5808f7b38e6e535e4937e44f9d383d90_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5808f7b38e6e535e4937e44f9d383d90_NeikiAnalytics
Size

2.4MB
MD5

5808f7b38e6e535e4937e44f9d383d90
SHA1

0ba5a950d2d8dd879e0e1dacf6fda9abe7730caa
SHA256

8f319a94ca172c493096b1f5089dfe0344dca3835dbb79e197d372e81a77931d
SHA512

91dc2de80a8b42f75401ebf3a8762bec881e95207ca2a93c1fffb3f6ce4accb9c609518ad58e6e4503ccfab6f9db9bce96656c87f1a94623c7c1c646c603c80e
SSDEEP

49152:b1x9Nx97QmVL7hSt4/pyoXelyosbmleddMb+89eyDW716iJpj:bj9Nx9pL7hg4/pkR4mleb8oyDSdJpj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/nsExec.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

5808f7b38e6e535e4937e44f9d383d90_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

58:6a:b1:f3:4b:8d:f7:c5:a4:f8:af:cb:b3:ed:d9:f1:ed:b2:2b:b8:bd:b6:59:96:9a:72:75:92:93:30:57:95
Signer

Actual PE Digest

58:6a:b1:f3:4b:8d:f7:c5:a4:f8:af:cb:b3:ed:d9:f1:ed:b2:2b:b8:bd:b6:59:96:9a:72:75:92:93:30:57:95

Digest Algorithm

sha256

PE Digest Matches

true

30:a2:d1:d2:cd:a6:f1:1f:18:0b:fc:58:8f:6a:f5:27:40:b0:00:7e
Signer

Actual PE Digest

30:a2:d1:d2:cd:a6:f1:1f:18:0b:fc:58:8f:6a:f5:27:40:b0:00:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

46f8b6973f33717335c0f6d8087de67b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
lstrcpynA
ReadFile
PeekNamedPipe
GetTickCount
lstrcpyA
CreateProcessA
GetStartupInfoA
GetProcAddress
GetVersion
DeleteFileA
lstrcmpiA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
CreatePipe
GlobalLock
lstrcatA

user32

SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CsvOperation.dll
.dll windows:4 windows x86 arch:x86

98281400306397ce3e787eecd3640731

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ee:15:6d:2b:b1:dd:80:6c:0e:3f:98:53:fb:b0:0e:99:5c:dc:b0:87:80:22:34:36:ed:00:ec:f0:20:2f:35:04
Signer

Actual PE Digest

ee:15:6d:2b:b1:dd:80:6c:0e:3f:98:53:fb:b0:0e:99:5c:dc:b0:87:80:22:34:36:ed:00:ec:f0:20:2f:35:04

Digest Algorithm

sha256

PE Digest Matches

true

0a:70:57:96:d6:37:7a:f3:dc:e0:fe:ca:eb:f1:87:26:cf:bc:c6:dc
Signer

Actual PE Digest

0a:70:57:96:d6:37:7a:f3:dc:e0:fe:ca:eb:f1:87:26:cf:bc:c6:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
malloc
realloc
_adjust_fdiv
fputc
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

PLUGIN_csv_error
PLUGIN_csv_finit
PLUGIN_csv_free
PLUGIN_csv_fwrite
PLUGIN_csv_fwrite2
PLUGIN_csv_get_buffer_size
PLUGIN_csv_get_delim
PLUGIN_csv_get_opts
PLUGIN_csv_get_quote
PLUGIN_csv_init
PLUGIN_csv_parse
PLUGIN_csv_set_blk_size
PLUGIN_csv_set_delim
PLUGIN_csv_set_free_func
PLUGIN_csv_set_optsEx
PLUGIN_csv_set_quote
PLUGIN_csv_set_realloc_func
PLUGIN_csv_set_space_func
PLUGIN_csv_set_term_func
PLUGIN_csv_strerror
PLUGIN_csv_write
PLUGIN_csv_write2

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 997B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FileOperator.dll
.dll windows:4 windows x86 arch:x86

2421c03ec3724a5141333543394510f1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2f:ec:e4:3a:e4:ff:2e:f5:29:89:33:66:80:7e:c6:a8:23:17:6f:04:6d:2b:7d:ab:6d:6a:2e:37:b6:d3:e7:52
Signer

Actual PE Digest

2f:ec:e4:3a:e4:ff:2e:f5:29:89:33:66:80:7e:c6:a8:23:17:6f:04:6d:2b:7d:ab:6d:6a:2e:37:b6:d3:e7:52

Digest Algorithm

sha256

PE Digest Matches

true

f5:e3:e9:6e:af:f0:01:d4:20:be:ee:74:00:6e:01:33:fc:84:14:75
Signer

Actual PE Digest

f5:e3:e9:6e:af:f0:01:d4:20:be:ee:74:00:6e:01:33:fc:84:14:75

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord464
ord465
ord800
ord858
ord539
ord823
ord434
ord5575
ord537
ord1656
ord4033
ord2141
ord850
ord433
ord3115
ord1648
ord1238
ord857
ord540
ord860
ord2820
ord548
ord2818
ord861
ord317
ord4202
ord5710
ord541
ord535
ord801
ord1622
ord6143
ord2721
ord924
ord926
ord3079
ord941
ord6781
ord939
ord2614
ord2065
ord6648
ord922
ord5683
ord2763
ord6663
ord4278
ord2764
ord5861
ord6404
ord273
ord353
ord940
ord603
ord5461
ord3169
ord503
ord2915
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord5307
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord4274
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord5731
ord2512
ord2554
ord4486
ord6375
ord6883

msvcrt

??1type_info@@UAE@XZ
_onexit
__dllonexit
fseek
_access
_itoa
_CxxThrowException
_purecall
free
??0exception@@QAE@ABV0@@Z
fputs
_iob
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_ftol
sscanf
_except_handler3
?terminate@@YAXXZ
ftell
rewind
fread
memmove
remove
strstr
strchr
__CxxFrameHandler
_mbscmp
sprintf
fopen
fwrite
fclose
memcpy
strlen
memset
_adjust_fdiv
malloc
_initterm
strcmp

kernel32

LocalAlloc
LocalFree
OutputDebugStringA
CopyFileA
DeleteFileA
InterlockedDecrement
GetModuleHandleW
GetModuleFileNameA
GetProcAddress
LocalUnlock
LocalLock
LoadLibraryA
MoveFileExA
CloseHandle
GetFileSize
FreeLibrary
CreateFileA
GetSystemDirectoryA
GetLastError
lstrlenA
MultiByteToWideChar

advapi32

RegOpenKeyExA
RegQueryValueExA

ole32

OleInitialize
OleUninitialize

oleaut32

SysAllocString
VariantTimeToSystemTime
SysFreeString
SafeArrayDestroy
SafeArrayCreate
VariantClear
VariantInit
SafeArrayPutElement

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

csvoperation

ord1
ord13
ord5
ord20
ord2

user32

MessageBoxA
wsprintfA

Exports

Exports

FileOperation_Check_Write
FileOperation_CloseAllExcel
FileOperation_CloseExcel
FileOperation_CreateExcel
FileOperation_OpenExcel
FileOperation_Read
FileOperation_ReadEx
FileOperation_ReadExcel
FileOperation_SaveExcel
FileOperation_SetMaxRowCounts
FileOperation_Write
FileOperation_WriteExcel

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FisheyeCtrl.dll
.dll windows:4 windows x86 arch:x86

9d0a0b520b7fd18accfd0d711563c5bf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:63:2f:49:5a:bd:1c:79:92:09:26:4b:7e:f4:ce:2e:8d:b6:29:98:dc:2e:6e:43:05:04:4d:2a:ea:73:e6:56
Signer

Actual PE Digest

0f:63:2f:49:5a:bd:1c:79:92:09:26:4b:7e:f4:ce:2e:8d:b6:29:98:dc:2e:6e:43:05:04:4d:2a:ea:73:e6:56

Digest Algorithm

sha256

PE Digest Matches

true

22:9c:fd:76:3c:15:6d:74:39:01:59:59:f9:f1:af:c6:bf:c9:85:97
Signer

Actual PE Digest

22:9c:fd:76:3c:15:6d:74:39:01:59:59:f9:f1:af:c6:bf:c9:85:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5199
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord3742
ord567
ord818
ord4275
ord4299
ord6215
ord755
ord470
ord6880
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord823
ord5290
ord825
ord1116

msvcrt

??1type_info@@UAE@XZ
memset
_ftol
sprintf
abs
memcpy
vsprintf
_purecall
sqrt
atan
__CxxFrameHandler
__dllonexit
_onexit
free
_adjust_fdiv
malloc
_initterm

kernel32

LocalFree
GetProcAddress
GetLastError
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetModuleHandleA

user32

EnableWindow
ClientToScreen
ScreenToClient
GetSystemMetrics
IsWindow
SetWindowsHookExA
SendMessageA
CallNextHookEx
GetClientRect
UnhookWindowsHookEx

winmm

timeGetTime

Exports

Exports

CreateFisheye
ReleaseFisheye

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IVSJsonSdk.dll
.dll windows:4 windows x86 arch:x86

35d05e71b62edbae04131948cfe1e46d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

80:b3:b2:98:26:c8:78:52:f7:ac:a5:cd:72:f2:cc:06:09:70:d1:be:80:44:30:3d:5a:43:d0:20:fc:47:7e:f9
Signer

Actual PE Digest

80:b3:b2:98:26:c8:78:52:f7:ac:a5:cd:72:f2:cc:06:09:70:d1:be:80:44:30:3d:5a:43:d0:20:fc:47:7e:f9

Digest Algorithm

sha256

PE Digest Matches

true

df:1d:de:2b:d3:af:d0:96:87:41:27:34:26:bc:2a:66:73:00:fb:86
Signer

Actual PE Digest

df:1d:de:2b:d3:af:d0:96:87:41:27:34:26:bc:2a:66:73:00:fb:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
DisableThreadLibraryCalls

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??_7runtime_error@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
malloc
free
_ftol
atoi
strcpy
memcpy
strcmp
strncpy
strlen
??2@YAPAXI@Z
memset
sprintf
_purecall
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
fputs
_iob
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ

Exports

Exports

IVS_CLIENT_PacketData
IVS_CLIENT_ParseData

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IvsDrawer.dll
.dll windows:4 windows x86 arch:x86

6b823aaf1df3905626606808878871ea

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

92:85:e4:3c:17:83:01:25:87:35:44:98:83:f3:c1:1a:36:30:7f:9d:a7:15:d5:28:b1:c1:e9:a0:30:1c:78:f4
Signer

Actual PE Digest

92:85:e4:3c:17:83:01:25:87:35:44:98:83:f3:c1:1a:36:30:7f:9d:a7:15:d5:28:b1:c1:e9:a0:30:1c:78:f4

Digest Algorithm

sha256

PE Digest Matches

true

a8:af:71:f8:86:56:cc:10:27:d2:7d:d1:34:51:48:b1:3a:d8:92:63
Signer

Actual PE Digest

a8:af:71:f8:86:56:cc:10:27:d2:7d:d1:34:51:48:b1:3a:d8:92:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
SetStdHandle
SetConsoleCtrlHandler
GetLocaleInfoW
FlushFileBuffers
SetEnvironmentVariableA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryExA
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetOEMCP
GetACP
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
FatalAppExitA
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
SetUnhandledExceptionFilter
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
SetFilePointer
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
CloseHandle

user32

PtInRect
DrawTextA
FillRect
GetClientRect
GetWindowRect

gdi32

TextOutA
Polyline
TextOutW
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn
FillRgn
Ellipse
CreateSolidBrush
GetStockObject
GetBkMode
SetBkMode
CreatePen
MoveToEx
LineTo
SetTextColor
CreateFontIndirectA
SelectObject
CreateBrushIndirect
DeleteObject

msimg32

AlphaBlend

Exports

Exports

DRAW_Clean
DRAW_Cleanup
DRAW_Close
DRAW_Draw
DRAW_GetLastError
DRAW_Idle
DRAW_InputAlarmData
DRAW_InputAlarmDataEx
DRAW_InputJpegData
DRAW_InputJsonData
DRAW_InputMoveCheckData
DRAW_InputRuleData
DRAW_InputTextData
DRAW_InputTrackData
DRAW_InputTrackDataEx2
DRAW_Ioctl
DRAW_Open
DRAW_Refresh
DRAW_Reset
DRAW_SetDrawOneTrackCallback
DRAW_SetEnable
DRAW_SetFrameNum
DRAW_SetLifeCount
DRAW_SetPen
DRAW_SetRuleColor
DRAW_SetRuleNameConfig
DRAW_SetRuleTrackAlarm
DRAW_SetShowTrackType
DRAW_SetShowType
DRAW_SetTime
DRAW_SetTrackEX2Sharp
DRAW_SetTrackEx2Config
DRAW_SetTrackObjectColor
DRAW_Startup

Sections

.text
Size: 320KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IvsLogic.dll
.dll windows:4 windows x86 arch:x86

4418fbab53992bd6c3686e4fb9f85e28

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:6c:2f:ce:88:3b:05:2d:14:5f:3f:59:89:74:05:7a:6a:09:df:01:b9:0b:ae:a8:43:5e:55:45:3d:66:16:af
Signer

Actual PE Digest

05:6c:2f:ce:88:3b:05:2d:14:5f:3f:59:89:74:05:7a:6a:09:df:01:b9:0b:ae:a8:43:5e:55:45:3d:66:16:af

Digest Algorithm

sha256

PE Digest Matches

true

a2:bb:57:d3:15:f3:fa:75:f2:5f:13:82:98:38:41:89:0d:2d:e8:5f
Signer

Actual PE Digest

a2:bb:57:d3:15:f3:fa:75:f2:5f:13:82:98:38:41:89:0d:2d:e8:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
OutputDebugStringA
GetLastError
LoadLibraryExA
GetModuleFileNameA
VirtualQuery
GetProcAddress
DisableThreadLibraryCalls

msvcp60

??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

sin
cos
atan
_ftol
sqrt
??2@YAPAXI@Z
_purecall
abs
strlen
sprintf
strcat
memset
memcpy
strcmp
memcmp
strcpy
strncpy
atoi
_chkesp
malloc
free
__CxxFrameHandler
_assert
__dllonexit
_onexit
_initterm
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
fabs

Exports

Exports

CreateIvslogic
ReleaseIvsLogic
_IVS_CLIENT_PacketData@20
_IVS_CLIENT_ParseData@20

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCL_FPTZ.dll
.dll windows:6 windows x86 arch:x86

7897d5f323392f6ddd3caccf81a3b8f2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

98:b6:06:34:47:50:2a:29:cd:a8:27:5f:4d:dc:17:2b:4b:e2:72:c9:49:50:7c:ff:f9:3b:c6:16:4d:02:13:f4
Signer

Actual PE Digest

98:b6:06:34:47:50:2a:29:cd:a8:27:5f:4d:dc:17:2b:4b:e2:72:c9:49:50:7c:ff:f9:3b:c6:16:4d:02:13:f4

Digest Algorithm

sha256

PE Digest Matches

true

91:db:0c:9a:75:ee:7a:6a:d0:1a:c6:b1:90:ad:ea:39:c6:ec:50:69
Signer

Actual PE Digest

91:db:0c:9a:75:ee:7a:6a:d0:1a:c6:b1:90:ad:ea:39:c6:ec:50:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\fisheye_proc\export\x86\win\MCL_FPTZ_Win32.pdb

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DecodePointer
CloseHandle
RtlUnwind
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
WriteFile
GetModuleFileNameW
SetLastError
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
SetFilePointerEx
WriteConsoleW
CreateFileW
GetStringTypeW
HeapSize
LCMapStringW
RaiseException
SetEndOfFile
ReadFile
ReadConsoleW

Exports

Exports

DHIVS_TRACK_FS_CalMemSize
DHIVS_TRACK_FS_Cali
DHIVS_TRACK_FS_Exit
DHIVS_TRACK_FS_GetConfig
DHIVS_TRACK_FS_GetVersion
DHIVS_TRACK_FS_Init
DHIVS_TRACK_FS_Locate
DHIVS_TRACK_FS_SetConfig
DHIVS_TRACK_FS_tracking

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SurveillanceDll.dll
.dll windows:4 windows x86 arch:x86

dff3ac44293cd14ef8b5871cbe8003e1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

dd:a9:a2:55:c4:d3:21:19:e8:e0:90:69:5b:91:e8:3b:1a:8a:ea:31:11:91:fc:59:f1:f7:36:e2:a2:8d:2e:f9
Signer

Actual PE Digest

dd:a9:a2:55:c4:d3:21:19:e8:e0:90:69:5b:91:e8:3b:1a:8a:ea:31:11:91:fc:59:f1:f7:36:e2:a2:8d:2e:f9

Digest Algorithm

sha256

PE Digest Matches

true

0d:3c:1a:d6:84:59:77:ab:a6:7d:82:a7:80:79:2b:78:73:b7:00:aa
Signer

Actual PE Digest

0d:3c:1a:d6:84:59:77:ab:a6:7d:82:a7:80:79:2b:78:73:b7:00:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
SetEvent
CreateSemaphoreA
ReleaseSemaphore
CreateThread
GetCurrentThreadId
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
ReleaseMutex
DeleteFileA
FindNextFileA
FindFirstFileA
GetLastError
GetProcAddress
FreeLibrary
GetTickCount
GetModuleFileNameA
VirtualQuery
LoadLibraryExA
WaitForSingleObject
CloseHandle
CreateMutexA
OutputDebugStringA
MultiByteToWideChar
CreateDirectoryA
WideCharToMultiByte
DisableThreadLibraryCalls

user32

MessageBoxA
DrawTextA
GetWindowRect

gdi32

DeleteObject
SetBkMode
TextOutA
SelectObject
CreateFontIndirectA
GetBkMode

comdlg32

GetOpenFileNameA
CommDlgExtendedError

shell32

ShellExecuteA

msvcrt

_findclose
_findnext
_findfirst
strcat
_snprintf
_atoi64
sscanf
pow
__CxxFrameHandler
strerror
_errno
wcscmp
wcslen
wcsrchr
toupper
getenv
srand
__dllonexit
_onexit
_initterm
_adjust_fdiv
strncat
localtime
strchr
rand
atof
atan
cos
sin
fabs
strncpy
abs
sqrt
_access
strcpy
_mkdir
remove
strstr
memcmp
atoi
atol
printf
_ftol
fprintf
vsprintf
ctime
sprintf
strcmp
strlen
fseek
ftell
fread
time
_except_handler3
fclose
fopen
fwrite
fflush
_purecall
malloc
memcpy
free
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
??1type_info@@UAE@XZ
?terminate@@YAXXZ
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
_iob
fputs
??0exception@@QAE@ABV0@@Z
_strdup
_chmod
_itoa
_close
_strupr
_strlwr
strtok

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??_7runtime_error@std@@6B@
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?_Xran@std@@YAXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z

winmm

mciSendCommandA
timeGetTime

netsdk

ord868
ord88
ord12
ord92
ord493
ord28
ord119
ord63
ord395
ord91
ord606
ord869
ord892
ord615
ord20
ord217
ord195
ord196
ord1
ord127
ord7
ord170
ord872
ord181
ord525
ord103
ord215
ord6
ord557
ord73
ord102
ord25
ord175
ord24
ord2
ord133
ord157
ord971
ord26
ord267
ord27
ord403
ord474
ord98
ord93
ord90
ord96
ord97
ord99
ord120
ord83
ord95
ord169
ord473
ord874
ord76
ord203
ord202
ord75
ord32
ord871
ord33
ord168

ws2_32

htons
inet_addr
connect
recv
send
WSAStartup
socket
closesocket

gdiplus

GdipCreateBitmapFromGraphics
GdipDrawImageRectI
GdipSaveImageToFile
GdipDeleteGraphics
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipDisposeImage
GdipGetImageGraphicsContext

shlwapi

PathAppendA

Exports

Exports

GetTransModuleImp
LoadNeedLibrary
ReleaseTransImp
UnLoadNeedlibrary
_FileOperation_Check_Write@8
_FileOperation_CloseAllExcel@0
_FileOperation_CloseExcel@16
_FileOperation_CreateExcel@32
_FileOperation_OpenExcel@32
_FileOperation_Read@12
_FileOperation_ReadExcel@28
_FileOperation_SaveExcel@16
_FileOperation_SetMaxRowCounts@4
_FileOperation_Write@12
_FileOperation_WriteExcel@32
_PLAY_AddToPlayGroup@8
_PLAY_AdjustWaveAudio@8
_PLAY_AntiAliasEnable@8
_PLAY_CatchResizePic@20
_PLAY_ChooseAudio@12
_PLAY_CloseAudioRecord@0
_PLAY_CloseFile@4
_PLAY_ClosePlayGroup@4
_PLAY_CloseStream@4
_PLAY_ConvertToBmpFile@24
_PLAY_ConvertToBmpFileEx@28
_PLAY_ConvertToJpegFile@24
_PLAY_DelFromPlayGroup@8
_PLAY_EnableLargePicAdjustment@8
_PLAY_Fast@4
_PLAY_FisheyeGetPosition@20
_PLAY_GetAudioChannels@8
_PLAY_GetAudioChooseState@12
_PLAY_GetBufferValue@8
_PLAY_GetColor@24
_PLAY_GetCurrentFrameRate@4
_PLAY_GetFileTime@4
_PLAY_GetFreePort@4
_PLAY_GetLastError@4
_PLAY_GetOverlayMode@4
_PLAY_GetPictureSize@12
_PLAY_GetPlayPos@4
_PLAY_GetPlayedFrames@4
_PLAY_GetPlayedTime@4
_PLAY_GetPlayedTimeEx@4
_PLAY_GetSourceBufferRemain@4
_PLAY_GetVolume@4
_PLAY_InputData@12
_PLAY_OneByOne@4
_PLAY_OneByOneBack@4
_PLAY_OpenAudioRecord@24
_PLAY_OpenFile@8
_PLAY_OpenPlayGroup@0
_PLAY_OpenStream@16
_PLAY_Pause@8
_PLAY_PausePlayGroup@8
_PLAY_Play@8
_PLAY_PlaySound@4
_PLAY_PlaySoundShare@4
_PLAY_QueryInfo@20
_PLAY_RefreshPlay@4
_PLAY_ReleasePort@4
_PLAY_ResetBuffer@8
_PLAY_ResetSourceBuffer@4
_PLAY_ResolutionScale@12
_PLAY_RigisterDrawFun@12
_PLAY_RigisterDrawFunEx@16
_PLAY_SeekPlayGroup@8
_PLAY_SetAVSyncType@8
_PLAY_SetColor@24
_PLAY_SetDecCallBack@8
_PLAY_SetDecInfoCallBack@12
_PLAY_SetDelayTime@12
_PLAY_SetDemuxCallBack@12
_PLAY_SetDigitalSignCallBack@12
_PLAY_SetDisplayCallBack@12
_PLAY_SetDisplayRegion@20
_PLAY_SetEncTypeChangeCallBack@12
_PLAY_SetEncTypeChangeCallBackEx@12
_PLAY_SetFileEndCallBack@12
_PLAY_SetFishEyeInfoCallBack@12
_PLAY_SetIVSCallBack@12
_PLAY_SetMultiFrameDecCallBack@12
_PLAY_SetMultiSensorCallBack@12
_PLAY_SetOSDInfoCallBack@12
_PLAY_SetOverlayMode@12
_PLAY_SetPicQuality@8
_PLAY_SetPlayDirection@8
_PLAY_SetPlayGroupDirection@8
_PLAY_SetPlayGroupSpeed@8
_PLAY_SetPlayMethod@20
_PLAY_SetPlayPos@8
_PLAY_SetPlaySpeed@8
_PLAY_SetPlayedTimeEx@8
_PLAY_SetPrivacyRecover@8
_PLAY_SetSEnhanceMode@8
_PLAY_SetSecurityKey@12
_PLAY_SetStreamOpenMode@8
_PLAY_SetVisibleDecCallBack@12
_PLAY_SetVolume@8
_PLAY_SetWaterMarkCallBackEx@12
_PLAY_Slow@4
_PLAY_SplitProc@8
_PLAY_SplitProcUpdate@8
_PLAY_StartAVIConvert@16
_PLAY_StartDataRecord@12
_PLAY_StartFisheye@4
_PLAY_StepPlayGroup@4
_PLAY_Stop@4
_PLAY_StopAVIConvert@4
_PLAY_StopDataRecord@4
_PLAY_StopFisheye@4
_PLAY_StopSound@0
_PLAY_StopSoundShare@4
_PLAY_VerticalSyncEnable@8
_PLAY_WriteData@12

Sections

.text
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TimeGridEXE.exe
.exe windows:4 windows x86 arch:x86

d64bcc6ffc6e1306cce94590b53cd9ad

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

84:32:0e:bb:55:b2:19:0f:63:e8:0d:0d:cf:65:e4:be:eb:e3:26:68:92:84:f1:6a:42:5f:2f:f9:8c:f6:d4:47
Signer

Actual PE Digest

84:32:0e:bb:55:b2:19:0f:63:e8:0d:0d:cf:65:e4:be:eb:e3:26:68:92:84:f1:6a:42:5f:2f:f9:8c:f6:d4:47

Digest Algorithm

sha256

PE Digest Matches

true

e7:fd:1e:2e:1c:b5:c1:83:99:a4:2d:3b:ca:20:94:2e:1c:da:28:27
Signer

Actual PE Digest

e7:fd:1e:2e:1c:b5:c1:83:99:a4:2d:3b:ca:20:94:2e:1c:da:28:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStartupInfoA
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
lstrlenA
DeleteCriticalSection
InterlockedIncrement
InitializeCriticalSection
GetCommandLineA
lstrcmpiA
Sleep
CreateEventA
CreateThread
WaitForSingleObject
CloseHandle
InterlockedDecrement
SetEvent
MultiByteToWideChar
OutputDebugStringA
lstrlenW
GetCurrentThreadId
WideCharToMultiByte
LocalFree

user32

DefWindowProcA
SetWindowLongA
PostThreadMessageA
GetWindowLongA
DestroyWindow
CharNextA
DispatchMessageA
GetMessageA
GetKeyState
PtInRect
UnionRect
IsChild
CreateWindowExA
CallWindowProcA
BeginPaint
GetClientRect
EndPaint
InvalidateRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
IsWindow
GetParent
ShowWindow
SetFocus
GetFocus

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileA
TextOutA
SetTextAlign
Rectangle
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SaveDC
RestoreDC
SetWindowOrgEx
SetWindowExtEx

ole32

CoUninitialize
CoInitialize
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemAlloc
CreateOleAdviseHolder

oleaut32

VariantChangeType
OleCreatePropertyFrame
VariantClear
SysStringLen
LoadRegTypeLi
SysAllocStringLen
SysFreeString
CreateErrorInfo
VariantInit

atl

ord20
ord27
ord26
ord51
ord46
ord50
ord44
ord43
ord30
ord58
ord32
ord16
ord17
ord57
ord18
ord23
ord21
ord31

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?str@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ

timeaxesdll

ReleaseTimeAxesModule
GetTimeAxesModule

msvcrt

strlen
__CxxFrameHandler
memset
strcmp
??2@YAPAXI@Z
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
free
_XcptFilter
_exit
_CxxThrowException
malloc
realloc
memcmp
atoi
memcpy

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Version.ini
VideoAnalyse.dll
.dll windows:4 windows x86 arch:x86

a8385b9dfb330696017e9ae836cbc8de

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ab:8e:ff:5c:fc:b7:38:04:75:7f:1c:78:a1:6c:65:a0:99:4d:c1:0a:73:2d:48:84:8d:43:e2:9b:dd:08:ba:db
Signer

Actual PE Digest

ab:8e:ff:5c:fc:b7:38:04:75:7f:1c:78:a1:6c:65:a0:99:4d:c1:0a:73:2d:48:84:8d:43:e2:9b:dd:08:ba:db

Digest Algorithm

sha256

PE Digest Matches

true

ce:1e:d7:cb:00:8e:0d:03:70:87:df:b1:14:57:5c:ef:c4:13:e6:13
Signer

Actual PE Digest

ce:1e:d7:cb:00:8e:0d:03:70:87:df:b1:14:57:5c:ef:c4:13:e6:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
InitializeCriticalSection

msvcrt

_adjust_fdiv
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
fputs
_iob
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
sprintf
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
malloc
_initterm
free
_onexit
__dllonexit
fabs
atan
cos
sin
_purecall
strncpy
memcpy
memset
_ftol
strcpy
strcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
strlen

msvcp60

?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z

Exports

Exports

AddVideoAnalyseShape
AntiAdjustCoordinate
CreateMainVideoAnalyseShape
CreateVideoAnalyseContainer
DeleteAllVideoAnalyseShape
DeleteVideoAnalyseShape
EnableVideoAnalyseContainer
EnableVideoAnalyseShape
GetContainerDrawEventHandler
GetContainerWinMouseEventHandler
GetSelectedVideoAnalyseShapeID
GetVideoAnalyseShapeConfigData
InvalidateAllShape
RedrawVideoAnalyseShape
ReleaseVideoAnalyseContainer
SelectVideoAnalyseShape
SetAdjustPointCoordinateDelegate
SetContainerNotifyEventDelegate
SetContainerTranslateDelegate
SetCtrlContainerWinMouseCaptureDelegate
SetGetContainerRectClientDelegate
SetVideoAnalyseContainerTip
SetVideoAnalyseShapeDirection
SetVideoAnalyseShapeShowName
ShowVideoAnalyseShape

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VideoWindow.dll
.dll windows:4 windows x86 arch:x86

6c049f4c102c8c6fab0fd16efd595827

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:a9:45:ed:8d:e2:f4:ac:cc:fb:73:31:d1:b7:18:1b:23:20:77:98:e2:d8:3e:0e:f2:f7:f6:f3:c1:0c:11:30
Signer

Actual PE Digest

06:a9:45:ed:8d:e2:f4:ac:cc:fb:73:31:d1:b7:18:1b:23:20:77:98:e2:d8:3e:0e:f2:f7:f6:f3:c1:0c:11:30

Digest Algorithm

sha256

PE Digest Matches

true

a4:ca:d8:5b:b1:a9:46:87:08:79:26:12:9d:86:a3:7b:8a:26:20:71
Signer

Actual PE Digest

a4:ca:d8:5b:b1:a9:46:87:08:79:26:12:9d:86:a3:7b:8a:26:20:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2864
ord5981
ord2379
ord755
ord2915
ord2818
ord2859
ord470
ord665
ord1979
ord5442
ord3318
ord353
ord3693
ord4133
ord4297
ord5788
ord1641
ord472
ord2567
ord3619
ord5875
ord5787
ord2860
ord283
ord6170
ord1601
ord858
ord4129
ord5683
ord5572
ord2919
ord703
ord1989
ord5445
ord404
ord640
ord2405
ord2753
ord5785
ord1640
ord323
ord4220
ord2584
ord3654
ord540
ord2438
ord2078
ord6172
ord4299
ord6270
ord2863
ord1575
ord2642
ord1644
ord1146
ord4274
ord860
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord3573
ord6215
ord4287
ord4284
ord6880
ord2754
ord1168
ord2575
ord3402
ord4396
ord3574
ord556
ord609
ord809
ord3874
ord6358
ord1088
ord2122
ord1116
ord1176
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4275
ord800
ord818
ord2414
ord825
ord3663
ord3626
ord567
ord823
ord537
ord6467
ord2124
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3571
ord3147
ord2982
ord5277
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord6375

msvcrt

??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_CxxThrowException
sprintf
_strlwr
_except_handler3
?terminate@@YAXXZ
_iob
fputs
??0exception@@QAE@ABV0@@Z
fclose
malloc
_wcsicmp
free
sqrt
atan2
cos
sin
abs
_purecall
strlen
strncpy
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
__CxxFrameHandler
fread
fwrite
strcpy
strchr
pow
memcpy
strcmp
fopen
fseek
ftell
_ftol
sscanf
memset

kernel32

GetModuleHandleA
OutputDebugStringA
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
GetModuleFileNameA
MulDiv
GetProcAddress
lstrcpyA
GetCurrentThreadId
LocalFree
LocalAlloc
GlobalFree
GetCommandLineA

user32

DeferWindowPos
InvalidateRect
GetParent
SetCapture
GetWindowRect
GetFocus
ReleaseCapture
ScreenToClient
DrawTextA
ReleaseDC
FillRect
GetClientRect
GetDC
EnableWindow
CheckMenuItem
GetMenuState
GetCursorPos
GetSubMenu
LoadMenuA
LoadImageA
ClientToScreen
GetCapture
WindowFromPoint
LoadBitmapA
DrawFocusRect
DestroyCursor
GetSysColor
InflateRect
PostMessageA
LoadCursorA
SetCursor
IsWindow
SendMessageA
CallNextHookEx
SetParent
SetWindowsHookExA
FindWindowA
ShowWindow
SetFocus
SetWindowPos
MoveWindow
CopyRect
BeginDeferWindowPos
EndDeferWindowPos
UnhookWindowsHookEx
GetDlgItem
SystemParametersInfoA
GetSystemMetrics
AppendMenuA
CreatePopupMenu
DrawEdge

gdi32

SetBkMode
CreateFontIndirectA
BitBlt
CreateCompatibleDC
GetObjectA
SelectObject
CreateSolidBrush
CreatePen
SetTextColor
CreateFontA
Rectangle
GetStockObject
Ellipse
GetTextExtentPoint32A
GetPixel
TextOutW
ExtCreatePen
StretchBlt
GetTextMetricsA
DeleteObject
ExtTextOutA
CreateICA
CreateDIBSection
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
TextOutA

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysFreeString
SysStringLen

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCloneBitmapAreaI
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipGetImagePaletteSize
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipCreateSolidFill
GdipCloneBrush
GdipFree
GdipAlloc
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipLoadImageFromFile
GdipDrawImageRectI
GdipDisposeImage
GdipFillPolygonI
GdipDeleteBrush
GdipDeleteGraphics
GdipCreateFromHDC

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ

winmm

timeGetTime

Exports

Exports

CreateVideoWindow
ReleaseVideoWindow

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 902KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WebActiveEXE.exe
.exe windows:4 windows x86 arch:x86

dd603a3c8e5537acae0d5fa8c1a22a3e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

aa:1c:4e:26:c0:24:cb:ee:be:93:8b:9b:45:82:83:c0:63:58:df:05:e5:f0:c5:c2:f2:c4:67:2b:31:a0:1d:df
Signer

Actual PE Digest

aa:1c:4e:26:c0:24:cb:ee:be:93:8b:9b:45:82:83:c0:63:58:df:05:e5:f0:c5:c2:f2:c4:67:2b:31:a0:1d:df

Digest Algorithm

sha256

PE Digest Matches

true

c1:77:c1:0c:b7:39:3f:b9:d8:59:7a:68:be:7c:3b:20:06:51:b1:30
Signer

Actual PE Digest

c1:77:c1:0c:b7:39:3f:b9:d8:59:7a:68:be:7c:3b:20:06:51:b1:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
FlushInstructionCache
InterlockedIncrement
GetDiskFreeSpaceExA
GetTimeZoneInformation
lstrlenW
GetModuleFileNameA
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
GetCommandLineA
lstrcmpiA
LocalFree
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetLastError
CloseHandle
FreeLibrary
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
Sleep
CreateEventA
CreateThread
WaitForSingleObject
InterlockedDecrement
SetEvent
LoadLibraryExA
VirtualQuery

user32

PtInRect
UnionRect
InvalidateRect
GetMessageA
GetKeyState
ShowWindow
SetFocus
IsWindow
CreateWindowExA
CallWindowProcA
IntersectRect
EqualRect
OffsetRect
BeginPaint
GetClientRect
EndPaint
GetFocus
IsChild
GetParent
DispatchMessageA
CharNextA
GetWindowLongA
PostThreadMessageA
SetWindowLongA
DestroyWindow
DefWindowProcA
MessageBoxA
PostMessageA
SetWindowPos
SetWindowRgn

gdi32

CloseMetaFile
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
TextOutA
SetTextAlign
Rectangle
CreateRectRgnIndirect
DeleteMetaFile
GetDeviceCaps
SetWindowExtEx
CreateMetaFileA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc

ole32

CreateDataAdviseHolder
CoTaskMemAlloc
OleRegGetMiscStatus
CoTaskMemFree
CoInitialize
CoUninitialize
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType

oleaut32

VariantInit
OleCreatePropertyFrame
VariantClear
SysStringLen
LoadRegTypeLi
SysAllocStringLen
SysFreeString
CreateErrorInfo
VariantChangeType

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7runtime_error@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

atl

ord32
ord57
ord17
ord16
ord26
ord27
ord58
ord46
ord51
ord31
ord50
ord44
ord43
ord18
ord20
ord21
ord23
ord30

msvcrt

malloc
??1type_info@@UAE@XZ
sscanf
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_iob
fputs
??0exception@@QAE@ABV0@@Z
_CxxThrowException
wcslen
_strupr
_strlwr
_itoa
_strdup
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
memcmp
realloc
?terminate@@YAXXZ
abs
atoi
strtok
??2@YAPAXI@Z
memset
strlen
memcpy
free
sprintf
strcat
strcpy
_mbsrchr
_purecall
__CxxFrameHandler
_ftol
ctime
time
vsprintf
fclose
fprintf
fopen
strcmp

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 900KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aacEnc.dll
.dll windows:5 windows x86 arch:x86

42bd8d981e35845376ab36661df470da

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

40:a3:13:c1:4d:1d:b3:f3:ea:31:b3:b2:9d:2d:74:b6:fe:dc:65:f2:50:83:43:9e:b8:b7:6c:45:b0:b6:aa:dd
Signer

Actual PE Digest

40:a3:13:c1:4d:1d:b3:f3:ea:31:b3:b2:9d:2d:74:b6:fe:dc:65:f2:50:83:43:9e:b8:b7:6c:45:b0:b6:aa:dd

Digest Algorithm

sha256

PE Digest Matches

true

cd:a5:88:91:11:7d:02:fd:04:d4:d3:22:7b:99:19:f6:f1:14:ef:ef
Signer

Actual PE Digest

cd:a5:88:91:11:7d:02:fd:04:d4:d3:22:7b:99:19:f6:f1:14:ef:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW
RaiseException
SetStdHandle
WriteConsoleW
CreateFileW
CloseHandle
FlushFileBuffers

Exports

Exports

AACEnc_GetVersion
AAC_Enc_DeInit
AAC_Enc_Encode
AAC_Enc_GetSize
AAC_Enc_Init
AAC_Enc_SetFormat

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aacdec.dll
.dll windows:5 windows x86 arch:x86

9179040b23612d91f905e0c7dfd88147

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:eb:0a:23:f2:ae:d3:52:47:d7:9b:af:29:d0:a5:a1:53:e4:aa:78:88:69:90:8b:3e:dd:4d:8b:72:b8:48:12
Signer

Actual PE Digest

55:eb:0a:23:f2:ae:d3:52:47:d7:9b:af:29:d0:a5:a1:53:e4:aa:78:88:69:90:8b:3e:dd:4d:8b:72:b8:48:12

Digest Algorithm

sha256

PE Digest Matches

true

72:60:67:c4:3b:df:58:f3:73:88:fa:48:1b:8a:89:14:96:34:2f:be
Signer

Actual PE Digest

72:60:67:c4:3b:df:58:f3:73:88:fa:48:1b:8a:89:14:96:34:2f:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

AACDec_GetVersion
AAC_DEC_Cleanup
AAC_DEC_Decode
AAC_DEC_Init

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fisheye.dll
.dll windows:5 windows x86 arch:x86

9f29e79baf93efa40808003becf34946

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

67:13:ac:64:cd:89:d6:53:a1:b4:27:a7:72:fc:29:ad:04:7d:79:50:9b:d5:ae:55:7f:1f:05:b9:2b:a8:70:93
Signer

Actual PE Digest

67:13:ac:64:cd:89:d6:53:a1:b4:27:a7:72:fc:29:ad:04:7d:79:50:9b:d5:ae:55:7f:1f:05:b9:2b:a8:70:93

Digest Algorithm

sha256

PE Digest Matches

true

8b:42:87:e7:36:2b:fc:de:f6:e0:fd:76:ba:99:3c:7f:92:ea:53:91
Signer

Actual PE Digest

8b:42:87:e7:36:2b:fc:de:f6:e0:fd:76:ba:99:3c:7f:92:ea:53:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SVN\fisheyedoc\FishEye\Trunk\fish_eye_from_wangsong\testbed\vs2008\Release\fisheye.pdb

Imports

kernel32

GetProcAddress
LoadLibraryW
FreeLibrary
Sleep
GetLastError
HeapFree
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
HeapAlloc
InterlockedIncrement
InterlockedDecrement
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThread
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
ExitProcess
FatalAppExitA
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameW
HeapSize
MultiByteToWideChar
HeapReAlloc
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
InterlockedCompareExchange
InitializeCriticalSection
CreateFileA
SetEndOfFile
GetProcessHeap

Exports

Exports

AC_CreateHandle
AC_DeleteHandle
AC_Process
AC_SetParameter
Fisheye_CreateHandle
Fisheye_DeWarp
Fisheye_DeleteHandle
Fisheye_EptzUpdate
Fisheye_GetMemSize
Fisheye_GetParam
Fisheye_GetVersion
Fisheye_SetParam
Fisheye_TrancForm_Coordinate
Fisheye_TrancForm_Coordinate_EX
Fisheye_TrancForm_Curve
Fisheye_TrancForm_TrackFrame
Fisheye_resetSrcDst

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
g7221dec.dll
.dll windows:5 windows x86 arch:x86

d3ac9ea6143fcad652cf4f8d29dbd843

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c4:fa:42:69:23:b6:71:05:7b:a1:0c:51:83:37:46:22:83:59:34:62:a1:41:be:fd:f4:8c:7d:85:66:9b:c2:c9
Signer

Actual PE Digest

c4:fa:42:69:23:b6:71:05:7b:a1:0c:51:83:37:46:22:83:59:34:62:a1:41:be:fd:f4:8c:7d:85:66:9b:c2:c9

Digest Algorithm

sha256

PE Digest Matches

true

43:81:cd:b0:7f:43:46:7d:2d:2b:0d:6f:27:20:01:a5:63:fe:97:2f
Signer

Actual PE Digest

43:81:cd:b0:7f:43:46:7d:2d:2b:0d:6f:27:20:01:a5:63:fe:97:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

G7221_Dec_DeInit
G7221_Dec_Init
G7221_Dec_SetFormat
G7221_Decode
g7221_Dec_GetVersion

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
g729dec.dll
.dll windows:5 windows x86 arch:x86

830237fdd1f530f2256a54242dcb6318

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0c:97:1a:d5:01:40:c3:d8:e8:b0:67:49:e1:13:f0:aa:04:41:63:af:f6:a8:d2:88:3d:60:c9:ad:40:8c:bb:7e
Signer

Actual PE Digest

0c:97:1a:d5:01:40:c3:d8:e8:b0:67:49:e1:13:f0:aa:04:41:63:af:f6:a8:d2:88:3d:60:c9:ad:40:8c:bb:7e

Digest Algorithm

sha256

PE Digest Matches

true

72:bf:f5:71:57:ab:ae:fd:fe:58:8f:3c:e4:a3:ea:9c:12:7e:bb:a8
Signer

Actual PE Digest

72:bf:f5:71:57:ab:ae:fd:fe:58:8f:3c:e4:a3:ea:9c:12:7e:bb:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
Sleep
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
RtlUnwind
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW

Exports

Exports

g729_dec_GetVersion
g729ab_dec
g729ab_dec_deInit
g729ab_dec_init

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
h264dec.dll
.dll windows:5 windows x86 arch:x86

13367371e424ece9feea1e9283a17b29

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:7e:7b:af:d6:f6:17:4d:6c:6b:71:dd:e3:4c:ef:98:ec:ed:12:71:e2:93:f4:76:55:f2:ea:10:27:db:e1:d7
Signer

Actual PE Digest

ac:7e:7b:af:d6:f6:17:4d:6c:6b:71:dd:e3:4c:ef:98:ec:ed:12:71:e2:93:f4:76:55:f2:ea:10:27:db:e1:d7

Digest Algorithm

sha256

PE Digest Matches

true

5c:40:31:34:55:46:ac:df:70:9f:38:29:5a:73:55:f6:8a:48:f5:7c
Signer

Actual PE Digest

5c:40:31:34:55:46:ac:df:70:9f:38:29:5a:73:55:f6:8a:48:f5:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
CloseHandle
WaitForSingleObject
CreateEventA
CreateSemaphoreA
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleA
GetProcessAffinityMask
GetCurrentProcess
MultiByteToWideChar
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleTextAttribute
Sleep
HeapAlloc
GetLastError
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetFileType
CreateFileW
HeapReAlloc
GetCommandLineA
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
WriteFile
GetModuleFileNameW
HeapCreate
HeapDestroy
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
RaiseException
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
RtlUnwind
FlushFileBuffers
LCMapStringW
GetStringTypeW
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapSize

Exports

Exports

H264_Dec_Close
H264_Dec_DeInit
H264_Dec_Decode
H264_Dec_GetCPUCaps
H264_Dec_GetInfo
H264_Dec_Init
H264_Dec_Open

Sections

.text
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hevcdec.dll
.dll windows:5 windows x86 arch:x86

7a91ad930c215658a512cf9cd6167b42

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a6:7e:07:e3:21:1d:e6:32:e4:01:4f:3f:a1:a2:b8:1b:12:39:e3:ab:86:29:ae:d2:5b:a3:26:01:0e:9d:4e:4c
Signer

Actual PE Digest

a6:7e:07:e3:21:1d:e6:32:e4:01:4f:3f:a1:a2:b8:1b:12:39:e3:ab:86:29:ae:d2:5b:a3:26:01:0e:9d:4e:4c

Digest Algorithm

sha256

PE Digest Matches

true

10:91:3f:64:f9:16:4b:2e:33:fe:4d:2c:9e:a6:c9:eb:c4:ee:ec:c6
Signer

Actual PE Digest

10:91:3f:64:f9:16:4b:2e:33:fe:4d:2c:9e:a6:c9:eb:c4:ee:ec:c6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jk_w32\workspace\Public_ZN_Module_Builder_Windows64\tmp_build_dir\OpenHevcDecoder_x86\build\vs2010\Release\HevcdecLib.pdb

Imports

kernel32

InterlockedExchangeAdd
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
MultiByteToWideChar
CloseHandle
WaitForSingleObject
CreateEventW
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
GetProcAddress
GetModuleHandleW
GetFileType
GetLastError
CreateFileW
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
Sleep
ExitProcess
IsProcessorFeaturePresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
WideCharToMultiByte
GetTimeZoneInformation
RaiseException
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
ReadFile
GetModuleFileNameW
HeapCreate
HeapDestroy
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RtlUnwind
LoadLibraryW
FlushFileBuffers
LCMapStringW
GetStringTypeW
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
HeapSize

Exports

Exports

Hevc_Dec_Close
Hevc_Dec_DeInit
Hevc_Dec_Decode
Hevc_Dec_Init
Hevc_Dec_Open
Hevc_Dec_get_version

Sections

.text
Size: 755KB - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mjpegdec.dll
.dll windows:5 windows x86 arch:x86

9ffdfefef24b46755a185ca74791660e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:34:bc:2f:2e:0d:68:b1:9e:66:d1:68:96:c6:b3:c5:f5:87:a2:35:d1:c4:12:14:73:7d:e8:aa:64:84:33:b3
Signer

Actual PE Digest

47:34:bc:2f:2e:0d:68:b1:9e:66:d1:68:96:c6:b3:c5:f5:87:a2:35:d1:c4:12:14:73:7d:e8:aa:64:84:33:b3

Digest Algorithm

sha256

PE Digest Matches

true

8d:b8:c7:66:8f:25:b1:d9:72:7d:35:d8:5a:78:68:5f:61:2f:70:d6
Signer

Actual PE Digest

8d:b8:c7:66:8f:25:b1:d9:72:7d:35:d8:5a:78:68:5f:61:2f:70:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\newpath\JPEG-DEC\Trunk\build\vs2010\demo\Release\jpeg_dec.pdb

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetProcAddress
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW

Exports

Exports

JPEG_Dec_Close
JPEG_Dec_DeInit
JPEG_Dec_Decode
JPEG_Dec_Init
JPEG_Dec_Open
JPEG_Dec_lib_get_version
JPEG_Parser_Close
JPEG_Parser_Open
JPEG_Parser_Start
MJPEG_Dec_Close
MJPEG_Dec_DeInit
MJPEG_Dec_Decode
MJPEG_Dec_Init
MJPEG_Dec_Open

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mp2dec.dll
.dll windows:5 windows x86 arch:x86

75d177c2ca57a056571ef38726a1a897

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

94:89:f3:2e:c4:52:e7:58:c9:73:c0:ba:ff:54:be:0f:0f:78:84:06:6d:39:34:14:2f:1f:98:72:5a:ee:e7:cb
Signer

Actual PE Digest

94:89:f3:2e:c4:52:e7:58:c9:73:c0:ba:ff:54:be:0f:0f:78:84:06:6d:39:34:14:2f:1f:98:72:5a:ee:e7:cb

Digest Algorithm

sha256

PE Digest Matches

true

c3:01:bc:9c:69:4f:7a:68:12:34:6e:31:d0:61:3e:43:b8:ba:ce:b6
Signer

Actual PE Digest

c3:01:bc:9c:69:4f:7a:68:12:34:6e:31:d0:61:3e:43:b8:ba:ce:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
DecodePointer
GetCommandLineA
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

MP2L2_dec
MP2L2_dec_GetVersion
MP2L2_dec_deInit
MP2L2_dec_init

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mpeg4dec.dll
.dll windows:5 windows x86 arch:x86

dab74474e77bab8f86f4505cddf63c19

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5e:59:41:d3:4e:6e:fa:1d:9c:cd:27:22:ea:80:38:c0:ad:33:19:4f:b7:05:cb:ff:fd:8d:1c:a9:2e:a2:05:a9
Signer

Actual PE Digest

5e:59:41:d3:4e:6e:fa:1d:9c:cd:27:22:ea:80:38:c0:ad:33:19:4f:b7:05:cb:ff:fd:8d:1c:a9:2e:a2:05:a9

Digest Algorithm

sha256

PE Digest Matches

true

ed:7f:f0:96:2c:4f:1e:f9:13:ed:3d:3f:14:e4:30:5c:df:d3:da:7e
Signer

Actual PE Digest

ed:7f:f0:96:2c:4f:1e:f9:13:ed:3d:3f:14:e4:30:5c:df:d3:da:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

T:\codec\mpeg4\PC_Mpeg4_DEC_Windows\build\vs2010_x86\mpeg4dec_x86\dllmpeg4dec\Release\mpeg4dec.pdb

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetFilePointer
HeapSize
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

Exports

Exports

MP4_Dec_Close
MP4_Dec_DeInit
MP4_Dec_Decode
MP4_Dec_Init
MP4_Dec_Open
MP4_Dec_WaterMark_Close
MP4_Dec_WaterMark_Get
MP4_Dec_WaterMark_Reset
MP4_Dec_WaterMark_Start
MP4_Dec_lib_get_version

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
netsdk.dll
.dll windows:4 windows x86 arch:x86

79437d0616687de76b696554179cb1f2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:bc:44:04:9e:c2:94:45:73:35:0a:00:6d:89:a4:41:5d:fe:9f:08:fc:46:9f:8a:5d:22:8d:ee:d0:f9:86:85
Signer

Actual PE Digest

e7:bc:44:04:9e:c2:94:45:73:35:0a:00:6d:89:a4:41:5d:fe:9f:08:fc:46:9f:8a:5d:22:8d:ee:d0:f9:86:85

Digest Algorithm

sha256

PE Digest Matches

true

48:83:37:99:31:b6:b8:34:1e:ba:54:0a:b9:3d:39:aa:9b:6e:4c:03
Signer

Actual PE Digest

48:83:37:99:31:b6:b8:34:1e:ba:54:0a:b9:3d:39:aa:9b:6e:4c:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSASocketA
WSAJoinLeaf
accept
listen
select
__WSAFDIsSet
getsockopt
getsockname
socket
setsockopt
bind
ioctlsocket
WSARecv
WSARecvFrom
WSASend
WSASendTo
WSACleanup
WSAStartup
getservbyport
gethostbyaddr
gethostbyname
WSAGetLastError
getservbyname
htonl
connect
inet_addr
htons
closesocket
ntohs
inet_ntoa

msvcp60

?nothrow@std@@3Unothrow_t@1@B
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

??8type_info@@QBEHABV0@@Z
ftell
fseek
fopen
fclose
fread
_stricmp
atoi
strstr
atof
pow
_snprintf
strcmp
sscanf
strncmp
_strlwr
fflush
fwrite
_CxxThrowException
memcmp
rewind
??0exception@@QAE@ABV0@@Z
memmove
malloc
free
_assert
strchr
sprintf
_beginthreadex
strcpy
_vsnprintf
localtime
_strupr
wcslen
wcscmp
wcscpy
strrchr
_purecall
fprintf
_errno
printf
vswprintf
strtok
strerror
mktime
_atoi64
rand
srand
time
atol
gmtime
strtoul
calloc
_callnewh
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strncpy
_ftol
??2@YAPAXI@Z
memcpy
memset
strlen
_access
_unlink
_mkdir
__CxxFrameHandler
strncat

winmm

timeBeginPeriod

kernel32

InitializeCriticalSection
GetCurrentThreadId
WaitForMultipleObjects
OutputDebugStringA
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GetSystemInfo
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
LoadLibraryA
SystemTimeToFileTime
CompareFileTime
CopyFileA
GetCurrentProcessId
GetLocalTime
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
GetTickCount
TerminateThread
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
LeaveCriticalSection
GetModuleFileNameA
LoadLibraryExA
GetProcAddress
FreeLibrary
Sleep
DeleteCriticalSection
EnterCriticalSection
GetLastError

Exports

Exports

CLIENT_AIOScreen
CLIENT_AccessDoFindFaceInfo
CLIENT_AccessStartFindFaceInfo
CLIENT_AccessStopFindFaceInfo
CLIENT_AddMission
CLIENT_AddNumberStatGroup
CLIENT_AddOneImmediProgrammePlan
CLIENT_AddOneProgramToPlayBox
CLIENT_AddOneProgramme
CLIENT_AddOneTimerProgrammePlan
CLIENT_AddPreTaskByChannel
CLIENT_AddRecordBackupRestoreTask
CLIENT_AddTourCombin
CLIENT_AddVideoSynopsisTask
CLIENT_AdjustFluency
CLIENT_AlarmReset
CLIENT_AsyncAddDevice
CLIENT_AttachAddDevice
CLIENT_AttachAddFileState
CLIENT_AttachAnalogAlarmData
CLIENT_AttachBackUpCaseState
CLIENT_AttachBodyMindData
CLIENT_AttachBurnCase
CLIENT_AttachBurnCheckState
CLIENT_AttachBurnDevState
CLIENT_AttachBurnState
CLIENT_AttachBusState
CLIENT_AttachCAN
CLIENT_AttachCameraState
CLIENT_AttachCarPassInfo
CLIENT_AttachCloudUploadState
CLIENT_AttachConfigChange
CLIENT_AttachDetectMultiFaceState
CLIENT_AttachDevComm
CLIENT_AttachDeviceDiscovery
CLIENT_AttachDeviceState
CLIENT_AttachDialRecognitionTaskProc
CLIENT_AttachEventRestore
CLIENT_AttachFaceFindState
CLIENT_AttachHeatMapRawStream
CLIENT_AttachLanesState
CLIENT_AttachLowRateWPAN
CLIENT_AttachMasterSlaveGroup
CLIENT_AttachMission
CLIENT_AttachMotionData
CLIENT_AttachNASFileFinder
CLIENT_AttachNASRepairState
CLIENT_AttachNumberStatGroupSummary
CLIENT_AttachObjectStructlizeFindState
CLIENT_AttachPTZStatusProc
CLIENT_AttachParkingSpaceData
CLIENT_AttachPersonInfoCollect
CLIENT_AttachPosTrade
CLIENT_AttachRadarAlarmPointInfo
CLIENT_AttachRecordInfo
CLIENT_AttachRecordSecondaryAnalyseResult
CLIENT_AttachRecordSecondaryAnalyseTaskState
CLIENT_AttachRecordUpdater
CLIENT_AttachRemoteCameraState
CLIENT_AttachSplitTour
CLIENT_AttachTalkState
CLIENT_AttachTransmitInfo
CLIENT_AttachUAVInfo
CLIENT_AttachUAVMissonState
CLIENT_AttachUAVParam
CLIENT_AttachUavFly
CLIENT_AttachVK
CLIENT_AttachVTPCallState
CLIENT_AttachVideoAnalyseState
CLIENT_AttachVideoStatSummary
CLIENT_AttachViewRangeState
CLIENT_AttachWeatherInfo
CLIENT_AttachWindowsSource
CLIENT_Attendance_AddUser
CLIENT_Attendance_DelUser
CLIENT_Attendance_FindUser
CLIENT_Attendance_GetDevState
CLIENT_Attendance_GetFingerByUserID
CLIENT_Attendance_GetFingerRecord
CLIENT_Attendance_GetUser
CLIENT_Attendance_InsertFingerByUserID
CLIENT_Attendance_ModifyUser
CLIENT_Attendance_RemoveFingerByUserID
CLIENT_Attendance_RemoveFingerRecord
CLIENT_AudioBroadcastAddDev
CLIENT_AudioBroadcastDelDev
CLIENT_AudioDec
CLIENT_AudioDecEx
CLIENT_AudioEncode
CLIENT_BurnChangeDisk
CLIENT_BurnGetState
CLIENT_BurnMarkTag
CLIENT_BusConfirmEvent
CLIENT_BusSchedule
CLIENT_CancelAddDeviceTask
CLIENT_CancelLoginTask
CLIENT_CapturePicture
CLIENT_CapturePictureEx
CLIENT_CheckAuthCode
CLIENT_CheckBusLine
CLIENT_Cleanup
CLIENT_ClearRepeatEnter
CLIENT_ClientGetVideoEffect
CLIENT_ClientSetVideoEffect
CLIENT_CloseQueryCourseMediaFile
CLIENT_CloseRegConnect
CLIENT_CloseSound
CLIENT_CloseSplitWindow
CLIENT_CloudUpgraderAttachState
CLIENT_CloudUpgraderCheck
CLIENT_CloudUpgraderDetachState
CLIENT_CloudUpgraderDownLoad
CLIENT_CloudUpgraderGetState
CLIENT_CloudUpgraderPause
CLIENT_CloudUpgraderReport
CLIENT_CloudUpgraderStop
CLIENT_CloudUploadPicture
CLIENT_CloudUploadVideo
CLIENT_ConfirmAddDeviceTask
CLIENT_ConfirmEventLog
CLIENT_ConnectCloudService
CLIENT_ControlAndroidAdb
CLIENT_ControlCabinLED
CLIENT_ControlConnectServer
CLIENT_ControlDevice
CLIENT_ControlDeviceEx
CLIENT_ControlDisconnectRegServer
CLIENT_ControlIntelliTracker
CLIENT_ControlRegisterOtherServer
CLIENT_ControlRegisterServer
CLIENT_ControlSpecialDevice
CLIENT_CreateRemoteFile
CLIENT_CreateTransComChannel
CLIENT_CtrlDecPlayback
CLIENT_CtrlDecTVScreen
CLIENT_CtrlDecoderTour
CLIENT_DHPTZAreaScan
CLIENT_DHPTZControl
CLIENT_DHPTZControlEx
CLIENT_DHPTZControlEx2
CLIENT_DecTVPlayback
CLIENT_DelMobilePushNotify
CLIENT_DelMobilePushNotifyCfg
CLIENT_DelMobileSubscribe
CLIENT_DelMobileSubscribeCfg
CLIENT_DelMultiProgrammePlans
CLIENT_DelMultiProgrammesById
CLIENT_DelNumberStatGroup
CLIENT_DelTourCombin
CLIENT_DeleteDevConfig
CLIENT_DeleteSplitCollection
CLIENT_DestroyTransComChannel
CLIENT_DetachAddDevice
CLIENT_DetachAddFileState
CLIENT_DetachAnalogAlarmData
CLIENT_DetachBackUpCaseState
CLIENT_DetachBodyMindData
CLIENT_DetachBurnCase
CLIENT_DetachBurnCheckState
CLIENT_DetachBurnDevState
CLIENT_DetachBurnState
CLIENT_DetachBusState
CLIENT_DetachCAN
CLIENT_DetachCameraState
CLIENT_DetachCarPassInfo
CLIENT_DetachCloudUploadState
CLIENT_DetachConfigChange
CLIENT_DetachDetectMultiFaceState
CLIENT_DetachDevComm
CLIENT_DetachDeviceDiscovery
CLIENT_DetachDeviceState
CLIENT_DetachDialRecognitionTaskProc
CLIENT_DetachEventRestore
CLIENT_DetachFaceFindState
CLIENT_DetachHeatMapRawStream
CLIENT_DetachLanesState
CLIENT_DetachLowRateWPAN
CLIENT_DetachMasterSlaveGroup
CLIENT_DetachMission
CLIENT_DetachMotionData
CLIENT_DetachNASFileFinder
CLIENT_DetachNASRepairState
CLIENT_DetachNumberStatGroupSummary
CLIENT_DetachObjectStructlizeFindState
CLIENT_DetachPTZStatusProc
CLIENT_DetachParkingSpaceData
CLIENT_DetachPersonInfoColloect
CLIENT_DetachPosTrade
CLIENT_DetachRadarAlarmPointInfo
CLIENT_DetachRecordInfo
CLIENT_DetachRecordSecondaryAnalyseResult
CLIENT_DetachRecordSecondaryAnalyseState
CLIENT_DetachRecordUpdater
CLIENT_DetachRemoteCameraState
CLIENT_DetachSplitTour
CLIENT_DetachTalkState
CLIENT_DetachTransmitInfo
CLIENT_DetachUAVInfo
CLIENT_DetachUAVParam
CLIENT_DetachUavFly
CLIENT_DetachVK
CLIENT_DetachVTPCallState
CLIENT_DetachVideoAnalyseState
CLIENT_DetachVideoStatSummary
CLIENT_DetachViewRangeState
CLIENT_DetachWeatherInfo
CLIENT_DetachWindowsSource
CLIENT_DetectFace
CLIENT_DetectObjectStructlize
CLIENT_DettachUAVMissonState
CLIENT_DevSpecialCtrl
CLIENT_DialRecognitionAddTask
CLIENT_DispatchBusLineInfo
CLIENT_DispatchBusLineInfoEx
CLIENT_DispatchWorkPlan
CLIENT_DoFind
CLIENT_DoFindCardInfo
CLIENT_DoFindDiagnosisResult
CLIENT_DoFindExternalSensor
CLIENT_DoFindFaceInfo
CLIENT_DoFindFaceRecognition
CLIENT_DoFindFaceRecognitionRecord
CLIENT_DoFindFaceRecognitionRecordEx
CLIENT_DoFindFluxStat
CLIENT_DoFindNumberStat
CLIENT_DoFindNumberStatGroup
CLIENT_DoFindObjectStructlize
CLIENT_DoFindSCADA
CLIENT_DoFindUserInfo
CLIENT_DoFindVideoSynopsisHistory
CLIENT_DoQueryCourseMediaFile
CLIENT_DownLoadMultiFile
CLIENT_DownLoadSynosisFile
CLIENT_DownloadByDataType
CLIENT_DownloadByRecordFile
CLIENT_DownloadByRecordFileEx
CLIENT_DownloadByRecordFileEx2
CLIENT_DownloadByTime
CLIENT_DownloadByTimeEx
CLIENT_DownloadByTimeEx2
CLIENT_DownloadMediaFile
CLIENT_DownloadPieceFile
CLIENT_DownloadRemoteFile
CLIENT_EnumVideoOutModes
CLIENT_ExChangeData
CLIENT_ExportConfigFile
CLIENT_ExportConfigFileJson
CLIENT_ExportFaceDB
CLIENT_FaceBoard_GetHistoryTemperature
CLIENT_FaceBoard_GetTemperatureEx
CLIENT_FaceInfoOpreate
CLIENT_FaceRecognitionDelDisposition
CLIENT_FaceRecognitionDetectMultiFace
CLIENT_FaceRecognitionGroupReAbstract
CLIENT_FaceRecognitionPutDisposition
CLIENT_FaceRecognitionReAbstract
CLIENT_FaceRecognitionSetSearchImageInfo
CLIENT_FaceRecognitionStopGroupReAbstract
CLIENT_FastPlayBack
CLIENT_FileStreamClearTags
CLIENT_FileStreamFilterTags
CLIENT_FileStreamFindTags
CLIENT_FileStreamGetTags
CLIENT_FileStreamMotionMatch
CLIENT_FileStreamSetTags
CLIENT_FileTransmit
CLIENT_FindBucketFileName
CLIENT_FindBucketName
CLIENT_FindClose
CLIENT_FindCloseEx
CLIENT_FindFile
CLIENT_FindFileEx
CLIENT_FindFrameInfo
CLIENT_FindFrameInfoClose
CLIENT_FindGroupInfo
CLIENT_FindNextFile
CLIENT_FindNextFileEx
CLIENT_FindNextFrameInfo
CLIENT_FindNextRecord
CLIENT_FindNextSynopsisFile
CLIENT_FindRecord
CLIENT_FindRecordClose
CLIENT_FindSynopsisFile
CLIENT_FocusControl
CLIENT_FramCotrolPlayBackByRecordFile
CLIENT_FramCotrolPlayBackByTime
CLIENT_Get2DCode
CLIENT_GetAddDeviceInfo
CLIENT_GetAlarmBoxVideoConnectionStatus
CLIENT_GetAlarmOutState
CLIENT_GetAlarmRegionInfo
CLIENT_GetAllBrieflyProgrammes
CLIENT_GetAllGuideScreenCfg
CLIENT_GetAllProgramOnPlayBox
CLIENT_GetAllProgrammePlans
CLIENT_GetAllProgrammes
CLIENT_GetAtomsphData
CLIENT_GetAuthClassifyList
CLIENT_GetBitmap
CLIENT_GetCapsuleHumanNum
CLIENT_GetCapsuleLockState
CLIENT_GetCarPortLightStatus
CLIENT_GetCaseBackUpInfo
CLIENT_GetCertReqInfo
CLIENT_GetChannelInfo
CLIENT_GetComPortDeviceChannelInfo
CLIENT_GetConfig
CLIENT_GetConnectionStatus
CLIENT_GetCourseRecordMode
CLIENT_GetDCSDoubleDevBoardState
CLIENT_GetDEVWorkState
CLIENT_GetDVRIPByResolveSvr
CLIENT_GetDecLayOutEnable
CLIENT_GetDecodePolicy
CLIENT_GetDefaultRealChannel
CLIENT_GetDefenceArmMode
CLIENT_GetDescriptionForResetPwd
CLIENT_GetDevCaps
CLIENT_GetDevConfig
CLIENT_GetDevDefaultConfig
CLIENT_GetDevProtocolType
CLIENT_GetDeviceInfo
CLIENT_GetDevicePosition
CLIENT_GetDeviceType
CLIENT_GetDiagnosisEncryptSystemInfo
CLIENT_GetDisplayMode
CLIENT_GetDownloadPos
CLIENT_GetEncodePlan
CLIENT_GetEncodePlanByResolution
CLIENT_GetEventLink
CLIENT_GetEventLog
CLIENT_GetExModuleInfo
CLIENT_GetExModuleState
CLIENT_GetFaceRecognitionPersonType
CLIENT_GetFileByTime
CLIENT_GetFingerprintCaps
CLIENT_GetFramePlayBack
CLIENT_GetGroupInfoForChannel
CLIENT_GetHADTStatus
CLIENT_GetHCDZCaps
CLIENT_GetHCDZInfo
CLIENT_GetISCSITargets
CLIENT_GetInputChannelMedia
CLIENT_GetLanguageList
CLIENT_GetLaserDistance
CLIENT_GetLastError
CLIENT_GetLedDisplayCtrlParams
CLIENT_GetLicenseAssistInfo
CLIENT_GetLogicChannel
CLIENT_GetLowRateWPANConfig
CLIENT_GetMPTStatus
CLIENT_GetMarkInfo
CLIENT_GetMarketArea
CLIENT_GetMatrixTree
CLIENT_GetMediaEncryptCaps
CLIENT_GetMemberNames
CLIENT_GetMobileSIMInfo
CLIENT_GetMonitorWallCollections
CLIENT_GetNationInfo
CLIENT_GetNewDevConfig
CLIENT_GetNewDevConfigForWeb
CLIENT_GetNumberStatGroupSummary
CLIENT_GetNumberStatGroups
CLIENT_GetOneGuideScreenCfgById
CLIENT_GetOneProgramByIdOnPlayBox
CLIENT_GetOneProgrammeById
CLIENT_GetOneProgrammePlanByID
CLIENT_GetOnvifUserInfoAll
CLIENT_GetOperatorName
CLIENT_GetParkingSpaceStatus
CLIENT_GetPicJPEG
CLIENT_GetPirAlarmParam
CLIENT_GetPlatFormInfo
CLIENT_GetPlayBackOsdTime
CLIENT_GetPlayBackPort
CLIENT_GetPtzOptAttr
CLIENT_GetPwdSpecification
CLIENT_GetRadiometryYImage
CLIENT_GetRealPlayPort
CLIENT_GetRealPreviewChannel
CLIENT_GetRecordFilePassword
CLIENT_GetRecordState
CLIENT_GetRingFileList
CLIENT_GetRobotConfig
CLIENT_GetSDKVersion
CLIENT_GetSelfCheckInfo
CLIENT_GetSensorCollectSupportList
CLIENT_GetSimCardFlux
CLIENT_GetSmartLockRegisterInfo
CLIENT_GetSnifferInfo
CLIENT_GetSoftwareVersion
CLIENT_GetSplitAudioOuput
CLIENT_GetSplitCaps
CLIENT_GetSplitCollections
CLIENT_GetSplitGroupCount
CLIENT_GetSplitMode
CLIENT_GetSplitOSD
CLIENT_GetSplitOSDEx
CLIENT_GetSplitSource
CLIENT_GetSplitWindowRect
CLIENT_GetSplitWindowsInfo
CLIENT_GetStatiscFlux
CLIENT_GetStorageBoundTimeEx
CLIENT_GetStorageDeviceInfo
CLIENT_GetStorageDeviceNames
CLIENT_GetStoragePortInfo
CLIENT_GetSubModuleInfo
CLIENT_GetSubSystemArmMode
CLIENT_GetSuperiorMatrixList
CLIENT_GetTempSplit
CLIENT_GetTotalFileCount
CLIENT_GetTourSource
CLIENT_GetTrackBox
CLIENT_GetTrackMode
CLIENT_GetUAVMissonCount
CLIENT_GetUAVParam
CLIENT_GetUpdateSerial
CLIENT_GetVK
CLIENT_GetVideoDiagnosisState
CLIENT_GetVideoInAnalyse
CLIENT_GetVideoInAnalyseEnableChannels
CLIENT_GetVideoInCaps
CLIENT_GetVideoOutCaps
CLIENT_GetVideoSynopsisState
CLIENT_IOControl
CLIENT_ImportCRL
CLIENT_ImportCert
CLIENT_ImportConfigFile
CLIENT_ImportConfigFileJson
CLIENT_ImportFaceDB
CLIENT_Init
CLIENT_InitAccount
CLIENT_InitAccountByIP
CLIENT_InitAudioEncode
CLIENT_InitDevAccess
CLIENT_InitDevAccount
CLIENT_InitDevAccountByIP
CLIENT_InitEx
CLIENT_InsertAccessControlCards
CLIENT_IntervideoManagerGetVersion
CLIENT_ListRemoteFile
CLIENT_ListenServer
CLIENT_LoadMonitorWallCollection
CLIENT_LoadOffLineFile
CLIENT_LoadSplitCollection
CLIENT_LogClose
CLIENT_LogOpen
CLIENT_Login
CLIENT_LoginEx
CLIENT_LoginEx2
CLIENT_LoginWithPolicy
CLIENT_Logout
CLIENT_MakeKeyFrame
CLIENT_ManualCheckPSTN
CLIENT_MarkMPTRecordFile
CLIENT_MatchTwoFaceImage
CLIENT_MatrixAddCameras
CLIENT_MatrixAddCamerasByDevice
CLIENT_MatrixAddCamerasByGroup
CLIENT_MatrixGetCameraUsers
CLIENT_MatrixGetCameras
CLIENT_MatrixSearch
CLIENT_MatrixSetCameras
CLIENT_MatrixSwitch
CLIENT_MobileGetIMSI
CLIENT_ModifyDevice
CLIENT_ModifyDeviceEx
CLIENT_ModifyNumberStatGroup
CLIENT_ModifyOneImmediProgrammePlan
CLIENT_ModifyOneProgrammeByID
CLIENT_ModifyOneTimerProgrammePlan
CLIENT_ModifyOnvifUser
CLIENT_ModifyOnvifUserPassword
CLIENT_ModifyProgramOnPlayBoxById
CLIENT_MonitorWallAttachTour
CLIENT_MonitorWallAutoAdjust
CLIENT_MonitorWallDetachTour
CLIENT_MonitorWallGetAttributeCaps
CLIENT_MonitorWallGetBackgroudColor
CLIENT_MonitorWallGetPowerSchedule
CLIENT_MonitorWallGetScene
CLIENT_MonitorWallGetScrnCtrlParam
CLIENT_MonitorWallGetWindowInfo
CLIENT_MonitorWallSetAttribute
CLIENT_MonitorWallSetBackLight
CLIENT_MonitorWallSetBackgroudColor
CLIENT_MonitorWallSetPowerSchedule
CLIENT_MonitorWallSetScene
CLIENT_MonitorWallSetScrnCtrlParam
CLIENT_MonitorWallSwitchDisplaySignal
CLIENT_MultiPlay
CLIENT_MultiPlayBack
CLIENT_MultiRealPlay
CLIENT_NASFileAuthenticate
CLIENT_NASFileModifyPassword
CLIENT_NASFileSetUserAuthInfo
CLIENT_NASGetLogicVolumeStatus
CLIENT_NetStorageAttachWriteInfo
CLIENT_NetStorageDetachWriteInfo
CLIENT_NetStorageGetWriteInfo

Sections

.text
Size: 780KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npTimeGrid.dll
.dll windows:4 windows x86 arch:x86

683b0bbd878ef121d0aa79ad0196b562

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

df:7d:11:0f:9b:8e:7f:d0:55:f5:f3:05:50:98:1a:84:0a:b2:9e:6c:fe:04:26:46:bd:bb:94:15:4c:fc:41:b9
Signer

Actual PE Digest

df:7d:11:0f:9b:8e:7f:d0:55:f5:f3:05:50:98:1a:84:0a:b2:9e:6c:fe:04:26:46:bd:bb:94:15:4c:fc:41:b9

Digest Algorithm

sha256

PE Digest Matches

true

eb:8e:96:63:66:49:7f:7f:bd:f2:eb:e2:58:0d:a4:6f:b2:7b:df:d1
Signer

Actual PE Digest

eb:8e:96:63:66:49:7f:7f:bd:f2:eb:e2:58:0d:a4:6f:b2:7b:df:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
GetCommandLineA
LocalAlloc
LocalFree

user32

GetWindowLongA
SetWindowLongA

mfc42

ord1577
ord825
ord823
ord1575
ord6467
ord1168
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1176
ord1116

msvcrt

_purecall
__CxxFrameHandler
_onexit
__dllonexit
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
atoi
_ftol

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??_7?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ

timeaxesdll

ReleaseTimeAxesModule
GetTimeAxesModule

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npmedia.dll
.dll windows:4 windows x86 arch:x86

5b16b71525ec7b1838e864e04b625891

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e5:2d:2b:a7:6c:39:9d:b8:f6:22:c8:4b:4b:c3:d4:a4:7d:0a:46:8f:44:57:e8:9c:74:f9:b8:61:b5:b5:43:a1
Signer

Actual PE Digest

e5:2d:2b:a7:6c:39:9d:b8:f6:22:c8:4b:4b:c3:d4:a4:7d:0a:46:8f:44:57:e8:9c:74:f9:b8:61:b5:b5:43:a1

Digest Algorithm

sha256

PE Digest Matches

true

f6:e3:f3:48:0a:70:11:3b:6a:a0:87:31:06:f8:ba:66:68:94:49:9e
Signer

Actual PE Digest

f6:e3:f3:48:0a:70:11:3b:6a:a0:87:31:06:f8:ba:66:68:94:49:9e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
lstrlenW
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
GetCommandLineA
GetCurrentThreadId
GetTimeZoneInformation
GetDiskFreeSpaceExA
GetLastError
VirtualQuery
GetModuleFileNameA
GetProcAddress
LoadLibraryExA
FreeLibrary
LocalAlloc
LocalFree

user32

GetWindowLongA
MessageBoxA
PostMessageA
SetWindowLongA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

mfc42

ord355
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord825
ord823
ord1575
ord6467
ord342
ord1601
ord2818
ord540
ord641
ord2915
ord858
ord3499
ord2515
ord800
ord2864
ord537
ord1182
ord1577
ord1116
ord1176
ord1168

msvcrt

_onexit
__dllonexit
strlen
memset
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
__CxxFrameHandler
strcat
atoi
strtok
sprintf
abs
_mbscmp
strncpy
strcmp
_ftol
_purecall
malloc
memcpy
free
_itoa
_strlwr
_strupr
??0exception@@QAE@ABV0@@Z
fputs
_iob
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
sscanf
_except_handler3
?terminate@@YAXXZ

msvcp60

??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1runtime_error@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7runtime_error@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0_Lockit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
play.dll
.dll windows:4 windows x86 arch:x86

97d2352635c11fad6011ff434ccf0704

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:a7:83:65:57:f8:e9:80:e6:60:a1:1c:08:0e:d8:c0:04:a4:bb:f8:d5:3e:38:da:12:a3:cd:6d:59:c9:d0:92
Signer

Actual PE Digest

2b:a7:83:65:57:f8:e9:80:e6:60:a1:1c:08:0e:d8:c0:04:a4:bb:f8:d5:3e:38:da:12:a3:cd:6d:59:c9:d0:92

Digest Algorithm

sha256

PE Digest Matches

true

ba:dc:f0:1a:cd:e5:19:c1:8b:b7:07:0b:92:ff:b1:7f:1f:88:63:e4
Signer

Actual PE Digest

ba:dc:f0:1a:cd:e5:19:c1:8b:b7:07:0b:92:ff:b1:7f:1f:88:63:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
GetTickCount
LoadLibraryExA
GetProcAddress
FreeLibrary
GetModuleFileNameA
SystemTimeToFileTime
GetLocalTime
Sleep
CreateThread
TerminateThread
GetCurrentThreadId
OutputDebugStringA
GetLastError
GetVersionExA
GetModuleHandleA
TryEnterCriticalSection
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindClose
SetEndOfFile
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetStringTypeW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
ReadFile
WriteFile
CreateFileA
GetCurrentDirectoryA
FindFirstFileA
lstrcpyA
DeleteFileA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetFileAttributesA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetFullPathNameA
CreateDirectoryA
InterlockedDecrement
InterlockedIncrement
SetEvent
WaitForSingleObject
ReleaseMutex
CreateEventA
CreateMutexA
CloseHandle
RtlUnwind
RaiseException
HeapAlloc
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetCommandLineA
GetVersion
GetTimeZoneInformation
GetSystemTime
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
WideCharToMultiByte
SetUnhandledExceptionFilter
ExitProcess
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize

user32

PostMessageA
GetClientRect
MonitorFromWindow
ClientToScreen
ReleaseDC
GetDC
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
DrawTextA
IsWindow

gdi32

CreateFontIndirectA
CreatePen
SetTextColor
GetBkMode
SetBkMode
TextOutA
GetDIBits
CreateCompatibleDC
CreateDIBSection
DeleteDC
SelectObject
SetStretchBltMode
StretchDIBits
StretchBlt
DeleteObject
SetDIBits

winmm

waveOutWrite
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutGetVolume
waveOutOpen
timeBeginPeriod
waveInAddBuffer
waveInReset
waveInStart
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInStop
waveOutGetPosition
waveOutSetVolume

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA

avifil32

AVIStreamSetFormat
AVIStreamWrite
AVIFileExit
AVIStreamRelease
AVIFileRelease
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA

Exports

Exports

?PLAY_CloseYuvRender@@YGHH@Z
?PLAY_GetDriveSpaceInfo@@YGHPAI0@Z
?PLAY_OpenYuvRender@@YGHHPAUHWND__@@P6GXHPAUHDC__@@@Z@Z
?PLAY_OutsideRender@@YGHJHHHHI@Z
?PLAY_QueryEventRecord@@YGHPADPAUEVENT_RECORD_ALL@@@Z
?PLAY_RenderYuv@@YGHHPAE00HH@Z
PLAY_AddToPlayGroup
PLAY_AdjustFluency
PLAY_AdjustWaveAudio
PLAY_AntiAliasEnable
PLAY_Back
PLAY_BackOne
PLAY_CatchPic
PLAY_CatchPicEx
PLAY_CatchResizePic
PLAY_ChangeRate
PLAY_ChooseAudio
PLAY_ChooseFrame
PLAY_CloseAudioRecord
PLAY_CloseFile
PLAY_ClosePlayGroup
PLAY_CloseStream
PLAY_CloseStreamEx
PLAY_ConvertToBmpFile
PLAY_ConvertToBmpFileEx
PLAY_ConvertToJpegFile
PLAY_CreateFile
PLAY_CreateInstance
PLAY_CreateStream
PLAY_CutFileSegment
PLAY_DelFromPlayGroup
PLAY_DestroyFile
PLAY_DestroyStream
PLAY_EnableAudioChannel
PLAY_EnableLargePicAdjustment
PLAY_EnableRecitfy
PLAY_Fast
PLAY_FisheyeEptzUpdate
PLAY_FisheyeGetPosition
PLAY_FisheyeSecondRegion
PLAY_FisheyeTrancFormCoordinate
PLAY_FisheyeTrancFormCurve
PLAY_FisheyeTrancFormTrackFrame
PLAY_Flush
PLAY_FormatDisk
PLAY_GetAudioChannels
PLAY_GetAudioChooseState
PLAY_GetAudioRecScaling
PLAY_GetAudioRenderScaling
PLAY_GetBufferValue
PLAY_GetCaps
PLAY_GetCapsEx
PLAY_GetColor
PLAY_GetColorKey
PLAY_GetCurrentFrameNum
PLAY_GetCurrentFrameRate
PLAY_GetCurrentFrameRateEx
PLAY_GetDDrawDeviceInfo
PLAY_GetDDrawDeviceTotalNums
PLAY_GetDisplayBuf
PLAY_GetDisplayType
PLAY_GetDoubleRegion
PLAY_GetFileHeadLength
PLAY_GetFileTime
PLAY_GetFileTotalFrames
PLAY_GetFreePort
PLAY_GetIRefValue
PLAY_GetInt32
PLAY_GetKeyFramePos
PLAY_GetKeyFramePosByAbsTime
PLAY_GetLastError
PLAY_GetLastErrorEx
PLAY_GetLastYUVFrame
PLAY_GetMDPosition
PLAY_GetNextKeyFramePos
PLAY_GetNextKeyFramePosByAbsTime
PLAY_GetOverlayMode
PLAY_GetPicBMP
PLAY_GetPicBMPEx
PLAY_GetPicJPEG
PLAY_GetPicTIFF
PLAY_GetPictureQuality
PLAY_GetPictureSize
PLAY_GetPlayPos
PLAY_GetPlayedFrames
PLAY_GetPlayedTime
PLAY_GetPlayedTimeEx
PLAY_GetRealFrameBitRate
PLAY_GetRefValue
PLAY_GetSdkVersion
PLAY_GetSourceBufferRemain
PLAY_GetStreamOpenMode
PLAY_GetTimePicture
PLAY_GetTimerType
PLAY_GetVideoPerTimer
PLAY_GetVolume
PLAY_InitDDraw
PLAY_InitDDrawDevice
PLAY_InitDisk
PLAY_InitThirdPartyLibrary
PLAY_InputAudioData
PLAY_InputData
PLAY_InputVideoData
PLAY_OldFisheyeEptzUpdate
PLAY_OneByOne
PLAY_OneByOneBack
PLAY_OpenAudioRecord
PLAY_OpenFile
PLAY_OpenPlayGroup
PLAY_OpenStream
PLAY_OpenStreamEx
PLAY_OptFisheyeParams
PLAY_Pause
PLAY_PausePlayGroup
PLAY_Play
PLAY_PlaySound
PLAY_PlaySoundShare
PLAY_QueryFileList
PLAY_QueryGroupPlayingTime
PLAY_QueryInfo
PLAY_QueryTagInfo
PLAY_RealeseDDraw
PLAY_RefreshPlay
PLAY_RefreshPlayEx
PLAY_Register3rdDecryptHook
PLAY_Release
PLAY_ReleaseDDrawDevice
PLAY_ReleasePort
PLAY_RenderPrivateData
PLAY_ResetBuffer
PLAY_ResetSourceBufFlag
PLAY_ResetSourceBuffer
PLAY_ResolutionScale
PLAY_RigisterDrawFun
PLAY_RigisterDrawFunEx
PLAY_SeekPlayGroup
PLAY_Set264EncodeInfoCallBack
PLAY_SetAVSyncType
PLAY_SetAudioCallBack
PLAY_SetAudioRecScaling
PLAY_SetAudioRenderScaling
PLAY_SetColor
PLAY_SetCurrentFrameNum
PLAY_SetDDrawDevice
PLAY_SetDDrawDeviceEx
PLAY_SetDataCallBack
PLAY_SetDeNoiseParams
PLAY_SetDecCBStream
PLAY_SetDecCallBack
PLAY_SetDecCallBackEx
PLAY_SetDecInfoCallBack
PLAY_SetDecodeCallBack
PLAY_SetDecodeDataProcessCallBack
PLAY_SetDecodeKey
PLAY_SetDecodeStrategy
PLAY_SetDecodeThreadNum
PLAY_SetDehazeParams
PLAY_SetDelayTime
PLAY_SetDemuxCallBack
PLAY_SetDigitalSignCallBack
PLAY_SetDisplayBuf
PLAY_SetDisplayCallBack
PLAY_SetDisplayRegion
PLAY_SetDisplayRegionEx
PLAY_SetDisplayType
PLAY_SetDoubleVisibleDecCallBack
PLAY_SetEncChangeMsg
PLAY_SetEncTypeChangeCallBack
PLAY_SetEncTypeChangeCallBackEx
PLAY_SetEngine
PLAY_SetFileEndCallBack
PLAY_SetFileEndMsg
PLAY_SetFileIndexProgressCallBack
PLAY_SetFileRefCallBack
PLAY_SetFileRefCallBackEx
PLAY_SetFileTimeDoneCallBack
PLAY_SetFishEyeInfoCallBack
PLAY_SetFisheyeParams
PLAY_SetGPSCallBack
PLAY_SetIVSCallBack
PLAY_SetIVSEParams
PLAY_SetInt32
PLAY_SetMDRange
PLAY_SetMDThreShold
PLAY_SetMultiFrameCallBack
PLAY_SetMultiFrameDecCallBack
PLAY_SetMultiSensorCallBack
PLAY_SetOSDInfoCallBack
PLAY_SetOverlayMode
PLAY_SetPandoraWaterMarkCallBack
PLAY_SetPercentCallBack
PLAY_SetPicQuality
PLAY_SetPlayDirection
PLAY_SetPlayGroupBaseChannel
PLAY_SetPlayGroupDirection
PLAY_SetPlayGroupSpeed
PLAY_SetPlayMethod
PLAY_SetPlayPos
PLAY_SetPlayPosByFileOffset
PLAY_SetPlaySpeed
PLAY_SetPlayedAbsTime
PLAY_SetPlayedTimeEx
PLAY_SetPrintLogLevel
PLAY_SetPrivacyRecover
PLAY_SetRefValue
PLAY_SetRenderMode
PLAY_SetRotateAngle
PLAY_SetSEnhanceMode
PLAY_SetSecurityKey
PLAY_SetSourceBufCallBack
PLAY_SetStereoEyeMoveDistance
PLAY_SetStereoPerspectiveFovy
PLAY_SetStereoRotate
PLAY_SetStereoView
PLAY_SetStereoViewMode
PLAY_SetStreamOpenMode
PLAY_SetTimerType
PLAY_SetVerifyCallBack
PLAY_SetVideoPerTimer
PLAY_SetVisibleDecCallBack
PLAY_SetVisibleDecodeCallBack
PLAY_SetVolume
PLAY_SetWaterMarkCallBack
PLAY_SetWaterMarkCallBackEx
PLAY_SetYUVOSDInfo
PLAY_SetupPrepareTime
PLAY_Slow
PLAY_SplitProc
PLAY_SplitProcUpdate
PLAY_StartAVIConvert
PLAY_StartAVIResizeConvert
PLAY_StartDataRecord
PLAY_StartDataRecordEx
PLAY_StartDeHaze
PLAY_StartDeNoise
PLAY_StartFisheye
PLAY_StartFisheyeEx
PLAY_StartFisheyeMPTZ
PLAY_StartIVSE
PLAY_StartPrepareRecord
PLAY_StartVideoStable
PLAY_StepPlayGroup
PLAY_Stop
PLAY_StopAVIConvert
PLAY_StopAVIResizeConvert
PLAY_StopDataRecord
PLAY_StopDeHaze
PLAY_StopDeNoise
PLAY_StopFisheye
PLAY_StopIVSE
PLAY_StopPrepareRecord
PLAY_StopSound
PLAY_StopSoundShare
PLAY_StopVideoStable
PLAY_SurfaceChange
PLAY_ThrowBFrameNum
PLAY_VerticalSyncEnable
PLAY_WriteData
_PLAY_CleanScreen@24
_PLAY_GetScale@8
_PLAY_GetTranslateX@8
_PLAY_GetTranslateY@8
_PLAY_Scale@12
_PLAY_SetAnalyzePositionCallback@12
_PLAY_SetCalibratMode@8
_PLAY_SetDisplayScale@12
_PLAY_SetFileInfoFrameCallback@16
_PLAY_SetIdentity@8
_PLAY_SetMemMinimized@4
_PLAY_StartEdgeEnhance@12
_PLAY_StartFileFrameDetect@8
_PLAY_StopEdgeEnhance@4
_PLAY_StopFileFrameDetect@4
_PLAY_Translate@16
_PLAY_ViewResolutionChanged@16

Sections

.text
Size: 424KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
postproc.dll
.dll windows:5 windows x86 arch:x86

f84f6e16c199022ff927917c4dd52c6d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f3:a4:c8:d4:37:46:16:c9:bc:47:5d:14:c1:af:b3:c7:3c:d2:cc:72:78:c7:85:3b:03:7b:56:b4:ff:8c:10:29
Signer

Actual PE Digest

f3:a4:c8:d4:37:46:16:c9:bc:47:5d:14:c1:af:b3:c7:3c:d2:cc:72:78:c7:85:3b:03:7b:56:b4:ff:8c:10:29

Digest Algorithm

sha256

PE Digest Matches

true

99:30:cc:74:50:8f:b3:c4:91:72:c0:0c:e3:e2:6d:f9:02:0b:e7:b2
Signer

Actual PE Digest

99:30:cc:74:50:8f:b3:c4:91:72:c0:0c:e3:e2:6d:f9:02:0b:e7:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jk_w32\workspace\Public_ZN_Module_Builder_Windows64\tmp_build_dir\libpostprocess32\build\vs2010\postproc\postproc\Release\postproc.pdb

Imports

kernel32

GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
RaiseException
HeapSize

Exports

Exports

POSTPROCESS_adjust_hueSat
POSTPROCESS_adjust_lum
POSTPROCESS_deInterlace
POSTPROCESS_deInterlace_deinit
POSTPROCESS_deInterlace_init
POSTPROCESS_deInterlace_interpolation
POSTPROCESS_deblock
POSTPROCESS_deblock_deinit
POSTPROCESS_deblock_init
POSTPROCESS_deblock_ramkishor
POSTPROCESS_dering
POSTPROCESS_dering_deinit
POSTPROCESS_dering_init
POSTPROCESS_lib_get_version
POSTPROCESS_lumaStretch
POSTPROCESS_rotate
POSTPROCESS_rotate_deinit
POSTPROCESS_rotate_init

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
svac_dec.dll
.dll windows:5 windows x86 arch:x86

5e62fd7fc9dd2dc7ba72d24691a5166d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

dc:56:1e:4e:60:3e:0e:72:a0:d6:ab:6f:be:2f:61:ad:aa:93:fd:d9:d5:38:71:84:df:1b:39:0a:9e:d1:e9:17
Signer

Actual PE Digest

dc:56:1e:4e:60:3e:0e:72:a0:d6:ab:6f:be:2f:61:ad:aa:93:fd:d9:d5:38:71:84:df:1b:39:0a:9e:d1:e9:17

Digest Algorithm

sha256

PE Digest Matches

true

2c:cb:f3:a0:54:e8:95:00:91:f8:eb:d6:b8:c9:d9:68:83:2e:30:6a
Signer

Actual PE Digest

2c:cb:f3:a0:54:e8:95:00:91:f8:eb:d6:b8:c9:d9:68:83:2e:30:6a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\Codecs\SVAC_1.0\Branches\P_2018.03.21_SVAC1-DEC_RELEASE\platform\windows\lib\Win32\dll_svac_dec.pdb

Imports

kernel32

SetEvent
InterlockedCompareExchange
CloseHandle
WaitForSingleObject
CreateEventA
InterlockedExchangeAdd
InterlockedExchange
TlsSetValue
TlsGetValue
Sleep
GetProcessAffinityMask
GetCurrentProcess
GetLastError
OpenProcess
GetCurrentProcessId
TlsAlloc
TlsFree
SetLastError
FreeLibrary
GetProcAddress
SetThreadPriority
GetThreadPriority
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
ReleaseSemaphore
InterlockedIncrement
ResumeThread
CreateSemaphoreA
ResetEvent
SetThreadContext
GetThreadContext
SuspendThread
WaitForMultipleObjects
LoadLibraryA
GetSystemDirectoryA
HeapReAlloc
HeapAlloc
HeapFree
DecodePointer
GetCommandLineA
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
GetModuleHandleW
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
EncodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapCreate
HeapDestroy
WriteFile
GetModuleFileNameW
InterlockedDecrement
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
IsProcessorFeaturePresent
FatalAppExitA
SetConsoleCtrlHandler
LoadLibraryW
GetLocaleInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
CreateFileW
CompareStringW
SetEnvironmentVariableA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale

Exports

Exports

DH_SVACDEC_DH_SVAC_get_output_frame
DH_SVACDEC_DH_SVAC_release_output_frame
DH_SVAC_Dec_Close
DH_SVAC_Dec_DeInit
DH_SVAC_Dec_Decode
DH_SVAC_Dec_GetCPUCaps
DH_SVAC_Dec_GetVersion
DH_SVAC_Dec_Init
DH_SVAC_Dec_Open
DH_SVAC_Get_LastFrame
DH_SVAC_Set_Key
DUMP_INFO
dump_b
dump_coefs
dump_i
dump_p

Sections

.text
Size: 754KB - Virtual size: 753KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctors
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dtors
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
swscale.dll
.dll windows:4 windows x86 arch:x86

b4c7d6646ca89cf50008b380aa70e07e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:3e:af:95:1b:e3:26:45:7b:66:36:51:ac:e9:ce:53:0e:5f:4f:e3:67:93:0b:66:fa:f3:aa:bb:2a:5f:9a:f9
Signer

Actual PE Digest

47:3e:af:95:1b:e3:26:45:7b:66:36:51:ac:e9:ce:53:0e:5f:4f:e3:67:93:0b:66:fa:f3:aa:bb:2a:5f:9a:f9

Digest Algorithm

sha256

PE Digest Matches

true

87:8d:fd:5f:e3:69:31:52:54:cf:8d:54:19:00:59:f0:c5:d7:de:a7
Signer

Actual PE Digest

87:8d:fd:5f:e3:69:31:52:54:cf:8d:54:19:00:59:f0:c5:d7:de:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
InitializeCriticalSection
LoadLibraryA
RaiseException
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Exports

Exports

SCALE_close
SCALE_lib_get_version
SCALE_open
SCALE_start

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
timeAxesDll.dll
.dll windows:4 windows x86 arch:x86

a8287c4bb621cb38458eec835bb6a917

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

12/12/2018, 09:18

Not After

01/08/2020, 05:33

Subject

CN=Zhejiang Dahua Technology CO.\,LTD.,OU=R & D Center,O=Zhejiang Dahua Technology CO.\,LTD.,L=Hangzhou,ST=Zhejiang,C=CN,1.2.840.113549.1.9.1=#0c0c73736c4069747275732e636e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

26:27:4e:64:c8:28:74:86:0d:8c:a8:0e:46:95:78:d0:02:38:6a:2a:1b:a4:30:d5:d8:82:0c:ca:79:87:5d:7f
Signer

Actual PE Digest

26:27:4e:64:c8:28:74:86:0d:8c:a8:0e:46:95:78:d0:02:38:6a:2a:1b:a4:30:d5:d8:82:0c:ca:79:87:5d:7f

Digest Algorithm

sha256

PE Digest Matches

true

a4:50:a0:b5:e9:ab:fa:05:04:5b:1a:18:8f:b6:be:b7:e1:af:74:aa
Signer

Actual PE Digest

a4:50:a0:b5:e9:ab:fa:05:04:5b:1a:18:8f:b6:be:b7:e1:af:74:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3136
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord3742
ord567
ord818
ord4275
ord2864
ord2379
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord5307
ord4698
ord825
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord540
ord2818
ord924
ord800
ord6467
ord823
ord3749

msvcrt

malloc
_initterm
free
_onexit
__dllonexit
__CxxFrameHandler
sscanf
strcmp
atoi
memcpy
memcmp
_purecall
strlen
sprintf
_ftol
memset
??0exception@@QAE@ABV0@@Z
fputs
_iob
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_adjust_fdiv

kernel32

GetSystemTime
CreateThread
SetEvent
CreateEventA
ReleaseMutex
WaitForSingleObject
CloseHandle
CreateMutexA
LocalFree
LocalAlloc

user32

DrawTextA
FillRect
PtInRect
CopyRect
MoveWindow
GetClientRect
InvalidateRect
SendMessageA
GetParent
ReleaseDC
EndPaint
BeginPaint
ReleaseCapture
SetCapture
PostMessageA
EnableWindow

gdi32

CreatePen
DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPointA
CreateSolidBrush
SetTextColor
Polygon
SelectObject
LineTo
MoveToEx
BitBlt
CreateFontA
SetBkMode

comctl32

_TrackMouseEvent

msvcp60

?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV01@@Z
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0_Winit@std@@QAE@XZ

msimg32

AlphaBlend

Exports

Exports

GetTimeAxesModule
ReleaseTimeAxesModule

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe.nsis

Sharing

General

Malware Config

Signatures

Files

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81Certificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

58:6a:b1:f3:4b:8d:f7:c5:a4:f8:af:cb:b3:ed:d9:f1:ed:b2:2b:b8:bd:b6:59:96:9a:72:75:92:93:30:57:95Signer

30:a2:d1:d2:cd:a6:f1:1f:18:0b:fc:58:8f:6a:f5:27:40:b0:00:7eSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 106KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 22KB - Virtual size: 21KB

46f8b6973f33717335c0f6d8087de67b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 458B

98281400306397ce3e787eecd3640731

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81Certificate

Extended Key Usages

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

58:6a:b1:f3:4b:8d:f7:c5:a4:f8:af:cb:b3:ed:d9:f1:ed:b2:2b:b8:bd:b6:59:96:9a:72:75:92:93:30:57:95
Signer

30:a2:d1:d2:cd:a6:f1:1f:18:0b:fc:58:8f:6a:f5:27:40:b0:00:7e
Signer

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 106KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 22KB - Virtual size: 21KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 458B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

ee:15:6d:2b:b1:dd:80:6c:0e:3f:98:53:fb:b0:0e:99:5c:dc:b0:87:80:22:34:36:ed:00:ec:f0:20:2f:35:04
Signer

0a:70:57:96:d6:37:7a:f3:dc:e0:fe:ca:eb:f1:87:26:cf:bc:c6:dc
Signer

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 997B

.data
Size: 4KB - Virtual size: 204B

.reloc
Size: 4KB - Virtual size: 116B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

56:8c:d0:d3:87:55:da:a5:ba:94:a8:81
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

2f:ec:e4:3a:e4:ff:2e:f5:29:89:33:66:80:7e:c6:a8:23:17:6f:04:6d:2b:7d:ab:6d:6a:2e:37:b6:d3:e7:52
Signer

f5:e3:e9:6e:af:f0:01:d4:20:be:ee:74:00:6e:01:33:fc:84:14:75
Signer

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 9KB