23e0072baba7b9ea62f2ed1fc1d52131_JaffaCakes118

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

.exe windows:4 windows x86 arch:x86

e3e1ba523cf61b826993834dca364e87

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

31:49:02:dc:ab:7c:69:a6:ae:9f:05:70:f9:dd:9e:a0:b8:c5:ed:bf
Signer

Actual PE Digest

31:49:02:dc:ab:7c:69:a6:ae:9f:05:70:f9:dd:9e:a0:b8:c5:ed:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameA

MoveFileA

SearchPathA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

GetShortPathNameA

SetCurrentDirectoryA

Sleep

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

SetEnvironmentVariableA

GetWindowsDirectoryA

GetTempPathA

GetModuleHandleA

GetTickCount

CloseHandle

lstrlenA

lstrcpynA

GetDiskFreeSpaceA

GlobalUnlock

GlobalLock

CreateThread

CreateProcessA

RemoveDirectoryA

CreateFileA

GetTempFileNameA

ReadFile

lstrcpyA

lstrcatA

GetSystemDirectoryA

GetVersion

GetProcAddress

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

CompareFileTime

SetFileTime

ExpandEnvironmentStringsA

lstrcmpiA

lstrcmpA

SetErrorMode

GlobalFree

LoadLibraryA

GetCommandLineA

MulDiv

DeleteFileA

FindFirstFileA

FindNextFileA

FindClose

SetFilePointer

WriteFile

GetPrivateProfileStringA

WritePrivateProfileStringA

MultiByteToWideChar

LoadLibraryExA

FreeLibrary

user32

EndDialog

ScreenToClient

GetWindowRect

RegisterClassA

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

GetSysColor

GetWindowLongA

SetCursor

LoadCursorA

CheckDlgButton

GetAsyncKeyState

IsDlgButtonChecked

GetMessagePos

LoadBitmapA

CallWindowProcA

IsWindowVisible

CloseClipboard

CreateWindowExA

SystemParametersInfoA

GetDlgItem

TrackPopupMenu

AppendMenuA

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

wvsprintfA

DispatchMessageA

PeekMessageA

LoadImageA

GetDC

ReleaseDC

EnableWindow

InvalidateRect

SendMessageA

DefWindowProcA

BeginPaint

GetClientRect

GetClassInfoA

DialogBoxParamA

CharNextA

ExitWindowsEx

DestroyWindow

CreateDialogParamA

SetWindowTextA

PostQuitMessage

SetForegroundWindow

ShowWindow

SetWindowLongA

SendMessageTimeoutA

FindWindowExA

IsWindow

EmptyClipboard

SetClipboardData

OpenClipboard

FillRect

DrawTextA

EndPaint

wsprintfA

SetTimer

gdi32

SelectObject

SetBkMode

CreateFontIndirectA

SetTextColor

DeleteObject

GetDeviceCaps

CreateBrushIndirect

SetBkColor

shell32

SHGetSpecialFolderLocation

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

advapi32

RegCloseKey

RegOpenKeyExA

RegDeleteKeyA

RegDeleteValueA

RegEnumValueA

RegCreateKeyExA

RegSetValueExA

RegQueryValueExA

RegEnumKeyA

comctl32

ImageList_Create

ord17

ImageList_Destroy

ImageList_AddMasked

ole32

CoCreateInstance

CoTaskMemFree

OleInitialize

OleUninitialize

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$APPDATA/TXWiFiDriver/txwifinat.cat

$APPDATA/TXWiFiDriver/txwifinat.inf

$APPDATA/TXWiFiDriver/txwifinat.sys

.sys windows:6 windows x86 arch:x86

9bc1d8461f27c53a6d4358429ee741b6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

8e:93:f5:59:85:50:9e:33:27:53:f5:f2:6d:26:45:b2:8d:c0:48:51
Signer

Actual PE Digest

8e:93:f5:59:85:50:9e:33:27:53:f5:f2:6d:26:45:b2:8d:c0:48:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\wxz\work\txwifinat\filter\objfre_win7_x86\i386\txwifinat.pdb

Imports

ntoskrnl.exe

RtlUnwind

KeBugCheckEx

IofCompleteRequest

RtlInitUnicodeString

_wcsnicmp

memcpy

MmProbeAndLockPages

MmMapLockedPagesSpecifyCache

memset

ExAllocatePoolWithTag

KeQueryTimeIncrement

KeTickCount

_allmul

_alldiv

KefAcquireSpinLockAtDpcLevel

KefReleaseSpinLockFromDpcLevel

MmUnlockPages

ExFreePoolWithTag

DbgPrint

hal

KfAcquireSpinLock

KfReleaseSpinLock

KeQueryPerformanceCounter

ndis.sys

NdisGetDeviceReservedExtension

NdisFRestartFilter

NdisDeregisterDeviceEx

NdisFRegisterFilterDriver

NdisAllocateNetBufferListPool

NdisFIndicateReceiveNetBufferLists

NdisFSendNetBufferLists

NdisRegisterDeviceEx

NdisAllocateNetBufferList

NdisFreeCloneOidRequest

NdisFOidRequestComplete

NdisAllocateMemoryWithTagPriority

NdisFSetAttributes

NdisSetEvent

NdisFOidRequest

NdisFCancelSendNetBufferLists

NdisAllocateCloneOidRequest

NdisFreeNetBufferListPool

NdisCloseConfiguration

NdisOpenConfigurationEx

NdisFreeMemory

NdisMSleep

NdisFDeregisterFilterDriver

NdisFReturnNetBufferLists

NdisFCancelOidRequest

NdisFIndicateStatus

NdisFDevicePnPEventNotify

NdisFNetPnPEvent

NdisFSendNetBufferListsComplete

NdisFreeNetBufferList

netio.sys

GetUnicastIpAddressTable

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$APPDATA/TXWiFiDriver/txwifinat64.cat

$APPDATA/TXWiFiDriver/txwifinat64.inf

$APPDATA/TXWiFiDriver/txwifinat64.sys

.sys windows:6 windows x64 arch:x64

a3649674a7db7cef2246dfebe8d702a0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

6c:85:d5:9d:34:b2:95:17:f2:e8:d6:52:cc:97:1a:5b:ec:3f:aa:ac
Signer

Actual PE Digest

6c:85:d5:9d:34:b2:95:17:f2:e8:d6:52:cc:97:1a:5b:ec:3f:aa:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

e:\wxz\work\txwifinat\filter\objfre_win7_amd64\amd64\txwifinat.pdb

Imports

ntoskrnl.exe

KeBugCheckEx

IofCompleteRequest

MmMapLockedPagesSpecifyCache

MmProbeAndLockPages

ExAllocatePoolWithTag

KeQueryTimeIncrement

MmUnlockPages

ExFreePoolWithTag

KeReleaseSpinLock

KeReleaseSpinLockFromDpcLevel

KeAcquireSpinLockRaiseToDpc

KeAcquireSpinLockAtDpcLevel

_wcsnicmp

RtlInitUnicodeString

DbgPrint

__C_specific_handler

hal

KeQueryPerformanceCounter

ndis.sys

NdisFRestartFilter

NdisDeregisterDeviceEx

NdisGetDeviceReservedExtension

NdisRegisterDeviceEx

NdisAllocateNetBufferList

NdisFreeNetBufferList

NdisFCancelSendNetBufferLists

NdisFIndicateReceiveNetBufferLists

NdisFReturnNetBufferLists

NdisFSendNetBufferLists

NdisSetEvent

NdisFreeNetBufferListPool

NdisFRegisterFilterDriver

NdisFDeregisterFilterDriver

NdisAllocateNetBufferListPool

NdisAllocateMemoryWithTagPriority

NdisFSetAttributes

NdisFreeMemory

NdisOpenConfigurationEx

NdisCloseConfiguration

NdisMSleep

NdisFNetPnPEvent

NdisAllocateCloneOidRequest

NdisFOidRequest

NdisFCancelOidRequest

NdisFreeCloneOidRequest

NdisFOidRequestComplete

NdisFIndicateStatus

NdisFDevicePnPEventNotify

NdisFSendNetBufferListsComplete

netio.sys

GetUnicastIpAddressTable

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/Internet.dll

.dll windows:4 windows x86 arch:x86

04281f88c3d826e409dc7c24629e7efc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

b5:d7:47:6d:96:a2:cd:64:ec:99:b4:8e:78:d0:1c:ae:60:58:f7:06
Signer

Actual PE Digest

b5:d7:47:6d:96:a2:cd:64:ec:99:b4:8e:78:d0:1c:ae:60:58:f7:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc

GetProcessHeap

GlobalFree

user32

wsprintfA

wsock32

inet_addr

gethostname

gethostbyname

WSACleanup

WSAStartup

wininet

InternetOpenA

InternetConnectA

InternetCloseHandle

HttpOpenRequestA

HttpSendRequestA

HttpQueryInfoA

Exports

GetLocalHostIP

GetLocalHostName

GetUrlCode

Ver

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ShadowInner.png

.png

$PLUGINSDIR/ShadowOuter.png

.png

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

c1:05:a2:41:b1:fc:97:f9:9a:ee:96:87:bb:8d:3a:0f:d4:67:07:34
Signer

Actual PE Digest

c1:05:a2:41:b1:fc:97:f9:9a:ee:96:87:bb:8d:3a:0f:d4:67:07:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar

GlobalFree

GlobalSize

lstrcpynA

lstrcpyA

GetProcAddress

VirtualFree

FreeLibrary

lstrlenA

LoadLibraryA

GetModuleHandleA

GlobalAlloc

WideCharToMultiByte

VirtualAlloc

VirtualProtect

GetLastError

user32

wsprintfA

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/TXSetupPlugin.dll

.dll windows:5 windows x86 arch:x86

c58fa083a96165c107c65c9e6486b1ce

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0b:e1:dd:ac:00:14:bc:8f:ae:6a:22:02:5c:bd:b0:a6:84:50:e2:17
Signer

Actual PE Digest

0b:e1:dd:ac:00:14:bc:8f:ae:6a:22:02:5c:bd:b0:a6:84:50:e2:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\SVNWork\NSIS\NSIS\TxNsisPlugins\bin\Release\TXSetupPlugin\TXSetupPlugin.pdb

Imports

kernel32

GetFileSize

Process32First

WaitForSingleObject

OpenProcess

CreateProcessA

TerminateProcess

ReadFile

MultiByteToWideChar

GetProcAddress

Process32Next

GetModuleHandleA

CreateToolhelp32Snapshot

CloseHandle

SetHandleCount

HeapSize

Sleep

GlobalAlloc

lstrcpynA

lstrcpyA

GlobalFree

lstrlenA

CreateFileA

FlushFileBuffers

CreateFileW

WriteConsoleW

SetStdHandle

GetStringTypeW

LCMapStringW

GetConsoleMode

GetConsoleCP

SetFilePointer

RtlUnwind

LoadLibraryW

EnterCriticalSection

LeaveCriticalSection

GetSystemTimeAsFileTime

GetCurrentProcessId

GetTickCount

OutputDebugStringW

ExitProcess

WideCharToMultiByte

InterlockedDecrement

LocalFree

OutputDebugStringA

GetLastError

lstrcmpW

GetModuleFileNameW

FormatMessageA

QueryPerformanceCounter

GetEnvironmentStringsW

FreeEnvironmentStringsW

GetModuleFileNameA

DeleteCriticalSection

GetStartupInfoW

GetFileType

IsProcessorFeaturePresent

RaiseException

SetLastError

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

HeapFree

HeapAlloc

HeapReAlloc

EncodePointer

DecodePointer

GetCurrentThreadId

GetCommandLineA

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

HeapCreate

HeapDestroy

GetModuleHandleW

WriteFile

GetStdHandle

GetCPInfo

InterlockedIncrement

GetACP

GetOEMCP

IsValidCodePage

InitializeCriticalSectionAndSpinCount

user32

wsprintfW

LoadCursorA

FindWindowA

wsprintfA

CallWindowProcA

UpdateWindow

DestroyWindow

GetParent

MoveWindow

EndPaint

SetTimer

GetWindowRect

RegisterClassExA

FillRect

KillTimer

FindWindowExA

GetClientRect

SendMessageA

RegisterWindowMessageA

BeginPaint

GetDC

SetWindowLongA

InvalidateRect

GetWindowLongA

CreateWindowExA

ReleaseDC

GetDlgItem

DefWindowProcA

SetWindowPos

GetCursorPos

ShowWindow

IsWindow

PostMessageA

gdi32

CreateSolidBrush

BitBlt

DeleteDC

CreateDIBSection

DeleteObject

SelectObject

CreateCompatibleDC

CreatePatternBrush

ole32

CLSIDFromProgID

CoInitializeSecurity

CoInitialize

CoUninitialize

CoInitializeEx

CoCreateInstance

oleaut32

SysFreeString

VariantInit

SysAllocString

VariantClear

msimg32

AlphaBlend

Exports

ExitSetup

NSIS_AddFwException

NSIS_CreateLogonTaskSchedule

NSIS_DeleteTaskSchedule

NSIS_Exec

NSIS_ExecWait

NSIS_HookProcessBar

NSIS_InvalideProgressBar

NSIS_OutputDebug

NSIS_ProcessesExist

NSIS_SetBanners

NSIS_SetCompleteBg

NSIS_SetMessageboxBg

NSIS_SetShadows

NSIS_SetWelcomeBg

NSIS_SetWndBkGround

NSIS_ShowInnerShadow

NSIS_ShowMainWindow

NSIS_StopBanner

NSIS_StopWiFiProcess

NSIS_TerminateProcesses

ShowLittleBK

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/TXUninstallPlugin.dll

.dll windows:5 windows x86 arch:x86

907e73a33543b22bee42e85d53cc9903

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

02:2a:7b:86:d9:24:c0:cd:84:be:07:07:b8:0f:60:6f:a1:03:4a:4a
Signer

Actual PE Digest

02:2a:7b:86:d9:24:c0:cd:84:be:07:07:b8:0f:60:6f:a1:03:4a:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\SVNWork\NSIS\NSIS\TxNsisPlugins\bin\Debug\TXUninstallPlugin\TXUninstallPlugin.pdb

Imports

kernel32

GetCurrentProcessId

GlobalMemoryStatus

CloseHandle

FreeLibrary

LoadLibraryA

FlushConsoleInputBuffer

QueryPerformanceCounter

InitializeCriticalSectionAndSpinCount

OutputDebugStringW

OpenEventA

SetEvent

LocalFileTimeToFileTime

FileTimeToLocalFileTime

FileTimeToSystemTime

GetTickCount

GetStdHandle

GetFileType

GetVersion

GetModuleHandleA

GetProcAddress

GetCurrentThreadId

lstrcmpiA

GetLastError

FindResourceExW

lstrlenA

LoadResource

LockResource

SizeofResource

FindResourceW

MultiByteToWideChar

WideCharToMultiByte

GetModuleHandleW

VirtualQuery

GetModuleFileNameW

GetProcessHeap

HeapAlloc

HeapFree

IsProcessorFeaturePresent

GetSystemTimeAsFileTime

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

LoadLibraryW

RaiseException

IsDebuggerPresent

InterlockedCompareExchange

Sleep

InterlockedExchange

DecodePointer

EncodePointer

EnterCriticalSection

LeaveCriticalSection

HeapReAlloc

HeapSize

HeapDestroy

VirtualAlloc

UnmapViewOfFile

GetSystemInfo

MapViewOfFile

CreateFileMappingA

GetCurrentThread

OpenFileMappingA

InterlockedIncrement

InterlockedDecrement

GlobalFree

lstrcpyA

lstrcpynA

GlobalAlloc

GetPrivateProfileStringA

GetVersionExA

OutputDebugStringA

DeleteCriticalSection

user32

SetWindowLongA

GetWindowLongA

GetUserObjectInformationW

GetProcessWindowStation

GetDesktopWindow

MessageBoxA

wsprintfA

gdi32

CreateCompatibleDC

GetDeviceCaps

CreateCompatibleBitmap

SelectObject

GetObjectA

BitBlt

GetBitmapBits

DeleteObject

DeleteDC

CreateDCA

advapi32

RegQueryValueExA

RevertToSelf

SetThreadToken

RegisterEventSourceA

ReportEventA

DeregisterEventSource

RegOpenKeyExA

OpenThreadToken

RegCloseKey

msvcr100d

_CRT_RTC_INITW

_malloc_dbg

_free_dbg

_encoded_null

_CrtSetCheckCount

_initterm

_initterm_e

_amsg_exit

__CppXcptFilter

_except_handler4_common

_getch

?terminate@@YAXXZ

?_type_info_dtor_internal_method@type_info@@QAEXXZ

__clean_type_info_names_internal

_unlock

__dllonexit

_lock

_onexit

_wmakepath_s

wcscpy_s

_wsplitpath_s

signal

fputs

strstr

_gmtime64

_stricmp

strrchr

strncmp

isupper

vsprintf_s

atoi

fprintf

strtol

isxdigit

_strnicmp

_wfopen

calloc

_errno

fgets

fseek

feof

ftell

_fileno

_setmode

fopen

fread

ferror

isalnum

isspace

isdigit

strcmp

_time64

_localtime64

qsort

strchr

strerror

raise

_exit

__iob_func

vfprintf

_vsnprintf

wcsstr

getenv

sscanf

strtoul

malloc

realloc

strncpy

strcpy_s

_vscprintf

_recalloc

_crt_debugger_hook

_CrtDbgReport

_snprintf_s

_gmtime64_s

_mktime64

memmove_s

memchr

memcmp

_localtime64_s

strftime

_snprintf

??_U@YAPAXI@Z

??_V@YAXPAX@Z

sprintf

toupper

??1exception@std@@UAE@XZ

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABQBD@Z

??2@YAPAXI@Z

??0exception@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@PBD@Z

free

_CrtDbgReportW

_invalid_parameter

_CxxThrowException

fclose

memset

strlen

memmove

??3@YAXPAX@Z

fflush

setvbuf

fsetpos

_fseeki64

fgetpos

fgetc

memcpy_s

ungetc

fputc

fwrite

_unlock_file

_lock_file

memcpy

__CxxFrameHandler3

strcpy

wcscpy

_vsnprintf_s

_vsnwprintf_s

_snwprintf_s

wcsncpy_s

_wcsicmp

tolower

wcslen

msvcp100d

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ

??2@YAPAXIABU_DebugHeapTag_t@std@@PADH@Z

??3@YAXPAXABU_DebugHeapTag_t@std@@PADH@Z

?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?id@?$codecvt@DDH@std@@2V0locale@2@A

??Bid@locale@std@@QAEIXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Incref@facet@locale@std@@QAEXXZ

?_Xout_of_range@std@@YAXPBD@Z

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?always_noconv@codecvt_base@std@@QBE_NXZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z

?_Decref@facet@locale@std@@QAEPAV123@XZ

?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Orphan_all@_Container_base12@std@@QAEXXZ

??0_Container_base12@std@@QAE@XZ

??1_Container_base12@std@@QAE@XZ

?_Xlength_error@std@@YAXPBD@Z

?_Debug_message@std@@YAXPB_W0I@Z

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

?_BADOFF@std@@3_JB

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??7ios_base@std@@QBE_NXZ

?eof@ios_base@std@@QBE_NXZ

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QBE_JXZ

wininet

InternetOpenUrlA

InternetOpenA

InternetReadFile

InternetCloseHandle

setupapi

SetupDiBuildDriverInfoList

SetupDiEnumDriverInfoA

SetupDiDestroyDriverInfoList

CM_Locate_DevNodeA

CM_Reenumerate_DevNode

SetupDiRemoveDevice

SetupDiSetClassInstallParamsA

SetupDiChangeState

SetupDiGetDeviceInstallParamsA

CM_Get_DevNode_Status

SetupDiOpenDevRegKey

SetupDiGetClassDevsA

SetupDiEnumDeviceInfo

SetupDiGetDeviceRegistryPropertyA

SetupDiDestroyDeviceInfoList

SetupDiGetDeviceInstanceIdA

rpcrt4

UuidToStringA

RpcStringFreeA

Exports

NSIS_PutUninstallInfomation

NSIS_SetTextMultiline

Sections

.textbss
Size: - Virtual size: 409KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.text
Size: 874KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/TXWindowPlugin.dll

.dll windows:5 windows x86 arch:x86

7c8086fff409b5fc031ff3ee62b1aed6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7f:8d:af:b6:c5:c0:7c:2c:8e:36:66:9b:64:5d:3e:23:db:c6:47:ac
Signer

Actual PE Digest

7f:8d:af:b6:c5:c0:7c:2c:8e:36:66:9b:64:5d:3e:23:db:c6:47:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\SVNWork\NSIS\NSIS\TxNsisPlugins\bin\Release\TXWindowPlugin\TXWindowPlugin.pdb

Imports

kernel32

lstrcpynA

lstrcpyA

GlobalFree

GlobalAlloc

IsProcessorFeaturePresent

CloseHandle

OutputDebugStringA

DeleteCriticalSection

EnterCriticalSection

ReadFile

LeaveCriticalSection

GetFileSize

InitializeCriticalSection

CreateFileA

GetStringTypeW

MultiByteToWideChar

GetLastError

HeapFree

HeapAlloc

HeapReAlloc

EncodePointer

DecodePointer

GetCurrentThreadId

GetCommandLineA

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

HeapCreate

HeapDestroy

GetProcAddress

GetModuleHandleW

ExitProcess

WriteFile

GetStdHandle

GetModuleFileNameW

Sleep

HeapSize

RaiseException

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

InterlockedDecrement

SetHandleCount

InitializeCriticalSectionAndSpinCount

GetFileType

GetStartupInfoW

GetModuleFileNameA

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

LoadLibraryW

RtlUnwind

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

LCMapStringW

user32

EndPaint

GetClientRect

BeginPaint

SetWindowLongA

InvalidateRect

GetWindowLongA

UpdateWindow

CallWindowProcA

wsprintfA

gdi32

CreateDIBSection

StretchBlt

SetBkMode

DeleteObject

SelectObject

CreateCompatibleDC

GetStockObject

DeleteDC

comctl32

_TrackMouseEvent

msimg32

AlphaBlend

Exports

NSIS_EnableButton

SetBtnImage

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/WelcomeLittle.png

.png

$PLUGINSDIR/WndProc.dll

.dll windows:4 windows x86 arch:x86

b3f659d7637a91b4fec12ff9b930080d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

a9:9d:b6:e5:08:a8:cb:aa:43:d9:d3:22:ec:e1:ab:0f:b3:ee:0f:b5
Signer

Actual PE Digest

a9:9d:b6:e5:08:a8:cb:aa:43:d9:d3:22:ec:e1:ab:0f:b3:ee:0f:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalFree

lstrcpyA

GlobalAlloc

user32

CallWindowProcA

SetWindowLongA

GetPropA

SetPropA

wsprintfA

Exports

onCallback

Sections

.text
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/banner_gift.png

.png

$PLUGINSDIR/banner_movie.png

.png

$PLUGINSDIR/banner_setting.png

.png

$PLUGINSDIR/banner_wifi.png

.png

$PLUGINSDIR/bg.png

.png

$PLUGINSDIR/bg_complete.png

.png

$PLUGINSDIR/bg_install.png

.png

$PLUGINSDIR/bg_messagebox.png

.png

$PLUGINSDIR/btn_agreement.png

.png

$PLUGINSDIR/btn_autoRun.png

.png

$PLUGINSDIR/btn_back.png

.png

$PLUGINSDIR/btn_cancelMessagebox.png

.png

$PLUGINSDIR/btn_change.png

.png

$PLUGINSDIR/btn_close.png

.png

$PLUGINSDIR/btn_install.png

.png

$PLUGINSDIR/btn_installJuZiBrowser.png

.png

$PLUGINSDIR/btn_installQQBrowser.png

.png

$PLUGINSDIR/btn_installQQMg.png

.png

$PLUGINSDIR/btn_installnow.png

.png

$PLUGINSDIR/btn_license.png

.png

$PLUGINSDIR/btn_okMessagebox.png

.png

$PLUGINSDIR/btn_runNow.png

.png

$PLUGINSDIR/btn_selfSetup.png

.png

$PLUGINSDIR/btn_shortCut.png

.png

$PLUGINSDIR/btn_unagreement.png

.png

$PLUGINSDIR/btn_unautoRun.png

.png

$PLUGINSDIR/btn_uninstallJuZiBrowser.png

.png

$PLUGINSDIR/btn_uninstallQQBrowser.png

.png

$PLUGINSDIR/btn_uninstallQQMg.png

.png

$PLUGINSDIR/btn_unshortCut.png

.png

$PLUGINSDIR/inetc.dll

.dll windows:5 windows x86 arch:x86

11e54c9c10472c590f8236478ce9f7ef

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

cc:1a:c5:d8:21:57:3a:dd:a3:12:cf:27:0a:ac:63:01:47:c7:b4:0a
Signer

Actual PE Digest

cc:1a:c5:d8:21:57:3a:dd:a3:12:cf:27:0a:ac:63:01:47:c7:b4:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

wininet

InternetOpenA

InternetCrackUrlA

InternetConnectA

HttpEndRequestA

HttpAddRequestHeadersA

HttpOpenRequestA

InternetErrorDlg

InternetCloseHandle

InternetQueryOptionA

InternetSetOptionA

InternetSetFilePointer

InternetGetLastResponseInfoA

FtpOpenFileA

FtpCreateDirectoryA

HttpQueryInfoA

HttpSendRequestExA

HttpSendRequestA

InternetWriteFile

InternetReadFile

comctl32

ord17

kernel32

GlobalAlloc

GlobalFree

CreateThread

WaitForSingleObject

TerminateThread

WideCharToMultiByte

GetModuleHandleA

lstrcpyA

LoadLibraryA

GetProcAddress

lstrcmpiA

CreateFileA

GetFileSize

lstrcatA

GetTickCount

SetFilePointer

SleepEx

LocalAlloc

MulDiv

lstrlenA

WriteFile

ReadFile

lstrcmpA

lstrcpynA

GetLastError

LocalFree

DeleteFileA

CloseHandle

user32

SetWindowPos

SystemParametersInfoA

GetClientRect

GetWindowRect

SetTimer

LoadIconA

UpdateWindow

DestroyWindow

KillTimer

RedrawWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

IsWindowVisible

EnableWindow

CreateDialogParamA

FindWindowExA

SetDlgItemTextA

wsprintfA

IsWindow

MessageBoxA

GetParent

ShowWindow

SetWindowLongA

GetWindowLongA

SetWindowTextA

SendDlgItemMessageA

GetDlgItem

PostMessageA

GetWindowTextA

SendMessageA

Exports

get

head

post

put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsDialogs.dll

.dll windows:4 windows x86 arch:x86

38e7b5c3ee58b43a91f9679e94aabd09

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

89:cb:42:51:4d:3f:b4:47:d0:a7:ae:cf:35:89:fa:8d:31:0f:33:06
Signer

Actual PE Digest

89:cb:42:51:4d:3f:b4:47:d0:a7:ae:cf:35:89:fa:8d:31:0f:33:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA

lstrcpyA

MulDiv

lstrlenA

HeapFree

GetCurrentDirectoryA

lstrcmpiA

GetProcessHeap

HeapReAlloc

GlobalFree

lstrcpynA

GlobalAlloc

SetCurrentDirectoryA

HeapAlloc

user32

DestroyWindow

CallWindowProcA

SetCursor

GetPropA

CharPrevA

MapWindowPoints

DrawFocusRect

GetWindowLongA

GetClientRect

GetWindowTextA

GetDlgItem

SetWindowLongA

SetWindowPos

CreateDialogParamA

MapDialogRect

GetWindowRect

SetPropA

CreateWindowExA

IsWindow

SetTimer

KillTimer

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

ShowWindow

wsprintfA

CharNextA

SendMessageA

LoadCursorA

RemovePropA

DrawTextA

gdi32

SetTextColor

shell32

SHBrowseForFolderA

SHGetPathFromIDListA

comdlg32

GetSaveFileNameA

GetOpenFileNameA

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Create

CreateControl

CreateItem

CreateTimer

GetUserData

KillTimer

OnBack

OnChange

OnClick

OnNotify

SelectFileDialog

SelectFolderDialog

SetRTL

SetUserData

Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsExec.dll

.dll windows:4 windows x86 arch:x86

6b7d154c806f1e47db325229c300c6df

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

fe:bc:7c:a3:b1:f1:92:8c:d2:52:a6:c2:78:e9:40:86:fe:0b:cc:e5
Signer

Actual PE Digest

fe:bc:7c:a3:b1:f1:92:8c:d2:52:a6:c2:78:e9:40:86:fe:0b:cc:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

lstrlenA

GetExitCodeProcess

WaitForSingleObject

Sleep

TerminateProcess

GlobalReAlloc

GlobalUnlock

GlobalSize

lstrcpynA

ReadFile

PeekNamedPipe

GetTickCount

lstrcpyA

CreateProcessA

GetStartupInfoA

GetProcAddress

GlobalLock

DeleteFileA

lstrcmpiA

GetCurrentProcess

CloseHandle

UnmapViewOfFile

MapViewOfFile

CreateFileMappingA

CreateFileA

CopyFileA

GetTempFileNameA

GlobalFree

GlobalAlloc

GetModuleFileNameA

ExitProcess

GetCommandLineA

CreatePipe

GetVersionExA

lstrcatA

user32

SendMessageA

OemToCharBuffA

FindWindowExA

CharNextA

wsprintfA

CharPrevA

advapi32

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

Exports

Exec

ExecToLog

ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsWindows.dll

.dll windows:4 windows x86 arch:x86

8baa37b4b9803e205026a5e2d38eebac

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

d1:c9:df:fb:d4:79:f4:61:33:2b:34:6b:cd:6a:90:4e:a5:fc:89:9e
Signer

Actual PE Digest

d1:c9:df:fb:d4:79:f4:61:33:2b:34:6b:cd:6a:90:4e:a5:fc:89:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA

lstrcmpiA

MulDiv

lstrlenA

HeapAlloc

lstrcpyA

HeapFree

HeapReAlloc

GlobalFree

lstrcpynA

GlobalAlloc

GetCurrentDirectoryA

GetProcessHeap

SetCurrentDirectoryA

user32

IsIconic

GetDlgItem

RemovePropA

DestroyWindow

DrawFocusRect

GetWindowLongA

DrawTextA

ShowWindow

CallWindowProcA

SetCursor

LoadCursorA

SetWindowPos

MapWindowPoints

CreateWindowExA

RegisterClassA

LoadIconA

GetWindowRect

IsWindow

SetWindowLongA

SetPropA

SetTimer

KillTimer

SetLayeredWindowAttributes

DispatchMessageA

TranslateMessage

IsDialogMessageA

GetMessageA

wsprintfA

SetForegroundWindow

GetPropA

CharPrevA

MapDialogRect

GetClientRect

CharNextA

SendMessageA

GetWindowTextA

gdi32

SetTextColor

GetStockObject

shell32

DragQueryFileA

DragAcceptFiles

SHGetPathFromIDListA

SHBrowseForFolderA

comdlg32

GetSaveFileNameA

GetOpenFileNameA

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Create

CreateControl

CreateItem

CreateTimer

GetUserData

KillTimer

OnBack

OnChange

OnClick

OnNotify

SelectFileDialog

SelectFolderDialog

SetRTL

SetTransparent

SetUserData

Show

onDropFiles

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Bmbt.dll

.dll windows:5 windows x86 arch:x86

1692b6552bb2d66f3a7fcbf4a1eebe2a

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

fd:bd:24:61:6b:4e:d2:16:1f:f6:90:d4:23:a6:7f:97:8a:23:13:b3
Signer

Actual PE Digest

fd:bd:24:61:6b:4e:d2:16:1f:f6:90:d4:23:a6:7f:97:8a:23:13:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\tongxiang\Update_1.0.3\Temp\Link\Bmbt\Release\Bmbt.pdb

Imports

kernel32

MultiByteToWideChar

TlsFree

TlsGetValue

InterlockedIncrement

LeaveCriticalSection

EnterCriticalSection

DeleteCriticalSection

CreateFileA

CreateMutexW

SetWaitableTimer

GetQueuedCompletionStatus

GetCommState

InterlockedDecrement

WaitForSingleObject

InterlockedCompareExchange

SetEvent

SleepEx

WriteFile

SetCommState

SetCommTimeouts

TlsSetValue

TerminateThread

InitializeCriticalSectionAndSpinCount

Sleep

GetSystemTimeAsFileTime

ReadFile

GetOverlappedResult

InterlockedExchange

GetLastError

SetLastError

GetProcAddress

QueueUserAPC

RegisterWaitForSingleObject

InterlockedExchangeAdd

CreateEventW

PostQueuedCompletionStatus

WaitForMultipleObjects

CreateIoCompletionPort

GetModuleHandleA

CancelIo

CreateWaitableTimerW

GetCurrentThreadId

ReleaseMutex

TlsAlloc

CloseHandle

GetCurrentProcessId

UnregisterWaitEx

FindFirstFileW

SetEndOfFile

GetCurrentProcess

SetFilePointerEx

CreateDirectoryW

GetCompressedFileSizeW

WriteFileGather

CopyFileW

ReadFileScatter

CreateFileW

GetFileSizeEx

GetDiskFreeSpaceW

FindClose

LoadLibraryA

RemoveDirectoryW

DeviceIoControl

FindNextFileW

GetFileAttributesExW

DeleteFileW

QueryPerformanceCounter

QueryPerformanceFrequency

ReleaseSemaphore

CreateSemaphoreW

GetVersionExW

ResetEvent

GlobalMemoryStatusEx

GetSystemInfo

VirtualUnlock

VirtualLock

FreeLibrary

CreateEventA

OpenEventA

GetProcessHeap

HeapFree

GetTickCount

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

DecodePointer

EncodePointer

FormatMessageA

LocalFree

IsProcessorFeaturePresent

msvcp100

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Decref@facet@locale@std@@QAEPAV123@XZ

??1_Container_base12@std@@QAE@XZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z

??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@

?_BADOFF@std@@3_JB

?uncaught_exception@std@@YA_NXZ

?classic@locale@std@@SAABV12@XZ

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

ws2_32

htons

WSAIoctl

socket

getpeername

ioctlsocket

WSAStringToAddressA

gethostname

connect

WSAStartup

ntohl

inet_addr

htonl

getaddrinfo

WSARecv

WSARecvFrom

ntohs

getsockname

shutdown

setsockopt

WSACleanup

bind

freeaddrinfo

__WSAFDIsSet

WSASetLastError

closesocket

getsockopt

listen

WSAAddressToStringA

getnameinfo

accept

WSASendTo

WSASocketW

WSASend

select

WSAGetLastError

mswsock

GetAcceptExSockaddrs

AcceptEx

msvcr100

mbtowc

_setjmp3

memset

??0exception@std@@QAE@ABQBDH@Z

__clean_type_info_names_internal

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_except_handler4_common

_crt_debugger_hook

?terminate@@YAXXZ

__CppXcptFilter

_amsg_exit

_initterm_e

_initterm

_encoded_null

_malloc_crt

_onexit

_lock

__dllonexit

_unlock

strerror

?what@exception@std@@UBEPBDXZ

??1exception@std@@UAE@XZ

__CxxFrameHandler3

??0exception@std@@QAE@ABV01@@Z

??8type_info@@QBE_NABV0@@Z

memmove

??_V@YAXPAX@Z

??3@YAXPAX@Z

??2@YAPAXI@Z

??0exception@std@@QAE@XZ

strchr

memchr

wcsrchr

rand

_vsnprintf

_purecall

strrchr

_time64

free

malloc

realloc

?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z

swprintf_s

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@PBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

_gmtime64

signal

_beginthreadex

_wgetcwd

_errno

_wrename

wctomb

toupper

??0exception@std@@QAE@ABQBD@Z

atoi

_strtoi64

abort

_aligned_free

_aligned_malloc

atol

strtol

strncpy

wcstombs

atof

sscanf

srand

longjmp

memcpy

_CxxThrowException

Exports

??0?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@QAE@XZ

??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z

??0address@ip@asio@boost@@QAE@ABV0123@@Z

??0address@ip@asio@boost@@QAE@ABVaddress_v4@123@@Z

??0address@ip@asio@boost@@QAE@ABVaddress_v6@123@@Z

??0address@ip@asio@boost@@QAE@XZ

??0address_v4@ip@asio@boost@@QAE@ABV?$array@E$03@tr1@std@@@Z

??0address_v4@ip@asio@boost@@QAE@K@Z

??0address_v6@ip@asio@boost@@QAE@ABV0123@@Z

??0address_v6@ip@asio@boost@@QAE@ABV?$array@E$0BA@@tr1@std@@K@Z

??0address_v6@ip@asio@boost@@QAE@XZ

??0character_size@serial_port_base@asio@boost@@QAE@I@Z

??0endpoint@detail@generic@asio@boost@@QAE@PBXIH@Z

??0endpoint@detail@generic@asio@boost@@QAE@XZ

??0endpoint@detail@ip@asio@boost@@QAE@ABVaddress@234@G@Z

??0endpoint@detail@ip@asio@boost@@QAE@HG@Z

??0endpoint@detail@ip@asio@boost@@QAE@XZ

??0flow_control@serial_port_base@asio@boost@@QAE@W4type@0123@@Z

??0invalid_service_owner@asio@boost@@QAE@XZ

??0io_service@asio@boost@@QAE@I@Z

??0io_service@asio@boost@@QAE@XZ

??0parity@serial_port_base@asio@boost@@QAE@W4type@0123@@Z

??0resolver_service_base@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0select_reactor@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0service@io_service@asio@boost@@IAE@AAV123@@Z

??0service_already_exists@asio@boost@@QAE@XZ

??0signal_set_service@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0socket_select_interrupter@detail@asio@boost@@QAE@XZ

??0stop_bits@serial_port_base@asio@boost@@QAE@W4type@0123@@Z

??0strand_service@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0timer_queue_set@detail@asio@boost@@QAE@XZ

??0win_event@detail@asio@boost@@QAE@XZ

??0win_iocp_handle_service@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0win_iocp_io_service@detail@asio@boost@@QAE@AAVio_service@23@I@Z

??0win_iocp_serial_port_service@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0win_iocp_socket_service_base@detail@asio@boost@@QAE@AAVio_service@23@@Z

??0win_mutex@detail@asio@boost@@QAE@XZ

??0win_object_handle_service@detail@asio@boost@@QAE@AAVio_service@23@@Z

??1?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UAE@XZ

??1io_service@asio@boost@@QAE@XZ

??1resolver_service_base@detail@asio@boost@@QAE@XZ

??1select_reactor@detail@asio@boost@@UAE@XZ

??1service@io_service@asio@boost@@MAE@XZ

??1service_registry@detail@asio@boost@@QAE@XZ

??1signal_set_service@detail@asio@boost@@QAE@XZ

??1socket_select_interrupter@detail@asio@boost@@QAE@XZ

??1win_thread@detail@asio@boost@@QAE@XZ

??4_Init_locks@std@@QAEAAV01@ABV01@@Z

??4address@ip@asio@boost@@QAEAAV0123@ABV0123@@Z

??4address@ip@asio@boost@@QAEAAV0123@ABVaddress_v4@123@@Z

??4address@ip@asio@boost@@QAEAAV0123@ABVaddress_v6@123@@Z

??4address_v6@ip@asio@boost@@QAEAAV0123@ABV0123@@Z

??8detail@generic@asio@boost@@YA_NABVendpoint@0123@0@Z

??8detail@ip@asio@boost@@YA_NABVendpoint@0123@0@Z

??8ip@asio@boost@@YA_NABVaddress@012@0@Z

??8ip@asio@boost@@YA_NABVaddress_v6@012@0@Z

??Mdetail@generic@asio@boost@@YA_NABVendpoint@0123@0@Z

??Mdetail@ip@asio@boost@@YA_NABVendpoint@0123@0@Z

??Mip@asio@boost@@YA_NABVaddress@012@0@Z

??Mip@asio@boost@@YA_NABVaddress_v6@012@0@Z

??_Fcharacter_size@serial_port_base@asio@boost@@QAEXXZ

??_Fflow_control@serial_port_base@asio@boost@@QAEXXZ

??_Fparity@serial_port_base@asio@boost@@QAEXXZ

??_Fstop_bits@serial_port_base@asio@boost@@QAEXXZ

?AddTask@Task@Bmbt@@YAPAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0ABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z

?AddTracker@Task@Bmbt@@YAXPAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?GetDownloadSpeed@Task@Bmbt@@YAHPAX@Z

?GetTaskProgress@Task@Bmbt@@YAHPAX@Z

?GetTaskState@Task@Bmbt@@YAHPAX@Z

?GetUploadSpeed@Task@Bmbt@@YAHPAX@Z

?ShutDown@Kernel@Bmbt@@YAXXZ

?StartUp@Kernel@Bmbt@@YA_N_N0FF@Z

?abandon_operations@win_iocp_io_service@detail@asio@boost@@QAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?accept@socket_ops@detail@asio@boost@@YAIIPAUsockaddr@@PAIAAVerror_code@system@4@@Z

?add@signal_set_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@HAAV564@@Z

?add_service@signal_set_service@detail@asio@boost@@CAXPAV1234@@Z

?address@endpoint@detail@ip@asio@boost@@QAEXABV0345@@Z

?address@endpoint@detail@ip@asio@boost@@QBE?AV0345@XZ

?all_empty@timer_queue_set@detail@asio@boost@@QBE_NXZ

?apc_function@detail@asio@boost@@YGXK@Z

?asio_handler_allocate@asio@boost@@YAPAXIZZ

?asio_handler_deallocate@asio@boost@@YAXPAXIZZ

?assign@win_iocp_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@ABQAXAAV564@@Z

?assign@win_object_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@ABQAXAAV564@@Z

?available@socket_ops@detail@asio@boost@@YAIIAAVerror_code@system@4@@Z

?background_getaddrinfo@socket_ops@detail@asio@boost@@YA?AVerror_code@system@4@ABV?$weak_ptr@X@tr1@std@@PBD1ABUaddrinfo@@PAPAUaddrinfo@@AAV564@@Z

?background_getnameinfo@socket_ops@detail@asio@boost@@YA?AVerror_code@system@4@ABV?$weak_ptr@X@tr1@std@@PBUsockaddr@@IPADI2IHAAV564@@Z

?base_move_assign@win_iocp_socket_service_base@detail@asio@boost@@QAEXAAUbase_implementation_type@1234@AAV1234@0@Z

?base_move_construct@win_iocp_socket_service_base@detail@asio@boost@@QAEXAAUbase_implementation_type@1234@0@Z

?bind@socket_ops@detail@asio@boost@@YAHIPBUsockaddr@@IAAVerror_code@system@4@@Z

?broadcast@address_v4@ip@asio@boost@@SA?AV1234@ABV1234@0@Z

?call_run_thread@select_reactor@detail@asio@boost@@CAXPAV1234@@Z

?cancel@resolver_service_base@detail@asio@boost@@QAEXAAV?$shared_ptr@X@tr1@std@@@Z

?cancel@signal_set_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?cancel@win_iocp_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?cancel@win_iocp_socket_service_base@detail@asio@boost@@QAE?AVerror_code@system@4@AAUbase_implementation_type@1234@AAV564@@Z

?cancel@win_object_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?cancel_ops@select_reactor@detail@asio@boost@@QAEXIAAUper_descriptor_data@1234@@Z

?cancel_ops_unlocked@select_reactor@detail@asio@boost@@AAEXIABVerror_code@system@4@@Z

?cancel_timer@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@QAEIAAVper_timer_data@?$timer_queue@Uforwarding_posix_time_traits@detail@asio@boost@@@234@AAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@I@Z

?cleanup@winsock_init_base@detail@asio@boost@@KAXAAUdata@1234@@Z

?clear@signal_set_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?close@socket_ops@detail@asio@boost@@YAHIAAE_NAAVerror_code@system@4@@Z

?close@win_iocp_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?close@win_iocp_socket_service_base@detail@asio@boost@@QAE?AVerror_code@system@4@AAUbase_implementation_type@1234@AAV564@@Z

?close@win_object_handle_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@AAV564@@Z

?close_descriptors@signal_set_service@detail@asio@boost@@CAXXZ

?close_descriptors@socket_select_interrupter@detail@asio@boost@@AAEXXZ

?close_for_destruction@win_iocp_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@@Z

?close_for_destruction@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@@Z

?complete_iocp_accept@socket_ops@detail@asio@boost@@YAXIPAXKPAUsockaddr@@PAIIAAVerror_code@system@4@@Z

?complete_iocp_recv@socket_ops@detail@asio@boost@@YAXEABV?$weak_ptr@X@tr1@std@@_NAAVerror_code@system@4@I@Z

?complete_iocp_recvfrom@socket_ops@detail@asio@boost@@YAXABV?$weak_ptr@X@tr1@std@@AAVerror_code@system@4@@Z

?complete_iocp_recvmsg@socket_ops@detail@asio@boost@@YAXABV?$weak_ptr@X@tr1@std@@AAVerror_code@system@4@@Z

?complete_iocp_send@socket_ops@detail@asio@boost@@YAXABV?$weak_ptr@X@tr1@std@@AAVerror_code@system@4@@Z

?connect@socket_ops@detail@asio@boost@@YAHIPBUsockaddr@@IAAVerror_code@system@4@@Z

?construct@resolver_service_base@detail@asio@boost@@QAEXAAV?$shared_ptr@X@tr1@std@@@Z

?construct@signal_set_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?construct@strand_service@detail@asio@boost@@QAEXAAPAVstrand_impl@1234@@Z

?construct@win_iocp_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?construct@win_iocp_socket_service_base@detail@asio@boost@@QAEXAAUbase_implementation_type@1234@@Z

?construct@win_object_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?deliver_signal@signal_set_service@detail@asio@boost@@SAXH@Z

?deregister_descriptor@select_reactor@detail@asio@boost@@QAEXIAAUper_descriptor_data@1234@_N@Z

?deregister_internal_descriptor@select_reactor@detail@asio@boost@@QAEXIAAUper_descriptor_data@1234@@Z

?destroy@resolver_service_base@detail@asio@boost@@QAEXAAV?$shared_ptr@X@tr1@std@@@Z

?destroy@service_registry@detail@asio@boost@@CAXPAVservice@io_service@34@@Z

?destroy@signal_set_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?destroy@win_iocp_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?destroy@win_iocp_socket_service_base@detail@asio@boost@@QAEXAAUbase_implementation_type@1234@@Z

?destroy@win_object_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@@Z

?do_add_service@service_registry@detail@asio@boost@@AAEXABUkey@service@io_service@34@PAV6734@@Z

?do_add_timer_queue@select_reactor@detail@asio@boost@@AAEXAAVtimer_queue_base@234@@Z

?do_add_timer_queue@win_iocp_io_service@detail@asio@boost@@AAEXAAVtimer_queue_base@234@@Z

?do_assign@win_iocp_socket_service_base@detail@asio@boost@@IAE?AVerror_code@system@4@AAUbase_implementation_type@1234@HIAAV564@@Z

?do_complete@strand_service@detail@asio@boost@@CAXPAVwin_iocp_io_service@234@PAVwin_iocp_operation@234@ABVerror_code@system@4@I@Z

?do_dispatch@strand_service@detail@asio@boost@@AAE_NAAPAVstrand_impl@1234@PAVwin_iocp_operation@234@@Z

?do_get_option@win_iocp_serial_port_service@detail@asio@boost@@ABE?AVerror_code@system@4@ABVimplementation_type@win_iocp_handle_service@234@P6A?AV564@PAXABU_DCB@@AAV564@@Z13@Z

?do_has_service@service_registry@detail@asio@boost@@ABE_NABUkey@service@io_service@34@@Z

?do_init@win_mutex@detail@asio@boost@@AAEHXZ

?do_init@win_static_mutex@detail@asio@boost@@QAEHXZ

?do_one@win_iocp_io_service@detail@asio@boost@@AAEI_NAAVerror_code@system@4@@Z

?do_open@win_iocp_socket_service_base@detail@asio@boost@@IAE?AVerror_code@system@4@AAUbase_implementation_type@1234@HHHAAV564@@Z

?do_post@strand_service@detail@asio@boost@@AAEXAAPAVstrand_impl@1234@PAVwin_iocp_operation@234@_N@Z

?do_read@win_iocp_handle_service@detail@asio@boost@@AAEIAAVimplementation_type@1234@_KABVmutable_buffer@34@AAVerror_code@system@4@@Z

?do_remove_timer_queue@select_reactor@detail@asio@boost@@AAEXAAVtimer_queue_base@234@@Z

?do_remove_timer_queue@win_iocp_io_service@detail@asio@boost@@AAEXAAVtimer_queue_base@234@@Z

?do_set_option@win_iocp_serial_port_service@detail@asio@boost@@AAE?AVerror_code@system@4@AAVimplementation_type@win_iocp_handle_service@234@P6A?AV564@PBXAAU_DCB@@AAV564@@Z13@Z

?do_throw_error@detail@asio@boost@@YAXABVerror_code@system@3@@Z

?do_throw_error@detail@asio@boost@@YAXABVerror_code@system@3@PBD@Z

?do_use_service@service_registry@detail@asio@boost@@AAEPAVservice@io_service@34@ABUkey@5634@P6APAV5634@AAV634@@Z@Z

?do_write@win_iocp_handle_service@detail@asio@boost@@AAEIAAVimplementation_type@1234@_KABVconst_buffer@34@AAVerror_code@system@4@@Z

?empty@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UBE_NXZ

?enqueue_timer@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@QAE_NABVptime@posix_time@4@AAVper_timer_data@?$timer_queue@Uforwarding_posix_time_traits@detail@asio@boost@@@234@PAVwait_op@234@@Z

?erase@timer_queue_set@detail@asio@boost@@QAEXPAVtimer_queue_base@234@@Z

?fork_service@resolver_service_base@detail@asio@boost@@QAEXW4fork_event@io_service@34@@Z

?fork_service@select_reactor@detail@asio@boost@@UAEXW4fork_event@io_service@34@@Z

?fork_service@service@io_service@asio@boost@@EAEXW4fork_event@234@@Z

?fork_service@signal_set_service@detail@asio@boost@@QAEXW4fork_event@io_service@34@@Z

?freeaddrinfo@socket_ops@detail@asio@boost@@YAXPAUaddrinfo@@@Z

?from_string@address@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?from_string@address@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?from_string@address@ip@asio@boost@@SA?AV1234@PBD@Z

?from_string@address@ip@asio@boost@@SA?AV1234@PBDAAVerror_code@system@4@@Z

?from_string@address_v4@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?from_string@address_v4@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?from_string@address_v4@ip@asio@boost@@SA?AV1234@PBD@Z

?from_string@address_v4@ip@asio@boost@@SA?AV1234@PBDAAVerror_code@system@4@@Z

?from_string@address_v6@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?from_string@address_v6@ip@asio@boost@@SA?AV1234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?from_string@address_v6@ip@asio@boost@@SA?AV1234@PBD@Z

?from_string@address_v6@ip@asio@boost@@SA?AV1234@PBDAAVerror_code@system@4@@Z

?get_all_timers@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?get_all_timers@timer_queue_set@detail@asio@boost@@QAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?get_misc_category@error@asio@boost@@YAABVerror_category@system@3@XZ

?get_reactor@win_iocp_socket_service_base@detail@asio@boost@@IAEAAVselect_reactor@234@XZ

?get_ready_timers@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?get_ready_timers@timer_queue_set@detail@asio@boost@@QAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?get_signal_state@detail@asio@boost@@YAPAUsignal_state@123@XZ

?get_timeout@select_reactor@detail@asio@boost@@AAEPAUtimeval@@AAU5@@Z

?getaddrinfo@socket_ops@detail@asio@boost@@YA?AVerror_code@system@4@PBD0ABUaddrinfo@@PAPAU7@AAV564@@Z

?gethostname@socket_ops@detail@asio@boost@@YAHPADHAAVerror_code@system@4@@Z

?getnameinfo@socket_ops@detail@asio@boost@@YA?AVerror_code@system@4@PBUsockaddr@@IPADI1IHAAV564@@Z

?getpeername@socket_ops@detail@asio@boost@@YAHIPAUsockaddr@@PAI_NAAVerror_code@system@4@@Z

?getsockname@socket_ops@detail@asio@boost@@YAHIPAUsockaddr@@PAIAAVerror_code@system@4@@Z

?getsockopt@socket_ops@detail@asio@boost@@YAHIEHHPAXPAIAAVerror_code@system@4@@Z

?host_name@ip@asio@boost@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@3@@Z

?host_name@ip@asio@boost@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?host_to_network_long@socket_ops@detail@asio@boost@@YAKK@Z

?host_to_network_short@socket_ops@detail@asio@boost@@YAGG@Z

?inet_ntop@socket_ops@detail@asio@boost@@YAPBDHPBXPADIKAAVerror_code@system@4@@Z

?inet_pton@socket_ops@detail@asio@boost@@YAHHPBDPAXPAKAAVerror_code@system@4@@Z

?init@endpoint@detail@generic@asio@boost@@AAEXPBXIH@Z

?init@win_static_mutex@detail@asio@boost@@QAEXXZ

?init_buf@socket_ops@detail@asio@boost@@YAXAAU_WSABUF@@PAXI@Z

?init_buf@socket_ops@detail@asio@boost@@YAXAAU_WSABUF@@PBXI@Z

?init_key@service_registry@detail@asio@boost@@CAXAAUkey@service@io_service@34@ABVid@734@@Z

?init_task@select_reactor@detail@asio@boost@@QAEXXZ

?insert@timer_queue_set@detail@asio@boost@@QAEXPAVtimer_queue_base@234@@Z

?interlocked_compare_exchange_pointer@win_iocp_socket_service_base@detail@asio@boost@@IAEPAXPAPAXPAX1@Z

?interlocked_exchange_pointer@win_iocp_socket_service_base@detail@asio@boost@@IAEPAXPAPAXPAX@Z

?interrupt@select_reactor@detail@asio@boost@@QAEXXZ

?interrupt@socket_select_interrupter@detail@asio@boost@@QAEXXZ

?ioctl@socket_ops@detail@asio@boost@@YAHIAAEHPAKAAVerror_code@system@4@@Z

?is_class_a@address_v4@ip@asio@boost@@QBE_NXZ

?is_class_b@address_v4@ip@asio@boost@@QBE_NXZ

?is_class_c@address_v4@ip@asio@boost@@QBE_NXZ

?is_link_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_loopback@address@ip@asio@boost@@QBE_NXZ

?is_loopback@address_v4@ip@asio@boost@@QBE_NXZ

?is_loopback@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast@address@ip@asio@boost@@QBE_NXZ

?is_multicast@address_v4@ip@asio@boost@@QBE_NXZ

?is_multicast@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast_global@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast_link_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast_node_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast_org_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_multicast_site_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_site_local@address_v6@ip@asio@boost@@QBE_NXZ

?is_unspecified@address@ip@asio@boost@@QBE_NXZ

?is_unspecified@address_v4@ip@asio@boost@@QBE_NXZ

?is_unspecified@address_v6@ip@asio@boost@@QBE_NXZ

?is_v4_compatible@address_v6@ip@asio@boost@@QBE_NXZ

?is_v4_mapped@address_v6@ip@asio@boost@@QBE_NXZ

?join@win_thread@detail@asio@boost@@QAEXXZ

?keys_match@service_registry@detail@asio@boost@@CA_NABUkey@service@io_service@34@0@Z

?listen@socket_ops@detail@asio@boost@@YAHIHAAVerror_code@system@4@@Z

?load@baud_rate@serial_port_base@asio@boost@@QAE?AVerror_code@system@4@ABU_DCB@@AAV564@@Z

?load@character_size@serial_port_base@asio@boost@@QAE?AVerror_code@system@4@ABU_DCB@@AAV564@@Z

?load@flow_control@serial_port_base@asio@boost@@QAE?AVerror_code@system@4@ABU_DCB@@AAV564@@Z

?load@parity@serial_port_base@asio@boost@@QAE?AVerror_code@system@4@ABU_DCB@@AAV564@@Z

?load@stop_bits@serial_port_base@asio@boost@@QAE?AVerror_code@system@4@ABU_DCB@@AAV564@@Z

?loopback@address_v6@ip@asio@boost@@SA?AV1234@XZ

?manual_cleanup@winsock_init_base@detail@asio@boost@@KAXAAUdata@1234@@Z

?manual_startup@winsock_init_base@detail@asio@boost@@KAXAAUdata@1234@@Z

?move_assign@win_iocp_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@AAV1234@0@Z

?move_assign@win_object_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@AAV1234@0@Z

?move_construct@win_iocp_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@0@Z

?move_construct@win_object_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@0@Z

?move_descriptor@select_reactor@detail@asio@boost@@QAEXIAAUper_descriptor_data@1234@0@Z

?netmask@address_v4@ip@asio@boost@@SA?AV1234@ABV1234@@Z

?network_to_host_long@socket_ops@detail@asio@boost@@YAKK@Z

?network_to_host_short@socket_ops@detail@asio@boost@@YAGG@Z

?non_blocking_connect@socket_ops@detail@asio@boost@@YA_NIAAVerror_code@system@4@@Z

?notify_fork@io_service@asio@boost@@QAEXW4fork_event@123@@Z

?notify_fork@service_registry@detail@asio@boost@@QAEXW4fork_event@io_service@34@@Z

?on_completion@win_iocp_io_service@detail@asio@boost@@QAEXPAVwin_iocp_operation@234@ABVerror_code@system@4@K@Z

?on_completion@win_iocp_io_service@detail@asio@boost@@QAEXPAVwin_iocp_operation@234@KK@Z

?on_pending@win_iocp_io_service@detail@asio@boost@@QAEXPAVwin_iocp_operation@234@@Z

?open@win_iocp_serial_port_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@win_iocp_handle_service@234@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV564@@Z

?open_descriptors@signal_set_service@detail@asio@boost@@CAXXZ

?open_descriptors@socket_select_interrupter@detail@asio@boost@@AAEXXZ

?poll@io_service@asio@boost@@QAEIAAVerror_code@system@3@@Z

?poll@io_service@asio@boost@@QAEIXZ

?poll@win_iocp_io_service@detail@asio@boost@@QAEIAAVerror_code@system@4@@Z

?poll_connect@socket_ops@detail@asio@boost@@YAHIAAVerror_code@system@4@@Z

?poll_one@io_service@asio@boost@@QAEIAAVerror_code@system@3@@Z

?poll_one@io_service@asio@boost@@QAEIXZ

?poll_one@win_iocp_io_service@detail@asio@boost@@QAEIAAVerror_code@system@4@@Z

?poll_read@socket_ops@detail@asio@boost@@YAHIEAAVerror_code@system@4@@Z

?poll_write@socket_ops@detail@asio@boost@@YAHIEAAVerror_code@system@4@@Z

?port@endpoint@detail@ip@asio@boost@@QAEXG@Z

?port@endpoint@detail@ip@asio@boost@@QBEGXZ

?post_deferred_completion@win_iocp_io_service@detail@asio@boost@@QAEXPAVwin_iocp_operation@234@@Z

?post_deferred_completions@win_iocp_io_service@detail@asio@boost@@QAEXAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?recreate@socket_select_interrupter@detail@asio@boost@@QAEXXZ

?recv@socket_ops@detail@asio@boost@@YAHIPAU_WSABUF@@IHAAVerror_code@system@4@@Z

?recvfrom@socket_ops@detail@asio@boost@@YAHIPAU_WSABUF@@IHPAUsockaddr@@PAIAAVerror_code@system@4@@Z

?recvmsg@socket_ops@detail@asio@boost@@YAHIPAU_WSABUF@@IHAAHAAVerror_code@system@4@@Z

?register_descriptor@select_reactor@detail@asio@boost@@QAEHIAAUper_descriptor_data@1234@@Z

?register_handle@win_iocp_io_service@detail@asio@boost@@QAE?AVerror_code@system@4@PAXAAV564@@Z

?register_internal_descriptor@select_reactor@detail@asio@boost@@QAEHHIAAUper_descriptor_data@1234@PAVreactor_op@234@@Z

?register_wait_callback@win_object_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@AAV?$scoped_lock@Vwin_mutex@detail@asio@boost@@@234@@Z

?remove@signal_set_service@detail@asio@boost@@QAE?AVerror_code@system@4@AAVimplementation_type@1234@HAAV564@@Z

?remove_service@signal_set_service@detail@asio@boost@@CAXPAV1234@@Z

?reset@io_service@asio@boost@@QAEXXZ

?reset@socket_select_interrupter@detail@asio@boost@@QAE_NXZ

?resize@endpoint@detail@generic@asio@boost@@QAEXI@Z

?resize@endpoint@detail@ip@asio@boost@@QAEXI@Z

?restart_accept_op@win_iocp_socket_service_base@detail@asio@boost@@QAEXIAAVsocket_holder@234@HHHPAXKPAVwin_iocp_operation@234@@Z

?run@io_service@asio@boost@@QAEIAAVerror_code@system@3@@Z

?run@io_service@asio@boost@@QAEIXZ

?run@select_reactor@detail@asio@boost@@QAEX_NAAV?$op_queue@Vwin_iocp_operation@detail@asio@boost@@@234@@Z

?run@win_iocp_io_service@detail@asio@boost@@QAEIAAVerror_code@system@4@@Z

?run_one@io_service@asio@boost@@QAEIAAVerror_code@system@3@@Z

?run_one@io_service@asio@boost@@QAEIXZ

?run_one@win_iocp_io_service@detail@asio@boost@@QAEIAAVerror_code@system@4@@Z

?run_thread@select_reactor@detail@asio@boost@@AAEXXZ

?running_in_this_thread@strand_service@detail@asio@boost@@QBE_NABQAVstrand_impl@1234@@Z

?select@socket_ops@detail@asio@boost@@YAHHPAUfd_set@@00PAUtimeval@@AAVerror_code@system@4@@Z

?send@socket_ops@detail@asio@boost@@YAHIPBU_WSABUF@@IHAAVerror_code@system@4@@Z

?sendto@socket_ops@detail@asio@boost@@YAHIPBU_WSABUF@@IHPBUsockaddr@@IAAVerror_code@system@4@@Z

?set_internal_non_blocking@socket_ops@detail@asio@boost@@YA_NIAAE_NAAVerror_code@system@4@@Z

?set_user_non_blocking@socket_ops@detail@asio@boost@@YA_NIAAE_NAAVerror_code@system@4@@Z

?setsockopt@socket_ops@detail@asio@boost@@YAHIAAEHHPBXIAAVerror_code@system@4@@Z

?shutdown@socket_ops@detail@asio@boost@@YAHIHAAVerror_code@system@4@@Z

?shutdown_service@resolver_service_base@detail@asio@boost@@QAEXXZ

?shutdown_service@select_reactor@detail@asio@boost@@UAEXXZ

?shutdown_service@signal_set_service@detail@asio@boost@@QAEXXZ

?shutdown_service@strand_service@detail@asio@boost@@UAEXXZ

?shutdown_service@win_iocp_handle_service@detail@asio@boost@@QAEXXZ

?shutdown_service@win_iocp_io_service@detail@asio@boost@@UAEXXZ

?shutdown_service@win_iocp_serial_port_service@detail@asio@boost@@QAEXXZ

?shutdown_service@win_iocp_socket_service_base@detail@asio@boost@@QAEXXZ

?shutdown_service@win_object_handle_service@detail@asio@boost@@QAEXXZ

?sockatmark@socket_ops@detail@asio@boost@@YA_NIAAVerror_code@system@4@@Z

?socket@socket_ops@detail@asio@boost@@YAIHHHAAVerror_code@system@4@@Z

?socketpair@socket_ops@detail@asio@boost@@YAHHHHQAIAAVerror_code@system@4@@Z

?start_accept_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@_NAAVsocket_holder@234@HHHPAXKPAVwin_iocp_operation@234@@Z

?start_connect_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@PAVreactor_op@234@PBUsockaddr@@I@Z

?start_null_buffers_receive_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@HPAVreactor_op@234@@Z

?start_op@select_reactor@detail@asio@boost@@QAEXHIAAUper_descriptor_data@1234@PAVreactor_op@234@_N2@Z

?start_reactor_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@HPAVreactor_op@234@@Z

?start_read_op@win_iocp_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@_KABVmutable_buffer@34@PAVwin_iocp_operation@234@@Z

?start_receive_from_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@PAU_WSABUF@@IPAUsockaddr@@HPAHPAVwin_iocp_operation@234@@Z

?start_receive_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@PAU_WSABUF@@IH_NPAVwin_iocp_operation@234@@Z

?start_resolve_op@resolver_service_base@detail@asio@boost@@IAEXPAVwin_iocp_operation@234@@Z

?start_send_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@PAU_WSABUF@@IH_NPAVwin_iocp_operation@234@@Z

?start_send_to_op@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@PAU_WSABUF@@IPBUsockaddr@@HHPAVwin_iocp_operation@234@@Z

?start_thread@win_thread@detail@asio@boost@@AAEXPAVfunc_base@1234@I@Z

?start_wait_op@signal_set_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@PAVsignal_op@234@@Z

?start_wait_op@win_object_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@PAVwait_op@234@@Z

?start_work_thread@resolver_service_base@detail@asio@boost@@IAEXXZ

?start_write_op@win_iocp_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@_KABVconst_buffer@34@PAVwin_iocp_operation@234@@Z

?startup@winsock_init_base@detail@asio@boost@@KAXAAUdata@1234@EE@Z

?stop@io_service@asio@boost@@QAEXXZ

?stop@win_iocp_io_service@detail@asio@boost@@QAEXXZ

?stopped@io_service@asio@boost@@QBE_NXZ

?store@baud_rate@serial_port_base@asio@boost@@QBE?AVerror_code@system@4@AAU_DCB@@AAV564@@Z

?store@character_size@serial_port_base@asio@boost@@QBE?AVerror_code@system@4@AAU_DCB@@AAV564@@Z

?store@flow_control@serial_port_base@asio@boost@@QBE?AVerror_code@system@4@AAU_DCB@@AAV564@@Z

?store@parity@serial_port_base@asio@boost@@QBE?AVerror_code@system@4@AAU_DCB@@AAV564@@Z

?store@stop_bits@serial_port_base@asio@boost@@QBE?AVerror_code@system@4@AAU_DCB@@AAV564@@Z

?sync_accept@socket_ops@detail@asio@boost@@YAIIEPAUsockaddr@@PAIAAVerror_code@system@4@@Z

?sync_connect@socket_ops@detail@asio@boost@@YAXIPBUsockaddr@@IAAVerror_code@system@4@@Z

?sync_getnameinfo@socket_ops@detail@asio@boost@@YA?AVerror_code@system@4@PBUsockaddr@@IPADI1IHAAV564@@Z

?sync_recv@socket_ops@detail@asio@boost@@YAIIEPAU_WSABUF@@IH_NAAVerror_code@system@4@@Z

?sync_recvfrom@socket_ops@detail@asio@boost@@YAIIEPAU_WSABUF@@IHPAUsockaddr@@PAIAAVerror_code@system@4@@Z

?sync_recvmsg@socket_ops@detail@asio@boost@@YAIIEPAU_WSABUF@@IHAAHAAVerror_code@system@4@@Z

?sync_send@socket_ops@detail@asio@boost@@YAIIEPBU_WSABUF@@IH_NAAVerror_code@system@4@@Z

?sync_sendto@socket_ops@detail@asio@boost@@YAIIEPBU_WSABUF@@IHPBUsockaddr@@IAAVerror_code@system@4@@Z

?throw_on_error@winsock_init_base@detail@asio@boost@@KAXAAUdata@1234@@Z

?to_bytes@address_v4@ip@asio@boost@@QBE?AV?$array@E$03@tr1@std@@XZ

?to_bytes@address_v6@ip@asio@boost@@QBE?AV?$array@E$0BA@@tr1@std@@XZ

?to_string@address@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?to_string@address@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?to_string@address_v4@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?to_string@address_v4@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?to_string@address_v6@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@4@@Z

?to_string@address_v6@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?to_string@endpoint@detail@ip@asio@boost@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVerror_code@system@5@@Z

?to_ulong@address_v4@ip@asio@boost@@QBEKXZ

?to_v4@address@ip@asio@boost@@QBE?AVaddress_v4@234@XZ

?to_v4@address_v6@ip@asio@boost@@QBE?AVaddress_v4@234@XZ

?to_v6@address@ip@asio@boost@@QBE?AVaddress_v6@234@XZ

?update_cancellation_thread_id@win_iocp_handle_service@detail@asio@boost@@AAEXAAVimplementation_type@1234@@Z

?update_cancellation_thread_id@win_iocp_socket_service_base@detail@asio@boost@@IAEXAAUbase_implementation_type@1234@@Z

?update_timeout@win_iocp_io_service@detail@asio@boost@@AAEXXZ

?v4_compatible@address_v6@ip@asio@boost@@SA?AV1234@ABVaddress_v4@234@@Z

?v4_mapped@address_v6@ip@asio@boost@@SA?AV1234@ABVaddress_v4@234@@Z

?wait@win_object_handle_service@detail@asio@boost@@QAEXAAVimplementation_type@1234@AAVerror_code@system@4@@Z

?wait_callback@win_object_handle_service@detail@asio@boost@@CGXPAXE@Z

?wait_duration_msec@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UBEJJ@Z

?wait_duration_msec@timer_queue_set@detail@asio@boost@@QBEJJ@Z

?wait_duration_usec@?$timer_queue@U?$time_traits@Vptime@posix_time@boost@@@asio@boost@@@detail@asio@boost@@UBEJJ@Z

?wait_duration_usec@timer_queue_set@detail@asio@boost@@QBEJJ@Z

?win_thread_function@detail@asio@boost@@YGIPAX@Z

?win_tss_ptr_create@detail@asio@boost@@YAKXZ

boost_asio_signal_handler

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Bmcmon.dll

.dll windows:5 windows x86 arch:x86

2426ac89c8f936f2fdcdfb4d4c35e466

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

70:08:f5:34:3a:dd:bb:b3:f3:9d:97:f2:fa:66:26:30:a3:eb:8e:20
Signer

Actual PE Digest

70:08:f5:34:3a:dd:bb:b3:f3:9d:97:f2:fa:66:26:30:a3:eb:8e:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\tongxiang\Update_1.0.3\Temp\Link\Bmcmon\Release\Bmcmon.pdb

Imports

kernel32

MoveFileExA

WideCharToMultiByte

GetFileAttributesA

GetFileAttributesW

MultiByteToWideChar

FindFirstFileA

RemoveDirectoryA

FindClose

GetModuleFileNameA

FindNextFileA

OutputDebugStringA

DeleteFileW

GetTempPathA

CopyFileExA

lstrlenW

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

GetLastError

CloseHandle

WaitForSingleObject

CreateEventA

SetEvent

ResetEvent

CreateSemaphoreA

ReleaseSemaphore

InitializeCriticalSection

GetSystemTimeAsFileTime

GetCurrentProcessId

DecodePointer

InterlockedExchange

Sleep

InterlockedCompareExchange

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

QueryPerformanceCounter

GetTickCount

GetCurrentThreadId

EncodePointer

shell32

ord165

msvcp100

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?always_noconv@codecvt_base@std@@QBE_NXZ

?_Decref@facet@locale@std@@QAEPAV123@XZ

?_Incref@facet@locale@std@@QAEXXZ

??Bid@locale@std@@QAEIXZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_BADOFF@std@@3_JB

??1_Lockit@std@@QAE@XZ

??0_Lockit@std@@QAE@H@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

msvcr100

fseek

fclose

??2@YAPAXI@Z

fopen_s

fputc

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@PBD@Z

??0bad_cast@std@@QAE@ABV01@@Z

_unlock_file

ftell

fgetpos

_fseeki64

fflush

fgetc

fsetpos

setvbuf

_lock_file

memcpy_s

_purecall

ferror

fprintf

_vsnprintf_s

__CxxFrameHandler3

memcpy

isspace

tolower

isalpha

isalnum

strncmp

strchr

free

memset

_beginthreadex

_malloc_crt

_encoded_null

_initterm

_initterm_e

_amsg_exit

__CppXcptFilter

_except_handler4_common

_unlock

__dllonexit

_lock

_onexit

_crt_debugger_hook

?terminate@@YAXXZ

?_type_info_dtor_internal_method@type_info@@QAEXXZ

__clean_type_info_names_internal

fwrite

??3@YAXPAX@Z

fread

??_V@YAXPAX@Z

fopen

vsprintf_s

malloc

memmove

??0exception@std@@QAE@ABV01@@Z

??0exception@std@@QAE@ABQBD@Z

??1exception@std@@UAE@XZ

?what@exception@std@@UBEPBDXZ

ungetc

_CxxThrowException

winhttp

WinHttpCrackUrl

WinHttpOpenRequest

WinHttpOpen

WinHttpQueryHeaders

WinHttpReadData

WinHttpConnect

WinHttpSendRequest

WinHttpSetTimeouts

WinHttpReceiveResponse

WinHttpAddRequestHeaders

WinHttpCloseHandle

Exports

??0XmlParse@XML@Bmcmon@@QAE@XZ

??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z

??1XmlParse@XML@Bmcmon@@QAE@XZ

??4XmlParse@XML@Bmcmon@@QAEAAV012@ABV012@@Z

??4_Init_locks@std@@QAEAAV01@ABV01@@Z

?AddChildElement@XmlParse@XML@Bmcmon@@QAE_NPAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAX@Z

?CpyFile@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?CreateDir@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?Decrypt@DES@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@PAD@Z

?DeleteDir@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?DirExists@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?Encrypt@DES@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@PAD@Z

?FileExists@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?FirstChildElement@XmlParse@XML@Bmcmon@@QAE_NPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAPAX@Z

?GenerateMD5@MD5@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z

?GetCurrentDir@FileSystem@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?GetElementAttibute@XmlParse@XML@Bmcmon@@QAE_NPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV45@@Z

?GetTempDir@FileSystem@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

?GetUrlFile@Http@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?GetUrlInfo@Http@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

?NextElement@XmlParse@XML@Bmcmon@@QAE_NPBXPAPAX@Z

?OutPutDebug@Trace@Bmcmon@@YAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ZZ

?ParseXmlFile@XmlParse@XML@Bmcmon@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?ParseXmlStr@XmlParse@XML@Bmcmon@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?RemoveFile@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?RenameFile@FileSystem@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?Save@XmlParse@XML@Bmcmon@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?SetElementAttibute@XmlParse@XML@Bmcmon@@QAE_NPAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z

?StrAtoStrW@CharConver@Bmcmon@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z

?StrWtoStrA@CharConver@Bmcmon@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z

?UZipFile@ZipUZip@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?ZipFile@ZipUZip@Bmcmon@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Bmctr.dll

.dll windows:5 windows x86 arch:x86

45310442f0d61e8188dbf7010dba1add

Code Sign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

6a:c8:af:24:c6:02:cb:90:fe:71:87:5f:1c:4c:ec:80
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

18-03-2014 00:00

Not After

17-03-2017 23:59

Subject

CN=Nanjing Tongxiang Network Technology Co.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT,O=Nanjing Tongxiang Network Technology Co.\,LTD,L=Nanjing,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

6b:af:03:37:a8:99:b8:aa:32:b2:96:11:85:7f:a5:00:ce:34:09:29
Signer

Actual PE Digest

6b:af:03:37:a8:99:b8:aa:32:b2:96:11:85:7f:a5:00:ce:34:09:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\tongxiang\Update_1.0.3\Temp\Link\Bmctr\Release\Bmctr.pdb

Imports

bmcmon