efc4942a3284f011f1342847226aaf8279fb1f828513205bc5e57319d9061b2c

Sharing

Copy URL Twitter E-mail

General

Target

efc4942a3284f011f1342847226aaf8279fb1f828513205bc5e57319d9061b2c
Size

4.1MB
MD5

51eecb1aac37d26b3416214d3fb452d5
SHA1

dc170a24f550d83536cc90f968d6743c286dacfe
SHA256

efc4942a3284f011f1342847226aaf8279fb1f828513205bc5e57319d9061b2c
SHA512

392d6572487ed9077f79a4ab4e18f4e638008efa39399587d7d5ad4f19d30d0d530fd30754eb2a25de383087d99a096169e614918434cd18064e551cd51fd689
SSDEEP

98304:Gv2D/lc0UL59pjgC7PSd8d8MgWZO//J7ttIWH3A8qnwe9:Gs/KL9NgsPSd8dBgWQ//5HNHQ81e9

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
efc4942a3284f011f1342847226aaf8279fb1f828513205bc5e57319d9061b2c
unpack001/$PLUGINSDIR/FileInfo.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/Rar.exe
unpack001/UNACEV2.DLL
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack001/msvcr80.dll
unpack001/sfx/HaoZip7zCon.sfx
unpack001/sfx/HaoZip7zSetup.sfx

Files

efc4942a3284f011f1342847226aaf8279fb1f828513205bc5e57319d9061b2c
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$APPDATA/HaoZip/Themes/haoya_jingdian/LogoSmall.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/haozip_theme_description.txt
$APPDATA/HaoZip/Themes/haoya_jingdian/logo.ico
$APPDATA/HaoZip/Themes/haoya_jingdian/preview.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Add.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Comment.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Delete.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Extract.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Find.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Info.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Repair.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/SFX.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar/Test.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Add.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Comment.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Delete.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Extract.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Find.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Info.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Repair.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/SFX.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tool_bar_gray/Test.bmp
$APPDATA/HaoZip/Themes/haoya_jingdian/tray.ico
$APPDATA/HaoZip/Themes/haoya_jyfg/haozip_theme_description.txt
$APPDATA/HaoZip/Themes/haoya_jyfg/logo.ico
$APPDATA/HaoZip/Themes/haoya_jyfg/preview.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Add.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Comment.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Delete.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Extract.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Find.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Info.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Repair.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/SFX.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar/Test.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Add.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Comment.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Delete.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Extract.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Find.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Info.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Repair.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/SFX.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tool_bar_gray/Test.bmp
$APPDATA/HaoZip/Themes/haoya_jyfg/tray.ico
$PLUGINSDIR/FileInfo.dll
.dll windows:4 windows x86 arch:x86

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\program files\nsis\nsis-2.42.6-unicode-src\plugins\FileInfo.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetLastError
lstrcpynW
GlobalFree
lstrcpyW
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WriteFile
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

wsprintfW

Exports

Exports

GetSpecialBuild

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/option.ini
7zNew.data
.7z
HaoZip.chm
.chm
HaoZip.dll
.dll windows:4 windows x86 arch:x86

9ed5d1e735b51125901380bb5dc2bb90

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

03:12:0b:f6:75:a3:1f:25:0d:2f:1e:20:11:e2:6c:ff:fa:e8:cb:f8
Signer

Actual PE Digest

03:12:0b:f6:75:a3:1f:25:0d:2f:1e:20:11:e2:6c:ff:fa:e8:cb:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZip.pdb

Imports

gdiplus

GdipGetImageThumbnail
GdipGraphicsClear
GdipLoadImageFromFile
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipLoadImageFromStream
GdipCreateFromHDC
GdipCreateBitmapFromGdiDib
GdipDisposeImage
GdipGetImageWidth
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipCreateBitmapFromStream
GdipCloneImage
GdipFree
GdipAlloc
GdipGetImageHeight

kernel32

ReadFile
CreateFileW
SetFileTime
WriteFile
SetFilePointer
SetEndOfFile
GetFileSize
ResumeThread
LocalFree
FormatMessageW
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetSystemTime
FileTimeToDosDateTime
SystemTimeToFileTime
DosDateTimeToFileTime
ResetEvent
SearchPathW
GetLongPathNameW
GetSystemDirectoryW
GetTempPathW
GetFullPathNameW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetTempFileNameW
GetCurrentDirectoryW
lstrcmpiW
OpenSemaphoreW
WinExec
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
VirtualFreeEx
LocalAlloc
GlobalSize
FreeResource
CompareStringW
TerminateProcess
GetFileTime
EnumResourceTypesW
FindResourceExW
EnumSystemCodePagesW
GetCPInfoExW
UpdateResourceW
BeginUpdateResourceW
EndUpdateResourceW
EnumResourceLanguagesW
RemoveDirectoryW
CreateDirectoryW
CreateMutexW
ReleaseMutex
LoadLibraryExW
InterlockedExchangeAdd
GetCurrentProcessId
DeleteFileW
ReleaseSemaphore
SetEvent
CreateSemaphoreW
WaitForMultipleObjects
CreateEventW
FindFirstFileW
FindClose
FindNextFileW
FileTimeToLocalFileTime
SetFileAttributesW
GetDriveTypeW
WaitForSingleObject
CopyFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileW
MoveFileExW
GlobalFree
SizeofResource
LockResource
LoadResource
GetTickCount
GetFileAttributesW
LoadLibraryW
OpenProcess
CloseHandle
FreeLibrary
GetVersionExW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
GetModuleHandleW
FindResourceW
Sleep
InterlockedExchange
InterlockedDecrement
SetLastError
MulDiv
GlobalUnlock
InterlockedIncrement
GetSystemInfo
GlobalMemoryStatus
DeviceIoControl
GetProcessTimes
GetLocalTime
GetComputerNameW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetDiskFreeSpaceW
GetVolumeInformationW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
EnumResourceNamesW
GetStdHandle
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
OpenEventW
CompareFileTime
WritePrivateProfileStringW
GetPrivateProfileStringW
CreateProcessW
GetStartupInfoW
DeleteCriticalSection
CreatePipe
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetThreadLocale
GetLocaleInfoA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
lstrlenW
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalLock
GetLastError
RaiseException
SetErrorMode
LoadLibraryA
GetProcAddress
GetCurrentProcess
FlushInstructionCache
InitializeCriticalSection
lstrcmpW
GetModuleFileNameW
GetCurrentThreadId
TerminateThread
GetExitCodeProcess

user32

CreateWindowExW
GetWindow
GetWindowTextW
SetWindowLongW
GetClientRect
GetClassInfoExW
LoadCursorW
SetCapture
RedrawWindow
MoveWindow
InvalidateRgn
RegisterClassExW
DestroyWindow
ClientToScreen
SetWindowPos
GetFocus
BeginPaint
CharNextW
ReleaseCapture
GetWindowLongW
SetClassLongW
GetWindowDC
SetScrollPos
SetRectEmpty
FindWindowW
SetClipboardData
EmptyClipboard
IsZoomed
SetClipboardViewer
ChangeClipboardChain
SendMessageTimeoutW
RegisterClipboardFormatW
SetWindowTextW
UpdateWindow
DrawEdge
AdjustWindowRectEx
WindowFromPoint
EnumChildWindows
LoadBitmapW
CheckMenuRadioItem
CreateMenu
DrawTextExW
EnableMenuItem
SetWindowRgn
GetCapture
GetMessageA
IsWindowUnicode
SwitchToThisWindow
PtInRect
GetCursorPos
DispatchMessageA
MsgWaitForMultipleObjects
GetMenuState
CloseClipboard
GetClipboardData
OpenClipboard
GetWindowThreadProcessId
EnumWindows
LoadImageW
LoadMenuW
LoadAcceleratorsW
PostThreadMessageW
PostQuitMessage
TrackPopupMenu
DeleteMenu
AppendMenuW
IsMenu
ReleaseDC
GetSysColor
GetClassNameW
InvalidateRect
DefWindowProcW
RemovePropW
CheckMenuItem
GetMenu
GetDC
SetFocus
ScreenToClient
GetWindowTextLengthW
EndPaint
CallWindowProcW
IsWindow
GetMonitorInfoW
MonitorFromPoint
LoadIconW
BringWindowToTop
SetTimer
KillTimer
DrawFrameControl
DrawStateW
DestroyMenu
GetMenuItemCount
GetSubMenu
DrawIconEx
TrackPopupMenuEx
DrawFocusRect
OffsetRect
CreatePopupMenu
InsertMenuItemW
GetMenuItemInfoW
InflateRect
GetSystemMetrics
GetClassLongW
SetPropW
GetPropW
DrawTextW
GetDlgItemInt
MessageBeep
SendDlgItemMessageW
SetDlgItemInt
DestroyIcon
EndDialog
GetMessageW
SetRect
GetSystemMenu
IsDialogMessageW
SetActiveWindow
IsWindowEnabled
GetKeyState
SetForegroundWindow
PostMessageW
SetWindowPlacement
IsWindowVisible
wsprintfW
GetDlgCtrlID
FindWindowExW
MapWindowPoints
UnregisterClassA
ExitWindowsEx
GetCursor
LoadStringA
RemoveMenu
CheckDlgButton
CheckRadioButton
SetDlgItemTextW
IsIconic
GetIconInfo
GetTopWindow
SetMenuItemInfoW
CopyRect
CopyIcon
CreateIconIndirect
GetSysColorBrush
ScrollWindowEx
SetScrollInfo
GetScrollInfo
SetLayeredWindowAttributes
ShowCursor
GetWindowRect
EnableWindow
SystemParametersInfoW
MessageBoxW
GetActiveWindow
LoadStringW
DialogBoxParamW
TranslateMessage
PeekMessageW
ShowWindow
CreateDialogParamW
DispatchMessageW
FillRect
GetDlgItem
SendMessageW
SetCursor
IsChild
CreateAcceleratorTableW
RegisterWindowMessageW
GetParent
GetDesktopWindow
DestroyAcceleratorTable

gdi32

GetCurrentObject
TextOutW
PathToRegion
EndPath
GetBkColor
BeginPath
MoveToEx
GetBkMode
CreatePen
CreatePolygonRgn
SetViewportOrgEx
CreateRectRgn
CreateRectRgnIndirect
CombineRgn
LineTo
GetTextExtentPoint32W
StretchBlt
GetTextMetricsW
SetBkMode
SetTextColor
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
BitBlt
SelectObject
SetDCPenColor
AngleArc
FillPath
CreateCompatibleBitmap

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegOpenCurrentUser
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
GetUserNameW
LookupPrivilegeValueW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetFolderLocation
SHGetDesktopFolder
ShellExecuteExW
SHChangeNotify
FindExecutableW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW
DragAcceptFiles
ord28
ord155
ord74
SHFileOperationW
SHGetFileInfoW
DragFinish
SHBindToParent
DragQueryFileW
SHGetMalloc

ole32

CoInitialize
CoTaskMemRealloc
RevokeDragDrop
DoDragDrop
RegisterDragDrop
OleRun
ReleaseStgMedium
CoUninitialize
CoTaskMemFree
CLSIDFromString
CoCreateInstance
CoGetClassObject
StringFromGUID2
OleUninitialize
OleInitialize
CoTaskMemAlloc
CLSIDFromProgID
CreateStreamOnHGlobal
OleLockRunning

oleaut32

VarUI4FromStr
SysAllocStringLen
VariantClear
OleCreateFontIndirect
SysStringByteLen
VariantInit
SysStringLen
LoadRegTypeLi
SysAllocString
LoadTypeLi
SysFreeString
GetErrorInfo

shlwapi

StrRetToBufW
StrCmpW
StrStrIW
PathIsRelativeW
SHAutoComplete
AssocQueryStringW
StrCmpIW

comctl32

ImageList_Draw
CreateStatusWindowW
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Remove
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_Create
ImageList_Add
InitCommonControlsEx
PropertySheetW
_TrackMouseEvent
ImageList_Destroy
ImageList_GetIconSize

msvcr80

_get_osplatform
_wfsopen
wcstombs_s
_fsopen
_invoke_watson
__uncaught_exception
_calloc_crt
___lc_handle_func
___lc_codepage_func
isupper
__pctype_func
__crtLCMapStringA
setlocale
__CxxFrameHandler3
_CxxThrowException
memcmp
memset
_snwprintf
_itow
swscanf
sscanf
_endthreadex
_wrename
wcsstr
_vsnwprintf_s
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
memchr
swprintf_s
??0exception@std@@QAE@XZ
_recalloc
free
_wtof
towlower
_errno
islower
srand
_mktime64
memcpy
_time64
_stricmp
abort
_unlock
_wcsupr
_wcsnicmp
_isatty
_fileno
__iob_func
malloc
_invalid_parameter_noinfo
_purecall
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??2@YAPAXI@Z
memmove_s
memcpy_s
??_V@YAXPAX@Z
??3@YAXPAX@Z
_waccess
strncpy_s
__RTDynamicCast
vswprintf_s
_beginthreadex
iswpunct
fclose
fputc
fsetpos
fflush
fwrite
ungetc
fgetpos
fseek
setvbuf
iswascii
fgetc
ispunct
toupper
_localtime64_s
wcstol
_splitpath_s
_wcsicmp
_vswprintf
wcschr
wcsncpy
rand
fread
_wfopen_s
feof
_wchmod
memmove
_wtoi
wcsncpy_s
wcscpy_s
towupper
wcsrchr
__dllonexit
_localtime64

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

msimg32

TransparentBlt
GradientFill

setupapi

SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

BatchRenameUtils
BatchTextReplace
HaoZipMain
ImageConvert
ImageViewerCloseEditor
ImageViewerCreate
ImageViewerDestory
ImageViewerInitialize
ImageViewerInitializeLang
ImageViewerInstance
ImageViewerIsClosed
ImageViewerSetInternalFile
ImageViewerSetLogoIcon
ImageViewerSetXmlProfile
ImageViewerShowFileEditor
Initialize
MD5Utils
ModuleFinitialize
ModuleInitialize

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZip.exe
.exe windows:4 windows x86 arch:x86

3b864575420cddec02b6b54f5e2a1021

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

08:c6:6f:c8:7a:b0:22:90:cd:34:15:ee:ca:70:02:bb:d5:82:e8:54
Signer

Actual PE Digest

08:c6:6f:c8:7a:b0:22:90:cd:34:15:ee:ca:70:02:bb:d5:82:e8:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZip.pdb

Imports

kernel32

GetModuleFileNameW
GetProcAddress
FreeLibrary
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

__p__commode
__p__fmode
_encode_pointer
__set_app_type
_adjust_fdiv
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
wcscat
wcsrchr
_crt_debugger_hook
memset

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipAssoc.exe
.exe windows:4 windows x86 arch:x86

d8a7f60e4f4f9f217ba22356f7fbf2f5

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

bc:cd:90:5d:f6:c0:f8:ff:09:6c:1a:71:bf:d7:e9:c7:db:94:c1:b9
Signer

Actual PE Digest

bc:cd:90:5d:f6:c0:f8:ff:09:6c:1a:71:bf:d7:e9:c7:db:94:c1:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipAssoc.pdb

Imports

kernel32

GetVersionExW
DeleteFileW
LoadLibraryW
GetProcAddress
GetSystemDefaultLangID
GetFileAttributesW
CreateDirectoryW
SetFileAttributesW
GetModuleFileNameW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FindFirstFileW
FindClose
FormatMessageW
LocalFree
GetTempFileNameW
MoveFileExW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetLongPathNameW
MoveFileW
lstrlenW
GetFullPathNameW
GetTempPathW
GetFileSize
FindResourceW
GetPrivateProfileStringW
FlushInstructionCache
SetLastError
RaiseException
GetCurrentProcess
GetCurrentThreadId
FreeLibrary
WriteFile
SetEndOfFile
CreateMutexW
ReleaseMutex
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
OpenProcess
WaitForSingleObject
CloseHandle
CreateFileW
ReadFile
SetFilePointer
GetLastError
GetModuleHandleW
InterlockedExchange

user32

LoadStringW
DialogBoxParamW
MapWindowPoints
GetWindow
SystemParametersInfoW
SendDlgItemMessageW
SetWindowTextW
MessageBoxW
GetDlgItem
SetWindowLongW
IsWindowVisible
SetFocus
IsWindow
GetActiveWindow
UnregisterClassA
wsprintfW
GetPropW
PostMessageW
SetPropW
MoveWindow
GetParent
GetDesktopWindow
ScreenToClient
GetWindowRect
EnableWindow
SendMessageW
EndDialog
GetClientRect
CreateDialogParamW
LoadIconW
BringWindowToTop
ShowWindow
SetWindowPos
GetWindowLongW

advapi32

RegQueryValueExA
RegOpenKeyExW
RegOpenCurrentUser
RegQueryValueExW
RegCloseKey
RegOpenKeyExA

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
OleInitialize
OleUninitialize

msvcr80

_encode_pointer
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_invalid_parameter_noinfo
strlen
wcslen
memmove_s
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
_itow
memset
_purecall
??_V@YAXPAX@Z
_stricmp
_splitpath_s
towupper
towlower
wcschr
free
malloc
_CxxThrowException
__CxxFrameHandler3
_unlock

comctl32

InitCommonControlsEx
PropertySheetW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipC.exe
.exe windows:4 windows x86 arch:x86

7b13a98c7322e51b8d120ff164031182

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

bc:ef:d7:c4:0d:0c:0a:39:8d:61:a7:2b:f0:17:7e:12:05:10:f3:22
Signer

Actual PE Digest

bc:ef:d7:c4:0d:0c:0a:39:8d:61:a7:2b:f0:17:7e:12:05:10:f3:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipC.pdb

Imports

kernel32

GetCommandLineW
GetModuleHandleW
GetLastError
GetSystemDefaultLangID
GetVersionExW
OpenProcess
LoadLibraryW
GetProcAddress
FreeLibrary
CloseHandle
SetLastError
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
GetFileAttributesW
InterlockedExchangeAdd
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindClose
FindNextFileW
ReleaseMutex
CreateMutexW
WaitForSingleObject
WriteFile
SetEndOfFile
SetFileTime
SetFilePointer
GetFileSize
DosDateTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FileTimeToDosDateTime
FormatMessageW
LocalFree
ReadFile
GetFullPathNameW
GetTempFileNameW
GetCurrentDirectoryW
GetLongPathNameW
SearchPathW
MoveFileW
MoveFileExW
lstrlenW
GetTempPathW
FindResourceW
GetPrivateProfileStringW
GetStdHandle
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime

user32

LoadStringW
IsWindow
MessageBoxW

shell32

SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify

ole32

CoTaskMemFree

msvcr80

fputwc
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
memcpy_s
free
strcspn
_purecall
sprintf_s
_invalid_parameter_noinfo
memmove_s
??_V@YAXPAX@Z
__wgetmainargs
??0bad_cast@std@@QAE@PBD@Z
??3@YAXPAX@Z
??0bad_cast@std@@QAE@ABV01@@Z
localeconv
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memchr
_time64
_stricmp
_splitpath_s
memset
strlen
memmove
__RTDynamicCast
__iob_func
_fileno
_isatty
_errno
rand
srand
signal
towlower
towupper
_vsnwprintf_s
wcschr
malloc
__crtGetStringTypeW
__CxxFrameHandler3
_CxxThrowException
setlocale
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtLCMapStringW
fgetwc
??1bad_cast@std@@UAE@XZ
ungetwc
fflush
setvbuf
ungetc
fgetc
fwrite
fgetpos
fseek
fsetpos
fclose
__uncaught_exception
_create_locale
_ui64toa_s
_free_locale
_malloc_crt
__pctype_func
memcpy
_calloc_crt
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipCompress.dll
.dll windows:4 windows x86 arch:x86

1a47324b985416199bee82080ec27127

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

6e:2c:59:1c:8b:4e:1b:ac:9e:f2:68:c4:cd:50:21:f3:8b:e0:d8:f2
Signer

Actual PE Digest

6e:2c:59:1c:8b:4e:1b:ac:9e:f2:68:c4:cd:50:21:f3:8b:e0:d8:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipCompress.pdb

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
CloseHandle
ResumeThread
Sleep
GetVersionExW
GetLastError
CreateEventW
SetEvent
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
FreeLibrary
LoadLibraryW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

msvcr80

_invalid_parameter_noinfo
??_V@YAXPAX@Z
memmove
free
strncpy_s
malloc
_beginthreadex
exit
_purecall
fflush
fwrite
ftell
realloc
fseek
fclose
strncmp
_fstat64i32
ungetc
fread
_fileno
isdigit
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
memcpy_s
memcpy
putc
memset

Exports

Exports

CreateCodecs
SetCodePage
SetResFileName

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipEditor.dll
.dll windows:4 windows x86 arch:x86

fa25e7740389a0d65da5b04fe08b2f1c

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

9d:5b:40:92:61:13:eb:84:51:42:fa:14:6b:f9:2a:18:5e:7f:65:5c
Signer

Actual PE Digest

9d:5b:40:92:61:13:eb:84:51:42:fa:14:6b:f9:2a:18:5e:7f:65:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipEditor.pdb

Imports

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
GetThreadLocale
GetLocaleInfoA
QueryPerformanceCounter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetSystemTimeAsFileTime
SetFilePointer
LocalFree
FormatMessageW
WideCharToMultiByte
GetACP
InterlockedDecrement
FindResourceW
GetPrivateProfileStructW
GetTickCount
InterlockedIncrement
DeleteCriticalSection
GetFileAttributesW
InitializeCriticalSection
GetCurrentProcessId
SetEvent
GetLongPathNameW
GetTempPathW
GlobalUnlock
GlobalLock
GetModuleHandleW
GetLocaleInfoW
InterlockedExchange
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcatW
FreeLibrary
GetProfileStringW
WritePrivateProfileStructW
LoadLibraryExW
SizeofResource
GlobalAlloc
GetModuleFileNameW
LoadLibraryW
GlobalFree
GetLastError
LockResource
GetFullPathNameW
MultiByteToWideChar
LoadResource
FindClose
ReadFile
lstrcmpiW
WriteFile
FindFirstFileW
GetFileSize
CreateFileW
GetVersionExW
lstrcpynW
GetCurrentDirectoryW
lstrcmpW
lstrlenW
lstrcpyW
LeaveCriticalSection
CloseHandle
CreateEventW
EnterCriticalSection
GetCurrentThreadId
WaitForSingleObject
RaiseException
SetLastError
FlushInstructionCache
GetCurrentProcess
MulDiv
GetVersionExA

user32

FrameRect
LoadAcceleratorsW
SwitchToThisWindow
GetWindowThreadProcessId
SetDlgItemInt
CharLowerW
EndDialog
OffsetRect
GetCursorPos
BringWindowToTop
MessageBeep
KillTimer
PtInRect
IsRectEmpty
IsWindowEnabled
LoadBitmapW
SetParent
SetMenu
GetKeyboardLayout
SetMenuDefaultItem
DrawFocusRect
SetTimer
GetMenu
IsWindowVisible
TranslateAcceleratorW
CheckMenuRadioItem
RemoveMenu
LoadStringW
AppendMenuW
GetWindowDC
CreatePopupMenu
PostQuitMessage
CharNextW
LoadImageW
EnableMenuItem
InsertMenuW
GetMenuStringW
DeleteMenu
ScreenToClient
SetForegroundWindow
SendMessageW
DefWindowProcW
GetDC
UnregisterClassA
GetDlgItem
CreateWindowExW
ReleaseDC
GetSystemMetrics
GetClassInfoExW
SetFocus
SetWindowLongW
TrackPopupMenuEx
GetCaretPos
GetFocus
GetActiveWindow
GetMonitorInfoW
MonitorFromPoint
GetSubMenu
LoadMenuW
GetMenuItemCount
GetMessagePos
DrawFrameControl
LoadStringA
GetDlgItemInt
GetClientRect
InvalidateRect
GetCapture
MoveWindow
ReleaseCapture
SetCapture
GetWindowRect
wvsprintfW
WindowFromPoint
IsIconic
GetWindowTextW
MessageBoxW
SetWindowTextW
UnhookWindowsHookEx
IsMenu
CallNextHookEx
DestroyMenu
GetClassNameW
SetWindowsHookExW
wsprintfW
SetMenuItemInfoW
GetMenuItemInfoW
ClientToScreen
ModifyMenuW
IsDlgButtonChecked
SetDlgItemTextW
RegisterWindowMessageW
GetDlgItemTextW
CheckRadioButton
CheckDlgButton
GetWindow
PostMessageW
DrawTextW
MapWindowPoints
DestroyIcon
EnableScrollBar
LoadIconW
EndPaint
GetScrollInfo
SystemParametersInfoW
SetScrollRange
BeginPaint
GetScrollRange
SetScrollPos
LoadCursorW
GetScrollPos
SetCursor
IsWindow
GetKeyState
IsDialogMessageW
SetRectEmpty
EndDeferWindowPos
EnableWindow
SetRect
GetWindowTextLengthW
DeferWindowPos
BeginDeferWindowPos
UpdateWindow
GetSysColor
MsgWaitForMultipleObjects
PeekMessageW
DrawEdge
IsWindowUnicode
DestroyWindow
CallWindowProcW
GetWindowLongW
GetMessageW
GetMessageA
CreateDialogParamW
TranslateMessage
DispatchMessageW
InflateRect
DispatchMessageA
CopyRect
GetSysColorBrush
RegisterClassExW
FillRect
ShowWindow
SetWindowPos
GetParent
DialogBoxParamW

gdi32

CreateEnhMetaFileW
EndDoc
AbortDoc
Rectangle
CombineRgn
StartDocW
CreateRectRgnIndirect
SelectClipRgn
RestoreDC
SaveDC
EnumFontsW
PlayEnhMetaFile
CreateDIBSection
EndPage
TextOutW
StartPage
PatBlt
OffsetWindowOrgEx
ResetDCW
CreatePatternBrush
CreateBitmap
DeleteEnhMetaFile
SetBrushOrgEx
GetEnhMetaFileHeader
SetViewportOrgEx
CloseEnhMetaFile
GetObjectW
GetTextMetricsW
CreateDCW
CreatePen
CreatePolygonRgn
LineTo
MoveToEx
FrameRgn
FillRgn
SetBkMode
DPtoLP
GetDeviceCaps
CreateFontIndirectW
SetBkColor
DeleteObject
CreateSolidBrush
GetTextColor
GetBkColor
GetStockObject
GetTextExtentPoint32W
DeleteDC
SetTextColor
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
ExtTextOutW
SelectObject

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterW

comdlg32

ChooseColorW
ChooseFontW
PageSetupDlgW
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW

shell32

DragFinish
DragQueryFileW
DragAcceptFiles

ole32

CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr
OleTranslateColor

comctl32

ImageList_LoadImageW
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
CreateStatusWindowW
InitCommonControlsEx
ImageList_Draw

msvcr80

??3@YAXPAX@Z
_resetstkoflw
memset
malloc
wcscpy_s
wcscat_s
_recalloc
memcpy_s
free
wcslen
memmove_s
swprintf_s
abs
memcpy
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
wcscmp
wcsncpy
wcsncpy_s
_invalid_parameter_noinfo
wcscpy
strncpy_s
_purecall
towupper
_beginthreadex
vswprintf_s
memmove
_errno
??0exception@std@@QAE@XZ
_CxxThrowException
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_vsnwprintf_s
__CxxFrameHandler3

Exports

Exports

HaoZip_CloseEditor
HaoZip_GetFormats
HaoZip_GetReadOnly
HaoZip_GetWindowMode
HaoZip_Initialize
HaoZip_SetCodePage
HaoZip_SetConfigDirectory
HaoZip_SetLogoIcon
HaoZip_SetResFileName
HaoZip_ShowEditor
HaoZip_Uninitialize

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipExt.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1d9776af15175670df41c8cf8ea22eb9

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

a0:df:12:da:58:11:8f:ca:8e:0a:30:a9:9c:c0:51:30:4e:7b:9e:98
Signer

Actual PE Digest

a0:df:12:da:58:11:8f:ca:8e:0a:30:a9:9c:c0:51:30:4e:7b:9e:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipExt.pdb

Imports

kernel32

SetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindClose
InterlockedExchangeAdd
GetACP
WaitForSingleObject
GetCurrentThreadId
ResumeThread
Sleep
FormatMessageW
LocalFree
GetFullPathNameW
GetTempPathW
GetTempFileNameW
GetLongPathNameW
SetEndOfFile
WriteFile
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateEventW
GetPrivateProfileStringW
FlushInstructionCache
SetLastError
GetCurrentProcess
GetCurrentProcessId
InterlockedIncrement
GlobalLock
CreateMutexW
ReleaseMutex
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetThreadLocale
GetLocaleInfoA
GetVersionExA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GlobalUnlock
lstrcpynW
DeleteCriticalSection
CloseHandle
InterlockedDecrement
lstrcpynA
lstrlenW
WideCharToMultiByte
LeaveCriticalSection
LoadResource
GetModuleHandleW
EnterCriticalSection
lstrcmpiW
GetModuleFileNameW
RaiseException
DisableThreadLibraryCalls
LoadLibraryExW
MultiByteToWideChar
GetLastError
FindResourceW
SizeofResource
FreeLibrary
InitializeCriticalSection
GetVersion
ReadFile
SetFilePointer
CreateFileW
GetSystemDefaultLangID
GetVersionExW
GetFileAttributesW
DeleteFileW
GetProcAddress
LoadLibraryW
OpenProcess

user32

CallWindowProcW
FillRect
BeginPaint
EndPaint
SystemParametersInfoW
GetWindow
GetDlgItem
MapWindowPoints
GetWindowLongW
SetWindowPos
GetActiveWindow
MessageBoxW
LoadStringW
IsWindowVisible
SetWindowLongW
DialogBoxParamW
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
GetWindowRect
GetParent
wsprintfW
GetClientRect
EndDialog
UnregisterClassA
IsWindow
EnableWindow
IsWindowEnabled
KillTimer
SetTimer
SetPropW
ShowWindow
GetPropW
SendMessageW
InvalidateRect
SetDlgItemTextW
CharNextW
CreatePopupMenu
LoadBitmapW
ReleaseDC
SetMenuItemBitmaps
DrawIconEx
GetSysColor
GetDC
LoadImageW
GetMenuItemCount
IsMenu
InsertMenuItemW
DestroyMenu
SetWindowTextW

gdi32

TextOutW
EndPath
CreatePen
LineTo
PathToRegion
CreateSolidBrush
BeginPath
MoveToEx
FillPath
GetBkColor
SetBkMode
GetStockObject
SetTextColor
DeleteObject
DeleteDC
ExtTextOutW
SetBkColor
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

shell32

SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
DragQueryFileW
SHGetPathFromIDListW

ole32

ReleaseStgMedium
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid

oleaut32

VarUI4FromStr

msvcr80

towlower
_vsnwprintf_s
__RTDynamicCast
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
towupper
wcschr
__CxxFrameHandler3
_splitpath_s
_stricmp
_wcsnicmp
memmove
_wtof
_CxxThrowException
_wtoi
swprintf_s
_beginthreadex
wcscat_s
_errno
wcscpy_s
wcsncpy_s
_recalloc
??_V@YAXPAX@Z
malloc
sprintf
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
strlen
_invalid_parameter_noinfo
wcslen
memcpy_s
memcpy
memset
memmove_s
_purecall
free

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage

msimg32

TransparentBlt

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipFormats.dll
.dll windows:4 windows x86 arch:x86

f08e01b6b22f64f91c93eeae36493ec8

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

7c:1b:cf:8f:77:55:ec:78:4f:0a:d0:6f:46:e0:ff:70:41:71:cd:38
Signer

Actual PE Digest

7c:1b:cf:8f:77:55:ec:78:4f:0a:d0:6f:46:e0:ff:70:41:71:cd:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipFormats.pdb

Imports

kernel32

CloseHandle
CreateDirectoryW
GetWindowsDirectoryW
DeleteFileW
GetCurrentDirectoryW
GetLongPathNameW
CreateFileW
GetFullPathNameW
SetCurrentDirectoryW
SetFileAttributesW
FindFirstFileW
FindClose
FindNextFileW
GetVersionExW
GetModuleHandleW
WaitForMultipleObjects
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
CreatePipe
CreateProcessW
GetExitCodeProcess
TerminateProcess
WaitForSingleObject
ReadFile
Sleep
GetStartupInfoW
SetLastError
GetFileType
WriteFile
CreateFileA
SetFilePointer
SetEndOfFile
GetTempPathW
ReadConsoleW
GetConsoleMode
SetConsoleMode
LocalFileTimeToFileTime
FileTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
IsDBCSLeadByte
GetCPInfo
LocalFree
FormatMessageW
GetProcAddress
GetDiskFreeSpaceA
GetDriveTypeA
GetFileAttributesA
GetCurrentProcess
GetModuleFileNameW
FindFirstFileA
FindNextFileA
LeaveCriticalSection
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
CreateEventW
GetFileSize
ResumeThread
GetTempFileNameW
lstrlenW
RemoveDirectoryW
MoveFileW
GetLastError
GetFileAttributesW
MultiByteToWideChar
GetACP
GetStdHandle
WideCharToMultiByte
VirtualAlloc
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
GetSystemInfo
DosDateTimeToFileTime
FileTimeToDosDateTime
InterlockedExchangeAdd
FreeLibrary
LoadLibraryW
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
EnterCriticalSection

user32

CharLowerA
OemToCharBuffW
CharToOemA
OemToCharBuffA
OemToCharA
CharUpperA

msvcr80

srand
wcschr
towlower
towupper
_vsnwprintf_s
wcslen
_purecall
strlen
memcmp
memcpy
memset
__RTDynamicCast
memchr
atoi
strcmp
wcsncpy
free
wcscpy_s
realloc
wcscpy
malloc
strcpy
vsprintf
wcscmp
abs
strchr
strcat
strncpy
putchar
sprintf
remove
rename
toupper
wcsrchr
wcspbrk
wcscat
strrchr
strpbrk
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
rand
memmove
??_V@YAXPAX@Z
_errno
_invalid_parameter_noinfo
??2@YAPAXI@Z
memmove_s
??3@YAXPAX@Z
memcpy_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_beginthreadex
_time64

Exports

Exports

CreateArchiveInfoObjects
SetCodePage
SetResFileName
SetWorkDirectory

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipImage.dll
.dll windows:4 windows x86 arch:x86

7e39f98b351f4837eede20907e128dc5

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

ec:fa:d7:a6:2d:0e:e1:5d:ff:26:36:27:0e:74:c9:59:89:11:ad:ba
Signer

Actual PE Digest

ec:fa:d7:a6:2d:0e:e1:5d:ff:26:36:27:0e:74:c9:59:89:11:ad:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipImage.pdb

Imports

kernel32

InterlockedCompareExchange
Sleep
InterlockedExchange
lstrlenA
ExitProcess
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FindResourceW
GetFullPathNameW
lstrlenW
FindClose
FindFirstFileW
ReadFile
CloseHandle
CreateFileW
GetFileSize
CreateDirectoryW
SetFileAttributesW
DeleteFileW
InterlockedExchangeAdd
GetFileAttributesW
FormatMessageW
LocalFree
GetLastError
GlobalLock
GlobalFree
GlobalUnlock
GlobalAlloc

user32

GetDC
ReleaseDC
FillRect
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
LoadStringW
GetSysColor
GetParent
GetWindow
GetClientRect
SystemParametersInfoW
MapWindowPoints
GetWindowRect
SetWindowPos
GetWindowLongW

gdi32

SetEnhMetaFileBits
ExtSelectClipRgn
GetDIBits
RestoreDC
SaveDC
RealizePalette
StretchDIBits
CreateDIBSection
DPtoLP
SetWindowOrgEx
GetMapMode
GetClipBox
SetMapMode
LPtoDP
BitBlt
LineTo
CreatePen
GetObjectW
ExtTextOutW
CreateCompatibleBitmap
MoveToEx
SetBkColor
DeleteObject
CreateSolidBrush
StartDocW
CreateDCW
EndDoc
GetStockObject
StartPage
EndPage
GetDeviceCaps
SelectObject
DeleteDC
CreateCompatibleDC
CreateRectRgnIndirect
SetDIBitsToDevice
SetStretchBltMode
PlayEnhMetaFile
GetEnhMetaFilePaletteEntries
SetWinMetaFileBits
CreatePalette
GetEnhMetaFileHeader
SelectPalette
DeleteEnhMetaFile

comdlg32

PageSetupDlgW

ole32

CreateStreamOnHGlobal

msvcr80

_write
_setmode
_read
_close
_open
memcpy
memset
_CIatan2
_unlink
_CIexp
_CIsqrt
_setjmp3
_CIpow
floor
_CIlog
_lseek
__clean_type_info_names_internal
fread
_purecall
??2@YAPAXI@Z
_invalid_parameter_noinfo
??3@YAXPAX@Z
fscanf
fgets
memmove_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
fclose
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
getc
fputc
feof
memcpy_s
ftell
ferror
fseek
fwrite
fflush
_wfopen
??_V@YAXPAX@Z
??8type_info@@QBE_NABV0@@Z
free
malloc
towlower
towupper
_vsnwprintf_s
_errno
wcsstr
wcschr
rand
??0exception@std@@QAE@XZ
memmove
ldiv
_wcsnicmp
calloc
strncpy
longjmp
wcsrchr
_swab
strncmp
realloc
sprintf
ceil
qsort
isprint
printf
abort
fprintf
strrchr
vsprintf
tmpnam
strchr
atoi
isspace
isdigit
__iob_func
atof
isalpha
vfprintf
strtok
memchr
exit
sscanf
getenv
_strnicmp
perror
_gmtime64
fopen
putc
isupper
strstr
_stricmp
tmpfile
_getcwd
fgetc
_mktime64
_snprintf
strtod
bsearch
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CxxLongjmpUnwind

gdiplus

GdipFree
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipCreateBitmapFromGdiDib
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdipCloneImage
GdipGetPropertyItem
GdipSetClipRectI
GdipCreateBitmapFromStream
GdipImageGetFrameCount
GdipCreateBitmapFromHBITMAP
GdipDeleteCachedBitmap
GdipImageSelectActiveFrame
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreateBitmapFromScan0
GdipGetPropertyItemSize
GdipGraphicsClear
GdipGetImageEncoders
GdipImageGetFrameDimensionsList
GdipDrawCachedBitmap
GdipGetImageWidth
GdipDisposeImage
GdipCreateCachedBitmap
GdipImageRotateFlip
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageEncodersSize
GdipAlloc
GdipSaveImageToFile

ws2_32

htons
htonl
ntohs

Exports

Exports

CreateImageConvertObject
CreateImageViewObject
SetCodePage
SetResFileName

Sections

.text
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipImgConvert.exe
.exe windows:4 windows x86 arch:x86

c3490fb501a5858a88ed496ce530e4b6

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

d1:cf:59:89:23:9c:d8:7e:f1:61:b1:d4:bb:0c:a6:c8:3f:e1:4d:5b
Signer

Actual PE Digest

d1:cf:59:89:23:9c:d8:7e:f1:61:b1:d4:bb:0c:a6:c8:3f:e1:4d:5b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\build_temp\Win32\compile\Release\HaoZipImgConvert\HaoZipImgConvert.pdb

Imports

kernel32

GetModuleFileNameW
GetFullPathNameW
GetCurrentDirectoryW
lstrlenW
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetFileAttributesW
GetProcAddress
LoadLibraryW
FreeLibrary
GetModuleHandleW
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

GetDesktopWindow
LoadIconW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcr80

strlen
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towupper
towlower
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
memmove_s
??2@YAPAXI@Z
memcpy_s
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
memset

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipImgViewer.exe
.exe windows:4 windows x86 arch:x86

775e662f68f6ffb5d9b9aabe78505360

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

56:ea:e5:32:b3:47:67:7b:2f:f4:12:04:21:ca:fd:1e:64:c3:9f:07
Signer

Actual PE Digest

56:ea:e5:32:b3:47:67:7b:2f:f4:12:04:21:ca:fd:1e:64:c3:9f:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\build_temp\Win32\compile\Release\HaoZipImgViewer\HaoZipImgViewer.pdb

Imports

kernel32

LoadLibraryW
FreeLibrary
GetProcAddress
GetFullPathNameW
lstrlenW
GetModuleFileNameW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
Sleep

user32

LoadIconW

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
__CxxFrameHandler3
_CxxThrowException
towupper
towlower
wcschr
??_V@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
memcpy_s
??3@YAXPAX@Z
??2@YAPAXI@Z
memmove_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
memset

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipLoader.exe
.exe windows:4 windows x86 arch:x86

f78f91fc4d3e0da746dca764e78dd5d1

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

38:71:b7:90:d4:09:a2:bd:2f:bf:12:c9:0f:98:9e:a6:22:3c:43:08
Signer

Actual PE Digest

38:71:b7:90:d4:09:a2:bd:2f:bf:12:c9:0f:98:9e:a6:22:3c:43:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipLoader.pdb

Imports

kernel32

GetSystemDefaultLangID
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
CloseHandle
OpenProcess
GetVersionExW
DeleteFileW
CreateDirectoryW
GetFileAttributesW
SetFileAttributesW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFullPathNameW
lstrlenW
GetTempFileNameW
GetPrivateProfileStringW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

MessageBoxW

shell32

SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

msvcr80

memset
_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
memmove_s
_invalid_parameter_noinfo
memcpy_s
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
wcslen
??2@YAPAXI@Z
strlen
??_V@YAXPAX@Z
_stricmp
_splitpath_s
wcschr
towlower
towupper
free
malloc
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
memcpy

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipMd5.exe
.exe windows:4 windows x86 arch:x86

64bcbcfccad1f4fd70e2adedab734d13

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

6d:5b:7b:49:32:7b:88:bc:ac:f5:ee:ad:24:d4:82:d2:b8:15:cf:c5
Signer

Actual PE Digest

6d:5b:7b:49:32:7b:88:bc:ac:f5:ee:ad:24:d4:82:d2:b8:15:cf:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\build_temp\Win32\compile\Release\HaoZipMd5\HaoZipMd5.pdb

Imports

kernel32

GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryW
GetModuleFileNameW
lstrlenW
GetFullPathNameW
GetCurrentDirectoryW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

GetDesktopWindow
LoadIconW

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towupper
towlower
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipRename.exe
.exe windows:4 windows x86 arch:x86

64bcbcfccad1f4fd70e2adedab734d13

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

5b:26:98:f5:47:97:76:ff:c3:19:8a:17:67:98:25:6f:9b:0c:7a:e9
Signer

Actual PE Digest

5b:26:98:f5:47:97:76:ff:c3:19:8a:17:67:98:25:6f:9b:0c:7a:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\build_temp\Win32\compile\Release\HaoZipRename\HaoZipRename.pdb

Imports

kernel32

GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryW
GetModuleFileNameW
lstrlenW
GetFullPathNameW
GetCurrentDirectoryW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

GetDesktopWindow
LoadIconW

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towupper
towlower
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipReplace.exe
.exe windows:4 windows x86 arch:x86

64bcbcfccad1f4fd70e2adedab734d13

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

4f:ef:c9:5d:4d:15:88:9a:2d:0d:3f:ce:3a:06:14:ea:d0:88:60:04
Signer

Actual PE Digest

4f:ef:c9:5d:4d:15:88:9a:2d:0d:3f:ce:3a:06:14:ea:d0:88:60:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\build_temp\Win32\compile\Release\HaoZipReplace\HaoZipReplace.pdb

Imports

kernel32

GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryW
GetModuleFileNameW
lstrlenW
GetFullPathNameW
GetCurrentDirectoryW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

GetDesktopWindow
LoadIconW

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towupper
towlower
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipShell.dll
.dll windows:4 windows x86 arch:x86

c7bff2e6abc85a9759b053a733f50290

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

16:d8:16:b8:73:72:42:1e:e9:58:d7:d7:48:f0:93:9e:fe:97:e3:24
Signer

Actual PE Digest

16:d8:16:b8:73:72:42:1e:e9:58:d7:d7:48:f0:93:9e:fe:97:e3:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip.6304\trunk\bin\win32\release\pdb\HaoZipShell.pdb

Imports

kernel32

GetVersionExW
CreateFileW
ReadFile
SetFilePointer
GetFileAttributesW
SetFileAttributesW
CreateDirectoryW
RemoveDirectoryW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindNextFileW
FindFirstFileW
FindClose
FormatMessageW
LocalFree
GetTempFileNameW
GetLastError
lstrlenW
GetFullPathNameW
GetFileSize
FindResourceW
WaitForSingleObject
CreateMutexW
ReleaseMutex
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
DeleteFileW
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryW
GetCurrentDirectoryW
GetProcAddress

user32

wsprintfW
LoadStringW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegOpenCurrentUser
RegQueryValueExW

shell32

SHFileOperationW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

msvcr80

_initterm_e
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_amsg_exit
_initterm
_encoded_null
memset
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
_CxxThrowException
??3@YAXPAX@Z
memcpy_s
memmove_s
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
wcslen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_stricmp
_splitpath_s
??_V@YAXPAX@Z
_errno
wcschr
towupper
_vsnwprintf_s
towlower
memcpy

shlwapi

SHDeleteKeyW

Exports

Exports

Initialize
Install
Register
SetResFileName
Uninstall
Update
Upgrade

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUI.dll
.dll windows:4 windows x86 arch:x86

811d248b8c95c5ed7ea9e9d8f373c5af

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

27:96:63:9f:17:04:bf:0f:22:e7:06:13:44:0f:55:9d:74:75:50:12
Signer

Actual PE Digest

27:96:63:9f:17:04:bf:0f:22:e7:06:13:44:0f:55:9d:74:75:50:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\directui\SVNServer\build_temp\Win32\release_unicode\HaoZipUI\HaoZipUI.pdb

Imports

kernel32

Sleep
GetProcessHeap
TerminateProcess
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
GetFileSize
FileTimeToSystemTime
EnterCriticalSection
FileTimeToDosDateTime
GetFileInformationByHandle
GetLocalTime
SystemTimeToFileTime
GetFileType
SetFilePointer
ReadFile
FreeResource
LockResource
OpenProcess
GetModuleHandleA
VirtualQuery
VirtualProtect
LoadLibraryA
GetSystemInfo
GetCurrentProcessId
CopyFileW
SetProcessWorkingSetSize
CreateEventW
GetCurrentProcess
GetTempPathW
WideCharToMultiByte
GetCurrentDirectoryW
lstrlenA
DeleteFileW
UnmapViewOfFile
RaiseException
DisableThreadLibraryCalls
GetLastError
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
MultiByteToWideChar
LoadResource
FindResourceW
SizeofResource
InterlockedIncrement
FreeLibrary
GetProcAddress
InitializeCriticalSection
LoadLibraryW
DeleteCriticalSection
GetVersionExW
IsBadReadPtr
GlobalFree
GlobalAlloc
CloseHandle
CreateFileW
WriteFile
GlobalLock
GlobalUnlock
InterlockedDecrement
GetModuleFileNameW
LeaveCriticalSection
lstrlenW
HeapFree

user32

SetWindowPos
GetCapture
UnregisterClassA
GetDC
GetParent
KillTimer
SetActiveWindow
SetParent
LockWindowUpdate
GetClientRect
EnableWindow
UpdateWindow
GetDlgItem
PostMessageW
SetTimer
DrawIconEx
IsWindow
GetIconInfo
SetFocus
ReleaseDC
SetCursor
GetDlgCtrlID
CopyRect
IsWindowVisible
RedrawWindow
IsWindowEnabled
GetActiveWindow
IsZoomed
InvalidateRect
MoveWindow
GetWindowLongW
GetClassLongW
BringWindowToTop
SetCapture
SendMessageW
GetWindowTextW
MessageBoxW
GetWindowTextLengthW
CreateWindowExW
DestroyWindow
ShowWindow
SetWindowTextW
CloseWindow
GetWindowRect
SetWindowLongW
CharNextW
RemovePropW
SetPropW
GetWindow
SetRectEmpty
GetKeyState
GetWindowRgn
ClientToScreen
GetDCEx
EndDeferWindowPos
IntersectRect
GetCursorPos
EndPaint
DispatchMessageW
PeekMessageW
EnumChildWindows
PtInRect
DestroyCursor
InflateRect
GetPropW
IsRectEmpty
ClipCursor
SetCursorPos
BeginPaint
PostQuitMessage
GetSystemMenu
SetWindowRgn
SystemParametersInfoW
GetClipCursor
OffsetRect
ScreenToClient
GetSystemMetrics
GetMessageW
GetDesktopWindow
UpdateLayeredWindow
DefWindowProcW
BeginDeferWindowPos
EqualRect
EnableMenuItem
ReleaseCapture
DrawTextW
GetSysColor
UnionRect
SetRect
IsMenu
GetMenuItemID
GetMenuItemCount
AppendMenuW
ModifyMenuW
InsertMenuW
GetMenuStringW
GetMenuItemInfoW
DestroyMenu
GetSubMenu
LoadImageW
DestroyIcon
CallNextHookEx
GetForegroundWindow
SetWindowsHookExW
TrackPopupMenuEx
RemoveMenu
UnhookWindowsHookEx
LoadMenuW
DeferWindowPos
GetMessagePos
GetWindowDC
IsIconic
GetDoubleClickTime
TrackPopupMenu
GetFocus
GetAsyncKeyState
CallWindowProcW
CreatePopupMenu
DeleteMenu
LoadCursorW

gdi32

CreateRectRgn
SetRectRgn
CombineRgn
PatBlt
SelectClipRgn
CreateCompatibleBitmap
CreateBitmap
OffsetRgn
PtInRegion
GetClipBox
CreatePatternBrush
CreateRectRgnIndirect
SetViewportOrgEx
CreateFontIndirectW
MoveToEx
PolyDraw
SetBkMode
GetWindowOrgEx
GetRegionData
CreatePen
BeginPath
EndPath
GetPath
CreateCompatibleDC
LineTo
FillPath
CreateSolidBrush
PolyBezierTo
SetTextColor
WidenPath
SetDIBits
SetBkColor
CreateICW
ExtTextOutW
GetCurrentObject
CreateDIBSection
SetWindowOrgEx
GetRgnBox
DeleteObject
SelectObject
RealizePalette
CreateDCW
DeleteDC
GetStockObject
GetDIBits
SelectPalette
GetDeviceCaps
GetObjectW
ExtCreateRegion
BitBlt

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegDeleteValueW

shell32

ShellExecuteW

ole32

CoCreateGuid
CoFreeUnusedLibraries
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromString
CoCreateInstance
CoInitialize

oleaut32

VariantCopy
VariantClear
VariantInit
LoadRegTypeLi
LoadTypeLi
SysStringLen
SysFreeString
VariantChangeType
OleTranslateColor
SafeArrayGetUBound
SafeArrayCreate
SafeArrayPutElement
SysAllocString
SafeArrayGetLBound
SafeArrayRedim
SafeArrayGetElement
SafeArrayDestroy
VarBstrCat
SysAllocStringByteLen
SysAllocStringLen
SysStringByteLen
VarUI4FromStr

comctl32

ImageList_GetImageInfo
_TrackMouseEvent
ImageList_GetImageCount

msimg32

AlphaBlend

gdiplus

GdipCloneBitmapAreaI
GdipCreateBitmapFromFile
GdipDrawImageI
GdipDrawString
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipSetStringFormatTrimming
GdipCreateImageAttributes
GdipCreateStringFormat
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatFlags
GdipDrawImageRectRect
GdipGetImageGraphicsContext
GdipSetCompositingQuality
GdipDisposeImageAttributes
GdipSetStringFormatFlags
GdipCreateFontFromLogfontW
GdipLoadImageFromStreamICM
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipMeasureString
GdipDeleteFont
GdipSetImageAttributesRemapTable
GdipCreateBitmapFromHICON
GdipCreateLineBrushFromRectWithAngleI
GdipGetImageHeight
GdipDrawImageRectI
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipDeleteBrush
GdipCreateFromHDC
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipCreateSolidFill
GdipFillRectangleI
GdipCloneBrush
GdipAlloc
GdipFree
GdipSetStringFormatLineAlign

msvcr80

wcstoul
wcschr
atoi
_wtoi
_wcsicmp
__RTDynamicCast
vswprintf_s
_waccess
fwrite
_vsnprintf_s
ftell
wcscpy_s
swprintf_s
wcscat_s
sscanf_s
strncpy_s
_stricmp
fclose
vsprintf_s
fseek
fopen_s
strcpy_s
fread
_wfopen_s
strcat_s
_wsplitpath_s
wcsncpy_s
_resetstkoflw
malloc
memmove_s
??0exception@std@@QAE@ABV01@@Z
_recalloc
_purecall
??0exception@std@@QAE@ABQBD@Z
calloc
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
memcpy_s
??2@YAPAXI@Z
free
memchr
??3@YAXPAX@Z
_tzset
_wcsnicmp
toupper
strchr
fprintf
fputc
ferror
isspace
isalnum
tolower
isalpha
strncmp
memset
__CxxFrameHandler3
_CxxThrowException
memcpy
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
??_V@YAXPAX@Z
floor
_mktime64

rpcrt4

UuidFromStringW

imagehlp

ImageDirectoryEntryToData

Exports

Exports

CloseSkin
OpenSkin

Sections

.text
Size: 626KB - Virtual size: 625KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUpdate.exe
.exe windows:4 windows x86 arch:x86

3fde7c4cc25f3f7b177142b19bf5d526

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

b3:9f:aa:ba:23:f5:f8:cb:78:8c:cd:c4:df:6f:b7:94:5a:21:82:f7
Signer

Actual PE Digest

b3:9f:aa:ba:23:f5:f8:cb:78:8c:cd:c4:df:6f:b7:94:5a:21:82:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipUpdate.pdb

Imports

wininet

InternetWriteFile
InternetCrackUrlW
HttpEndRequestW
HttpSendRequestExW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetConnectW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetOpenUrlW
InternetSetOptionW
InternetCloseHandle
InternetOpenW

kernel32

FindResourceW
GetModuleFileNameW
Sleep
LoadLibraryExW
SetLastError
LoadLibraryA
GetProcAddress
DeleteCriticalSection
GetTickCount
CopyFileW
MoveFileW
WaitForSingleObject
CloseHandle
LoadLibraryW
WideCharToMultiByte
GetACP
ResumeThread
CreateDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
RemoveDirectoryW
SetEndOfFile
SetFileTime
GetFileSize
WriteFile
ReadFile
CreateFileW
SetFilePointer
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
InterlockedExchangeAdd
FindFirstFileW
lstrcmpiW
FindNextFileW
GetLongPathNameW
GetFullPathNameW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
GetCurrentDirectoryW
GetComputerNameW
WritePrivateProfileStringW
GetPrivateProfileStringW
SetPriorityClass
DeviceIoControl
GetVersionExW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
OpenProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
GetLocaleInfoA
GetThreadLocale
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
LoadResource
GetLastError
FormatMessageW
LocalFree
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SizeofResource
CreateMutexW
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
GetModuleHandleW
FreeLibrary
EnterCriticalSection
InterlockedIncrement
InitializeCriticalSection
RaiseException
LeaveCriticalSection
lstrlenW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FindClose
QueryPerformanceCounter

user32

UnregisterClassA
LoadIconW
GetWindowLongW
GetSystemMetrics
EndDialog
LoadImageW
GetWindowThreadProcessId
SetWindowPos
SendMessageW
GetDlgItem
SetWindowTextW
GetParent
IsWindow
SetForegroundWindow
DialogBoxParamW
PostQuitMessage
IsWindowVisible
KillTimer
SetTimer
GetWindow
IsDialogMessageW
GetSystemMenu
ModifyMenuW
IsMenu
SetWindowLongW
DestroyMenu
SetDlgItemTextW
GetActiveWindow
PostMessageW
GetClassInfoExW
GetSubMenu
CallWindowProcW
TrackPopupMenu
LoadStringW
RegisterWindowMessageW
SetMenuDefaultItem
LoadMenuW
DestroyIcon
LoadCursorW
RegisterClassExW
CreateWindowExW
GetCursorPos
GetClassNameW
IsIconic
SystemParametersInfoW
GetWindowRect
GetClientRect
MapWindowPoints
CreateDialogParamW
DefWindowProcW
PeekMessageW
CharNextW
ShowWindow
MessageBoxW
DestroyWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuDefaultItem

gdi32

CreateFontIndirectW
DeleteObject

advapi32

RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
GetUserNameW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey

shell32

Shell_NotifyIconW
SHGetPathFromIDListW
SHChangeNotify
ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderLocation
SHFileOperationW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

msvcr80

free
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
_CxxThrowException
wcscpy_s
swprintf_s
_splitpath_s
_stricmp
_vswprintf
strncpy
swscanf_s
vswprintf_s
memcmp
_vswprintf_c_l
memcpy
_wtoi
_localtime64_s
rand
srand
_time64
_beginthreadex
towlower
_vsnwprintf_s
towupper
wcschr
_errno
memmove
_purecall
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
strlen
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
malloc
memset
memmove_s
memcpy_s
wcsncpy_s
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_recalloc
wcslen
??_V@YAXPAX@Z

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipVersion.dll
.dll windows:4 windows x86 arch:x86

24da43a02b017d3044f9525b61004f90

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

87:dd:dd:4f:95:c1:22:d4:8e:cf:a4:c2:c9:66:2f:70:b3:44:20:6e
Signer

Actual PE Digest

87:dd:dd:4f:95:c1:22:d4:8e:cf:a4:c2:c9:66:2f:70:b3:44:20:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Release 6302\rczip\trunk\bin\win32\release\pdb\HaoZipVersion.pdb

Imports

msvcr80

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_except_handler4_common
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

DllGetVersion

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 350B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.VC80.CRT.manifest
Rar.exe
.exe windows:5 windows x86 arch:x86

4557b502e756a3acfc77d7bd38f2078e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\rar\build\rar32\Release\RAR.pdb

Imports

kernel32

SetLastError
GetCurrentDirectoryA
CloseHandle
GetCurrentProcess
CreateFileW
BackupRead
BackupSeek
SetFileTime
MoveFileA
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetFileTime
GetFileType
CreateFileA
ReadFile
WriteFile
GetDriveTypeA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
GetFullPathNameA
GetFullPathNameW
MoveFileW
DeleteFileA
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindClose
FindNextFileA
FindFirstFileA
GetLastError
FindFirstFileW
GetVersionExA
CreateThread
ExitThread
GetProcessAffinityMask
WaitForSingleObject
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventA
GetModuleFileNameA
SetErrorMode
FreeLibrary
LoadLibraryA
LoadLibraryExA
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
IsDBCSLeadByte
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
GetLocaleInfoA
FormatMessageA
LocalFree
SetConsoleCtrlHandler
Sleep
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetConsoleMode
SetConsoleMode
FindNextFileW
ReadConsoleA
GetStringTypeW
GetStringTypeA
GetConsoleCP
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
RaiseException
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetVersion
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId

user32

CharUpperW
CharLowerW
ExitWindowsEx
CharLowerA
LoadStringA
CharUpperA
CharToOemBuffA
OemToCharA
OemToCharBuffA
CharToOemA

advapi32

RegQueryValueExA
RegCloseKey
GetFileSecurityW
GetFileSecurityA
GetSecurityDescriptorLength
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHFileOperationA

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RarNew.data
.rar
TarNew.data
UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/un.option.ini
ZipNew.data
config/Themes/haoya_jingdian/LogoSmall.bmp
config/Themes/haoya_jingdian/haozip_theme_description.txt
config/Themes/haoya_jingdian/logo.ico
config/Themes/haoya_jingdian/preview.bmp
config/Themes/haoya_jingdian/tool_bar/Add.bmp
config/Themes/haoya_jingdian/tool_bar/Comment.bmp
config/Themes/haoya_jingdian/tool_bar/Delete.bmp
config/Themes/haoya_jingdian/tool_bar/Extract.bmp
config/Themes/haoya_jingdian/tool_bar/Find.bmp
config/Themes/haoya_jingdian/tool_bar/Info.bmp
config/Themes/haoya_jingdian/tool_bar/Repair.bmp
config/Themes/haoya_jingdian/tool_bar/SFX.bmp
config/Themes/haoya_jingdian/tool_bar/Test.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Add.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Comment.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Delete.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Extract.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Find.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Info.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Repair.bmp
config/Themes/haoya_jingdian/tool_bar_gray/SFX.bmp
config/Themes/haoya_jingdian/tool_bar_gray/Test.bmp
config/Themes/haoya_jingdian/tray.ico
config/Themes/haoya_jyfg/haozip_theme_description.txt
config/Themes/haoya_jyfg/logo.ico
config/Themes/haoya_jyfg/preview.bmp
config/Themes/haoya_jyfg/tool_bar/Add.bmp
config/Themes/haoya_jyfg/tool_bar/Comment.bmp
config/Themes/haoya_jyfg/tool_bar/Delete.bmp
config/Themes/haoya_jyfg/tool_bar/Extract.bmp
config/Themes/haoya_jyfg/tool_bar/Find.bmp
config/Themes/haoya_jyfg/tool_bar/Info.bmp
config/Themes/haoya_jyfg/tool_bar/Repair.bmp
config/Themes/haoya_jyfg/tool_bar/SFX.bmp
config/Themes/haoya_jyfg/tool_bar/Test.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Add.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Comment.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Delete.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Extract.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Find.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Info.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Repair.bmp
config/Themes/haoya_jyfg/tool_bar_gray/SFX.bmp
config/Themes/haoya_jyfg/tool_bar_gray/Test.bmp
config/Themes/haoya_jyfg/tray.ico
lang/HaoZipLang_chs.dll
.dll windows:4 windows x86 arch:x86

d05906981f53157a7404d25bec1148ad

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

14/05/2010, 00:00

Not After

14/05/2011, 23:59

Subject

CN=上海瑞创网络科技发展有限公司,O=上海瑞创网络科技发展有限公司,L=ShangHai,ST=ShangHai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

0a:7f:79:7a:e2:89:c8:7c:a4:c4:ce:7a:e9:ab:24:da:98:d8:4d:24
Signer

Actual PE Digest

0a:7f:79:7a:e2:89:c8:7c:a4:c4:ce:7a:e9:ab:24:da:98:d8:4d:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\release 6302\rczip\trunk\bin\win32\release\lang\pdb\HaoZipLang_chs.pdb

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess

Exports

Exports

GetLanguageName

Sections

.text
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 506B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sfx/HaoZip7zCon.sfx
.exe windows:4 windows x86 arch:x86

ec28c42ff10c4dc4eefcfc4116efa812

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\Win32\release\pdb\HaoZip7zCon.pdb

Imports

kernel32

GetCommandLineW
SetFileApisToOEM
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindFirstFileW
FindClose
InterlockedExchangeAdd
GetVersionExW
GetModuleHandleW
FindResourceW
GetLastError
LoadLibraryW
FreeLibrary
GetProcAddress
CreateThread
ExitThread
ResetEvent
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
SetConsoleCtrlHandler
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseMutex
CreateMutexW
WaitForSingleObject
CreateDirectoryW
DeleteFileW
SetFileAttributesW
RemoveDirectoryW
lstrlenW
GetFullPathNameW
MoveFileW
CreateFileW
SetFileTime
GetFileSize
SetEndOfFile
WaitForMultipleObjects
CreateEventW
SetEvent
ResumeThread

user32

LoadStringW

Sections

.text
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sfx/HaoZip7zSetup.sfx
.exe windows:4 windows x86 arch:x86

fa3c4605a85966a8d1236425992cbd84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Release 6302\rczip\trunk\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHBrowseForFolderW

kernel32

CloseHandle
SetCurrentDirectoryW
LocalFree
GetCurrentDirectoryW
WaitForSingleObject
SetFileApisToOEM
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableW
SetThreadPriority
GetCurrentThread
GetLastError
GetCommandLineW
GetFileAttributesW
FormatMessageW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
InterlockedExchangeAdd
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
SetFileTime
SetEndOfFile
WriteFile
ReadFile
GetFileSize
CreateFileW
SetFilePointer
Sleep
GetCurrentThreadId
ResumeThread
WideCharToMultiByte
GetACP
MultiByteToWideChar
GetFullPathNameW
GetTempFileNameW
GetLongPathNameW
MoveFileW
lstrlenW
CreateProcessW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
FindResourceW
FileTimeToSystemTime
ExpandEnvironmentStringsW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
HeapReAlloc
VirtualAlloc
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetModuleFileNameW
GetWindowsDirectoryW
WaitForMultipleObjects
CreateEventW
SetEvent
ResetEvent
GetTempPathW
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement

user32

GetActiveWindow
LoadStringW
GetDesktopWindow
CreateDialogParamW
EnableWindow
SetTimer
IsWindowVisible
IsDialogMessageW
ScreenToClient
GetMessageW
LoadIconW
TranslateMessage
PostQuitMessage
DestroyIcon
SendMessageW
IsWindow
MessageBoxW
ShowWindow
SetWindowPos
GetWindowRect
PostMessageW
GetSystemMetrics
DialogBoxParamW
EndDialog
GetWindowTextW
SetWindowTextW
GetDlgItem
KillTimer
DispatchMessageW

gdi32

CreateSolidBrush
DeleteObject

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
skins/HaoZip.dui
.zip
objects.xml
.xml
skins/HaoZip.skn
.zip
21.png
Actual size.png
Adressbar_list.png
Appropriate size.png
Back2.png
Back_Btn.png
Back_Btn2.png
Bottom_Bg.png
Caption_Btn.png
Clockwise.png
Close.png
Counterclockwise.png
Delete.png
Detailpane_bg.png
Enlarge.png
Forward2.png
Forward_Btn.png
Forward_Btn2.png
Hand.png
HaoPicIconForm.png
HaoPicInfoForm.CloseBtn.png
HaoPicInfoForm.png
HaoZip.skn
Left_Border.png
Left_Border_photoview.png
Menubar_Btn_Hot.png
Menubar_Btn_Press.png
Narrow.png
Open.png
Play_Btn.png
RCHaoClients.png
RCHaoFileTreeView.png
RCHaoNavigateBar.BackBtn.png
RCHaoNavigateBar.ForwardBtn.png
Right_Border.png
Right_Border_photoview.png
Sidebar_Infopane_Btn
Sidebar_Infopane_Btn1.png
Sidebar_Infopane_Btn2.png
Stop.png
Stop_Btn.png
View_D (2).png
View_H (2).png
View_L (2).png
View_M (2).png
View_N (2).png
View_Right.png
adressbar.png
bg.png
border.png
checkbox.png
close_sidebar.png
convert.png
copy.png
edit.png
folder-bg.png
foot.png
foot3.png
head.png
hide.png
hide2.png
info-bg.png
info_icon.png
list-btn.png
main_splitter.png
menubar.png
objects.xml
.xml
open_bg.png
page_btn.png
play.png
print.png
prop.xml
sep.png
shareres.xml
.xml
show.png
show2.png
slide 2.png
splitter1.png
splitter2.png
thumb.png
toolbar-small.png
toolbar.png
toolicon_Bg.png
up.png
skins/HaoZip.xml
.xml
好压免责声明.txt
好压更新日志.txt

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 1.5MB

.rsrc Size: 86KB - Virtual size: 88KB

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 176B

.reloc Size: 5KB - Virtual size: 4KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 899B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 574B

9ed5d1e735b51125901380bb5dc2bb90

Code Sign

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 1.5MB

.rsrc
Size: 86KB - Virtual size: 88KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 176B

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 899B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 574B

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

03:12:0b:f6:75:a3:1f:25:0d:2f:1e:20:11:e2:6c:ff:fa:e8:cb:f8
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 358KB - Virtual size: 358KB

.data
Size: 51KB - Virtual size: 74KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 137KB - Virtual size: 137KB

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

24:af:13:74:fe:5f:db:ed:b4:de:05:ff:a9:03:dd:7a
Certificate

08:c6:6f:c8:7a:b0:22:90:cd:34:15:ee:ca:70:02:bb:d5:82:e8:54
Signer

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 904B

.rsrc
Size: 581KB - Virtual size: 580KB

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate