree

Sleep

GetLastError

WaitForMultipleObjects

ReleaseMutex

GetCurrentProcessId

GetTickCount64

ResetEvent

LocalFree

SystemTimeToFileTime

CreateWaitableTimerA

ResumeThread

SetWaitableTimer

LoadLibraryW

SetProcessAffinityMask

OpenEventA

CreateFileW

SignalObjectAndWait

WriteConsoleW

SetStdHandle

UnregisterWait

DuplicateHandle

GetCurrentProcess

GetCurrentThread

GetCurrentThreadId

GetSystemTimeAsFileTime

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InterlockedExchange

RaiseException

HeapDestroy

HeapReAlloc

HeapSize

GetSystemInfo

VirtualAlloc

VirtualProtect

VirtualQuery

EncodePointer

DecodePointer

GetCommandLineW

RtlUnwind

IsProcessorFeaturePresent

CreateThread

ExitThread

LoadLibraryExW

InitializeCriticalSectionAndSpinCount

TlsGetValue

CreateTimerQueueTimer

CreateTimerQueue

UnhandledExceptionFilter

SetUnhandledExceptionFilter

SetLastError

TlsAlloc

TlsSetValue

TlsFree

GetStartupInfoW

GetModuleHandleW

CreateSemaphoreW

IsDebuggerPresent

InterlockedDecrement

GetModuleHandleExW

GetStdHandle

WriteFile

InterlockedIncrement

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

GetFileType

QueryPerformanceCounter

GetEnvironmentStringsW

FreeEnvironmentStringsW

DeleteTimerQueueTimer

SetThreadAffinityMask

OutputDebugStringW

SwitchToThread

GetThreadTimes

FreeLibraryAndExitThread

GetModuleHandleA

SetThreadPriority

GetVersionExW

VirtualFree

ReleaseSemaphore

InitializeSListHead

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedFlushSList

QueryDepthSList

UnregisterWaitEx

ChangeTimerQueueTimer

GetNumaHighestNodeNumber

RegisterWaitForSingleObject

GetConsoleCP

GetConsoleMode

SetFilePointerEx

LCMapStringW

GetStringTypeW

FlushFileBuffers

GetThreadPriority

FormatMessageA

advapi32

RegCloseKey

shell32

SHFileOperationW

ole32

StringFromGUID2

CoCreateGuid

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$_43_/msvcp110.dll

.dll windows:6 windows x86 arch:x86

098e9eddf1a24b3fd9465ee992148a02

Code Sign

33:00:00:00:9d:1e:8d:27:ae:b8:f3:d8:38:00:01:00:00:00:9d
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:42

Not After

04/03/2013, 21:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:12

Not After

04/12/2013, 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/07/2012, 00:14

Not After

07/10/2013, 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

bd:da:49:3e:e0:d0:cf:a8:1e:ba:49:76:d1:38:5e:50:ea:b9:84:2f:8b:f8:ee:1c:ee:b6:de:b5:98:7f:ae:bf
Signer

Actual PE Digest

bd:da:49:3e:e0:d0:cf:a8:1e:ba:49:76:d1:38:5e:50:ea:b9:84:2f:8b:f8:ee:1c:ee:b6:de:b5:98:7f:ae:bf

Digest Algorithm

sha256

PE Digest Matches

true

bf:fa:d4:6b:19:62:38:e3:7a:c8:07:80:df:f1:d6:ab:5d:65:be:e9
Signer

Actual PE Digest

bf:fa:d4:6b:19:62:38:e3:7a:c8:07:80:df:f1:d6:ab:5d:65:be:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

msvcp110.i386.pdb

Imports

msvcr110

fgetpos

fsetpos

_fseeki64

fwrite

setvbuf

ungetc

_lock_file

_unlock_file

memcpy_s

memset

_fsopen

fseek

_wfsopen

?__ExceptionPtrDestroy@@YAXPAX@Z

?__ExceptionPtrCopy@@YAXPAXPBX@Z

?__ExceptionPtrRethrow@@YAXPBX@Z

?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z

?set@event@Concurrency@@QAEXXZ

ldexp

sprintf_s

strcspn

wcslen

_Strftime

_Wcsftime

strcmp

setlocale

_malloc_crt

_realloc_crt

?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

fgetwc

fputwc

ungetwc

__uncaught_exception

towupper

towlower

_errno

memcmp

_wcsdup

___lc_locale_name_func

___lc_collate_cp_func

__crtCompareStringA

__crtLCMapStringA

___lc_codepage_func

_ismbblead

remove

rename

_wremove

_wgetcwd

_wchdir

_wmkdir

_wrmdir

_wrename

_getcwd

_chdir

_mkdir

_rmdir

__crtIsPackagedApp

__crtCreateSymbolicLinkW

calloc

??0_Condition_variable@details@Concurrency@@QAE@XZ

fgetc

?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z

?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z

?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ

?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ

_beginthreadex

_endthreadex

??0critical_section@Concurrency@@QAE@XZ

??1critical_section@Concurrency@@QAE@XZ

?lock@critical_section@Concurrency@@QAEXXZ

?try_lock@critical_section@Concurrency@@QAE_NXZ

?try_lock_for@critical_section@Concurrency@@QAE_NI@Z

?unlock@critical_section@Concurrency@@QAEXXZ

?terminate@@YAXXZ

__crtFlsAlloc

__crtFlsFree

__crtFlsGetValue

__crtFlsSetValue

??0operation_timed_out@Concurrency@@QAE@XZ

?Alloc@Concurrency@@YAPAXI@Z

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z

??0invalid_link_target@Concurrency@@QAE@PBD@Z

??0message_not_found@Concurrency@@QAE@XZ

?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ

??0bad_target@Concurrency@@QAE@XZ

??0invalid_operation@Concurrency@@QAE@PBD@Z

?wait@event@Concurrency@@QAEII@Z

??1event@Concurrency@@QAE@XZ

??0event@Concurrency@@QAE@XZ

?Free@Concurrency@@YAXPAX@Z

??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ

??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z

??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ

??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ

??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z

??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ

?_Yield@_Context@details@Concurrency@@SAXXZ

?_UnderlyingYield@details@Concurrency@@YAXXZ

?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ

?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ

?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ

??0task_canceled@Concurrency@@QAE@XZ

??1_SpinLock@details@Concurrency@@QAE@XZ

??0_SpinLock@details@Concurrency@@QAE@ACJ@Z

?Log2@details@Concurrency@@YAKI@Z

_lock

_unlock

__pctype_func

isupper

_calloc_crt

__crtGetLocaleInfoEx

islower

__crtLCMapStringW

isspace

tolower

memchr

sqrt

isdigit

isalnum

__crtCompareStringW

__dllonexit

_onexit

??1type_info@@UAE@XZ

__CppXcptFilter

_amsg_exit

_initterm

_initterm_e

_except_handler4_common

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

__clean_type_info_names_internal

fflush

fclose

__CxxFrameHandler3

_CxxThrowException

?what@exception@std@@UBEPBDXZ

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@ABV01@@Z

_W_Gettnames

_W_Getmonths

_W_Getdays

_Gettnames

_Getmonths

_Getdays

localeconv

??0bad_cast@std@@QAE@PBD@Z

??_V@YAXPAX@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABV01@@Z

??0exception@std@@QAE@ABQBDH@Z

??0exception@std@@QAE@ABQBD@Z

??0exception@std@@QAE@XZ

memmove

strlen

memcpy

malloc

free

___mb_cur_max_func

_purecall

rand_s

fputs

fputc

__iob_func

abort

log

__crtInitializeCriticalSectionEx

??3@YAXPAX@Z

??1_Condition_variable@details@Concurrency@@QAE@XZ

??2@YAPAXI@Z

kernel32

GetCurrentProcessId

QueryPerformanceCounter

IsDebuggerPresent

IsProcessorFeaturePresent

GetStringTypeW

InterlockedDecrement

InterlockedIncrement

GetSystemTimeAsFileTime

InterlockedExchange

GetExitCodeThread

GetCurrentThreadId

GetCurrentThread

GetCurrentProcess

Sleep

WaitForSingleObject

DuplicateHandle

AreFileApisANSI

CreateHardLinkW

CopyFileW

GetLastError

CloseHandle

SetFileTime

GetFileInformationByHandle

GetFileAttributesExW

GetDiskFreeSpaceExW

FindNextFileW

FindFirstFileExW

FindClose

CreateFileW

WideCharToMultiByte

MultiByteToWideChar

DecodePointer

EncodePointer

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

DisableThreadLibraryCalls

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z

??0?$_Yarn@D@std@@QAE@ABV01@@Z

??0?$_Yarn@D@std@@QAE@PBD@Z

??0?$_Yarn@D@std@@QAE@XZ

??0?$_Yarn@_W@std@@QAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ

??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z

??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@DDH@std@@QAE@I@Z

??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@GDH@std@@QAE@I@Z

??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z

??0?$codecvt@_WDH@std@@QAE@I@Z

??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@D@std@@QAE@PBF_NI@Z

??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@G@std@@QAE@I@Z

??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z

??0?$ctype@_W@std@@QAE@I@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z

??0Init@ios_base@std@@QAE@XZ

??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z

??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z

??0_Container_base12@std@@QAE@ABU01@@Z

??0_Container_base12@std@@QAE@XZ

??0_Facet_base@std@@QAE@ABV01@@Z

??0_Facet_base@std@@QAE@XZ

??0_Init_locks@std@@QAE@XZ

??0_Locimp@locale@std@@AAE@ABV012@@Z

??0_Locimp@locale@std@@AAE@_N@Z

??0_Locinfo@std@@QAE@HPBD@Z

??0_Locinfo@std@@QAE@PBD@Z

??0_Lockit@std@@QAE@H@Z

??0_Lockit@std@@QAE@XZ

??0_Pad@std@@QAE@ABV01@@Z

??0_Pad@std@@QAE@XZ

??0_Runtime_object@details@Concurrency@@QAE@H@Z

??0_Runtime_object@details@Concurrency@@QAE@XZ

??0_Timevec@std@@QAE@ABV01@@Z

??0_Timevec@std@@QAE@PAX@Z

??0_UShinit@std@@QAE@XZ

??0_Winit@std@@QAE@XZ

??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z

??0agent@Concurrency@@QAE@AAVScheduler@1@@Z

??0agent@Concurrency@@QAE@XZ

??0codecvt_base@std@@QAE@I@Z

??0ctype_base@std@@QAE@I@Z

??0facet@locale@std@@IAE@I@Z

??0id@locale@std@@QAE@I@Z

??0ios_base@std@@IAE@XZ

??0time_base@std@@QAE@I@Z

??1?$_Yarn@D@std@@QAE@XZ

??1?$_Yarn@_W@std@@QAE@XZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ

??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ

??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??1?$codecvt@DDH@std@@MAE@XZ

??1?$codecvt@GDH@std@@MAE@XZ

??1?$codecvt@_WDH@std@@MAE@XZ

??1?$ctype@D@std@@MAE@XZ

??1?$ctype@G@std@@MAE@XZ

??1?$ctype@_W@std@@MAE@XZ

??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ

??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ

??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ

??1Init@ios_base@std@@QAE@XZ

??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ

??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ

??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ

??1_Container_base12@std@@QAE@XZ

??1_Facet_base@std@@UAE@XZ

??1_Init_locks@std@@QAE@XZ

??1_Locimp@locale@std@@MAE@XZ

??1_Locinfo@std@@QAE@XZ

??1_Lockit@std@@QAE@XZ

??1_Pad@std@@QAE@XZ

??1_Timevec@std@@QAE@XZ

??1_UShinit@std@@QAE@XZ

??1_Winit@std@@QAE@XZ

??1agent@Concurrency@@UAE@XZ

??1codecvt_base@std@@UAE@XZ

??1ctype_base@std@@UAE@XZ

??1facet@locale@std@@MAE@XZ

??1ios_base@std@@UAE@XZ

??1time_base@std@@UAE@XZ

??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z

??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z

??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z

??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z

??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z

??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z

??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z

??4Init@ios_base@std@@QAEAAV012@ABV012@@Z

??4_Container_base0@std@@QAEAAU01@ABU01@@Z

??4_Container_base12@std@@QAEAAU01@ABU01@@Z

??4_Facet_base@std@@QAEAAV01@ABV01@@Z

??4_Init_locks@std@@QAEAAV01@ABV01@@Z

??4_Pad@std@@QAEAAV01@ABV01@@Z

??4_Timevec@std@@QAEAAV01@ABV01@@Z

??4_UShinit@std@@QAEAAV01@ABV01@@Z

??4_Winit@std@@QAEAAV01@ABV01@@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z

??7ios_base@std@@QBE_NXZ

??Bid@locale@std@@QAEIXZ

??Bios_base@std@@QBEPAXXZ

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@

??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@

??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@

??_7?$codecvt@DDH@std@@6B@

??_7?$codecvt@GDH@std@@6B@

??_7?$codecvt@_WDH@std@@6B@

??_7?$ctype@D@std@@6B@

??_7?$ctype@G@std@@6B@

??_7?$ctype@_W@std@@6B@

??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@

??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@

??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@

??_7_Facet_base@std@@6B@

??_7_Locimp@locale@std@@6B@

??_7_Pad@std@@6B@

??_7codecvt_base@std@@6B@

??_7ctype_base@std@@6B@

??_7facet@locale@std@@6B@

??_7ios_base@std@@6B@

??_7time_base@std@@6B@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@

??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@

??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@

??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@

??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@

??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ

??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ

??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ

??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

??_F?$codecvt@DDH@std@@QAEXXZ

??_F?$codecvt@GDH@std@@QAEXXZ

??_F?$codecvt@_WDH@std@@QAEXXZ

??_F?$ctype@D@std@@QAEXXZ

??_F?$ctype@G@std@@QAEXXZ

??_F?$ctype@_W@std@@QAEXXZ

??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ

??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ

??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ

??_F_Locinfo@std@@QAEXXZ

??_F_Timevec@std@@QAEXXZ

??_Fcodecvt_base@std@@QAEXXZ

??_Fctype_base@std@@QAEXXZ

??_Ffacet@locale@std@@QAEXXZ

??_Fid@locale@std@@QAEXXZ

??_Ftime_base@std@@QAEXXZ

?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z

?NFS_Free@details@Concurrency@@YAXPAX@Z

?NFS_GetLineSize@details@Concurrency@@YAIXZ

?_10@placeholders@std@@3V?$_Ph@$09@2@A

?_11@placeholders@std@@3V?$_Ph@$0L@@2@A

?_12@placeholders@std@@3V?$_Ph@$0M@@2@A

?_13@placeholders@std@@3V?$_Ph@$0N@@2@A

?_14@placeholders@std@@3V?$_Ph@$0O@@2@A

?_15@placeholders@std@@3V?$_Ph@$0P@@2@A

?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A

?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A

?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A

?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A

?_1@placeholders@std@@3V?$_Ph@$00@2@A

?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A

?_2@placeholders@std@@3V?$_Ph@$01@2@A

?_3@placeholders@std@@3V?$_Ph@$02@2@A

?_4@placeholders@std@@3V?$_Ph@$03@2@A

?_5@placeholders@std@@3V?$_Ph@$04@2@A

?_6@placeholders@std@@3V?$_Ph@$05@2@A

?_7@placeholders@std@@3V?$_Ph@$06@2@A

?_8@placeholders@std@@3V?$_Ph@$07@2@A

?_9@placeholders@std@@3V?$_Ph@$08@2@A

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_ios@GU?$char_traits@G@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_istream@GU?$char_traits@G@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ios@GU?$char_traits@G@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ostream@GU?$char_traits@G@std@@@std@@UAEXXZ

?_Add_vtordisp2@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z

?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

?_Addstd@ios_base@std@@SAXPAV12@@Z

?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ

?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z

?_Atexit@@YAXP6AXXZ@Z

?_BADOFF@std@@3_JB

?_Byte_reverse_table@details@Concurrency@@3QBEB

?_C_str@?$_Yarn@D@std@@QBEPBDXZ

?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ

?_Callfns@ios_base@std@@AAEXW4event@12@@Z

?_Clocptr@_Locimp@locale@std@@0PAV123@A

?_Close_dir@sys@tr2@std@@YAXPAX@Z

?_Copy_file@sys@tr2@std@@YAHPBD0_N@Z

?_Copy_file@sys@tr2@std@@YAHPB_W0_N@Z

?_Current_get@sys@tr2@std@@YAPADPAD@Z

?_Current_get@sys@tr2@std@@YAPA_WPA_W@Z

?_Current_set@sys@tr2@std@@YA_NPBD@Z

?_Current_set@sys@tr2@std@@YA_NPB_W@Z

?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

?_Donarrow@?$ctype@G@std@@IBEDGD@Z

?_Donarrow@?$ctype@_W@std@@IBED_WD@Z

?_Dowiden@?$ctype@G@std@@IBEGD@Z

?_Dowiden@?$ctype@_W@std@@IBE_WD@Z

?_Empty@?$_Yarn@D@std@@QBE_NXZ

?_Empty@?$_Yarn@_W@std@@QBE_NXZ

?_Equivalent@sys@tr2@std@@YAHPBD0@Z

?_Equivalent@sys@tr2@std@@YAHPB_W0@Z

?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z

?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z

?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z

?_File_size@sys@tr2@std@@YA_KPBD@Z

?_File_size@sys@tr2@std@@YA_KPB_W@Z

?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z

?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z

?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z

?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z

?_Future_error_map@std@@YAPBDH@Z

?_GetCombinableSize@details@Concurrency@@YAIXZ

?_GetCurrentThreadId@details@Concurrency@@YAKXZ

?_GetNextAsyncId@details@Concurrency@@YAIXZ

?_Get_future_error_what@std@@YAPBDH@Z

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z

?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ

?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ

?_Getdateorder@_Locinfo@std@@QBEHXZ

?_Getdays@_Locinfo@std@@QBEPBDXZ

?_Getfalse@_Locinfo@std@@QBEPBDXZ

?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z

?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z

Sections

.text
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$_43_/msvcr110.dll

.dll windows:6 windows x86 arch:x86

e057a95f8936f77238b048f253956b3b

Code Sign

33:00:00:00:9d:1e:8d:27:ae:b8:f3:d8:38:00:01:00:00:00:9d
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:42

Not After

04/03/2013, 21:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:02:92:4a:00:00:00:00:00:20
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09/01/2012, 22:25

Not After

09/04/2013, 22:25

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/07/2012, 00:14

Not After

07/10/2013, 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

d2:28:17:88:08:cf:56:44:da:80:3e:bc:8d:b4:d0:f7:6f:2b:96:48:b2:24:6c:ee:31:43:70:6e:3a:90:25:9d
Signer

Actual PE Digest

d2:28:17:88:08:cf:56:44:da:80:3e:bc:8d:b4:d0:f7:6f:2b:96:48:b2:24:6c:ee:31:43:70:6e:3a:90:25:9d

Digest Algorithm

sha256

PE Digest Matches

true

7f:48:28:6b:9a:08:17:2f:0b:a1:53:12:4c:43:44:c3:d6:a4:27:be
Signer

Actual PE Digest

7f:48:28:6b:9a:08:17:2f:0b:a1:53:12:4c:43:44:c3:d6:a4:27:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

msvcr110.i386.pdb

Imports

kernel32

EncodePointer

DecodePointer

RaiseException

GetModuleFileNameA

GetModuleFileNameW

GetLastError

InterlockedDecrement

ExitProcess

GetModuleHandleW

GetModuleHandleExW

GetProcAddress

AreFileApisANSI

MultiByteToWideChar

GetStdHandle

WriteFile

GetCommandLineA

GetCommandLineW

GetCurrentThreadId

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

CloseHandle

CreateThread

ExitThread

ResumeThread

LoadLibraryExW

SetLastError

InterlockedIncrement

GetCurrentThread

FindClose

FindFirstFileExA

FindNextFileA

FindFirstFileExW

FindNextFileW

IsProcessorFeaturePresent

GetLogicalDrives

GetDiskFreeSpaceA

SystemTimeToTzSpecificLocalTime

FileTimeToSystemTime

SetErrorMode

Beep

Sleep

SetEnvironmentVariableA

SetCurrentDirectoryA

GetCurrentDirectoryA

SetCurrentDirectoryW

GetCurrentDirectoryW

GetFullPathNameA

GetDriveTypeW

GetCurrentProcessId

GetFileAttributesExW

SetEnvironmentVariableW

SetFileAttributesW

GetFullPathNameW

CreateDirectoryW

MoveFileExW

RemoveDirectoryW

FileTimeToLocalFileTime

DeleteFileW

WaitForSingleObject

GetExitCodeProcess

CreateProcessA

FreeLibrary

LoadLibraryExA

CreateProcessW

ReadFile

DuplicateHandle

GetCurrentProcess

GetTempPathA

GetTempPathW

GetSystemTimeAsFileTime

GetTimeZoneInformation

GetLocalTime

WideCharToMultiByte

LocalFileTimeToFileTime

SetFileTime

SystemTimeToFileTime

SetLocalTime

TlsGetValue

TlsSetValue

InterlockedPopEntrySList

InterlockedFlushSList

QueryDepthSList

InterlockedPushEntrySList

CreateTimerQueue

CreateTimerQueueTimer

UnregisterWait

SetEvent

RegisterWaitForSingleObject

CreateEventW

SwitchToThread

SignalObjectAndWait

GetNumaHighestNodeNumber

GetProcessAffinityMask

SetThreadAffinityMask

DeleteTimerQueueTimer

TryEnterCriticalSection

SetProcessAffinityMask

GetTickCount

VirtualFree

GetVersionExW

SetThreadPriority

VirtualAlloc

VirtualProtect

InitializeSListHead

ReleaseSemaphore

ChangeTimerQueueTimer

TlsAlloc

UnregisterWaitEx

TlsFree

GetThreadPriority

LoadLibraryW

OutputDebugStringW

FreeLibraryAndExitThread

GetModuleHandleA

GetThreadTimes

DebugBreak

GetStringTypeW

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

RtlUnwind

HeapFree

HeapAlloc

GetProcessHeap

HeapReAlloc

HeapSize

HeapQueryInformation

HeapValidate

HeapCompact

HeapWalk

GetSystemInfo

VirtualQuery

GetFileType

GetStartupInfoW

GetFileInformationByHandle

PeekNamedPipe

CreateFileW

GetConsoleMode

ReadConsoleW

GetConsoleCP

SetFilePointerEx

FlushFileBuffers

SetFilePointer

CreatePipe

SetStdHandle

GetNumberOfConsoleInputEvents

PeekConsoleInputA

ReadConsoleInputA

SetConsoleMode

ReadConsoleInputW

WriteConsoleW

SetEndOfFile

InterlockedExchange

LockFileEx

UnlockFileEx

IsDebuggerPresent

UnhandledExceptionFilter

SetUnhandledExceptionFilter

TerminateProcess

CreateSemaphoreW

SetConsoleCtrlHandler

QueryPerformanceCounter

GetEnvironmentStringsW

FreeEnvironmentStringsW

GetDateFormatW

GetTimeFormatW

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

EnumSystemLocalesW

OutputDebugStringA

Exports

$I10_OUTPUT

??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z

??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z

??0SchedulerPolicy@Concurrency@@QAA@IZZ

??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z

??0SchedulerPolicy@Concurrency@@QAE@XZ

??0_CancellationTokenState@details@Concurrency@@AAE@XZ

??0_Cancellation_beacon@details@Concurrency@@QAE@XZ

??0_Condition_variable@details@Concurrency@@QAE@XZ

??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z

??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z

??0_Interruption_exception@details@Concurrency@@QAE@XZ

??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ

??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ

??0_ReaderWriterLock@details@Concurrency@@QAE@XZ

??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ

??0_ReentrantLock@details@Concurrency@@QAE@XZ

??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ

??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z

??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z

??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z

??0_SpinLock@details@Concurrency@@QAE@ACJ@Z

??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z

??0_TaskCollection@details@Concurrency@@QAE@XZ

??0_Timer@details@Concurrency@@IAE@I_N@Z

??0__non_rtti_object@std@@QAE@ABV01@@Z

??0__non_rtti_object@std@@QAE@PBD@Z

??0bad_cast@std@@AAE@PBQBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@PBD@Z

??0bad_target@Concurrency@@QAE@PBD@Z

??0bad_target@Concurrency@@QAE@XZ

??0bad_typeid@std@@QAE@ABV01@@Z

??0bad_typeid@std@@QAE@PBD@Z

??0context_self_unblock@Concurrency@@QAE@PBD@Z

??0context_self_unblock@Concurrency@@QAE@XZ

??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z

??0context_unblock_unbalanced@Concurrency@@QAE@XZ

??0critical_section@Concurrency@@QAE@XZ

??0default_scheduler_exists@Concurrency@@QAE@PBD@Z

??0default_scheduler_exists@Concurrency@@QAE@XZ

??0event@Concurrency@@QAE@XZ

??0exception@std@@QAE@ABQBD@Z

??0exception@std@@QAE@ABQBDH@Z

??0exception@std@@QAE@ABV01@@Z

??0exception@std@@QAE@XZ

??0improper_lock@Concurrency@@QAE@PBD@Z

??0improper_lock@Concurrency@@QAE@XZ

??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z

??0improper_scheduler_attach@Concurrency@@QAE@XZ

??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z

??0improper_scheduler_detach@Concurrency@@QAE@XZ

??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z

??0improper_scheduler_reference@Concurrency@@QAE@XZ

??0invalid_link_target@Concurrency@@QAE@PBD@Z

??0invalid_link_target@Concurrency@@QAE@XZ

??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z

??0invalid_multiple_scheduling@Concurrency@@QAE@XZ

??0invalid_operation@Concurrency@@QAE@PBD@Z

??0invalid_operation@Concurrency@@QAE@XZ

??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z

??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ

??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z

??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ

??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z

??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ

??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z

??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ

??0message_not_found@Concurrency@@QAE@PBD@Z

??0message_not_found@Concurrency@@QAE@XZ

??0missing_wait@Concurrency@@QAE@PBD@Z

??0missing_wait@Concurrency@@QAE@XZ

??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z

??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ

??0operation_timed_out@Concurrency@@QAE@PBD@Z

??0operation_timed_out@Concurrency@@QAE@XZ

??0reader_writer_lock@Concurrency@@QAE@XZ

??0scheduler_not_attached@Concurrency@@QAE@PBD@Z

??0scheduler_not_attached@Concurrency@@QAE@XZ

??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z

??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z

??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z

??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z

??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z

??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z

??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z

??0task_canceled@Concurrency@@QAE@PBD@Z

??0task_canceled@Concurrency@@QAE@XZ

??0unsupported_os@Concurrency@@QAE@PBD@Z

??0unsupported_os@Concurrency@@QAE@XZ

??1SchedulerPolicy@Concurrency@@QAE@XZ

??1_CancellationTokenState@details@Concurrency@@UAE@XZ

??1_Cancellation_beacon@details@Concurrency@@QAE@XZ

??1_Condition_variable@details@Concurrency@@QAE@XZ

??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ

??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ

??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ

??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ

??1_SpinLock@details@Concurrency@@QAE@XZ

??1_TaskCollection@details@Concurrency@@QAE@XZ

??1_Timer@details@Concurrency@@MAE@XZ

??1__non_rtti_object@std@@UAE@XZ

??1bad_cast@std@@UAE@XZ

??1bad_typeid@std@@UAE@XZ

??1critical_section@Concurrency@@QAE@XZ

??1event@Concurrency@@QAE@XZ

??1exception@std@@UAE@XZ

??1reader_writer_lock@Concurrency@@QAE@XZ

??1scoped_lock@critical_section@Concurrency@@QAE@XZ

??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ

??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ

??1type_info@@UAE@XZ

??2@YAPAXI@Z

??2@YAPAXIHPBDH@Z

??3@YAXPAX@Z

??3@YAXPAXHPBDH@Z

??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z

??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z

??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z

??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z

??4bad_cast@std@@QAEAAV01@ABV01@@Z

??4bad_typeid@std@@QAEAAV01@ABV01@@Z

??4exception@std@@QAEAAV01@ABV01@@Z

??8type_info@@QBE_NABV0@@Z

??9type_info@@QBE_NABV0@@Z

??_7__non_rtti_object@std@@6B@

??_7bad_cast@std@@6B@

??_7bad_typeid@std@@6B@

??_7exception@std@@6B@

??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ

??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ

??_F_Context@details@Concurrency@@QAEXXZ

??_F_Scheduler@details@Concurrency@@QAEXXZ

??_Fbad_cast@std@@QAEXXZ

??_Fbad_typeid@std@@QAEXXZ

??_U@YAPAXI@Z

??_U@YAPAXIHPBDH@Z

??_V@YAXPAX@Z

??_V@YAXPAXHPBDH@Z

?Alloc@Concurrency@@YAPAXI@Z

?Block@Context@Concurrency@@SAXXZ

?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z

?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z

?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z

?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ

?CurrentContext@Context@Concurrency@@SAPAV12@XZ

?Detach@CurrentScheduler@Concurrency@@SAXXZ

?DisableTracing@Concurrency@@YAJXZ

?EnableTracing@Concurrency@@YAJXZ

?Free@Concurrency@@YAXPAX@Z

?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ

?GetExecutionContextId@Concurrency@@YAIXZ

?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ

?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ

?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ

?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z

?GetProcessorCount@Concurrency@@YAIXZ

?GetProcessorNodeCount@Concurrency@@YAIXZ

?GetSchedulerId@Concurrency@@YAIXZ

?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ

?Id@Context@Concurrency@@SAIXZ

?Id@CurrentScheduler@Concurrency@@SAIXZ

?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z

?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ

?Log2@details@Concurrency@@YAKI@Z

?Oversubscribe@Context@Concurrency@@SAX_N@Z

?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z

?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ

?ScheduleGroupId@Context@Concurrency@@SAIXZ

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z

?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z

?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z

?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z

?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z

?VirtualProcessorId@Context@Concurrency@@SAIXZ

?Yield@Context@Concurrency@@SAXXZ

?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ

?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ

?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z

?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ

?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ

?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z

?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ

?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ

?_Cancel@_CancellationTokenState@details@Concurrency@@QAEXXZ

?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ

?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ

?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ

?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ

?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z

?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ

?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ

?_Copy_str@exception@std@@AAEXPBD@Z

?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ

?_Current_node@location@Concurrency@@SA?AV12@XZ

?_DeregisterCallback@_CancellationTokenState@details@Concurrency@@QAEXPAV_CancellationTokenRegistration@23@@Z

?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ

?_Destroy@_CancellationTokenState@details@Concurrency@@EAEXXZ

?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ

?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ

?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ

?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ

?_GetConcurrency@details@Concurrency@@YAIXZ

?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ

?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ

?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ

?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ

?_Invoke@_CancellationTokenRegistration@details@Concurrency@@AAEXXZ

?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ

?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ

?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ

?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z

?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z

?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z

?_NewTokenState@_CancellationTokenState@details@Concurrency@@SAPAV123@XZ

?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ

?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ

?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z

?_Reference@_Scheduler@details@Concurrency@@QAEIXZ

?_RegisterCallback@_CancellationTokenState@details@Concurrency@@QAEPAV_CancellationTokenRegistration@23@P6AXPAX@Z0H@Z

?_RegisterCallback@_CancellationTokenState@details@Concurrency@@QAEXPAV_CancellationTokenRegistration@23@@Z

?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ

?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ

?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ

?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ

?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ

?_Release@_Scheduler@details@Concurrency@@QAEIXZ

?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ

?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ

?_ReportUnobservedException@details@Concurrency@@YAXXZ

?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ

?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ

?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z

?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z

?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z

?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z

?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z

?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z

?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z

?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z

?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ

?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ

?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ

?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ

?_SpinYield@Context@Concurrency@@SAXXZ

?_Start@_Timer@details@Concurrency@@IAEXXZ

?_Stop@_Timer@details@Concurrency@@IAEXXZ

?_Tidy@exception@std@@AAEXXZ

?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ

?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z

?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ

?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ

?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ

?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ

?_Type_info_dtor@type_info@@CAXPAV1@@Z

?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z

?_UnderlyingYield@details@Concurrency@@YAXXZ

?_ValidateExecute@@YAHP6GHXZ@Z

?_ValidateRead@@YAHPBXI@Z

?_ValidateWrite@@YAHPAXI@Z

?_Value@_SpinCount@details@Concurrency@@SAIXZ

?_Yield@_Context@details@Concurrency@@SAXXZ

?__ExceptionPtrAssign@@YAXPAXPBX@Z

?__ExceptionPtrCompare@@YA_NPBX0@Z

?__ExceptionPtrCopy@@YAXPAXPBX@Z

?__ExceptionPtrCopyException@@YAXPAXPBX1@Z

?__ExceptionPtrCreate@@YAXPAX@Z

?__ExceptionPtrCurrentException@@YAXPAX@Z

?__ExceptionPtrDestroy@@YAXPAX@Z

?__ExceptionPtrRethrow@@YAXPBX@Z

?__ExceptionPtrSwap@@YAXPAX0@Z

?__ExceptionPtrToBool@@YA_NPBX@Z

?_inconsistency@@YAXXZ

?_invalid_parameter@@YAXPBG00II@Z

?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z

?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z

?_open@@YAHPBDHH@Z

?_query_new_handler@@YAP6AHI@ZXZ

?_query_new_mode@@YAHXZ

?_set_new_handler@@YAP6AHI@ZH@Z

?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z

?_set_new_mode@@YAHH@Z

?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z

?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z

?_sopen@@YAHPBDHHH@Z

?_type_info_dtor_internal_method@type_info@@QAEXXZ

?_wopen@@YAHPB_WHH@Z

?_wsopen@@YAHPB_WHHH@Z

?before@type_info@@QBE_NABV1@@Z

?current@location@Concurrency@@SA?AV12@XZ

?from_numa_node@location@Concurrency@@SA?AV12@G@Z

?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ

?lock@critical_section@Concurrency@@QAEXXZ

?lock@reader_writer_lock@Concurrency@@QAEXXZ

?lock_read@reader_writer_lock@Concurrency@@QAEXXZ

?name@type_info@@QBEPBDPAU__type_info_node@@@Z

?native_handle@critical_section@Concurrency@@QAEAAV12@XZ

?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ

?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ

?raw_name@type_info@@QBEPBDXZ

?reset@event@Concurrency@@QAEXXZ

?set@event@Concurrency@@QAEXXZ

?set_new_handler@@YAP6AXXZP6AXXZ@Z

?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z

?set_task_execution_resources@Concurrency@@YAXK@Z

?set_terminate@@YAP6AXXZH@Z

?set_terminate@@YAP6AXXZP6AXXZ@Z

?set_unexpected@@YAP6AXXZH@Z

?set_unexpected@@YAP6AXXZP6AXXZ@Z

?swprintf@@YAHPAGIPBGZZ

?swprintf@@YAHPA_WIPB_WZZ

?terminate@@YAXXZ

?try_lock@critical_section@Concurrency@@QAE_NXZ

?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ

?try_lock_for@critical_section@Concurrency@@QAE_NI@Z

?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ

?unexpected@@YAXXZ

?unlock@critical_section@Concurrency@@QAEXXZ

?unlock@reader_writer_lock@Concurrency@@QAEXXZ

?vswprintf@@YAHPA_WIPB_WPAD@Z

?wait@Concurrency@@YAXI@Z

?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z

?wait@event@Concurrency@@QAEII@Z

?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z

?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z

?what@exception@std@@UBEPBDXZ

_CIacos

_CIasin

_CIatan

_CIatan2

_CIcos

_CIcosh

_CIexp

_CIfmod

_CIlog

_CIlog10

_CIpow

_CIsin

_CIsinh

_CIsqrt

_CItan

_CItanh

_CRT_RTC_INIT

_CRT_RTC_INITW

_CreateFrameInfo

_CxxThrowException

_EH_prolog

_FindAndUnlinkFrame

_Getdays

_Getmonths

_Gettnames

_HUGE

_IsExceptionObjectToBeDestroyed

_Lock_shared_ptr_spin_lock

_NLG_Dispatch2

_NLG_Return

_NLG_Return2

_Strftime

_Unlock_shared_ptr_spin_lock

_W_Getdays

_W_Getmonths

_W_Gettnames

_Wcsftime

_XcptFilter

__AdjustPointer

__BuildCatchObject

__BuildCatchObjectHelper

__CppXcptFilter

__CxxDetectRethrow

__CxxExceptionFilter

__CxxFrameHandler

__CxxFrameHandler2

__CxxFrameHandler3

__CxxLongjmpUnwind

__CxxQueryExceptionSize

__CxxRegisterExceptionObject

__CxxUnregisterExceptionObject

__DestructExceptionObject

__FrameUnwindFilter

__RTCastToVoid

__RTDynamicCast

__RTtypeid

__STRINGTOLD

__STRINGTOLD_L

__TypeMatch

___crtCreateSemaphoreExW@24

___lc_codepage_func

___lc_collate_cp_func

___lc_locale_name_func

___mb_cur_max_func

___mb_cur_max_l_func

___setlc_active_func

___unguarded_readlc_active_add_func

__argc

__argv

__badioinfo

__clean_type_info_names_internal

__control87_2

__create_locale

__crtCompareStringA

__crtCompareStringEx

__crtCompareStringW

__crtCreateSymbolicLinkW

__crtEnumSystemLocalesEx

__crtFlsAlloc

__crtFlsFree

__crtFlsGetValue

__crtFlsSetValue

__crtGetDateFormatEx

__crtGetLocaleInfoEx

__crtGetShowWindowMode

__crtGetTimeFormatEx

__crtGetUserDefaultLocaleName

__crtInitializeCriticalSectionEx

__crtIsPackagedApp

__crtIsValidLocaleName

__crtLCMapStringA

__crtLCMapStringEx

__crtLCMapStringW

__crtSetThreadStackGuarantee

__crtSetUnhandledExceptionFilter

__crtTerminateProcess

__crtUnhandledException

__daylight

__dllonexit

__doserrno

__dstbias

__fpecode

__free_locale

__get_current_locale

__get_flsindex

__get_tlsindex

__getmainargs

__initenv

__iob_func

__isascii

__iscsym

__iscsymf

__iswcsym

__iswcsymf

__lconv

__lconv_init

__libm_sse2_acos

__libm_sse2_acosf

__libm_sse2_asin

__libm_sse2_asinf

__libm_sse2_atan

__libm_sse2_atan2

__libm_sse2_atanf

__libm_sse2_cos

__libm_sse2_cosf

__libm_sse2_exp

__libm_sse2_expf

__libm_sse2_log

__libm_sse2_log10

__libm_sse2_log10f

__libm_sse2_logf

__libm_sse2_pow

__libm_sse2_powf

__libm_sse2_sin

__libm_sse2_sinf

__libm_sse2_tan

__libm_sse2_tanf

__mb_cur_max

__p___argc

__p___argv

__p___initenv

__p___mb_cur_max

__p___wargv

__p___winitenv

__p__acmdln

__p__commode

__p__daylight

__p__dstbias

__p__environ

__p__fmode

__p__iob

__p__mbcasemap

__p__mbctype

__p__pctype

__p__pgmptr

__p__pwctype

__p__timezone

__p__tzname

__p__wcmdln

__p__wenviron

__p__wpgmptr

__pctype_func

__pioinfo

__pwctype_func

__pxcptinfoptrs

__report_gsfailure

__set_app_type

__setlc_active

__setusermatherr

__strncnt

Sections

.text
Size: 792KB - Virtual size: 791KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Games Bot.exe

.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

25:09:f0:3b:47:e3:c1:8a:a6:ab:02:71:f3:b6:6e:5f:9a:45:7e:9f
Signer

Actual PE Digest

25:09:f0:3b:47:e3:c1:8a:a6:ab:02:71:f3:b6:6e:5f:9a:45:7e:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

PDB Paths

GamesBot.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 253B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Games Bot.exe.config

.xml

Modules/7z.dll

.dll windows:4 windows x86 arch:x86

71fc45db7a81ce236f432a828a4e8fcd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString

VariantClear

VariantCopy

SysFreeString

SysAllocStringByteLen

user32

CharLowerW

CharUpperA

CharNextA

CharPrevExA

CharUpperW

CharLowerA

msvcrt

_adjust_fdiv

_initterm

?terminate@@YAXXZ

_onexit

__dllonexit

??1type_info@@UAE@XZ

_except_handler3

_beginthreadex

memset

strcmp

realloc

memcmp

_purecall

strlen

free

malloc

memmove

_CxxThrowException

memcpy

__CxxFrameHandler

kernel32

InitializeCriticalSection

ReleaseSemaphore

CreateSemaphoreA

ResetEvent

SetEvent

CreateEventA

WaitForSingleObject

VirtualFree

VirtualAlloc

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

FileTimeToLocalFileTime

DeleteCriticalSection

LocalFileTimeToFileTime

GetVersionExA

WaitForMultipleObjects

EnterCriticalSection

LeaveCriticalSection

GetSystemTime

SystemTimeToFileTime

FileTimeToDosDateTime

DosDateTimeToFileTime

GetModuleHandleA

GetProcAddress

GetSystemInfo

CompareFileTime

WriteFile

ReadFile

MultiByteToWideChar

WideCharToMultiByte

GetLastError

CloseHandle

SetFileAttributesA

DeleteFileA

GetTempPathA

GetTempFileNameA

CreateFileA

Exports

CreateObject

GetHandlerProperty

GetHandlerProperty2

GetMethodProperty

GetNumberOfFormats

GetNumberOfMethods

SetLargePageMode

Sections

.text
Size: 654KB - Virtual size: 654KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/CmdProc.dll

.dll windows:6 windows x86 arch:x86

69031a4fc4a8def4c5c5667b9568a51d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

b2:d7:a4:e3:2c:4b:27:44:35:4d:03:96:0c:78:02:21:c2:84:9c:cf
Signer

Actual PE Digest

b2:d7:a4:e3:2c:4b:27:44:35:4d:03:96:0c:78:02:21:c2:84:9c:cf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\CmdProc.pdb

Imports

kernel32

MultiByteToWideChar

SetEvent

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

InitializeCriticalSectionEx

LoadLibraryW

GetProcAddress

FreeLibrary

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

ResetEvent

WaitForSingleObject

CloseHandle

OpenEventA

CreateEventA

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

FormatMessageA

LocalFree

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

msvcp110

?_Syserror_map@std@@YAPBDH@Z

?_Xinvalid_argument@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xbad_function_call@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Throw_C_error@std@@YAXH@Z

_Mtx_init

_Mtx_lock

_Mtx_unlock

_Mtx_destroy

?_Winerror_map@std@@YAPBDH@Z

msvcr110

?terminate@@YAXXZ

_except_handler4_common

__clean_type_info_names_internal

_CxxThrowException

strerror

memset

??8type_info@@QBE_NABV0@@Z

_purecall

vsprintf_s

_vscprintf

memmove_s

atoi

malloc

_resetstkoflw

__crtTerminateProcess

strtol

_errno

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

free

memcpy_s

memmove

wmemcpy_s

??0exception@std@@QAE@ABQBDH@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

__crtUnhandledException

_crt_debugger_hook

_initterm_e

_initterm

_malloc_crt

_amsg_exit

__CppXcptFilter

_onexit

__CxxFrameHandler3

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

?what@exception@std@@UBEPBDXZ

memcpy

__dllonexit

memcmp

Exports

Create

Init

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/CmlProc.dll

.dll windows:6 windows x86 arch:x86

4b56bfb1791cb484d1b86fbcd632e905

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

56:3b:57:49:e9:3e:a5:cd:1c:f0:c1:e0:e0:0e:a0:80:56:b5:c1:02
Signer

Actual PE Digest

56:3b:57:49:e9:3e:a5:cd:1c:f0:c1:e0:e0:0e:a0:80:56:b5:c1:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\CmlProc.pdb

Imports

kernel32

WideCharToMultiByte

ExitProcess

GetTickCount64

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

Sleep

GetProcAddress

GetModuleHandleW

GetEnvironmentVariableW

LoadLibraryW

FreeLibrary

GetModuleHandleA

GetSystemTimeAsFileTime

GetCurrentThreadId

SetWaitableTimer

WaitForSingleObject

GetLastError

CreateWaitableTimerW

SetLastError

MultiByteToWideChar

GetLocalTime

GetTempPathW

CancelWaitableTimer

GetHandleInformation

InitializeCriticalSectionEx

CloseHandle

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

DeleteCriticalSection

HeapAlloc

HeapReAlloc

HeapFree

HeapSize

GetProcessHeap

RaiseException

EnterCriticalSection

LeaveCriticalSection

HeapDestroy

user32

FindWindowA

advapi32

RegSetValueExW

RegCreateKeyExW

RegOpenKeyExW

RegCloseKey

CryptDestroyHash

CryptReleaseContext

CryptGetHashParam

CryptHashData

CryptCreateHash

CryptAcquireContextW

RegQueryValueExW

shell32

ShellExecuteExW

ole32

CoCreateGuid

StringFromGUID2

msvcp110

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

??_7_Facet_base@std@@6B@

??_7facet@locale@std@@6B@

?_Init@locale@std@@CAPAV_Locimp@12@_N@Z

?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

??_7codecvt_base@std@@6B@

??_7?$codecvt@_WDH@std@@6B@

?_Xinvalid_argument@std@@YAXPBD@Z

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?id@?$codecvt@_WDH@std@@2V0locale@2@A

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

??4?$_Yarn@D@std@@QAEAAV01@PBD@Z

?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

??0?$codecvt@_WDH@std@@QAE@I@Z

?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z

?always_noconv@codecvt_base@std@@QBE_NXZ

?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z

?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ

?_Incref@facet@locale@std@@UAEXXZ

??Bid@locale@std@@QAEIXZ

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z

?id@?$ctype@D@std@@2V0locale@2@A

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?tolower@?$ctype@D@std@@QBEDD@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_BADOFF@std@@3_JB

?_Xout_of_range@std@@YAXPBD@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

msvcr110

memmove_s

_vscwprintf

vswprintf_s

_purecall

??0exception@std@@QAE@ABQBD@Z

??1exception@std@@UAE@XZ

wmemcpy_s

??0exception@std@@QAE@ABV01@@Z

_errno

strtoul

fgetc

fputc

ungetc

_strlwr_s

strncmp

_ultoa_s

_wtoi

rand

?what@exception@std@@UBEPBDXZ

_lock_file

_unlock_file

fwrite

_fseeki64

fgetpos

fsetpos

setvbuf

fflush

strnlen

fclose

??0bad_cast@std@@QAE@PBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

_vscprintf

vsprintf_s

memchr

_recalloc

calloc

srand

_mbsinc

wcsstr

memset

??1type_info@@UAE@XZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

__CppXcptFilter

_amsg_exit

_malloc_crt

_initterm

_initterm_e

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

_except_handler4_common

__clean_type_info_names_internal

wcsnlen

toupper

malloc

_resetstkoflw

??2@YAPAXI@Z

free

memcpy_s

memmove

??3@YAXPAX@Z

memcmp

__CxxFrameHandler3

_CxxThrowException

memcpy

Exports

Create

Init

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/CmnUtls.dll

.dll windows:6 windows x86 arch:x86

aa8001def291fadf9d0cedae945797af

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

eb:59:1b:de:98:8b:c3:00:36:a2:82:7d:c6:15:92:eb:94:d2:04:38
Signer

Actual PE Digest

eb:59:1b:de:98:8b:c3:00:36:a2:82:7d:c6:15:92:eb:94:d2:04:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\CmnUtls.pdb

Imports

kernel32

CreateEventA

HeapAlloc

GetProcessHeap

HeapFree

GetLastError

CloseHandle

CreateEventW

ResetEvent

SetEvent

GetFileAttributesW

FindFirstFileW

FindNextFileW

FindClose

WaitForSingleObject

RemoveDirectoryW

DeleteFileW

MultiByteToWideChar

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

InitializeCriticalSectionEx

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

FormatMessageA

LocalFree

SystemTimeToFileTime

CreateWaitableTimerA

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

ResumeThread

SetWaitableTimer

GetTickCount

GetModuleHandleA

GetProcAddress

GetCurrentThreadId

GetCurrentProcessId

Sleep

ReleaseSemaphore

WaitForMultipleObjects

OpenEventA

GetSystemTimeAsFileTime

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

RaiseException

HeapSize

QueryPerformanceCounter

HeapReAlloc

HeapDestroy

msvcp110

?_Syserror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr110

_malloc_crt

_initterm

_initterm_e

?terminate@@YAXXZ

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

_except_handler4_common

__clean_type_info_names_internal

strerror

memcpy

_CxxThrowException

_beginthreadex

_gmtime64

memset

_amsg_exit

free

_purecall

vswprintf_s

_vscwprintf

memmove_s

wcsnlen

wcsstr

?what@exception@std@@UBEPBDXZ

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

memcpy_s

memmove

wmemcpy_s

??0exception@std@@QAE@ABQBDH@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

__CxxFrameHandler3

Exports

CreateAsyncRemover

Init

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/InSes.dll

.dll windows:6 windows x86 arch:x86

da50dcede762476e94f766d98da78b88

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

52:7c:de:2b:e5:13:fd:e3:18:77:e7:79:a6:a1:e7:d9:08:48:10:51
Signer

Actual PE Digest

52:7c:de:2b:e5:13:fd:e3:18:77:e7:79:a6:a1:e7:d9:08:48:10:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetLastError

Sleep

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

msvcr110

__clean_type_info_names_internal

_except_handler4_common

?terminate@@YAXXZ

__crtTerminateProcess

__crtUnhandledException

_crt_debugger_hook

_initterm_e

_initterm

_malloc_crt

free

_amsg_exit

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

_purecall

?what@exception@std@@UBEPBDXZ

vsprintf_s

_vscprintf

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@PBD@Z

memmove_s

fclose

fflush

setvbuf

fsetpos

fgetpos

_fseeki64

fwrite

_unlock_file

_lock_file

atoi

ungetc

fputc

fgetc

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

memcpy_s

memmove

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

_CxxThrowException

__CxxFrameHandler3

memcpy

memset

msvcp110

_Mtx_destroy

_Mtx_unlock

_Mtx_lock

_Mtx_init

?_Throw_C_error@std@@YAXH@Z

??Bid@locale@std@@QAEIXZ

?always_noconv@codecvt_base@std@@QBE_NXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?_Syserror_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_BADOFF@std@@3_JB

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_Xlength_error@std@@YAXPBD@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?_Xbad_alloc@std@@YAXXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

Exports

Create

Init

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/ManXec.dll

.dll windows:6 windows x86 arch:x86

3a68ec1026ade049f784dbebe3a83cfb

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

20:17:0b:97:15:50:6e:cd:c1:d4:37:37:6c:fe:75:9e:f7:06:dc:f1
Signer

Actual PE Digest

20:17:0b:97:15:50:6e:cd:c1:d4:37:37:6c:fe:75:9e:f7:06:dc:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\ManXec.pdb

Imports

kernel32

FindResourceExW

InitializeCriticalSectionEx

LoadLibraryA

CloseHandle

WideCharToMultiByte

MultiByteToWideChar

GetModuleFileNameW

GetModuleHandleW

OpenEventW

GetCurrentProcess

FindResourceW

CreateProcessW

WaitForMultipleObjects

GetExitCodeProcess

TerminateProcess

ExitProcess

GetCurrentProcessId

OpenProcess

QueryFullProcessImageNameW

GetEnvironmentVariableW

LoadResource

LockResource

SizeofResource

FreeLibrary

LoadLibraryW

GetTempPathW

GetProcAddress

FindFirstFileW

FindClose

DeleteFileW

CreateDirectoryW

SetFileAttributesW

SetEndOfFile

SetFileTime

SetFilePointer

GetFileSize

CreateFileW

WriteFile

ReadFile

FormatMessageA

LocalFree

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

ResetEvent

SetEvent

WaitForSingleObject

OpenEventA

CreateEventA

GetSystemTimeAsFileTime

GetCurrentThreadId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

advapi32

RegCreateKeyExW

RegQueryValueExW

RegDeleteValueW

RegOpenKeyExW

RegCloseKey

RegSetValueExW

ole32

CoCreateGuid

StringFromGUID2

oleaut32

SysAllocString

VariantClear

msvcp110

?_Syserror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Xbad_function_call@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr110

?terminate@@YAXXZ

_purecall

?what@exception@std@@UBEPBDXZ

??8type_info@@QBE_NABV0@@Z

memmove_s

??0exception@std@@QAE@ABV01@@Z

memcpy_s

memmove

wmemcpy_s

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

??3@YAXPAX@Z

__clean_type_info_names_internal

_except_handler4_common

__crtTerminateProcess

__crtUnhandledException

_crt_debugger_hook

_initterm_e

_initterm

_malloc_crt

_amsg_exit

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

memset

vsprintf_s

_vscprintf

_mbsinc

strnlen

vswprintf_s

_vscwprintf

wcsrchr

srand

rand

wcsnlen

_wcsicmp

_resetstkoflw

free

malloc

??2@YAPAXI@Z

_CxxThrowException

__CxxFrameHandler3

memcpy

??0exception@std@@QAE@ABQBDH@Z

strerror

Exports

Create

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/NavSupp.dll

.dll windows:6 windows x86 arch:x86

01d7f9c204cd57846bd4c12bbd9800e9

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

85:12:08:d9:36:ef:77:a1:19:22:9c:70:9d:97:21:ba:2f:0d:b4:2a
Signer

Actual PE Digest

85:12:08:d9:36:ef:77:a1:19:22:9c:70:9d:97:21:ba:2f:0d:b4:2a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\NavSupp.pdb

Imports

kernel32

CreateDirectoryW

CreateProcessW

WaitForMultipleObjects

GetExitCodeProcess

TerminateProcess

ExitProcess

DeleteFileW

ReadFile

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

InitializeCriticalSectionEx

CreateFileW

GetShortPathNameW

GetFileAttributesW

GetModuleFileNameW

MultiByteToWideChar

MoveFileW

CloseHandle

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

GetLastError

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

HeapDestroy

HeapAlloc

HeapReAlloc

HeapFree

HeapSize

GetProcessHeap

EncodePointer

DecodePointer

IsDebuggerPresent

IsProcessorFeaturePresent

RaiseException

advapi32

CryptReleaseContext

CryptGetHashParam

CryptHashData

CryptCreateHash

CryptAcquireContextW

CryptDestroyHash

shell32

SHFileOperationW

msvcp110

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?always_noconv@codecvt_base@std@@QBE_NXZ

??Bid@locale@std@@QAEIXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Xbad_alloc@std@@YAXXZ

?id@?$codecvt@DDH@std@@2V0locale@2@A

?_Xlength_error@std@@YAXPBD@Z

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_BADOFF@std@@3_JB

?_Xout_of_range@std@@YAXPBD@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

??1_Lockit@std@@QAE@XZ

??0_Lockit@std@@QAE@H@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

msvcr110

_resetstkoflw

wcsnlen

wcsrchr

_lock_file

_unlock_file

fwrite

_fseeki64

fgetpos

fsetpos

setvbuf

fflush

strnlen

fclose

memmove_s

??0bad_cast@std@@QAE@PBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

_vscwprintf

vswprintf_s

_vscprintf

vsprintf_s

?what@exception@std@@UBEPBDXZ

_purecall

memset

??1type_info@@UAE@XZ

?terminate@@YAXXZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

__CppXcptFilter

_amsg_exit

_malloc_crt

_initterm

_initterm_e

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

_except_handler4_common

__clean_type_info_names_internal

malloc

ungetc

fputc

fgetc

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

free

memmove

wmemcpy_s

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

swprintf_s

memcpy_s

??3@YAXPAX@Z

__CxxFrameHandler3

_CxxThrowException

memcpy

Exports

Create

Init

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/PrfIns.dll

.dll windows:6 windows x86 arch:x86

6a467be532b93556a3cdece00f2437c2

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

16:69:46:d1:e3:96:2b:41:50:0b:e0:db:f7:cb:b1:2b:1a:e3:9f:83
Signer

Actual PE Digest

16:69:46:d1:e3:96:2b:41:50:0b:e0:db:f7:cb:b1:2b:1a:e3:9f:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\PrfIns.pdb

Imports

kernel32

DeleteFileW

CreateDirectoryW

CopyFileW

GetEnvironmentVariableW

MultiByteToWideChar

LockResource

LoadResource

FindResourceW

FindResourceExW

CloseHandle

ReadFile

CreateFileW

GetFileAttributesW

WideCharToMultiByte

SizeofResource

InitializeCriticalSectionEx

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

GetSystemTimeAsFileTime

advapi32

CryptReleaseContext

CryptGetHashParam

CryptHashData

CryptCreateHash

CryptAcquireContextW

CryptDestroyHash

ole32

CoCreateGuid

StringFromGUID2

msvcr110

_except_handler4_common

?terminate@@YAXXZ

__crtTerminateProcess

_lock_file

__crtUnhandledException

memmove_s

_initterm_e

_initterm

_malloc_crt

_amsg_exit

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

??1type_info@@UAE@XZ

memset

vsprintf_s

_vscprintf

vswprintf_s

_vscwprintf

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@PBD@Z

_mbsinc

fclose

wcsnlen

strnlen

fflush

setvbuf

fsetpos

fgetpos

_fseeki64

fwrite

_unlock_file

__clean_type_info_names_internal

srand

malloc

_resetstkoflw

ungetc

fputc

fgetc

rand

??0exception@std@@QAE@ABV01@@Z

free

wmemcpy_s

memcpy_s

_purecall

??2@YAPAXI@Z

memmove

??3@YAXPAX@Z

_CxxThrowException

__CxxFrameHandler3

_crt_debugger_hook

memcpy

msvcp110

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??Bid@locale@std@@QAEIXZ

?always_noconv@codecvt_base@std@@QBE_NXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp2@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Add_vtordisp1@?$basic_istream@DU?$char_traits@D@std@@@std@@UAEXXZ

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z

?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?_Syserror_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAPBDH@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?_BADOFF@std@@3_JB

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

Exports

Create

Init

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/WbSes.dll

.dll windows:6 windows x86 arch:x86

e2ea5011da0e4513a86e8041efe6c97c

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

d7:02:a1:e6:c0:ea:b1:68:58:c1:f6:a9:1e:c6:6c:b6:00:af:07:e5
Signer

Actual PE Digest

d7:02:a1:e6:c0:ea:b1:68:58:c1:f6:a9:1e:c6:6c:b6:00:af:07:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\WbSes.pdb

Imports

kernel32

GetNamedPipeClientProcessId

HeapAlloc

GetProcessHeap

HeapFree

WriteFile

PeekNamedPipe

ReadFile

GetOverlappedResult

WaitForMultipleObjects

ConnectNamedPipe

CreateNamedPipeW

DisconnectNamedPipe

SetEvent

ResetEvent

CreateEventW

CloseHandle

LocalFree

GetLastError

FindResourceExW

FindResourceW

LoadResource

LockResource

SizeofResource

MultiByteToWideChar

WideCharToMultiByte

WaitForSingleObject

HeapDestroy

HeapReAlloc

HeapSize

RaiseException

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

EncodePointer

DecodePointer

IsDebuggerPresent

IsProcessorFeaturePresent

QueryPerformanceCounter

GetCurrentProcessId

GetCurrentThreadId

GetSystemTimeAsFileTime

InitializeCriticalSectionEx

advapi32

GetSecurityDescriptorOwner

InitializeSecurityDescriptor

MakeAbsoluteSD

GetSecurityDescriptorControl

GetSecurityDescriptorLength

MakeSelfRelativeSD

GetSecurityDescriptorSacl

SetSecurityDescriptorDacl

GetSecurityDescriptorDacl

GetSecurityDescriptorGroup

GetSidLengthRequired

ConvertStringSecurityDescriptorToSecurityDescriptorW

GetAclInformation

AddAce

InitializeAcl

IsValidSid

GetLengthSid

CopySid

GetSidSubAuthority

InitializeSid

ole32

CoCreateGuid

StringFromGUID2

msvcp110

?_Throw_Cpp_error@std@@YAXH@Z

_Thrd_current

_Thrd_equal

?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z

??1_Pad@std@@QAE@XZ

?_Release@_Pad@std@@QAEXXZ

??0_Pad@std@@QAE@XZ

?_Throw_C_error@std@@YAXH@Z

_Thrd_detach

_Mtx_init

_Thrd_join

_Mtx_unlock

_Mtx_destroy

?_Future_error_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

?_Xbad_alloc@std@@YAXXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_function_call@std@@YAXXZ

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

_Mtx_lock

msvcr110

??0exception@std@@QAE@ABQBD@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABV01@@Z

??0exception@std@@QAE@XZ

?terminate@@YAXXZ

calloc

?what@exception@std@@UBEPBDXZ

wcsnlen

memchr

sprintf_s

atoi

memset

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

??1type_info@@UAE@XZ

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

__CppXcptFilter

_amsg_exit

_malloc_crt

_initterm

_initterm_e

_except_handler4_common

__clean_type_info_names_internal

_mbsinc

memmove_s

srand

malloc

_resetstkoflw

rand

free

memcpy_s

wmemcpy_s

??2@YAPAXI@Z

_purecall

memmove

??3@YAXPAX@Z

_CxxThrowException

__CxxFrameHandler3

memcmp

memcpy

ws2_32

setsockopt

recv

send

select

accept

WSAEnumNetworkEvents

WSAWaitForMultipleEvents

listen

bind

WSAEventSelect

WSACreateEvent

htons

closesocket

socket

WSACleanup

WSAGetLastError

WSAStartup

iphlpapi

GetExtendedTcpTable

Exports

Create

Init

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/WblSupp.dll

.dll windows:6 windows x86 arch:x86

b24fbd5b9665209307cad63d89c97c06

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ce:6b:63:bf:5f:d4:db:a9:fa:5e:d0:81:4d:22:21:3f:01:da:c9:3e
Signer

Actual PE Digest

ce:6b:63:bf:5f:d4:db:a9:fa:5e:d0:81:4d:22:21:3f:01:da:c9:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\WblSupp.pdb

Imports

kernel32

InitializeCriticalSectionEx

WideCharToMultiByte

CreateToolhelp32Snapshot

Process32FirstW

CloseHandle

Process32NextW

OpenProcess

QueryFullProcessImageNameW

SizeofResource

LockResource

LoadResource

FindResourceW

FindResourceExW

GetTickCount

GetProcAddress

GetModuleHandleA

CreateEventA

CreateSemaphoreA

GetCurrentProcess

DuplicateHandle

ReleaseSemaphore

GetSystemTimeAsFileTime

HeapAlloc

GetProcessHeap

HeapFree

SetEvent

WaitForSingleObject

TlsFree

TlsSetValue

QueryPerformanceFrequency

FormatMessageA

LocalFree

SystemTimeToFileTime

TlsGetValue

TlsAlloc

ResumeThread

SetWaitableTimer

ResetEvent

Sleep

WaitForMultipleObjects

OpenEventA

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetLastError

RaiseException

HeapSize

HeapReAlloc

HeapDestroy

CreateWaitableTimerA

user32

GetWindowTextW

GetWindowTextLengthW

EnumWindows

GetClassNameW

GetWindowThreadProcessId

msvcr110

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

__CppXcptFilter

_amsg_exit

_malloc_crt

_lock

_initterm_e

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

_except_handler4_common

__clean_type_info_names_internal

??1type_info@@UAE@XZ

memset

vsprintf_s

_vscprintf

strnlen

_difftime64

rand

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@XZ

_time64

_gmtime64

_initterm

??0exception@std@@QAE@ABV01@@Z

memchr

??0exception@std@@QAE@ABQBDH@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

_ultoa_s

strncmp

_strlwr_s

strtoul

vswprintf_s

_vscwprintf

memmove_s

wcsnlen

malloc

_resetstkoflw

free

memcpy_s

wmemcpy_s

_purecall

??2@YAPAXI@Z

memmove

??3@YAXPAX@Z

_beginthreadex

_CxxThrowException

__CxxFrameHandler3

memcpy

srand

strerror

msvcp110

??1_Lockit@std@@QAE@XZ

??0_Lockit@std@@QAE@H@Z

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

Exports

Create

Init

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Modules/WdcMan.dll

.dll windows:6 windows x86 arch:x86

2baf22696165027cd6004f35d8d634a0

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

eb:16:cf:f1:9c:88:e5:f3:1c:8d:4a:07:c0:55:5c:ff:8a:73:94:e4
Signer

Actual PE Digest

eb:16:cf:f1:9c:88:e5:f3:1c:8d:4a:07:c0:55:5c:ff:8a:73:94:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\Projects\gigaclick\Release\Modules\WdcMan.pdb

Imports

kernel32

GetTickCount

GetProcAddress

GetModuleHandleA

CreateEventA

CreateSemaphoreA

GetCurrentProcess

DuplicateHandle

ReleaseSemaphore

CloseHandle

GetSystemTimeAsFileTime

HeapAlloc

GetProcessHeap

HeapFree

SetEvent

WaitForSingleObject

Sleep

CreateToolhelp32Snapshot

Thread32First

Thread32Next

GetModuleHandleW

OpenThread

GetVersionExW

WideCharToMultiByte

GetLastError

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

ResumeThread

SetWaitableTimer

ResetEvent

QueryPerformanceFrequency

FormatMessageA

LocalFree

SystemTimeToFileTime

WaitForMultipleObjects

OpenEventA

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

DecodePointer

EncodePointer

HeapSize

HeapReAlloc

HeapDestroy

CreateWaitableTimerA

user32

GetWindowLongW

GetWindowTextA

FindWindowExW

GetWindowThreadProcessId

GetWindowTextW

GetWindowTextLengthW

GetClassNameA

EnumWindows

ScreenToClient

IsWindow

PostMessageW

GetWindowRect

msvcr110

_malloc_crt

_initterm

_initterm_e

_crt_debugger_hook

_amsg_exit

__crtTerminateProcess

?terminate@@YAXXZ

_except_handler4_common

__clean_type_info_names_internal

__CppXcptFilter

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

srand

??1type_info@@UAE@XZ

calloc

??8type_info@@QBE_NABV0@@Z

free

memchr

memcpy_s

__crtUnhandledException

?what@exception@std@@UBEPBDXZ

_time64

_gmtime64

??0exception@std@@QAE@ABV01@@Z

rand

??0exception@std@@QAE@ABQBDH@Z

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABQBD@Z

_purecall

??2@YAPAXI@Z

memmove

??3@YAXPAX@Z

_beginthreadex

_CxxThrowException

__CxxFrameHandler3

memcpy

strerror

_libm_sse2_pow_precise

_libm_sse2_sin_precise

memcmp

_recalloc

memset

msvcp110

_Mtx_destroy

_Mtx_unlock

_Mtx_lock

_Mtx_init

?_Throw_C_error@std@@YAXH@Z

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Winerror_map@std@@YAPBDH@Z

?_Syserror_map@std@@YAPBDH@Z

Exports

Create

Init

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

System.Data.SQLite.dll

.dll windows:5 windows x86 arch:x86

8067a5631cafa1803a58b72f826f7911

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW

GetFullPathNameA

CreateFileA

GetFileSize

SetFilePointer

SetEndOfFile

FreeLibrary

QueryPerformanceCounter

InterlockedCompareExchange

UnlockFile

LockFile

GetTickCount

GetSystemTimeAsFileTime

FormatMessageA

WriteFile

InitializeCriticalSection

WideCharToMultiByte

LoadLibraryW

Sleep

FormatMessageW

LeaveCriticalSection

GetFileAttributesA

GetFileAttributesW

ReadFile

CreateFileW

MultiByteToWideChar

FlushFileBuffers

GetTempPathW

GetLastError

GetProcAddress

LockFileEx

EnterCriticalSection

GetDiskFreeSpaceW

LoadLibraryA

GetDiskFreeSpaceA

DeleteCriticalSection

GetCurrentThreadId

GetVersionExA

CloseHandle

DeleteFileW

GetCurrentProcessId

GetTempPathA

LocalFree

GetSystemTime

AreFileApisANSI

DeleteFileA

LocalAlloc

InterlockedExchange

RaiseException

HeapFree

HeapAlloc

HeapReAlloc

GetCommandLineA

HeapCreate

HeapDestroy

VirtualFree

FatalAppExitA

VirtualAlloc

GetCPInfo

InterlockedIncrement

InterlockedDecrement

GetACP

GetOEMCP

IsValidCodePage

GetModuleHandleW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

SetLastError

GetCurrentThread

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

ExitProcess

GetStdHandle

GetModuleFileNameA

GetTimeZoneInformation

LCMapStringA

LCMapStringW

SetHandleCount

GetFileType

GetStartupInfoA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

InitializeCriticalSectionAndSpinCount

RtlUnwind

GetStringTypeA

GetStringTypeW

GetTimeFormatA

GetDateFormatA

GetUserDefaultLCID

GetLocaleInfoA

EnumSystemLocalesA

IsValidLocale

SetConsoleCtrlHandler

GetModuleHandleA

HeapSize

GetLocaleInfoW

GetConsoleCP

GetConsoleMode

CompareStringA

CompareStringW

SetEnvironmentVariableA

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

SetStdHandle

mscoree

_CorDllMain

Exports

_sqlite3_bind_double_interop@12

_sqlite3_bind_int64_interop@12

_sqlite3_bind_parameter_name_interop@12

_sqlite3_close_interop@4

_sqlite3_column_database_name16_interop@12

_sqlite3_column_database_name_interop@12

_sqlite3_column_decltype16_interop@12

_sqlite3_column_decltype_interop@12

_sqlite3_column_double_interop@12

_sqlite3_column_int64_interop@12

_sqlite3_column_name16_interop@12

_sqlite3_column_name_interop@12

_sqlite3_column_origin_name16_interop@12

_sqlite3_column_origin_name_interop@12

_sqlite3_column_table_name16_interop@12

_sqlite3_column_table_name_interop@12

_sqlite3_column_text16_interop@12

_sqlite3_column_text_interop@12

_sqlite3_context_collcompare@20

_sqlite3_context_collseq@16

_sqlite3_create_function_interop@36

_sqlite3_cursor_rowid@12

_sqlite3_errmsg_interop@8

_sqlite3_finalize_interop@4

_sqlite3_index_column_info_interop@32

_sqlite3_open16_interop@12

_sqlite3_open_interop@12

_sqlite3_prepare16_interop@24

_sqlite3_prepare_interop@24

_sqlite3_reset_interop@4

_sqlite3_result_double_interop@8

_sqlite3_result_int64_interop@8

_sqlite3_table_column_metadata_interop@44

_sqlite3_table_cursor@12

_sqlite3_value_double_interop@8

_sqlite3_value_int64_interop@8

_sqlite3_value_text16_interop@8

_sqlite3_value_text_interop@8

sqlite3_aggregate_context

sqlite3_aggregate_count

sqlite3_auto_extension

sqlite3_backup_finish

sqlite3_backup_init

sqlite3_backup_pagecount

sqlite3_backup_remaining

sqlite3_backup_step

sqlite3_bind_blob

sqlite3_bind_double

sqlite3_bind_int

sqlite3_bind_int64

sqlite3_bind_null

sqlite3_bind_parameter_count

sqlite3_bind_parameter_index

sqlite3_bind_parameter_name

sqlite3_bind_text

sqlite3_bind_text16

sqlite3_bind_value

sqlite3_bind_zeroblob

sqlite3_blob_bytes

sqlite3_blob_close

sqlite3_blob_open

sqlite3_blob_read

sqlite3_blob_write

sqlite3_busy_handler

sqlite3_busy_timeout

sqlite3_changes

sqlite3_clear_bindings

sqlite3_close

sqlite3_collation_needed

sqlite3_collation_needed16

sqlite3_column_blob

sqlite3_column_bytes

sqlite3_column_bytes16

sqlite3_column_count

sqlite3_column_database_name

sqlite3_column_database_name16

sqlite3_column_decltype

sqlite3_column_decltype16

sqlite3_column_double

sqlite3_column_int

sqlite3_column_int64

sqlite3_column_name

sqlite3_column_name16

sqlite3_column_origin_name

sqlite3_column_origin_name16

sqlite3_column_table_name

sqlite3_column_table_name16

sqlite3_column_text

sqlite3_column_text16

sqlite3_column_type

sqlite3_column_value

sqlite3_commit_hook

sqlite3_compileoption_get

sqlite3_compileoption_used

sqlite3_complete

sqlite3_complete16

sqlite3_config

sqlite3_context_db_handle

sqlite3_create_collation

sqlite3_create_collation16

sqlite3_create_collation_v2

sqlite3_create_function

sqlite3_create_function16

sqlite3_create_module

sqlite3_create_module_v2

sqlite3_data_count

sqlite3_db_config

sqlite3_db_handle

sqlite3_db_mutex

sqlite3_db_status

sqlite3_declare_vtab

sqlite3_enable_load_extension

sqlite3_enable_shared_cache

sqlite3_errcode

sqlite3_errmsg

sqlite3_errmsg16

sqlite3_exec

sqlite3_expired

sqlite3_extended_errcode

sqlite3_extended_result_codes

sqlite3_file_control

sqlite3_finalize

sqlite3_free

sqlite3_free_table

sqlite3_get_autocommit

sqlite3_get_auxdata

sqlite3_get_table

sqlite3_global_recover

sqlite3_initialize

sqlite3_interrupt

sqlite3_key

sqlite3_last_insert_rowid

sqlite3_libversion

sqlite3_libversion_number

sqlite3_limit

sqlite3_load_extension

sqlite3_log

sqlite3_malloc

sqlite3_memory_alarm

sqlite3_memory_highwater

sqlite3_memory_used

sqlite3_mprintf

sqlite3_mutex_alloc

sqlite3_mutex_enter

sqlite3_mutex_free

sqlite3_mutex_leave

sqlite3_mutex_try

sqlite3_next_stmt

sqlite3_open

sqlite3_open16

sqlite3_open_v2

sqlite3_os_end

sqlite3_os_init

sqlite3_overload_function

sqlite3_prepare

sqlite3_prepare16

sqlite3_prepare16_v2

sqlite3_prepare_v2

sqlite3_profile

sqlite3_progress_handler

sqlite3_randomness

sqlite3_realloc

sqlite3_rekey

sqlite3_release_memory

sqlite3_reset

sqlite3_reset_auto_extension

sqlite3_result_blob

sqlite3_result_double

sqlite3_result_error

sqlite3_result_error16

sqlite3_result_error_code

sqlite3_result_error_nomem

sqlite3_result_error_toobig

sqlite3_result_int

sqlite3_result_int64

sqlite3_result_null

sqlite3_result_text

sqlite3_result_text16

sqlite3_result_text16be

sqlite3_result_text16le

sqlite3_result_value

sqlite3_result_zeroblob

sqlite3_rollback_hook

sqlite3_set_authorizer

sqlite3_set_auxdata

sqlite3_shutdown

sqlite3_sleep

sqlite3_snprintf

sqlite3_soft_heap_limit

sqlite3_sourceid

sqlite3_sql

sqlite3_status

sqlite3_step

sqlite3_stmt_status

sqlite3_strnicmp

sqlite3_table_column_metadata

sqlite3_test_control

sqlite3_thread_cleanup

sqlite3_threadsafe

sqlite3_total_changes

sqlite3_trace

sqlite3_transfer_bindings

sqlite3_update_hook

sqlite3_user_data

sqlite3_value_blob

sqlite3_value_bytes

sqlite3_value_bytes16

sqlite3_value_double

sqlite3_value_int

sqlite3_value_int64

sqlite3_value_numeric_type

sqlite3_value_text

sqlite3_value_text16

sqlite3_value_text16be

sqlite3_value_text16le

sqlite3_value_type

sqlite3_version

sqlite3_vfs_find

sqlite3_vfs_register

sqlite3_vfs_unregister

sqlite3_vmprintf

sqlite3_win32_mbcs_to_utf8

Sections

.text
Size: 646KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

gbRunner.exe

.exe windows:6 windows x86 arch:x86

b992edd3a85c4b71f2e4ffb360f4cd6d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

0e:2e:88:50:2b:3f:c0:0e:37:91:b6:c2:77:39:93:a8
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/10/2014, 00:00

Not After

24/10/2015, 23:59

Subject

CN=MADFLY FILMS LTD,O=MADFLY FILMS LTD,POSTALCODE=SL5 7HL,STREET=14 COURSE ROAD,L=ASCOT,ST=BERKSHIRE,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

a6:52:8f:89:b0:01:a8:c0:96:4f:14:37:ab:ca:be:43:e7:5c:75:7e
Signer

Actual PE Digest

a6:52:8f:89:b0:01:a8:c0:96:4f:14:37:ab:ca:be:43:e7:5c:75:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceW

LoadResource

CreateProcessW

CreateDirectoryW

OpenProcess

WideCharToMultiByte

SizeofResource

TerminateProcess

MultiByteToWideChar

InitializeCriticalSectionEx

Process32FirstW

LockResource

Process32NextW

GetProcessAffinityMask

CreateToolhelp32Snapshot

GetShortPathNameW

CloseHandle

ExitProcess

WaitForSingleObject

SetEvent

GetFileAttributesW

CreateEventW

FreeLibrary

FindResourceExW

GetProcAddress

GetModuleFileNameW

CreateMutexW

GetTickCount

GetProcessHeap

HeapAlloc

CreateEventA

HeapFree

Sleep

GetLastError

WaitForMultipleObjects

ReleaseMutex

GetCurrentProcessId

GetTickCount64

ResetEvent

LocalFree

SystemTimeToFileTime

CreateWaitableTimerA

ResumeThread

SetWaitableTimer

LoadLibraryW

SetProcessAffinityMask

OpenEventA

CreateFileW

SignalObjectAndWait

WriteConsoleW

SetStdHandle

UnregisterWait

DuplicateHandle

GetCurrentProcess

GetCurrentThread

GetCurrentThreadId

GetSystemTimeAsFileTime

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InterlockedExchange

RaiseException

HeapDestroy

HeapReAlloc

HeapSize

GetSystemInfo

VirtualAlloc

VirtualProtect

VirtualQuery

EncodePointer

DecodePointer

GetCommandLineW

RtlUnwind

IsProcessorFeaturePresent

CreateThread

ExitThread

LoadLibraryExW

InitializeCriticalSectionAndSpinCount

TlsGetValue

CreateTimerQueueTimer

CreateTimerQueue

UnhandledExceptionFilter

SetUnhandledExceptionFilter

SetLastError

TlsAlloc

TlsSetValue

TlsFree

GetStartupInfoW

GetModuleHandleW

CreateSemaphoreW

IsDebuggerPresent

InterlockedDecrement

GetModuleHandleExW

GetStdHandle

WriteFile

InterlockedIncrement

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

GetFileType

QueryPerformanceCounter

GetEnvironmentStringsW

FreeEnvironmentStringsW

DeleteTimerQueueTimer

SetThreadAffinityMask

OutputDebugStringW

SwitchToThread

GetThreadTimes

FreeLibraryAndExitThread

GetModuleHandleA

SetThreadPriority

GetVersionExW

VirtualFree

ReleaseSemaphore

InitializeSListHead

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedFlushSList

QueryDepthSList

UnregisterWaitEx

ChangeTimerQueueTimer

GetNumaHighestNodeNumber

RegisterWaitForSingleObject

GetConsoleCP

GetConsoleMode

SetFilePointerEx

LCMapStringW

GetStringTypeW

FlushFileBuffers

GetThreadPriority

FormatMessageA

advapi32

RegCloseKey

shell32

SHFileOperationW

ole32

StringFromGUID2

CoCreateGuid

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

msvcp110.dll