40e986e21a6159f612d2b18c558b1488_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40e986e21a6159f612d2b18c558b1488_JaffaCakes118
Size

21.2MB
MD5

40e986e21a6159f612d2b18c558b1488
SHA1

c7bb1babe0e28ca82382e11613f09c3ec6bbef07
SHA256

1a3de8bf5b7cdcd474372295ddf728167aaf4d662341a4d8d5fb4de5067be82e
SHA512

ba464a4978aafcfa01f59bcff00c95d6e5e180d0fbac9ee0a3e1dd9977c1776572273b45d3c3f06773f25c53a2bc507564f6d4cea58964725d6ca2e64b4cce78
SSDEEP

393216:+qpIovGhy6kTavdeAQ2pQeIFy2B6UZJZzB9JMjXTe3St+CX8PPnm+cN:+qhv16kYeAQ2656gnfCHeXCskN

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 36 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/System.dll
unpack002/$TEMP/InstUtil.dll
unpack003/DeviceSDK/PCMPCC_UM185.dll
unpack003/OpeIcons.dll
unpack004/Aboutn.dll
unpack004/BvrpCtln.dll
unpack004/DeviceSDK/PCMResource.dll
unpack004/LiveUpdateClientTools.dll
unpack004/ModExch.dll
unpack004/ModemWiz.dll
unpack004/Pbkres.dll
unpack004/Prpgf2n.dll
unpack004/RasCnxMngr.dll
unpack004/WinInetErrors.dll
unpack004/bvrpnac.dll
unpack004/mPhonetools.exe
unpack004/wfcomrc.dll
unpack006/Aboutn.dll
unpack006/BVRPNac.dll
unpack006/DeviceSDK/PCMResource.dll
unpack006/LiveUpdateClientTools.dll
unpack006/ModExch.dll
unpack006/ModemWiz.dll
unpack006/PbkRes.dll
unpack006/Prpgf2n.dll
unpack006/RasCnxMngr.dll
unpack006/WinInetErrors.dll
unpack006/bvrpctln.dll
unpack006/mPhonetools.exe
unpack006/wfcomrc.dll
unpack009/$PLUGINSDIR/System.dll
unpack009/$TEMP/InstUtil.dll
unpack001/Pantech UM185 driver.3guman.com/Original Disc/MPT/ISSetup.dll
unpack001/Pantech UM185 driver.3guman.com/Original Disc/MPT/Redist/msvcp60.dll
unpack001/Pantech UM185 driver.3guman.com/Original Disc/MPT/_Setup.dll
unpack001/Pantech UM185 driver.3guman.com/Original Disc/Start.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/Pantech UM185 driver.3guman.com/Drivers/drivers.exe	nsis_installer_1
static1/unpack008/drivers.exe	nsis_installer_1

Files

40e986e21a6159f612d2b18c558b1488_JaffaCakes118
.rar
Pantech UM185 driver.3guman.com/Drivers/drivers.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91
Signer

Actual PE Digest

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/PTUMWBUS.inf
$TEMP/DGPTUMW/PTUMWCDF.inf
$TEMP/DGPTUMW/PTUMWCSP.INF
$TEMP/DGPTUMW/PTUMWMDM.inf
$TEMP/DGPTUMW/PTUMWNET.inf
$TEMP/DGPTUMW/PTUMWNSP.INF
$TEMP/DGPTUMW/PTUMWVSP.INF
$TEMP/DGPTUMW/Setup.exe
.exe windows:4 windows x86 arch:x86

44e10d0057a430f7aebde91deb548c53

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45
Signer

Actual PE Digest

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
DuplicateHandle
GetVolumeInformationA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
HeapFree
RtlUnwind
HeapAlloc
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
SetEndOfFile
ExitThread
CreateThread
HeapSize
GetACP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateEventA
WriteFile
ReadFile
SetEvent
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetCurrentProcess
SetFileAttributesA
GetSystemInfo
TerminateProcess
OpenProcess
CompareStringW
GetVersion
MultiByteToWideChar
InterlockedExchange
GetSystemDefaultLangID
OpenMutexA
GetTickCount
CreateMutexA
GetModuleFileNameA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetDiskFreeSpaceA
CopyFileA
MoveFileExA
GetVersionExA
GetTempPathA
Sleep
MulDiv
GetWindowsDirectoryA
GetPrivateProfileStringA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
CompareStringA
CreateDirectoryA
FindFirstFileA
FindClose
CreateProcessA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
RaiseException
SizeofResource

user32

CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CopyAcceleratorTableA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SendMessageA
ShowScrollBar
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IsRectEmpty
SetRect
InvalidateRect
PostThreadMessageA
RegisterClipboardFormatA
GetClassLongA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
CallNextHookEx
InvalidateRgn
MessageBoxA
DrawIcon
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
CharUpperA
ExitWindowsEx
PostMessageA
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
IsWindowEnabled
GetLastActivePopup
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetParent
GetWindowLongA

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
RectVisible
Escape
ExtTextOutA
CreateSolidBrush
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteValueA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode
CM_Locate_DevNodeA
SetupDiOpenDevRegKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/Setup64.exe
.exe windows:4 windows x64 arch:x64

8c803c668877880bc64f87c5dadd47c4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:7b:8c:f4:0e:40:81:63:8b:48:e9:da:3a:2a:16:49:fc:24:c0:f8
Signer

Actual PE Digest

52:7b:8c:f4:0e:40:81:63:8b:48:e9:da:3a:2a:16:49:fc:24:c0:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVolumeInformationA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
HeapFree
RtlUnwindEx
HeapAlloc
RtlLookupFunctionEntry
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapSize
DuplicateHandle
IsValidCodePage
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
LCMapStringA
LCMapStringW
HeapSetInformation
HeapCreate
RtlVirtualUnwind
GetStringTypeA
GetStringTypeW
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateEventA
WriteFile
ReadFile
SetEvent
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetCurrentProcess
SetFileAttributesA
GetSystemInfo
TerminateProcess
OpenProcess
CompareStringW
GetVersion
MultiByteToWideChar
GetSystemDefaultLangID
OpenMutexA
GetTickCount
CreateMutexA
GetModuleFileNameA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetDiskFreeSpaceA
CopyFileA
MoveFileExA
GetVersionExA
GetTempPathA
Sleep
MulDiv
GetWindowsDirectoryA
GetPrivateProfileStringA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
CompareStringA
FindFirstFileA
CreateDirectoryA
FindClose
CreateProcessA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetACP
SizeofResource

user32

CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassNameA
CopyAcceleratorTableA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SendMessageA
ShowScrollBar
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
PostThreadMessageA
RegisterClipboardFormatA
GetClassLongPtrA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
GetClassLongA
IsRectEmpty
MessageBoxA
DrawIcon
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
CharUpperA
ExitWindowsEx
PostMessageA
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
IsWindowEnabled
GetLastActivePopup
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetWindowLongA
GetParent

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible
SelectObject
Escape
ExtTextOutA
CreateSolidBrush
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteValueA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode
CM_Locate_DevNodeA
SetupDiOpenDevRegKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/UnInstall.exe
.exe windows:4 windows x86 arch:x86

9f4048e0f9cc8fd046bb81435de7007b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:94:90:82:30:f9:e8:04:a8:f8:3c:9e:0e:71:02:bb:f5:5e:c0:4f
Signer

Actual PE Digest

48:94:90:82:30:f9:e8:04:a8:f8:3c:9e:0e:71:02:bb:f5:5e:c0:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
GetVolumeInformationA
HeapSize
GetACP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
GetTickCount
GetExitCodeThread
TerminateThread
PurgeComm
ResetEvent
WriteFile
WaitCommEvent
ReadFile
GetOverlappedResult
SetEvent
GetCommTimeouts
SetCommTimeouts
SetCommMask
SetupComm
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
TerminateProcess
WaitForSingleObject
GetCurrentProcess
GetModuleHandleA
FindClose
GetSystemDefaultLangID
OpenMutexA
CreateMutexA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
Sleep
DeviceIoControl
CopyFileA
MoveFileExA
CreateProcessA
CloseHandle
GetVersionExA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetTempPathA
GetModuleFileNameA
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetPrivateProfileStringA
FindFirstFileA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
GetLastError
LocalFree
LocalAlloc
CreateThread
lstrlenA

user32

InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
PostThreadMessageA
RegisterClipboardFormatA
IsChild
MessageBeep
SendDlgItemMessageA
GetNextDlgGroupItem
CharUpperA
MessageBoxA
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible
SelectObject
Escape
ExtTextOutA
DeleteDC
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
GetObjectA
CreateFontIndirectA
CreateSolidBrush
GetDeviceCaps
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

shell32

SHFileOperationA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
SetupDiCallClassInstaller

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/UnInstall64.exe
.exe windows:4 windows x64 arch:x64

7be5b14f7194f062d01c9d7393603aca

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:fb:10:ee:ea:5f:12:c6:ae:11:2c:39:34:3f:02:83:39:49:f1:1b
Signer

Actual PE Digest

49:fb:10:ee:ea:5f:12:c6:ae:11:2c:39:34:3f:02:83:39:49:f1:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapSize
GetACP
LeaveCriticalSection
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
GetStdHandle
HeapSetInformation
HeapCreate
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
GetTickCount
GetExitCodeThread
TerminateThread
PurgeComm
ResetEvent
WriteFile
WaitCommEvent
ReadFile
GetOverlappedResult
SetEvent
GetCommTimeouts
SetCommTimeouts
SetCommMask
SetupComm
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
TerminateProcess
WaitForSingleObject
GetCurrentProcess
GetModuleHandleA
FindClose
GetSystemDefaultLangID
OpenMutexA
CreateMutexA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
Sleep
DeviceIoControl
CopyFileA
MoveFileExA
CreateProcessA
CloseHandle
GetVersionExA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
GetTempPathA
GetModuleFileNameA
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
FindFirstFileA
GetPrivateProfileStringA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
GetLastError
LocalFree
LocalAlloc
IsValidCodePage
lstrlenA

user32

IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
PostThreadMessageA
RegisterClipboardFormatA
GetCapture
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
IsChild
SetRect
CharUpperA
MessageBoxA
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
ModifyMenuA

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
RectVisible
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
DeleteDC
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
GetObjectA
CreateFontIndirectA
CreateSolidBrush
GetDeviceCaps
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

shell32

SHFileOperationA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
SetupDiCallClassInstaller

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/DIFxAPI.dll
.dll windows:6 windows x64 arch:x64

ceb920209f99ac3a5c67dbf30edbb1c2

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f4:69:b9:5c:65:18:8a:12:ea:59:04:15:58:02:b6:44:82:7e:6d:08
Signer

Actual PE Digest

f4:69:b9:5c:65:18:8a:12:ea:59:04:15:58:02:b6:44:82:7e:6d:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

DIFXAPI.pdb

Imports

msvcrt

mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
memmove
memcpy
??1type_info@@UEAA@XZ
_amsg_exit
_initterm
_XcptFilter
__C_specific_handler
__dllonexit
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
_unlock
iswdigit
iswalpha
_isatty
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_vscwprintf
??3@YAXPEAX@Z
_onexit
_lock
_wcsnicmp
wcsrchr
wcspbrk
wcschr
??2@YAPEAX_K@Z
_CxxThrowException
wcsstr
_wcsicmp
??_U@YAPEAX_K@Z
_vsnwprintf
_resetstkoflw
malloc
free
??_V@YAXPEAX@Z
memset
memcmp

ntdll

RtlNtStatusToDosError
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

kernel32

WaitForMultipleObjects
GetThreadLocale
SetEndOfFile
SetFilePointer
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
GetVersionExA
RaiseException
VirtualProtect
Sleep
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
GetSystemTimeAsFileTime
DeviceIoControl
GetSystemDirectoryW
LocalReAlloc
LocalAlloc
GetEnvironmentVariableW
RemoveDirectoryW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
CloseHandle
CreateFileW
MoveFileExW
GetSystemWindowsDirectoryW
EnterCriticalSection
HeapReAlloc
HeapAlloc
HeapFree
DeleteCriticalSection
OutputDebugStringA
InitializeCriticalSection
HeapDestroy
LeaveCriticalSection
GetLastError
FindResourceW
lstrcmpiW
SizeofResource
LockResource
LoadResource
FindResourceExW
VerifyVersionInfoW
lstrlenW
SetFileAttributesW
DeleteFileW
SetLastError
LoadLibraryW
GetVersionExW
GetProcAddress
FreeLibrary
GetFileSize
CreateFileMappingW
MapViewOfFile
MultiByteToWideChar
UnmapViewOfFile
WideCharToMultiByte
CompareStringW
LocalFree
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
CopyFileW
GetTempFileNameW
SetEvent

user32

CharLowerW
UnregisterClassA
CharPrevW

setupapi

pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupDiClassNameFromGuidW
SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
CM_Get_Device_IDW
SetupDiSetDeviceRegistryPropertyW
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Enumerate_Classes
SetupDiOpenClassRegKey
SetupGetTargetPathW
SetupInstallFromInfSectionW
SetupDiGetClassDevsW
SetupPromptReboot
SetupDiDestroyDeviceInfoList
SetupInstallFilesFromInfSectionW
SetupDefaultQueueCallbackW
SetupFindFirstLineW
SetupCommitFileQueueW
SetupQueueCopyW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupCopyOEMInfW
SetupInstallServicesFromInfSectionW
SetupOpenInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetStringFieldW
SetupGetIntField
SetupGetFieldCount
SetupDiGetActualSectionToInstallW
SetupOpenFileQueue
SetupGetLineCountW
SetupCloseFileQueue
SetupOpenAppendInfFileW

advapi32

FreeSid
RegCloseKey
AllocateAndInitializeSid
CheckTokenMembership
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
ControlService
StartServiceW
DeleteService
CloseServiceHandle

ole32

CoInitialize
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoUninitialize

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

crypt32

CertFreeCertificateContext
CertFreeCTLContext
CertGetCTLContextProperty
CryptQueryObject

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWBus.sys
.sys windows:5 windows x64 arch:x64

e7d26bc0fc9bfbee01e9d7b95a7f9a6e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:24:a1:e8:40:32:a0:3d:77:b8:3b:2e:9d:92:fe:43:c5:a5:db:28
Signer

Actual PE Digest

82:24:a1:e8:40:32:a0:3d:77:b8:3b:2e:9d:92:fe:43:c5:a5:db:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\MssBus\ccgp\objfre_wnet_AMD64\amd64\PTUMWBus.pdb

Imports

ntoskrnl.exe

DbgPrint
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
RtlQueryRegistryValues
ExFreePool
KeInitializeEvent
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
IoCreateDevice
IofCallDriver
IofCompleteRequest
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
KeWaitForSingleObject
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
IoDeleteDevice
IoSetDeviceInterfaceState
IoInvalidateDeviceRelations
ObfReferenceObject
PoCallDriver
PoRequestPowerIrp
IoCancelIrp
KeSetEvent
swprintf
IoReleaseCancelSpinLock
RtlCompareMemory
IoDetachDevice
IoBuildDeviceIoControlRequest
ZwClose
ZwSetValueKey
IoOpenDeviceRegistryKey
RtlInitUnicodeString
ZwQueryValueKey
strncmp
IoGetCurrentProcess
ZwOpenKey
strlen
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
PsGetVersion

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWCDF.sys
.sys windows:5 windows x64 arch:x64

5cb4f7505d6fde1fc25366e0b2c226eb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:48:65:86:77:76:38:bd:4d:be:f8:fa:04:52:b2:bb:0d:34:e6:89
Signer

Actual PE Digest

81:48:65:86:77:76:38:bd:4d:be:f8:fa:04:52:b2:bb:0d:34:e6:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGCDFREE\objfre_wnet_AMD64\amd64\PTUMWCDF.pdb

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
ExFreePool
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
KeSetEvent
IofCompleteRequest
IoCancelIrp
__C_specific_handler
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
IoDetachDevice
IoRegisterDeviceInterface
IoFreeWorkItem
IoAttachDeviceToDeviceStack
PoSetPowerState
IoDeleteDevice
IoAllocateWorkItem
IoCreateDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
MmMapLockedPagesSpecifyCache
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeClearEvent
KeAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
PoRequestPowerIrp
ObfDereferenceObject
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
RtlFreeUnicodeString
IoSetDeviceInterfaceState
KeDelayExecutionThread
PoStartNextPowerIrp
PoCallDriver
IoQueueWorkItem
KeGetCurrentIrql
PsTerminateSystemThread
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
ObReferenceObjectByHandle
PsCreateSystemThread
PsGetVersion

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 640B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWCSP.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

db:e4:7f:20:1c:04:64:d8:93:2e:f1:e3:36:1c:4a:4f:0a:5a:d4:6e
Signer

Actual PE Digest

db:e4:7f:20:1c:04:64:d8:93:2e:f1:e3:36:1c:4a:4f:0a:5a:d4:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWCSP.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWFLT.sys
.sys windows:5 windows x64 arch:x64

4d60b33a663134a92bbb8c456e3f229d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:04:b8:71:f0:45:9c:d5:36:18:e5:45:da:36:ae:b8:dc:6e:ac:b2
Signer

Actual PE Digest

3d:04:b8:71:f0:45:9c:d5:36:18:e5:45:da:36:ae:b8:dc:6e:ac:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WWANFLT\driver\objfre_wnet_AMD64\amd64\PTUMWFLT.pdb

Imports

ntoskrnl.exe

ExFreePool
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
KeSetEvent
KeWaitForSingleObject
IofCallDriver
KeInitializeEvent
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
ObfDereferenceObject
IoGetAttachedDeviceReference
IoIsWdmVersionAvailable
IofCompleteRequest
DbgPrint
IoDetachDevice
PoCallDriver
PoStartNextPowerIrp
RtlCopyUnicodeString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 256B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 640B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWMdm.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:d0:c8:16:a2:bb:e3:39:45:ef:8d:0f:4a:88:65:7e:16:84:f0:0c
Signer

Actual PE Digest

51:d0:c8:16:a2:bb:e3:39:45:ef:8d:0f:4a:88:65:7e:16:84:f0:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWMdm.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWNET.sys
.sys windows:5 windows x64 arch:x64

da1d33725c81da360226d09cbfa47dec

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:a7:26:d2:74:04:67:d4:ec:2e:4c:5b:bc:f6:a3:9c:24:ab:30:2a
Signer

Actual PE Digest

3b:a7:26:d2:74:04:67:d4:ec:2e:4c:5b:bc:f6:a3:9c:24:ab:30:2a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WLAN\objfre_wnet_AMD64\amd64\PTUMWNET.pdb

Imports

ntoskrnl.exe

RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlZeroMemory
ExAllocatePoolWithTag
IoIsWdmVersionAvailable
RtlCopyUnicodeString
IofCompleteRequest
KeWaitForSingleObject
KeSetEvent
KeResetEvent
ObfReferenceObject
IoInitializeIrp
KeInitializeEvent
KeInitializeMutex
ObfDereferenceObject
KeReleaseMutex
KeDelayExecutionThread
KeReadStateEvent
RtlAppendUnicodeStringToString
RtlCompareMemory
ZwOpenKey
IofCallDriver
MmGetSystemRoutineAddress
DbgBreakPoint
KeCancelTimer
IoFreeIrp
KeInitializeTimer
KeSetTimer
ZwClose
IoOpenDeviceRegistryKey
ZwSetValueKey
ZwQueryValueKey
ObReferenceObjectByName
IoDriverObjectType
strncmp
RtlFreeUnicodeString
RtlIntegerToUnicodeString
ExFreePoolWithTag
IoCreateDevice
RtlInitUnicodeString
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoDeleteDevice
PsGetVersion
IoCancelIrp
RtlCopyMemory
ExQueryDepthSList
ExpInterlockedPushEntrySList
ExpInterlockedPopEntrySList
MmMapLockedPagesSpecifyCache
IoFreeMdl
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
_local_unwind
RtlFillMemory
MmMapLockedPages
RtlMoveMemory
IoAllocateIrp
__C_specific_handler
IoGetCurrentProcess
KeAcquireSpinLockRaiseToDpc
KeGetCurrentIrql
DbgPrint
KeReleaseSpinLock
RtlUnicodeToMultiByteN

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

ndis.sys

NdisMGetDeviceProperty
NdisMDeregisterAdapterShutdownHandler
NdisMSetAttributesEx
NdisOpenConfiguration
NdisReadNetworkAddress
NdisCloseConfiguration
NdisMRegisterAdapterShutdownHandler
NdisInitializeTimer
NdisCancelTimer
NdisInitializeWrapper
NdisMRegisterMiniport
NdisTerminateWrapper
NdisScheduleWorkItem
NdisFreeBufferPool
NdisAllocatePacketPoolEx
NdisAllocateBufferPool
NdisFreePacketPool
NdisAllocatePacket
NdisAllocateBuffer
NdisFreePacket
NdisSetEvent
NdisAllocateMemoryWithTag
NdisFreeMemory
NdisWaitEvent
NdisInitializeEvent
NdisSetTimer

Exports

Exports

GetDriverObject

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 79B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWNSP.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:8d:dd:78:ec:02:b9:6c:c0:2f:af:cb:f3:a8:62:37:b6:ad:b2:02
Signer

Actual PE Digest

20:8d:dd:78:ec:02:b9:6c:c0:2f:af:cb:f3:a8:62:37:b6:ad:b2:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWNSP.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWVsp.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:62:44:d5:6a:ad:04:ad:f7:fd:bd:6c:d4:4e:4e:04:b9:80:77:1b
Signer

Actual PE Digest

3e:62:44:d5:6a:ad:04:ad:f7:fd:bd:6c:d4:4e:4e:04:b9:80:77:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWVsp.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/ptumwcit.dll
.dll windows:6 windows x64 arch:x64

d6b435b87f63d366712b4b9f28e182ff

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

24:9d:94:1b:cf:df:57:6c:3a:dc:92:6a:10:70:44:25
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/06/2009, 00:00

Not After

13/07/2010, 23:59

Subject

CN=DEVGURU CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Team,O=DEVGURU CO LTD,L=Seocho-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4a:f8:4d:4e:b6:04:9e:a5:40:28:24:3b:b9:78:75:91:18:eb:4c:49
Signer

Actual PE Digest

4a:f8:4d:4e:b6:04:9e:a5:40:28:24:3b:b9:78:75:91:18:eb:4c:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\project\workings\pantech\px5000_px800_umw190_um185\trunk\app\net_coinst\coinst\objfre_wlh_amd64\amd64\ptumwcit.pdb

Imports

msvcrt

_XcptFilter
__C_specific_handler
_amsg_exit
free
_initterm
malloc

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
SetUnhandledExceptionFilter

Exports

Exports

DGCoInstaller

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/DIFxAPI.dll
.dll windows:6 windows x86 arch:x86

c8bb176aa316a8a34b7e7e1439c67e13

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

26:98:6b:1f:23:b8:07:df:c1:05:57:1b:9c:b8:b1:59:1a:1f:7c:a1
Signer

Actual PE Digest

26:98:6b:1f:23:b8:07:df:c1:05:57:1b:9c:b8:b1:59:1a:1f:7c:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DIFXAPI.pdb

Imports

ntdll

RtlUnwind
RtlNtStatusToDosError
VerSetConditionMask

kernel32

VerifyVersionInfoW
GetVersionExW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileW
SetFileAttributesW
GetEnvironmentVariableW
CompareStringW
GetFileAttributesW
MoveFileExW
GetTempFileNameW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
GetSystemWindowsDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameW
CopyFileW
LocalFree
RemoveDirectoryW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
CreateDirectoryW
LocalReAlloc
LocalAlloc
GetProcessHeap
ReleaseMutex
GetSystemDirectoryW
DeviceIoControl
WaitForSingleObject
CreateMutexW
GetSystemTimeAsFileTime
Sleep
RaiseException
GetVersionExA
HeapSize
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
GetThreadLocale
WaitForMultipleObjects
InterlockedCompareExchange
SetEvent
CreateEventW
SetEndOfFile
SetLastError
InterlockedExchange
lstrcmpiW
InterlockedDecrement
GetLastError
InterlockedIncrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
HeapFree
HeapReAlloc
EnterCriticalSection
HeapAlloc
LeaveCriticalSection
HeapDestroy
GetModuleHandleW
DeleteCriticalSection
GetModuleFileNameA
OutputDebugStringA
HeapCreate
InitializeCriticalSection
TlsGetValue

user32

UnregisterClassA
CharLowerW
CharPrevW

setupapi

CM_Query_And_Remove_SubTreeW
SetupDiSetDeviceRegistryPropertyW
SetupQueueCopyIndirectW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiSetClassInstallParamsW
SetupDiClassNameFromGuidW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Get_DevNode_Status
CM_Setup_DevNode
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupOpenFileQueue
SetupCommitFileQueueW
SetupQueueCopyW
SetupCloseFileQueue
SetupGetLineCountW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetFieldCount
SetupGetIntField
CM_Enumerate_Classes
SetupDiEnumDeviceInfo
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupDiGetClassDevsW
SetupDiOpenClassRegKey
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
SetupGetStringFieldW
pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupOpenAppendInfFileW
SetupCopyOEMInfW
SetupTermDefaultQueueCallback

advapi32

FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
QueryServiceStatus
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceW
RegCloseKey

ole32

StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

crypt32

CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject
CertFreeCTLContext

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWBus.sys
.sys windows:5 windows x86 arch:x86

9cbcba194ab7c64647d495f5bde8d87c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:d8:73:c1:38:7a:8f:ab:fd:60:76:a6:f0:ef:f0:63:af:5b:8d:ef
Signer

Actual PE Digest

fc:d8:73:c1:38:7a:8f:ab:fd:60:76:a6:f0:ef:f0:63:af:5b:8d:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\MssBus\ccgp\objfre_wnet_x86\i386\PTUMWBus.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
RtlQueryRegistryValues
ExFreePool
KeInitializeEvent
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
memset
IoCreateDevice
IofCallDriver
IofCompleteRequest
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
KeWaitForSingleObject
memcpy
IoRegisterDeviceInterface
IoDeleteDevice
IoSetDeviceInterfaceState
IoInvalidateDeviceRelations
ObfReferenceObject
PoCallDriver
PoRequestPowerIrp
IoCancelIrp
KeSetEvent
swprintf
IoReleaseCancelSpinLock
InterlockedExchange
RtlCompareMemory
IoDetachDevice
IoBuildDeviceIoControlRequest
InterlockedIncrement
InterlockedDecrement
ZwClose
ZwSetValueKey
IoOpenDeviceRegistryKey
RtlInitUnicodeString
ZwQueryValueKey
strncmp
strlen
IoGetCurrentProcess
ZwOpenKey
KeTickCount
KeBugCheckEx
DbgPrint
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
PsGetVersion

hal

KfReleaseSpinLock
KfAcquireSpinLock

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWCDF.sys
.sys windows:5 windows x86 arch:x86

55bf1df966eeb71a4c5e901ed223becf

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:d6:aa:24:c0:9a:4e:18:aa:ba:20:32:bc:e4:78:71:cb:72:4c:70
Signer

Actual PE Digest

88:d6:aa:24:c0:9a:4e:18:aa:ba:20:32:bc:e4:78:71:cb:72:4c:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGCDFREE\objfre_wnet_x86\i386\PTUMWCDF.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
KeSetEvent
IofCompleteRequest
IoCancelIrp
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
IoDeleteDevice
IoFreeWorkItem
IoDetachDevice
IoRegisterDeviceInterface
IoAttachDeviceToDeviceStack
PoSetPowerState
IoAllocateWorkItem
IoCreateDevice
InterlockedDecrement
ExFreePool
IoIsWdmVersionAvailable
RtlCopyUnicodeString
MmMapLockedPagesSpecifyCache
KeInitializeEvent
IoBuildDeviceIoControlRequest
InterlockedExchange
IofCallDriver
KeClearEvent
KefAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
KeInitializeSpinLock
PoRequestPowerIrp
ObfDereferenceObject
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
KeDelayExecutionThread
RtlFreeUnicodeString
IoSetDeviceInterfaceState
PoStartNextPowerIrp
PoCallDriver
IoQueueWorkItem
InterlockedIncrement
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
PsTerminateSystemThread
ObReferenceObjectByHandle
PsCreateSystemThread
KeTickCount
KeBugCheckEx
RtlUnwind
KeWaitForSingleObject
PsGetVersion

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeGetCurrentIrql

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWCSP.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:ab:0d:82:ce:12:d8:85:91:67:6f:ec:3d:74:a2:6c:60:5b:23:b7
Signer

Actual PE Digest

c1:ab:0d:82:ce:12:d8:85:91:67:6f:ec:3d:74:a2:6c:60:5b:23:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWCSP.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWFLT.sys
.sys windows:5 windows x86 arch:x86

2927b2275285cabfd2e57ee44bfb11bb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:df:0f:27:8b:b9:0b:0c:38:c7:72:c0:23:aa:bb:54:38:af:bb:a7
Signer

Actual PE Digest

99:df:0f:27:8b:b9:0b:0c:38:c7:72:c0:23:aa:bb:54:38:af:bb:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WWANFLT\driver\objfre_wnet_x86\i386\PTUMWFLT.pdb

Imports

ntoskrnl.exe

ExFreePool
ExAllocatePoolWithTag
KeSetEvent
KeWaitForSingleObject
IofCallDriver
KeInitializeEvent
InterlockedDecrement
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
ObfDereferenceObject
IoGetAttachedDeviceReference
IoIsWdmVersionAvailable
InterlockedIncrement
IofCompleteRequest
DbgPrint
IoDetachDevice
PoCallDriver
PoStartNextPowerIrp
RtlCopyUnicodeString
KeTickCount

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 261B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 640B - Virtual size: 626B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWMdm.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:96:59:43:7d:2a:46:82:c7:dc:ba:b8:83:0f:b8:4f:68:1c:f2:98
Signer

Actual PE Digest

d7:96:59:43:7d:2a:46:82:c7:dc:ba:b8:83:0f:b8:4f:68:1c:f2:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWMdm.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWNET.sys
.sys windows:5 windows x86 arch:x86

7dafef9f7a4310213fdac28fad7add09

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:8f:95:99:81:d0:d0:95:70:be:82:51:71:8f:3e:c3:26:6d:58:e8
Signer

Actual PE Digest

03:8f:95:99:81:d0:d0:95:70:be:82:51:71:8f:3e:c3:26:6d:58:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WLAN\objfre_wnet_x86\i386\PTUMWNET.pdb

Imports

ntoskrnl.exe

IofCallDriver
MmGetSystemRoutineAddress
DbgBreakPoint
KeCancelTimer
IoFreeIrp
KeInitializeTimer
KeSetTimer
ZwClose
IoOpenDeviceRegistryKey
ZwQueryValueKey
ZwOpenKey
ObReferenceObjectByName
IoDriverObjectType
strncmp
KeTickCount
KeBugCheckEx
KeReadStateEvent
KeDelayExecutionThread
KeReleaseMutex
KeQuerySystemTime
RtlCompareMemory
ObfDereferenceObject
KeInitializeMutex
KeInitializeEvent
IoInitializeIrp
ObfReferenceObject
InterlockedExchange
KeResetEvent
KeSetEvent
KeWaitForSingleObject
IofCompleteRequest
KeInitializeSpinLock
RtlCopyUnicodeString
IoIsWdmVersionAvailable
ExAllocatePoolWithTag
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlAppendUnicodeStringToString
RtlFreeUnicodeString
ExFreePool
RtlIntegerToUnicodeString
IoCreateDevice
RtlInitUnicodeString
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoDeleteDevice
PsGetVersion
IoCancelIrp
ExInterlockedPushEntrySList
ExInterlockedPopEntrySList
MmMapLockedPagesSpecifyCache
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
_local_unwind2
_except_handler3
memmove
IoAllocateIrp
IoGetCurrentProcess
ZwSetValueKey
DbgPrint
RtlUnicodeToMultiByteN

hal

KfReleaseSpinLock
KfAcquireSpinLock
KeGetCurrentIrql

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

ndis.sys

NdisMDeregisterAdapterShutdownHandler
NdisMSetAttributesEx
NdisOpenConfiguration
NdisReadNetworkAddress
NdisCloseConfiguration
NdisMRegisterAdapterShutdownHandler
NdisInitializeTimer
NdisCancelTimer
NdisInitializeWrapper
NdisMRegisterMiniport
NdisTerminateWrapper
NdisScheduleWorkItem
NdisAdjustBufferLength
NdisFreeBuffer
NdisFreeBufferPool
NdisAllocatePacketPoolEx
NdisMGetDeviceProperty
NdisFreePacketPool
NdisAllocatePacket
NdisAllocateBuffer
NdisFreePacket
NdisQueryBufferOffset
NDIS_BUFFER_TO_SPAN_PAGES
NdisSetEvent
NdisAllocateMemoryWithTag
NdisBufferVirtualAddress
NdisBufferLength
NdisFreeMemory
NdisAcquireSpinLock
NdisReleaseSpinLock
NdisWaitEvent
NdisFreeSpinLock
NdisAllocateSpinLock
NdisInitializeEvent
NdisInterlockedIncrement
NdisInterlockedDecrement
NdisAllocateBufferPool
NdisSetTimer

Exports

Exports

_GetDriverObject@4

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWNSP.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:7e:fd:bb:7a:b4:08:5c:47:c2:78:cb:8e:85:a4:a3:57:72:28:f1
Signer

Actual PE Digest

74:7e:fd:bb:7a:b4:08:5c:47:c2:78:cb:8e:85:a4:a3:57:72:28:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWNSP.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWVsp.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:58:fe:ea:d3:d7:34:dd:fa:62:e8:4b:22:6c:fb:23:b8:7f:48:b2
Signer

Actual PE Digest

43:58:fe:ea:d3:d7:34:dd:fa:62:e8:4b:22:6c:fb:23:b8:7f:48:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWVsp.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/ptumwcit.dll
.dll windows:6 windows x86 arch:x86

1b11fbe93323f636a2ae3876719cacca

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

24:9d:94:1b:cf:df:57:6c:3a:dc:92:6a:10:70:44:25
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/06/2009, 00:00

Not After

13/07/2010, 23:59

Subject

CN=DEVGURU CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Team,O=DEVGURU CO LTD,L=Seocho-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

52:d1:8e:99:1f:04:f9:f7:b9:77:53:3e:e7:f2:ad:a7:d7:b1:45:d7
Signer

Actual PE Digest

52:d1:8e:99:1f:04:f9:f7:b9:77:53:3e:e7:f2:ad:a7:d7:b1:45:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\workings\pantech\px5000_px800_umw190_um185\trunk\app\net_coinst\coinst\objfre_wlh_x86\i386\ptumwcit.pdb

Imports

msvcrt

_except_handler4_common
_XcptFilter
_adjust_fdiv
_amsg_exit
_initterm
free
malloc

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess

Exports

Exports

DGCoInstaller

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ia64/DIFxAPI.dll
$TEMP/DGPTUMW/ia64/PTUMWBus.sys
$TEMP/DGPTUMW/ia64/PTUMWCDF.sys
$TEMP/DGPTUMW/ia64/PTUMWCSP.sys
$TEMP/DGPTUMW/ia64/PTUMWFLT.sys
$TEMP/DGPTUMW/ia64/PTUMWMdm.sys
$TEMP/DGPTUMW/ia64/PTUMWNET.sys
$TEMP/DGPTUMW/ia64/PTUMWNSP.sys
$TEMP/DGPTUMW/ia64/PTUMWVsp.sys
$TEMP/DGPTUMW/ia64/ptumwcit.dll
$TEMP/DGPTUMW/ptumwbus.cat
$TEMP/DGPTUMW/ptumwcdf.cat
$TEMP/DGPTUMW/ptumwcsp.cat
$TEMP/DGPTUMW/ptumwmcp.dll
.dll windows:4 windows x86 arch:x86

238f2adf8ea4e5391510972f652c82be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:a4:26:bc:0d:95:a9:b4:d5:7f:9f:08:ef:7b:6a:0c:9c:f3:a8:53
Signer

Actual PE Digest

f9:a4:26:bc:0d:95:a9:b4:d5:7f:9f:08:ef:7b:6a:0c:9c:f3:a8:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
InterlockedExchange
MultiByteToWideChar
DisableThreadLibraryCalls
GetProcAddress
LoadLibraryA
OutputDebugStringA
WriteFile
GetOverlappedResult
ReadFile
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
CreateFileA
CloseHandle
GetLastError
lstrlenA
DeviceIoControl
WideCharToMultiByte
GlobalAlloc
GlobalFree
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
VirtualAlloc
GetModuleHandleA
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Device_IDA

Exports

Exports

UNI_DoRegisterSKTDriver
UNI_GetComPortName
UNI_GetLastError
WMC_ESyncMgr
WMC_GetCMPortA
WMC_GetCMPortW
WMC_GetConnectionInfo
WMC_GetDiagPortA
WMC_GetDiagPortW
WMC_GetEmergencyDLMode
WMC_GetMdmPortA
WMC_GetMdmPortW
WMC_GetNDISMode
WMC_GetNDISPacketCounts
WMC_GetNMEAPortA
WMC_GetNMEAPortW
WMC_GetPortA
WMC_GetPortW
WMC_GetPower
WMC_SetNDISMode
WMC_SetPower
WMC_WriteVendorCmd
WMC_WriteVendorCmdEx
WMC_usbClose
WMC_usbOpen
WMC_usbRead
WMC_usbWrite

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ptumwmcp64.dll
.dll windows:4 windows x64 arch:x64

42c074f2a4b704ff542e4f77f14177a8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:10:c7:e7:19:83:74:72:49:f3:c4:b6:dc:05:ca:b6:92:a1:22:3d
Signer

Actual PE Digest

d8:10:c7:e7:19:83:74:72:49:f3:c4:b6:dc:05:ca:b6:92:a1:22:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
MultiByteToWideChar
GetProcAddress
LoadLibraryA
OutputDebugStringA
WriteFile
GetOverlappedResult
ReadFile
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
CreateFileA
CloseHandle
GetLastError
lstrlenA
DeviceIoControl
WideCharToMultiByte
GlobalAlloc
DisableThreadLibraryCalls
GlobalFree
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
RtlPcToFileHeader
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetProcessHeap
GetCPInfo
GetOEMCP
IsValidCodePage
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
HeapSetInformation
HeapCreate
HeapDestroy
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
RtlUnwindEx
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_IDA

Exports

Exports

UNI_DoRegisterSKTDriver
UNI_GetComPortName
UNI_GetLastError
WMC_ESyncMgr
WMC_GetCMPortA
WMC_GetCMPortW
WMC_GetConnectionInfo
WMC_GetDiagPortA
WMC_GetDiagPortW
WMC_GetEmergencyDLMode
WMC_GetMdmPortA
WMC_GetMdmPortW
WMC_GetNDISMode
WMC_GetNDISPacketCounts
WMC_GetNMEAPortA
WMC_GetNMEAPortW
WMC_GetPortA
WMC_GetPortW
WMC_GetPower
WMC_SetNDISMode
WMC_SetPower
WMC_WriteVendorCmd
WMC_WriteVendorCmdEx
WMC_usbClose
WMC_usbOpen
WMC_usbRead
WMC_usbWrite

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ptumwmdm.cat
$TEMP/DGPTUMW/ptumwnet.cat
$TEMP/DGPTUMW/ptumwnsp.cat
$TEMP/DGPTUMW/ptumwvsp.cat
$TEMP/InstUtil.dll
.dll windows:4 windows x86 arch:x86

51b502ad9595050b276c7a141a5d558c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetSystemInfo
GetProcAddress
GetModuleHandleA
lstrcpyA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

GetSystemMetrics

Exports

Exports

osplatform
osversion
winosversion

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/Build.txt
Pantech UM185 driver.3guman.com/Original Disc/MPT/Custom.ini
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data.cab
.cab
Custom/Buttons.png
.png
Custom/Dialog.inf
Custom/Dialog.png
.png
Custom/InternetCnx.PNG
.png
Custom/InternetCnxWm.PNG
.png
Custom/LiveUpdateWm.PNG
.png
Custom/LogoWizard.png
.png
Custom/ModemWiz.PNG
.png
Custom/ModemWizWm.PNG
.png
Custom/NewUI.thm
Custom/TabControl.inf
Custom/TabControl.png
.png
Custom/Thumbs.db
Custom/logon.PNG
.png
Custom/skin.inf
Detect.inf
DeviceSDK/PCMPCC_UM185.dll
.dll windows:4 windows x86 arch:x86

53643e0dd27ad4e42a29b1eba5d92cad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
GetLastError
ResetEvent
SetEvent
OutputDebugStringA
lstrcatA
EscapeCommFunction
CreateFileA
ClearCommError
WaitForSingleObject
GetOverlappedResult
ReadFile
PurgeComm
GetCommState
GetCommModemStatus
InterlockedIncrement
InterlockedDecrement
SetCommTimeouts
SetCommState
SetupComm
GetCommProperties
CreateThread
TerminateThread
ResumeThread
SetThreadPriority
SetCommMask
WriteFile
WaitForMultipleObjects
GetCurrentThread
WaitCommEvent
FreeLibrary
LeaveCriticalSection
Sleep
GetProcAddress
GetVersion
GetVersionExA
GetModuleFileNameA
GetTickCount
lstrlenA
lstrcpyA
lstrcpynA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
LoadLibraryA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
SetFilePointer
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

UnregisterClassA
wvsprintfA
IsWindow
PostMessageA
LoadCursorA
SendMessageCallbackA
GetDesktopWindow
CreateWindowExA
DestroyWindow
RegisterClassA
TranslateMessage
DispatchMessageA
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

PCM_Activate
PCM_ChangeLockCode
PCM_ClearCallEntries
PCM_DeleteAllMessages
PCM_DeleteMessage
PCM_GPSLock
PCM_GetBatteryInfo
PCM_GetCallEntryCount
PCM_GetConnectionInfo
PCM_GetDeviceInfo
PCM_GetFieldSizes
PCM_GetFirstCallEntry
PCM_GetFirstMessage
PCM_GetLocationInfo
PCM_GetMessageCount
PCM_GetNDISMode
PCM_GetNetworkErrorString
PCM_GetNetworkInfo
PCM_GetNextCallEntry
PCM_GetNextMessage
PCM_GetParameters
PCM_GetRefurbishCount
PCM_GetWarrantyDateCode
PCM_ResetFactoryDefaults
PCM_SaveMessage
PCM_SendMessage
PCM_SetCallback
PCM_SetCallbackExtended
PCM_SetFieldTest
PCM_SetLock
PCM_SetMessageStatus
PCM_SetNDISMode
PCM_SetParameters
PCM_SetPower
PCM_SetPowerState
PCM_SetRadioPower
PCM_Shutdown
PCM_Startup

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GPRSOPE.pac
Help/Logo.gif
.gif
LiveUpdateClientTools.ini
OPE.pac
OpeIcons.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modems.pac
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data1.cab
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data1.hdr
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data2.cab
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data_ENU.cab
.cab
Aboutn.dll
.dll windows:4 windows x86 arch:x86

d615ef1afd3bfcab3c16b81909a4943b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bvrpctln

?ExpandBox@@YGXHPAUHWND__@@HH@Z
?SizeCtrlToText@@YG?AUtagSIZE@@PAUHWND__@@H@Z
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
?PocketHTML@@YGXPAUHWND__@@@Z
ord2
_CenterWindow@4

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

FreeLibrary
_lread
GetProcAddress
_lclose
_lopen
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
lstrcpyA
WinExec
lstrcatA
GetFileAttributesA
GlobalMemoryStatusEx
GetVersionExA
GetSystemInfo
GetPrivateProfileStringA
DisableThreadLibraryCalls
LoadLibraryA

user32

SetWindowTextA
ShowWindow
GetDlgItem
LoadStringA
GetParent
DialogBoxParamA
GetWindowLongA
IsWindow
wsprintfA
SetCursor
LoadCursorA
CreateWindowExA
DestroyWindow
MapWindowPoints
GetWindowRect
SetDlgItemTextA
SendMessageA
GetDlgItemTextA
GetClassLongA
SetWindowLongA
EndDialog

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

shlwapi

PathIsURLA
StrFormatByteSize64A

msvcrt

free
_initterm
malloc
_adjust_fdiv
strrchr

Exports

Exports

About
AboutEx
ExtAbout
GetProduct

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BvrpCtln.dll
.dll windows:4 windows x86 arch:x86

742915a85752f9717e8e687b06c0e4bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathW

kernel32

AddAtomA
RaiseException
InterlockedExchange
lstrcpyA
GetWindowsDirectoryA
WriteProfileStringA
GetProfileStringA
FormatMessageA
QueryPerformanceFrequency
QueryPerformanceCounter
FlushFileBuffers
WaitForMultipleObjects
CreateEventW
ResumeThread
GetCurrentProcessId
FormatMessageW
FileTimeToSystemTime
GetDateFormatW
FindFirstFileW
_lopen
GetModuleFileNameA
WideCharToMultiByte
DeleteFileA
lstrcmpA
lstrcpynW
InterlockedDecrement
lstrlenW
MultiByteToWideChar
Sleep
GlobalReAlloc
GlobalUnlock
GlobalHandle
GlobalAlloc
GlobalLock
lstrlenA
UnmapViewOfFile
CloseHandle
GlobalAddAtomA
GlobalDeleteAtom
_lclose
_lcreat
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
CreateEventA
_llseek
GlobalFindAtomA
GetVersionExA
ReadFile
GetFileSize
CreateFileA
lstrcmpiA
WriteFile
CreateFileW
GetCurrentThreadId
lstrcpynA
GlobalFree
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyW
GetLastError
LocalFree
LocalAlloc
GetComputerNameA
lstrcatA
RemoveDirectoryA
FindClose
FindNextFileA
SetLastError
GetFullPathNameA
FindFirstFileA
MoveFileA
DebugBreak
OutputDebugStringA
WaitForSingleObject
CopyFileA
GetTempPathA
GetEnvironmentVariableA
GetFileAttributesExA
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointerEx
lstrcmpiW
lstrcmpW
SystemTimeToFileTime
GetCurrentDirectoryW
SetEndOfFile
lstrcatW
CreateDirectoryW
GetFileAttributesW
SetFilePointer
GetFileSizeEx
GetSystemTime
GetTickCount
LeaveCriticalSection
EnterCriticalSection
CreateThread
SetEvent
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
_lread
_lwrite
IsBadReadPtr
CompareFileTime
HeapDestroy
HeapCreate
HeapFree
LoadLibraryExW
GetLocaleInfoW
GetModuleFileNameW
GetPrivateProfileStringW
GetAtomNameW
DeleteAtom
AddAtomW
LoadLibraryW
GetProcessHeap
HeapAlloc
DisableThreadLibraryCalls
MulDiv
GetTempFileNameA
GetModuleHandleW
GetFileAttributesA

user32

GetCapture
SetWindowRgn
SetWindowTextW
RegisterClassExW
LoadCursorW
GetNextDlgTabItem
PostMessageW
UnregisterClassW
RegisterClassW
ChildWindowFromPoint
GetWindowTextLengthA
ScrollWindowEx
TrackMouseEvent
IsWindowVisible
SystemParametersInfoA
DestroyIcon
SetCursorPos
DrawIcon
SystemParametersInfoW
GetDlgItemTextW
CreateDialogParamW
MessageBeep
WinHelpA
UpdateWindow
GetClassNameA
TranslateMessage
EqualRect
MapWindowPoints
ShowWindow
DestroyWindow
SetWindowLongA
DrawTextExA
IsZoomed
SetWindowPlacement
GetWindowPlacement
ChangeClipboardChain
SetClipboardViewer
DrawTextExW
PeekMessageW
DispatchMessageW
LoadImageW
GetWindowThreadProcessId
GetPropW
GetWindowRgn
DefWindowProcW
GetUpdateRect
IsCharAlphaNumericA
SetPropA
LoadIconA
GetPropA
RemovePropA
GetIconInfo
DrawEdge
LoadStringW
SetWindowsHookExW
GetWindowTextLengthW
AdjustWindowRectEx
ScreenToClient
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetWindowTextW
DrawTextW
CreateWindowExW
GetWindowLongW
CheckDlgButton
SetMenuDefaultItem
SetPropW
GetTopWindow
IntersectRect
SendMessageW
FrameRect
DrawFocusRect
IsMenu
InvalidateRect
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
DrawIconEx
GetWindowDC
DrawFrameControl
DrawStateA
ClientToScreen
PtInRect
CallWindowProcW
CallWindowProcA
InflateRect
SetCapture
IsWindow
IsWindowUnicode
SetWindowLongW
LoadImageA
GetActiveWindow
SetRect
RegisterClassExA
BeginPaint
EndPaint
RedrawWindow
KillTimer
SetTimer
GetSysColorBrush
FillRect
GetDesktopWindow
IsDlgButtonChecked
CharNextA
wsprintfW
IsWindowEnabled
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
DrawTextA
GetWindow
GetMenu
GetSystemMetrics
DialogBoxParamA
SetWindowTextA
EndDialog
wvsprintfA
GetDC
ReleaseDC
UnregisterClassA
RegisterClassA
DefWindowProcA
InsertMenuItemA
UnhookWindowsHookEx
SetWindowsHookExA
SetFocus
GetKeyState
GetAncestor
CallNextHookEx
OffsetRect
GetMenuItemCount
AppendMenuW
GetCursorPos
GetMenuItemInfoW
GetMenuItemInfoA
GetSysColor
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
TrackPopupMenuEx
GetMenuStringA
MsgWaitForMultipleObjects
SetCursor
LoadCursorA
ReleaseCapture
PeekMessageA
DispatchMessageA
MessageBoxA
PostMessageA
GetWindowLongA
EnableWindow
SendInput
WindowFromPoint
RegisterWindowMessageW
GetCursor
GetWindowTextA
GetDlgCtrlID
GetParent
GetClassInfoExW
LoadMenuA
GetSubMenu
EnableMenuItem
DeleteMenu
LoadStringA
InsertMenuA
TrackPopupMenu
GetFocus
IsChild
wsprintfA
CreateDialogParamA
SetWindowPos
GetClientRect
SendMessageA
DestroyMenu
CreateWindowExA
GetDlgItem
IsDialogMessageA
GetWindowRect
SetForegroundWindow
SetActiveWindow
FindWindowA
GetDCEx
GetClassLongW
SendMessageTimeoutA
GetMenuState
IsIconic
PostQuitMessage
GetMessageA
LoadCursorFromFileA
GetSystemMenu
MoveWindow

gdi32

ExtSelectClipRgn
SelectClipRgn
SaveDC
GetTextExtentPointA
ExtTextOutA
RestoreDC
ExcludeClipRect
GetObjectW
GetDeviceCaps
CreateFontIndirectW
SetTextAlign
CreateRectRgnIndirect
EnumFontFamiliesA
GetStockObject
SelectObject
DeleteDC
BitBlt
SetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
SetDIBits
CreateDIBSection
CreatePatternBrush
CreateBitmapIndirect
PatBlt
TextOutA
CreateRoundRectRgn
StretchBlt
SetStretchBltMode
SetLayout
ExtTextOutW
GetDIBits
GetTextMetricsW
EnumFontFamiliesExA
OffsetWindowOrgEx
OffsetRgn
SetWindowOrgEx
GetCurrentPositionEx
GetCurrentObject
GetTextColor
Polygon
UnrealizeObject
DeleteObject
SetBrushOrgEx
GetTextExtentPoint32W
GetPixel
CreatePen
GetTextExtentPoint32A
LineTo
MoveToEx
CreateSolidBrush
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
SetPixel
SetPixelV
CreateBitmap
PtInRegion
CreateEllipticRgn
CreateHatchBrush
TextOutW
Rectangle

winspool.drv

ClosePrinter
EnumPrintersA
ord201
OpenPrinterA
ord202
GetPrinterA

comdlg32

GetSaveFileNameA
ChooseFontA
GetOpenFileNameA

advapi32

CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptDecrypt
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegSetValueExW
RegCreateKeyExW
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExA
CryptAcquireContextA

shell32

ord25
ord18
SHGetFolderLocation
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
ord2
SHGetFileInfoW
ord4
SHGetPathFromIDListW
ShellExecuteA
ShellExecuteW
SHGetDataFromIDListW
SHFileOperationW

ole32

CoTaskMemFree
CoTaskMemAlloc
GetHGlobalFromStream
CLSIDFromProgID
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
OleSetContainedObject
OleCreateFromFile
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
OleRun
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringByteLen
VariantClear
SysStringLen
VariantChangeType
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SysStringByteLen
VariantInit
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocStringLen
OleLoadPicture
SysFreeString

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_Create
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_Add
ImageList_Remove
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_DrawIndirect
ord17
CreateToolbarEx
InitCommonControlsEx
ImageList_Destroy
ImageList_Duplicate
ImageList_GetImageCount
ImageList_Draw
ImageList_SetDragCursorImage

oledlg

ord1

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ

msvcrt

wcslen
wcsstr
free
malloc
wcsncpy
_splitpath
swprintf
_except_handler3
strncmp
wcscpy
wcscat
wcsrchr
_wtoi
rand
_purecall
strchr
fclose
fgets
fopen
wcschr
iswxdigit
memmove
strstr
_strnicmp
_strupr
isdigit
??2@YAPAXI@Z
strrchr
_CxxThrowException
strpbrk
_stricmp
_close
strncpy
_open
_errno
_read
_write
_lseek
remove
_tempnam
calloc
srand
_winminor
_winmajor
wcscmp
_ftol
_CIpow
_strdup
_vsnprintf
_wcsnicmp
iswspace
_osver
_makepath
isspace
strtol
mbstowcs
wcstombs
_strcmpi
toupper
towupper
strtok
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
atoi
_filelength
_wcsicmp
_unlink
realloc

urlmon

CreateURLMoniker

wininet

InternetCrackUrlW

msimg32

AlphaBlend
GradientFill

msvfw32

MCIWndCreateA

avifil32

AVIFileExit
AVIFileInfoA
AVIFileOpenA
AVIFileRelease
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamLength
AVIStreamStart
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrame
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIStreamWrite
AVIFileInit

shlwapi

UrlGetPartW
PathAppendA
PathFindExtensionW
PathRemoveBackslashA
SHCreateStreamOnFileW
StrToIntExW
PathAppendW
PathRemoveFileSpecW
StrRChrW
PathIsDirectoryW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecA
PathIsRelativeA
StrFormatKBSizeW
PathMatchSpecW
StrStrIA
StrStrA
StrCpyW
StrStrW
StrStrIW
UrlGetPartA
PathAddBackslashW
PathRenameExtensionA
PathFindFileNameA
StrCmpNIA
PathAddBackslashA
PathRelativePathToA
PathFileExistsW
PathCreateFromUrlW
UrlCombineW
PathRenameExtensionW
UrlIsW
PathFindExtensionA
StrToIntW
StrTrimW
StrChrW
StrCmpNIW
SHDeleteEmptyKeyA
SHDeleteKeyA
PathAddExtensionA

wsock32

WSAStartup
gethostbyname
WSACleanup

Exports

Exports

??0CAvi@@QAE@PBD@Z
??0CDynArray@@QAE@HH@Z
??0CDynArray@@QAE@XZ
??0CPacFile@@QAE@PBD0@Z
??0CProfile@@QAE@ABV0@@Z
??0CProfile@@QAE@PBD_N@Z
??0CWaitDialog@@QAE@ABV0@@Z
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z
??1CAvi@@QAE@XZ
??1CDynArray@@QAE@XZ
??1CPacFile@@QAE@XZ
??1CProfile@@UAE@XZ
??1CWaitDialog@@UAE@XZ
??4CAvi@@QAEAAV0@ABV0@@Z
??4CDynArray@@QAEAAV0@ABV0@@Z
??4CPacFile@@QAEAAV0@ABV0@@Z
??4CProfile@@QAEAAV0@ABV0@@Z
??4CWaitDialog@@QAEAAV0@ABV0@@Z
??BCWaitDialog@@QBEPAUHWND__@@XZ
??_7CProfile@@6B@
??_7CWaitDialog@@6B@
??_C@_00A@?$AA@
??_FCAvi@@QAEXXZ
??_FCPacFile@@QAEXXZ
??_FCProfile@@QAEXXZ
?AddDialogHeader@@YG_NPAUHWND__@@PAUDialogHeader@@@Z
?AddItem@CDynArray@@QAEHPAX@Z
?AddItem@CDynArray@@QAEPAXXZ
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
?AnimatedPng_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?AppendItem@CDynArray@@QAEHPAX@Z
?AppendItem@CDynArray@@QAEPAXXZ
?AppendZip@@YGPAUHZIP__@@PBGPBD@Z
?AppendZip@@YGPAUHZIP__@@PB_WPBD@Z
?ArrangeControls@@YAXPAUHWND__@@W4ARRANGE_WAY@@HHHZZ
?BrowseEdit@@YG_NPAUHWND__@@K@Z
?BtnMenu_Init@@YG_NPAUHWND__@@@Z
?BtnMenu_Init@@YG_NPAUHWND__@@H@Z
?BtnMenu_OnDrawItem@@YGXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?BtnMenu_PopMenu@@YGHPAUHWND__@@PAUHMENU__@@@Z
?CheckGroupBox_Create@@YG_NPAUHWND__@@HIII@Z
?CheckGroupBox_GetCheck@@YGIPAUHWND__@@@Z
?CheckGroupBox_SetCheck@@YGXPAUHWND__@@I@Z
?CheckVideoType@CAvi@@QAE_NXZ
?CloseZip@@YGKPAUHZIP__@@@Z
?ConvertStaticToGroupLine@@YGXPAUHWND__@@H_N@Z
?CountOfStream@CAvi@@QAEIXZ
?Create@CDynArray@@QAEXHH@Z
?CreateVideoStream@CAvi@@QAE_NPAUtagBITMAPINFOHEADER@@K@Z
?CreateZip@@YGPAUHZIP__@@PAXIPBD@Z
?CreateZip@@YGPAUHZIP__@@PBD0@Z
?CreateZipA@@YGPAUHZIP__@@PBD0@Z
?CreateZipHandle@@YGPAUHZIP__@@PAXPBD@Z
?CreateZipW@@YGPAUHZIP__@@PBGPBD@Z
?CreateZipW@@YGPAUHZIP__@@PB_WPBD@Z
?DeleteAllItems@CDynArray@@QAEXXZ
?DeleteItem@CDynArray@@QAEHH@Z
?Destroy@CDynArray@@QAEXXZ
?DoModal@CWaitDialog@@QAEHKK@Z
?DrawHTML@@YGHPAUHDC__@@PBDHPAUtagRECT@@I@Z
?DrawHTMLA@@YGHPAUHDC__@@PBDHPAUtagRECT@@I@Z
?DrawHTMLW@@YGHPAUHDC__@@PBGHPAUtagRECT@@I@Z
?ExpandBox@@YGXHPAUHWND__@@HH@Z
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?FileCreate@CAvi@@QAE_NPBD@Z
?FileOpen@CAvi@@QAE_NPBD@Z
?FileRelease@CAvi@@QAEXXZ
?FindChapter@CProfile@@ABEPAUChapter@1@PBD@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD0@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?FindZipItem@@YGKPAUHZIP__@@PBD_NPAHPAUZIPENTRY@@@Z
?FindZipItemA@@YGKPAUHZIP__@@PBD_NPA_KPAUZIPENTRYA@@@Z
?FindZipItemW@@YGKPAUHZIP__@@PBG_NPA_KPAUZIPENTRYW@@@Z
?FindZipItemW@@YGKPAUHZIP__@@PB_W_NPA_KPAUZIPENTRYW@@@Z
?FormatBarText@CWaitDialog@@QBAABV1@PBDZZ
?FormatProgressText@CWaitDialog@@QBAABV1@PBDZZ
?FormatZipMessage@@YGIPAUHZIP__@@KPADI@Z
?FormatZipMessageA@@YGIPAUHZIP__@@KPADI@Z
?FormatZipMessageW@@YGIPAUHZIP__@@KPAGI@Z
?FormatZipMessageW@@YGIPAUHZIP__@@KPA_WI@Z
?Free@CProfile@@AAEXPAUSection@1@PAUChapter@1@@Z
?GetChapterName@CProfile@@QBEPBDXZ
?GetChildRect@CWaitDialog@@IBE?AUtagRECT@@PAUHWND__@@@Z
?GetInt@CProfile@@QBEHPBD0H@Z
?GetInt@CProfile@@QBEHPBDH@Z
?GetItem@CDynArray@@QBE_NHPAX@Z
?GetItemCount@CDynArray@@QBEHXZ
?GetItemPtr@CDynArray@@QBEPAXH@Z
?GetItemSize@CDynArray@@QBEHXZ
?GetKeyName@CProfile@@QBEPBDXZ
?GetKeyValue@CProfile@@QBEPBDXZ
?GetLine@CPacFile@@QAEPADPADH@Z
?GetMessageBoxCheck@@YGHPBD@Z
?GetMessageBoxCheck@@YGHPBG@Z
?GetPtr@CPacFile@@QAEPAEXZ
?GetSafeHwnd@CWaitDialog@@QBEPAUHWND__@@XZ
?GetSectionName@CProfile@@QBEPBDXZ
?GetSize@CPacFile@@QAEHXZ
?GetString@CProfile@@QBEHPBD00PADI@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
?GetUserContext@CWaitDialog@@QBEPAXXZ
?GetZipItem@@YGKPAUHZIP__@@HPAUZIPENTRY@@@Z
?GetZipItemA@@YGKPAUHZIP__@@_KPAUZIPENTRYA@@@Z
?GetZipItemW@@YGKPAUHZIP__@@_KPAUZIPENTRYW@@@Z
?GotoChapter@CProfile@@QAE_NPBD@Z
?GotoFirstChapter@CProfile@@QAE_NXZ
?GotoFirstKey@CProfile@@QAE_NXZ
?GotoFirstSection@CProfile@@QAE_NXZ
?GotoFirstSectionOfChapter@CProfile@@QAE_NXZ
?GotoKey@CProfile@@QAE_NPBD@Z
?GotoNextChapter@CProfile@@QAE_NXZ
?GotoNextKey@CProfile@@QAE_NXZ
?GotoNextSection@CProfile@@QAE_NXZ
?GotoNextSectionOfChapter@CProfile@@QAE_NXZ
?GotoSection@CProfile@@QAE_NPBD@Z
?HTML_LoadW@@YGHPAUHWND__@@PBGK@Z
?HideCancel@CWaitDialog@@QBEABV1@XZ
?HideControlAndMoveV@@YAXPAUHWND__@@_NHHZZ
?HideGroup@@YGXPAUHWND__@@_NH@Z
?HideProgressBar@CWaitDialog@@QBEABV1@XZ
?Infobox_Create@@YGPAUHWND__@@PAU1@PAUINFOBOX@@@Z
?Infobox_CreateW@@YGPAUHWND__@@PAU1@PAUINFOBOXW@@@Z
?InitAnimatedPng@@YGXXZ
?InitFakeProgress@@YGXXZ
?InitSimpleBrowser@@YGXXZ
?InitTabbedBrowser@@YGXXZ
?InsertButton@@YG_NPAUHWND__@@IPAUHICON__@@@Z
?InsertItem@CDynArray@@QAEHHPAX@Z
?InsertItem@CDynArray@@QAEPAXH@Z
?IsBoxExpanded@@YG_NPAUHWND__@@H@Z
?IsCancelled@CWaitDialog@@QBE_NXZ
?IsEntryComment@CProfile@@ABE_NPBD@Z
?IsLoaded@CProfile@@QBE_NXZ
?LinkControls@@YGHPAUHWND__@@HH_NH@Z
?Load@CPacFile@@QAE_NPBD0@Z
?Load@CProfile@@QAE_NPBD0@Z
?Load@CProfile@@QAE_NPBD@Z
?LoadTree@CProfile@@AAE_NPAVCPacFile@@@Z
?LoadVideoStream@CAvi@@QAE_NH@Z
?MemAlloc@CProfile@@AAEPAXK@Z
?MemFree@CProfile@@AAEXPAX@Z
?MessageBoxCheck@@YGHPAUHWND__@@PAUHINSTANCE__@@PBD2K2K@Z
?MessageBoxCheck@@YGHPAUHWND__@@PAUHINSTANCE__@@PBG2K2K@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
?MessageBoxPlus@@YAHPAUMSGBOXPLUSW@@ZZ
?MoveControlsH@@YAXPAUHWND__@@H_N1HZZ
?MoveControlsV@@YAXPAUHWND__@@H_NHZZ
?OnCommand@CWaitDialog@@IAEXPAUHWND__@@H0I@Z
?OnInitDialog@CWaitDialog@@IAEHPAUHWND__@@0J@Z
?OpenZip@@YGPAUHZIP__@@PBD0@Z
?OpenZip@@YGPAUHZIP__@@PBXIPBD@Z
?OpenZipA@@YGPAUHZIP__@@PBD0@Z
?OpenZipHandle@@YGPAUHZIP__@@PAXPBD@Z
?OpenZipW@@YGPAUHZIP__@@PBGPBD@Z
?OpenZipW@@YGPAUHZIP__@@PB_WPBD@Z
?PocketHTML@@YGXPAUHWND__@@@Z
?Profile_GetBooleanEx@@YGHPAUHKEY__@@PBD11H@Z
?PwdApiChangePassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?PwdApiGetPassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?RemoveZipItem@@YGKPAUHZIP__@@_K@Z
?Resize_Exit@@YGXPAUHWND__@@@Z
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
?Resize_LoadPlacement@@YGXPAUHWND__@@PBDHH@Z
?Resize_OnGetMinMaxInfo@@YGXPAUHWND__@@PAUtagMINMAXINFO@@@Z
?Resize_OnNCHitTest@@YGIPAUHWND__@@HH@Z
?Resize_OnSize@@YGXPAUHWND__@@IHH@Z
?Resize_SavePlacement@@YGXPAUHWND__@@PBD@Z
?Resize_SetFlags@@YGXPAUHWND__@@II@Z
?Resize_SetMaxSize@@YGXPAUHWND__@@AAUtagSIZE@@@Z
?Resize_SetMinSize@@YGXPAUHWND__@@AAUtagSIZE@@@Z
?Resize_UpdateClientRect@@YG_NPAUHWND__@@HH@Z
?Resize_UpdateWndRect@@YG_NPAUHWND__@@I@Z
?SetAnimatedIcon@CWaitDialog@@QBEABV1@PBD@Z
?SetBarText@CWaitDialog@@QBEABV1@PBD@Z
?SetControlsState@@YAXPAUHWND__@@HHHZZ
?SetIcon@CWaitDialog@@QBEABV1@PAUHICON__@@@Z
?SetItem@CDynArray@@QAE_NHPAX@Z
?SetMessageBoxCheck@@YGXPBDH@Z
?SetMessageBoxCheck@@YGXPBGH@Z
?SetProgressPos@CWaitDialog@@QBEABV1@H@Z
?SetProgressRange@CWaitDialog@@QBEABV1@HH@Z
?SetProgressText@CWaitDialog@@QBEABV1@PBD@Z
?SetUnzipBaseDir@@YGKPAUHZIP__@@PBD@Z
?SetUnzipBaseDirA@@YGKPAUHZIP__@@PBD@Z
?SetUnzipBaseDirW@@YGKPAUHZIP__@@PBG@Z
?SetUnzipBaseDirW@@YGKPAUHZIP__@@PB_W@Z
?SetWindowTextA@CWaitDialog@@QBEABV1@PBD@Z
?SetWindowTitle@CWaitDialog@@QBEABV1@PBD@Z
?ShouldTerminate@CWaitDialog@@QBE_NXZ
?SimpleBrowser_ApplyColorScheme@@YGXH@Z
?SizeControls@@YAXPAUHWND__@@KHHZZ
?SizeCtrlToText@@YG?AUtagSIZE@@PAUHWND__@@H@Z
?SizeCtrlToTextEx@@YG?AUtagSIZE@@PAUHWND__@@HK@Z
?SyncChapterWithSection@CProfile@@QAE_NXZ
?TabbedBrowser_SetCustomDesign@@YGXPBG@Z
?TextScroller@@YGXPAUHWND__@@_N@Z
?Unload@CPacFile@@QAEXXZ
?Unload@CProfile@@QAEXXZ
?Unpac@CPacFile@@AAEHPBD0PAEPAK@Z
?UnzipItem@@YGKPAUHZIP__@@HPBD@Z
?UnzipItemA@@YGKPAUHZIP__@@_KPBD@Z
?UnzipItemHandle@@YGKPAUHZIP__@@_KPAX@Z
?UnzipItemMemory@@YGKPAUHZIP__@@_KPAXI@Z
?UnzipItemW@@YGKPAUHZIP__@@_KPBG@Z
?UnzipItemW@@YGKPAUHZIP__@@_KPB_W@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?VideoAddFrame@CAvi@@QAE_NPAEH@Z
?VideoGetFrame@CAvi@@QAEPAUtagBITMAPINFO@@J@Z
?VideoGetFrameAsBitmap@CAvi@@QAEPAUHBITMAP__@@JK@Z
?VideoHeight@CAvi@@QAEIXZ
?VideoRate@CAvi@@QAEIXZ
?VideoStreamEnd@CAvi@@QAEJXZ
?VideoStreamStart@CAvi@@QAEJXZ
?VideoWidth@CAvi@@QAEIXZ
?ZipAdd@@YGKPAUHZIP__@@PBD1@Z
?ZipAdd@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddA@@YGKPAUHZIP__@@PBD1@Z
?ZipAddA@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddFolder@@YGKPAUHZIP__@@PBD@Z
?ZipAddFolderA@@YGKPAUHZIP__@@PBD@Z
?ZipAddFolderW@@YGKPAUHZIP__@@PBG@Z
?ZipAddFolderW@@YGKPAUHZIP__@@PB_W@Z
?ZipAddHandle@@YGKPAUHZIP__@@PBDPAX@Z
?ZipAddHandle@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddHandleA@@YGKPAUHZIP__@@PBDPAX@Z
?ZipAddHandleA@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PBGPAX@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PBGPAXI@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PB_WPAX@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PB_WPAXI@Z
?ZipAddW@@YGKPAUHZIP__@@PBG1@Z
?ZipAddW@@YGKPAUHZIP__@@PBGPAXI@Z
?ZipAddW@@YGKPAUHZIP__@@PB_W1@Z
?ZipAddW@@YGKPAUHZIP__@@PB_WPAXI@Z
?ZipGetMemory@@YGKPAUHZIP__@@PAPAXPAK@Z
?ZipSetCompression@@YGKPAUHZIP__@@H@Z
?apCreateInstance@@YGPAXABU_GUID@@@Z
?striremove@@YGPADPADPBD@Z
?striremove@@YGPAGPAGPBG@Z
?strireplace@@YGPADPADPBD1@Z
?strireplace@@YGPAGPAGPBG1@Z
?stristr@@YGPADPBD0@Z
?strltrim@@YGPADPAD@Z
?strmatch@@YG_NPBD0@Z
?strmatch@@YG_NPBG0@Z
?strremove@@YGPADPADPBD@Z
?strremove@@YGPAGPAGPBG@Z
?strrepc@@YGPADPADDD@Z
?strrepc@@YGPAGPAGGG@Z
?strreplace@@YGPADPADPBD1@Z
?strreplace@@YGPAGPAGPBG1@Z
?strrtrim@@YGPADPAD@Z
?vaMoveControlsH@@YGXPAUHWND__@@H_N1PAH@Z
?vaMoveControlsV@@YGXPAUHWND__@@H_NPAH@Z
BvrpctlGetVer
CreateDitherButton
CreateGrayedBitmap
CreateGrayedButton
CreateHeader
DuplicateBitmap
ExtTransBitmap
GetBoldFont
GetDitherBrush
GetNormalFont
HDrawBitmap
HTextOut
HTransBitmap
LinkCreate
LoadMappedBitmap
LoadMappedButton
MakeFullPathName
SysColorChange
TransBitmap
_AddSizeGrip@4
_CalculateEMSCount@8
_CenterWindow@4
_CreateEMSWnd@16
_CreateHtmlSlideView@20
_DestroyEMSWnd@8
_DrawGradientRect@20
_EMSPrint@8
_EMSPrintW@8
_EMSStreamToHTML@20
_EMSToDGR@16
_EMSToDGRW@16
_EMSToHTML@16
_EMSToHTMLW@16
_EditList_AddString@8
_EditList_Create@12
_EditList_GetCount@4
_EditList_GetText@16
_EditList_GetTextLen@8
_EditList_ReadFile@8
_EditList_WriteFile@8
_EnChangeNotifyAvailable@4
_FitToScreen@16
_GetDefaultCtrlFontNameA@0
_GetDefaultCtrlFontNameW@0
_GetEMSLevel@4
_GetEMSToolBar@4
_GetResourceInstance@4
_GetResourcePath@8
_HTMLToEMS@24
_HTMLToEMSW@24
_HTML_AddText@12
_HTML_BlockQuoteText@4
_HTML_CallScript@20
_HTML_CallScriptW@20
_HTML_CanCopy@4
_HTML_CanGoBack@4
_HTML_CanGoForward@4
_HTML_Create@20
_HTML_CreateBrowser@20
_HTML_CreateBrowserW@20
_HTML_CreateEx@24
_HTML_CreateExW@24
_HTML_CreateW@20
_HTML_FindElementById@12
_HTML_FindElementByIdW@12
_HTML_GetAttribute@20
_HTML_GetAttributeW@20
_HTML_GetBoundingRect@8
_HTML_GetCaretPos@8
_HTML_GetCharset@12
_HTML_GetCharsetW@12
_HTML_GetChecked@12
_HTML_GetCheckedW@12
_HTML_GetEditFormat@4
_HTML_GetElementRect@12
_HTML_GetElementRectW@12
_HTML_GetInputValue@16
_HTML_GetInputValueW@16
_HTML_GetSelectedText@8
_HTML_GetSelectedTextW@8
_HTML_GetTagText@20
_HTML_GetTagTextW@20
_HTML_GetText@20
_HTML_GoBack@4
_HTML_GoForward@4
_HTML_GoHome@4
_HTML_Load@12
_HTML_Navigate@12
_HTML_NavigateW@12
_HTML_Print@24
_HTML_PrintToDGR@20
_HTML_PrintToDGRW@20
_HTML_PrintW@24
_HTML_Refresh2@8
_HTML_Refresh@4
_HTML_RemoveTag@12
_HTML_RemoveTagW@12
_HTML_ReplaceSelectionText@8
_HTML_ReplaceSelectionTextW@8
_HTML_Select_AddOption@16
_HTML_Select_AddOptionW@16
_HTML_Select_GetSelectedOption@28
_HTML_Select_GetSelectedOptionW@28
_HTML_Select_RemoveAllOptions@8
_HTML_Select_RemoveAllOptionsW@8
_HTML_SetAttribute@16
_HTML_SetAttributeW@16
_HTML_SetCharset@8
_HTML_SetCharsetW@8
_HTML_SetChecked@12
_HTML_SetCheckedW@12
_HTML_SetDisplayed@12
_HTML_SetDisplayedW@12
_HTML_SetEditFormat@12
_HTML_SetEnabled@12
_HTML_SetEnabledW@12
_HTML_SetExternal@8
_HTML_SetFont@16
_HTML_SetFontW@16
_HTML_SetImage@12
_HTML_SetImageW@12
_HTML_SetInputValue@12
_HTML_SetInputValueW@12
_HTML_SetTagText@16
_HTML_SetTagTextW@16
_HTML_SetText@20
_HTML_SetToolTip@12
_HTML_SetToolTipW@12
_HTML_SetZoomFactor@8
_HTML_Stop@4
_HTML_TranslateAccelerator@8
_HistCombo_Init@8
_HistCombo_Update@4
_InitSmartCaption@0
_InitSplitter@4
_InitSplitterWnd@0
_InsertText@12
_InsertTextW@12
_IsInternetConnected@4
_IsInternetConnectedT@8
_IsInternetConnectedW@4
_Link_Create@8
_Link_SetColors@12
_MakeFullPathNameW@12
_ParseSendToURL@4
_PrintEMSContent@36
_Profile_CheckEntry@12
_Profile_CheckEntryEx@16
_Profile_CheckEntryExW@16
_Profile_CheckEntryW@12
_Profile_DeleteSection@8
_Profile_DeleteSectionW@8
_Profile_DeleteValue@12
_Profile_DeleteValueW@12
_Profile_GetAppName@0
_Profile_GetAppNameW@0
_Profile_GetBinary@20
_Profile_GetBinaryEx@24
_Profile_GetBinaryExW@24
_Profile_GetBinarySize@12
_Profile_GetBinarySizeEx@16
_Profile_GetBinarySizeExW@16
_Profile_GetBinarySizeW@12
_Profile_GetBinaryW@20
_Profile_GetBoolean@16
_Profile_GetBooleanExW@20
_Profile_GetBooleanW@16
_Profile_GetCompany@0
_Profile_GetCompanyW@0
_Profile_GetInt@16
_Profile_GetIntEx@20
_Profile_GetIntExW@20
_Profile_GetIntW@16
_Profile_GetProfile@4
_Profile_GetProfileEx@8
_Profile_GetProfileExW@8
_Profile_GetProfileW@4
_Profile_GetRoot@0
_Profile_GetRootW@0
_Profile_GetSection@8
_Profile_GetSectionEx@12
_Profile_GetSectionExW@12
_Profile_GetSectionW@8
_Profile_GetString@24
_Profile_GetStringEx@28
_Profile_GetStringExW@28
_Profile_GetStringW@24
_Profile_RenameSection@12
_Profile_RenameSectionW@12
_Profile_SetAppName@4
_Profile_SetAppNameW@4
_Profile_SetBinary@20
_Profile_SetBinaryW@20
_Profile_SetBoolean@16
_Profile_SetBooleanW@16
_Profile_SetCompany@4
_Profile_SetCompanyW@4
_Profile_SetInt@16
_Profile_SetIntW@16
_Profile_SetProfile@4
_Profile_SetRoot@4
_Profile_SetRootW@4
_Profile_SetString@16
_Profile_SetStringW@16
_RTF_Create@16
_RTF_CreateEx@24
_RTF_GetCharEffects@12
_RTF_GetEditCtrl@4
_RTF_GetParaAlignment@8
_RTF_GetText@12
_RTF_Open@8
_RTF_OpenEx@12
_RTF_Reset@28
_RTF_Save@8
_RTF_SetText@12
_Rebar_ChevronPushed@8
_Rebar_MenuChevronPushed@8
_Rebar_MenuDrawItem@8
_Rebar_MenuMeasureItem@8
_SaveEmsHtmlDocument@16
_SaveEmsHtmlDocumentW@16
_SetEMSLevel@8
_SetHtmlSlideGradientColor@12
_SetSplitter@12
_ShowSizeGrip@8
_ShowSlider@8

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Custom/Skin.png
.png
Custom/Thumbs.db
DeviceSDK/PCMResource.dll
.dll windows:4 windows x86 arch:x86

b2e50cc60a521158b3ea2d099cbea42b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Guide/UserGuide.pdf
.pdf
- http://.ctia.org
- http://www.fcc.gov/oet/ea/fccid
Help/MPhoneTools.chm
.chm
Help/PhoneBk.chm
.chm
Help/RasCnxMngr.chm
.chm
LiveUpdateClientTools.dll
.dll windows:4 windows x86 arch:x86

203e2c1818026311fad86f0af3a18d12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathA

comctl32

ImageList_GetIconSize
PropertySheetA

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
InternetErrorDlg
HttpOpenRequestA
InternetSetOptionA
FtpGetFileSize
FtpOpenFileA
InternetCrackUrlA
InternetGetConnectedStateEx
InternetAutodialHangup
InternetGetConnectedState
HttpQueryInfoA
InternetConnectA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetQueryDataAvailable

kernel32

IsBadCodePtr
GetTickCount
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
lstrcatA
GetPrivateProfileIntA
lstrcpyA
GetModuleFileNameA
GetLastError
DeleteFileA
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
SystemTimeToFileTime
GetSystemTime
lstrlenA
lstrcpynA
lstrcmpA
CompareFileTime
FindClose
FindNextFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
WritePrivateProfileStringA
FindFirstFileA
GlobalFree
GlobalUnlock
GlobalHandle
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
GetShortPathNameA
WaitForSingleObject
GetExitCodeThread
SetThreadPriority
CreateThread
TerminateThread
Sleep
FreeLibrary
CreateEventA
GetExitCodeProcess
SetEvent
OpenEventA
CreateDirectoryA
WriteFile
CreateFileA
GlobalLock
GlobalReAlloc
GlobalAlloc
LocalFree
FormatMessageA
SetStdHandle
GetProfileStringA
SetFilePointer
GetTimeFormatA
GetLocalTime
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExA
MulDiv
ReadFile
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
GetCurrentProcess
TerminateProcess
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetVersion
GetCommandLineA
FlushFileBuffers
HeapReAlloc
ExitProcess
RtlUnwind
SetEndOfFile
RaiseException
LocalAlloc
LoadLibraryA
InterlockedExchange

user32

WaitForInputIdle
GetWindowLongA
SetWindowLongA
DrawIcon
DestroyIcon
MapWindowPoints
CreateDialogParamA
GetDC
ReleaseDC
GetSysColor
FindWindowA
SetDlgItemTextA
LoadBitmapA
LoadImageA
LoadIconA
GetActiveWindow
DestroyWindow
UnregisterClassA
RegisterWindowMessageA
GetDlgItemTextA
IsDlgButtonChecked
EnableWindow
GetDlgItem
EndDialog
LoadStringA
CheckDlgButton
CheckRadioButton
SendMessageA
DialogBoxParamA
DefWindowProcA
GetWindowRect
SystemParametersInfoA
SetTimer
KillTimer
GetClientRect
CreateWindowExA
RegisterClassA
AdjustWindowRect
SetWindowPos
SendDlgItemMessageA
CallWindowProcA
ShowWindow
RegisterClassExA
LoadCursorA
SetCursor
BeginPaint
GetWindowTextA
DrawTextA
EndPaint
MonitorFromWindow
GetMonitorInfoA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
GetParent
wsprintfA
GetDesktopWindow
IsWindow
PostMessageA
UpdateWindow
IsWindowVisible
InvalidateRect
SetWindowTextA

gdi32

CreateFontIndirectA
GetStockObject
SelectObject
GetDeviceCaps
SetBkMode

advapi32

RegCloseKey
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
RegQueryValueExA
RegOpenKeyExA
FreeSid

shell32

ShellExecuteExA
Shell_NotifyIconA

wunpacln

ord2

bvrpctln

_DrawGradientRect@20
?PocketHTML@@YGXPAUHWND__@@@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ

ws2_32

WSAStartup
inet_ntoa
inet_addr
WSAGetLastError
gethostbyname
recvfrom
sendto
closesocket
setsockopt
WSACleanup
WSASocketA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathCanonicalizeA
PathFileExistsA
PathIsRelativeA

Exports

Exports

?CreateListOfUpdate@@YGKPBD00@Z
?GetCurrentMaster@@YGHPBDPADK@Z
?GetCurrentMaster@@YGHPBDPADKI@Z
?GetLUConfig@@YGXPBDPAH1111@Z
?GetLUConfig@@YGXPBDPAH11@Z
?GetListOfUpdate@@YGIPBDPAPAD0@Z
?GetListOfUpdate@@YGIPBDPAPAD@Z
?IsKernelInInstall@@YGHXZ
?IsLiveUpdateInProgress@@YGHPAUHWND__@@@Z
?IsLiveUpdateInstalled@@YGHXZ
?IsLiveUpdateNeeded@@YGIPBD@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@I@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@IPAH@Z
?IsLiveUpdateNeededClient@@YGHPBD0@Z
?IsPatchesInDownload@@YGHXZ
?LiveUpdate@@YGHPBD00IPAUHWND__@@PAKK0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKK0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKK@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKIP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdateAutomateLauncher@@YGHPBD@Z
?LiveUpdateConfiguration@@YGHPBDPAUHWND__@@PAK@Z
?LiveUpdateErrorMessage@@YGXPAUHWND__@@K@Z
?LiveUpdateLauncher@@YGHPBD@Z
?LiveUpdateLauncher@@YGHPBDG@Z
?LiveUpdateLauncher@@YGHPBDGPAK@Z
?LiveUpdateMessage@@YGIPBDPAUHWND__@@I@Z
?LiveUpdateMessage@@YGIPBDPAUHWND__@@II@Z
?ResetLUConfig@@YGHPBD@Z
?ResetLUConfig@@YGHPBDI@Z
?SetKernelIsInstalled@@YGKH@Z
?SetLUConfig@@YGKPBDHHH@Z
?SetLUConfig@@YGKPBDHHHHH@Z
?WaitEndCalleeProcess@@YGHPBD0@Z
vbIsFatalErorLiveUpdate
vbIsLiveUpdateInProgress
vbIsLiveUpdateInstalled
vbIsLiveUpdateNeeded
vbIsSevereErrorLiveUpdate
vbLiveUpdate
vbLiveUpdateAutomateLauncher
vbLiveUpdateConfiguration
vbLiveUpdateErrorMessage
vbLiveUpdateLauncher
vbLiveUpdateMessage
vbResetLUConfig
vbResetLUConfigEx
vbSetKernelIsInstalled
vbWaitEndCalleeProcess

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ModExch.dll
.dll windows:4 windows x86 arch:x86

76f3fbbe73169862d0921fdc68ad71a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
lstrcpyA
HeapAlloc
HeapReAlloc
CreateMutexA
HeapDestroy
GlobalAlloc
HeapCreate
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
Sleep
CreateThread
_lcreat
_lwrite
_lclose
WaitForSingleObject
lstrlenA
ReleaseMutex
OpenProcess
HeapSize

user32

GetMessageA
CreateAcceleratorTableA
RegisterWindowMessageA
IsWindow
TranslateAcceleratorA
SetScrollInfo
RedrawWindow
InvalidateRect
ScrollWindowEx
SetRect
ReleaseDC
GetDC
GetScrollInfo
EndPaint
BeginPaint
GetWindowLongA
SystemParametersInfoA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
LockWindowUpdate
UpdateWindow
SetWindowLongA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadImageA
RegisterClassExA
LoadStringA
wvsprintfA
GetWindowThreadProcessId
FindWindowA
SetWindowPos
CreateWindowExA
ShowWindow
SetFocus
MoveWindow
PostQuitMessage
DefWindowProcA
SendMessageA
CheckMenuItem
EnableMenuItem
PostMessageA
DestroyWindow
SetWindowPlacement
GetWindowPlacement
IsWindowVisible
IsIconic

gdi32

GetStockObject
SetTextColor
SetBkColor
SetWindowOrgEx
ExtTextOutA
SelectObject
GetTextExtentPoint32A

comdlg32

FindTextA
GetSaveFileNameA

advapi32

InitializeSecurityDescriptor
RevertToSelf
OpenProcessToken
ImpersonateLoggedOnUser
SetSecurityDescriptorDacl

msvcrt

??3@YAXPAX@Z
memmove
??2@YAPAXI@Z
free
_initterm
malloc
_adjust_fdiv

bvrpctln

_Profile_SetBinary@20
_Profile_GetBinary@20

shlwapi

StrStrIA

Exports

Exports

meCreateWindow
meCreateWindowEx
meDestroyWindow
meGetWindow
mePrintf
meSetBufferingLevel
meShowHideWindow

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ModemWiz.dll
.dll windows:4 windows x86 arch:x86

3a912daa5e0753e22439b6199c894c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

newui

?LoadPNG@@YGPAUHBITMAP__@@PBD@Z
?LoadPNGFromResource@@YGPAUHBITMAP__@@PAUHINSTANCE__@@PB_W@Z

bvrpctln

?GetKeyName@CProfile@@QBEPBDXZ
??1CProfile@@UAE@XZ
?GetInt@CProfile@@QBEHPBDH@Z
?GetKeyValue@CProfile@@QBEPBDXZ
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?Load@CProfile@@QAE_NPBD@Z
?Load@CProfile@@QAE_NPBD0@Z
??0CProfile@@QAE@PBD_N@Z
??1CWaitDialog@@UAE@XZ
?DoModal@CWaitDialog@@QAEHKK@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?strremove@@YGPADPADPBD@Z
_Profile_GetIntEx@20
?GetString@CProfile@@QBEHPBD00PADI@Z
_CenterWindow@4
?PwdApiChangePassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
_HTML_Load@12
_Profile_GetRoot@0
_HTML_CreateEx@24
?strmatch@@YG_NPBD0@Z
?FindChapter@CProfile@@ABEPAUChapter@1@PBD@Z
?GotoNextSectionOfChapter@CProfile@@QAE_NXZ
?PocketHTML@@YGXPAUHWND__@@@Z
?PwdApiGetPassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?HideCancel@CWaitDialog@@QBEABV1@XZ
??0CDynArray@@QAE@HH@Z
?InsertItem@CDynArray@@QAEPAXH@Z
??1CDynArray@@QAE@XZ
?DeleteAllItems@CDynArray@@QAEXXZ
?SyncChapterWithSection@CProfile@@QAE_NXZ
?GetString@CProfile@@QBEHPBD0PADI@Z
?stristr@@YGPADPBD0@Z
?GetChapterName@CProfile@@QBEPBDXZ
?GetSectionName@CProfile@@QBEPBDXZ
?GetItemPtr@CDynArray@@QBEPAXH@Z
?DeleteItem@CDynArray@@QAEHH@Z
?GetInt@CProfile@@QBEHPBD0H@Z
_RTF_Save@8
_RTF_CreateEx@24
_RTF_GetEditCtrl@4
MakeFullPathName
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z

kernel32

FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
HeapDestroy
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
GetTickCount
Sleep
lstrcpyA
GetModuleFileNameA
lstrcmpiA
CloseHandle
ReadFile
CreateFileA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteFile
SetFilePointer
MoveFileA
DeleteFileA
lstrlenA
lstrcmpA
MultiByteToWideChar
GetLastError
lstrcpynA
GetPrivateProfileIntA
InterlockedDecrement
GlobalFree
SetEvent
GetPrivateProfileStringA
CreateThread
CreateEventA
GetPrivateProfileSectionA
GetWindowsDirectoryA
GetVersionExA
FindClose
FindNextFileA
FindFirstFileA
GetEnvironmentStrings
lstrcatA
GetCurrentProcess
FileTimeToSystemTime
GetFileTime
GetExitCodeProcess
WaitForSingleObject
GetFileSize
InterlockedIncrement
GetFileAttributesA
SetDefaultCommConfigA
GetDefaultCommConfigA
WideCharToMultiByte
LocalFree
FormatMessageA
OpenEventA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MulDiv
GetCurrentThreadId
lstrlenW
IsDBCSLeadByte
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
ExpandEnvironmentStringsA
FlushInstructionCache
SetLastError
WaitForMultipleObjects
DeviceIoControl
TerminateProcess
CreateProcessA
HeapFree
GetProcessHeap
GetACP
InterlockedExchange
LocalAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetThreadLocale
InterlockedCompareExchange
GetStringTypeW
SetStdHandle
WriteConsoleA
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
ExitProcess
HeapReAlloc
GetConsoleOutputCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
GetSystemInfo
VirtualQuery
WriteConsoleW
FlushFileBuffers
QueryDosDeviceA
GetLocaleInfoA

user32

PeekMessageA
PostMessageA
wvsprintfA
SetDlgItemTextA
EnableWindow
DrawFocusRect
GetSysColor
GetFocus
GetActiveWindow
GetDC
ReleaseDC
UpdateWindow
GetDlgItem
ShowWindow
UnhookWindowsHookEx
CheckRadioButton
CallNextHookEx
GetAncestor
InvalidateRect
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
SetFocus
GetWindowLongA
SetWindowLongA
DialogBoxParamA
DestroyWindow
GetWindowTextA
EndDialog
SetWindowTextA
SendMessageA
FindWindowA
IsWindow
SetWindowPos
ScreenToClient
GetWindowRect
ExitWindowsEx
KillTimer
SetTimer
CreateDialogParamA
GetForegroundWindow
SetCursor
LoadCursorA
GetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
WaitForInputIdle
CopyImage
DrawIconEx
DestroyIcon
GetSystemMetrics
LoadImageA
IsDlgButtonChecked
RegisterDeviceNotificationA
UnregisterDeviceNotification
CallWindowProcA
RegisterClassExA
GetClassInfoExA
IsWindowUnicode
GetClientRect
MapWindowPoints
CharNextA
DefWindowProcA
RegisterClassA
GetParent
CreateWindowExA
LoadStringA
RegisterWindowMessageA
wsprintfA
SetWindowsHookExA
UnregisterClassA

gdi32

GetTextExtentPoint32A
DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetStockObject
GetObjectA
SetTextColor
SetBkColor
ExtTextOutA
SelectObject

comdlg32

GetOpenFileNameA
GetFileTitleA

shell32

ShellExecuteExA

ole32

CoUninitialize
CoInitialize
CoGetClassObject
CoGetObject
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
VarUI4FromStr
GetErrorInfo
VariantClear
SysAllocString
SafeArrayDestroy

comm

?SetupDCB@CComm@@QAEHH@Z
?SendATCmd@CComm@@QAAHPADHZZ
?Open@CComm@@QAEHW4COMM_TYPES@@PBDH@Z
??0CComm@@QAE@K@Z
?Close@CComm@@QAEHXZ
?WaitForInput@CComm@@QAAHKHZZ
??1CComm@@QAE@XZ

wunpacln

ord2

shlwapi

PathAppendA
PathRemoveFileSpecA
PathAddBackslashA
PathStripPathA
PathFileExistsA
PathIsRelativeA
PathRenameExtensionA
StrTrimA

comctl32

ImageList_Draw
PropertySheetA

tapi32

lineGetMessage
lineShutdown
lineGetDevCapsA
lineNegotiateAPIVersion
lineGetTranslateCapsA
lineGetCountryA
lineConfigDialogA
lineInitializeExA

cfgmgr32

CMP_WaitNoPendingInstallEvents
CM_Reenumerate_DevNode
CM_Get_DevNode_Status
CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Device_ID_ListA

setupapi

SetupDiClassGuidsFromNameW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
SetupDiSetDeviceRegistryPropertyW
SetupDiRegisterDeviceInfo
SetupDiGetINFClassW
SetupDiGetDeviceInstanceIdA
SetupDiOpenDeviceInfoA
SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiEnumDeviceInterfaces
SetupDiDestroyClassImageList
SetupGetStringFieldA
SetupCloseInfFile
SetupFindNextLine
SetupGetMultiSzFieldA
SetupFindFirstLineA
SetupOpenInfFileA
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceA
SetupDiGetClassImageList
SetupDiGetClassImageIndex
SetupDiCreateDevRegKeyA

Exports

Exports

??0CTapi2@@QAE@ABV0@@Z
??0CTapi2@@QAE@_NK@Z
??0CTapi@@QAE@_NK@Z
??1CTapi2@@UAE@XZ
??1CTapi@@QAE@XZ
??4CTapi2@@QAEAAV0@ABV0@@Z
??4CTapi@@QAEAAV0@ABV0@@Z
??_7CTapi2@@6B@
??_FCTapi2@@QAEXXZ
??_FCTapi@@QAEXXZ
?ActiveSyncToModem@@YGHPAUHWND__@@K@Z
?AskForReboot@@YGHPAUHWND__@@PBD11@Z
?CGMobileToModem@@YGHPAUHWND__@@K@Z
?DetectAndInstallModem@@YGHPAUHWND__@@PAUMODWIZINFO@@@Z
?DetectModem@@YGHPBDPAUDETECTEDDEVICE@@K@Z
?DriverCleanup@@YGXPBD@Z
?EnumLines@CTapi2@@QAE_NP6G_NPADKJ@ZJ@Z
?EnumLines@CTapi@@QAE_NP6G_NPADKJ@ZJ@Z
?FillCountryList@CTapi2@@QAEXPAUHWND__@@K@Z
?FillCountryList@CTapi@@QAEXPAUHWND__@@K@Z
?FillLocationInfo@CTapi2@@QAEXPAUHWND__@@K@Z
?FillLocationInfo@CTapi@@QAEXPAUHWND__@@K@Z
?FindHardware@@YGHPAD0H@Z
?FindModem@@YGHPAD0H@Z
?GetAttachedPort@CTapi2@@QAE_NPBDPAD@Z
?GetCountryName@CTapi2@@QAEPADKPAD@Z
?GetCountryName@CTapi@@QAEPADKPAD@Z
?GetCurrentLocation@CTapi2@@QAEKPAK@Z
?GetCurrentLocation@CTapi@@QAEKPAK@Z
?GetDevCaps@CTapi2@@AAEPAUlinedevcaps_tag@@PAU2@KK@Z
?GetDevCaps@CTapi@@AAEPAUlinedevcaps_tag@@PAU2@KK@Z
?GetDeviceComPort@@YGHPBDPAD@Z
?GetDeviceId@CTapi2@@QAEKPBD@Z
?GetFriendlyName@@YGHPAD000H@Z
?GetHlineApp@CTapi2@@QBEKXZ
?GetHlineApp@CTapi@@QAEKXZ
?GetLocationInfo@CTapi2@@QAEHKPAKPAD@Z
?GetLocationInfo@CTapi@@QAEHKPAKPAD@Z
?GetModemHardwareId@@YGHPAD0H@Z
?GetNumDevices@CTapi2@@QBEKXZ
?GetNumDevices@CTapi@@QAEKXZ
?GetNumLines@CTapi2@@QAEKXZ
?GetNumLines@CTapi@@QAEKXZ
?GetPortLinkType@@YGKH@Z
?GetPortLinkType@@YGKPBD@Z
?GetSerialPorts@@YGHPAUCOMPORTSINFO@@H@Z
?GetSoftModem@CTapi2@@QAEPBDXZ
?GetSoftModem@CTapi@@QAEPBDXZ
?GetTapiAttachedPort@CTapi2@@QAEHPAD@Z
?GetTapiAttachedPort@CTapi@@QAEHPAD@Z
?INetToModem@@YGHPAUHWND__@@K@Z
?Initialize@CTapi2@@QAE_NXZ
?Initialize@CTapi@@QAE_NXZ
?InstallModem@@YGHPAUHWND__@@PAD111HK@Z
?InstallModemEx@@YGHPAUHWND__@@PAUINSTALLMODEM@@@Z
?Managed_PIN@@YGHPAUHWND__@@PAU_MANAGED_PIN@@@Z
?ModemToCGMobile@@YGHPAUHWND__@@K@Z
?ModemToINet@@YGHPAUHWND__@@K@Z
?ModemToUDisk@@YGHPAUHWND__@@K@Z
?ModemWizard@@YGHPAUHWND__@@PAUMODWIZINFO@@@Z
?OnDrawItem@CTapi2@@QAEXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?OnDrawItem@CTapi@@QAEXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?OnMeasureItem@CTapi2@@QAEXPAUHWND__@@PAUtagMEASUREITEMSTRUCT@@@Z
?OnMeasureItem@CTapi@@QAEXPAUHWND__@@PAUtagMEASUREITEMSTRUCT@@@Z
?OpenRegKey@CTapi2@@QAEPAUHKEY__@@PAD@Z
?OpenRegKey@CTapi@@QAEPAUHKEY__@@PAD@Z
?PlugModemWizard@@YGHPAUHWND__@@PAUPMWIZARD@@K@Z
?RefreshPNP@@YGHPAUHWND__@@K@Z
?RemoveModem@@YGHPBD@Z
?SetBaudRate@CTapi2@@QAEXPADH@Z
?SetBaudRate@CTapi@@QAEXPADH@Z
?SetFlags@CTapi2@@QAEXK@Z
?SetFlags@CTapi@@QAEXK@Z
?ShowModemCapacities@@YGHPAUHWND__@@H@Z
?Shutdown@CTapi2@@QAEXXZ
?Shutdown@CTapi@@QAEXXZ
?UDiskToModem@@YGHPAUHWND__@@K@Z
?mwCreateInstance@@YGPAXABU_GUID@@@Z

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pbkres.dll
.dll windows:4 windows x86 arch:x86

ce6ef31899b31809ae0c71c094c6f083

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1253
ord342
ord823
ord1182
ord1168

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

_InitPbkRes@0

Sections

.text
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 299B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Prpgf2n.dll
.dll windows:4 windows x86 arch:x86

c8df85496032bad984b5a362e2e9ded6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
GetFileAttributesA
MulDiv
GlobalFree

user32

EnableWindow
LoadStringA
MessageBoxA
DestroyWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
ShowWindow
SetDlgItemTextA
wsprintfA
PeekMessageA

gdi32

TextOutA
GetTextExtentPoint32A
SetAbortProc
StartDocA
SetStretchBltMode
GetObjectA
StretchDIBits
GetDeviceCaps
DeleteDC
SetBkMode
EndPage
StartPage
DeleteObject
EndDoc

comdlg32

PrintDlgA

grconv

ord3
ord2

msvcrt

_adjust_fdiv
free
strrchr
_initterm
malloc

Exports

Exports

PrintDialog
PrintOnePage
PrintPgf2

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RasCnxMngr.dll
.dll windows:4 windows x86 arch:x86

df22d5fc7f3d722d523e39db374e605a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathA

comctl32

ImageList_SetOverlayImage
PropertySheetA
ord2
InitCommonControlsEx
ImageList_LoadImageA
ord6
ImageList_GetIcon
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked

kernel32

WideCharToMultiByte
lstrlenW
GetModuleFileNameA
CloseHandle
GetTimeFormatA
lstrcatA
GetDateFormatA
WriteFile
CreateFileA
GetLocalTime
LoadLibraryW
GetModuleFileNameW
GetFileAttributesA
GetSystemDirectoryA
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
LoadLibraryA
SetLastError
RemoveDirectoryA
DeleteFileA
GetPrivateProfileSectionNamesA
FormatMessageA
GlobalAlloc
SystemTimeToFileTime
CreateEventA
SetEvent
CreateThread
FileTimeToSystemTime
LocalFree
LocalAlloc
GetNumberFormatA
GetLocaleInfoA
GetFileTime
GetCurrentProcess
ReadFile
SetFilePointer
GetSystemTime
WaitForMultipleObjects
WaitForSingleObject
GlobalUnlock
CreateDirectoryA
lstrcpyA
lstrcmpA
GetTickCount
Sleep
GetPrivateProfileStringA
lstrcpynA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
MultiByteToWideChar
GetLastError
RaiseException
InterlockedExchange
InterlockedDecrement
GetVersionExW
lstrcmpiA
GlobalLock
MulDiv
lstrlenA
GetPrivateProfileIntA
LoadLibraryExW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
FreeLibrary

user32

LoadIconA
LoadBitmapA
WinHelpA
ExitWindowsEx
FindWindowA
SetMenuItemInfoA
InvalidateRect
SetTimer
PostThreadMessageA
PostQuitMessage
SendMessageA
GetDlgItem
SetWindowLongA
EndDialog
SetDlgItemTextA
DialogBoxParamA
GetWindowTextLengthA
EnableWindow
IsDlgButtonChecked
CheckRadioButton
MsgWaitForMultipleObjects
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
CreateDialogIndirectParamA
GetSystemMenu
EnableMenuItem
wsprintfA
DefWindowProcA
TrackPopupMenu
SetMenuDefaultItem
GetParent
PostMessageA
GetWindowLongA
GetSubMenu
LoadMenuA
DeleteMenu
RegisterClipboardFormatA
CheckMenuRadioItem
CheckMenuItem
RemoveMenu
GetDlgItemTextA
LoadStringA
SetFocus
MessageBoxA
GetWindowTextA
CheckDlgButton
ShowWindow
IsWindowVisible
RegisterWindowMessageA
DrawFocusRect
GetSysColor
GetFocus
DestroyIcon
GetNextDlgTabItem
IsWindow
GetMessageA
IsDialogMessageA
TranslateMessage
BeginDeferWindowPos
GetTopWindow
DeferWindowPos
GetWindow
EndDeferWindowPos
SetWindowPlacement
GetKeyState
GetWindowPlacement
CreateWindowExA
IsZoomed
wvsprintfA
SetPropA
GetPropA
RemovePropA
GetClientRect
FillRect
GetDC
ReleaseDC
GetSystemMetrics
ScreenToClient
PeekMessageA
DispatchMessageA
SetWindowTextA
SetWindowPos
GetWindowRect
MapWindowPoints
LoadCursorA
SetCursor
CreateDialogParamA
LoadImageA
UpdateWindow
DestroyWindow
CopyImage
DrawIconEx
DestroyMenu

gdi32

SetBkColor
SelectObject
GetTextExtentPoint32A
GetStockObject
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA
ExtTextOutA
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

ExtractIconA
ExtractIconExA

ole32

CoInitializeEx
CoGetObject
CoCreateInstance
OleUninitialize
CoInitialize
CoUninitialize
ReleaseStgMedium
StringFromGUID2
DoDragDrop
OleInitialize
CreateStreamOnHGlobal

oleaut32

SafeArrayCreateVector
SysFreeString
SysAllocStringLen
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
SafeArrayCreate
SysAllocString

bvrpctln

_Profile_GetBoolean@16
_Profile_SetBoolean@16
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
_Profile_GetString@24
_Profile_DeleteValue@12
_Profile_SetString@16
_Profile_GetBinary@20
_Profile_GetInt@16
_Profile_SetBinary@20
_Profile_SetInt@16
_Profile_GetStringEx@28
?stristr@@YGPADPBD0@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
MakeFullPathName
?GetString@CProfile@@QBEHPBD00PADI@Z
?strremove@@YGPADPADPBD@Z
_Profile_GetCompany@0
?Load@CProfile@@QAE_NPBD@Z
?Unload@CProfile@@QAEXXZ
??0CProfile@@QAE@PBD_N@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?GetInt@CProfile@@QBEHPBD0H@Z
?GetInt@CProfile@@QBEHPBDH@Z
??1CProfile@@UAE@XZ
_CenterWindow@4

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

msvcrt

memmove
strrchr
strncpy
_osver
??2@YAPAXI@Z
_winminor
strstr
_mbsnbcmp
realloc
malloc
free
strchr
strtok
_winmajor
wcspbrk
__CxxFrameHandler
sscanf
sprintf
calloc
tolower
toupper
isalpha
_except_handler3
isdigit
_makepath
_splitpath
wcscat
atoi
wcscpy
memset
memcpy
_CxxThrowException
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
_itoa
_strnicmp
??1type_info@@UAE@XZ

tapi32

lineGetIconA
lineConfigDialogA

shlwapi

StrFromTimeIntervalA
PathRenameExtensionA
PathAppendW
PathFileExistsA
PathAppendA
StrStrA
StrFormatByteSizeA
PathRemoveFileSpecW
PathCombineA
StrTrimA
PathStripPathA

Exports

Exports

RasCM_RemoveAllConnection
RasCM_RemoveConnection
Rundll_Dial
_RasCM_ClearConnectionStatistics@4
_RasCM_Connect@16
_RasCM_Connection@12
_RasCM_ConnectionProperties@12
_RasCM_ConnectionWizard@12
_RasCM_CreateDynamicConnection@16
_RasCM_DeleteDynamicConnection@4
_RasCM_DetectModem@12
_RasCM_Disconnect@4
_RasCM_Disconnection@8
_RasCM_EnumConnections@12
_RasCM_EnumConnectionsEx@16
_RasCM_GetConnectStatus@4
_RasCM_GetConnectionCustomInfo@16
_RasCM_GetConnectionIcon@4
_RasCM_GetConnectionStatistics@8
_RasCM_GetConnectionStatus@8
_RasCM_GetDefaultConnection@4
_RasCM_GetFallbackConnection@8
_RasCM_GetLastConnectedTime@12
_RasCM_GetRASHandle@4
_RasCM_HideConnections@4
_RasCM_Init@8
_RasCM_InitEx@12
_RasCM_IsConnectionAvailable@4
_RasCM_IsDynamicConnection@8
_RasCM_IsMMSConnection@4
_RasCM_ReadConnectionData@12
_RasCM_SetConnectionCustomInfo@16
_RasCM_SetDefaultConnection@12
_RasCM_SetModem@12
_RasCM_SetModemInfos@8
_RasCM_SetOperator@12
_RasCM_Uninit@4
_RasCM_ViewConnections@12
_RasCM_ViewLog@12
_RasCM_WaitForConnection@8
_hpeEntry@16

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdataSW
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SMStempl.txt
WinInetErrors.dll
.dll windows:4 windows x86 arch:x86

096ff27345571a78330d298d2f9eab37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GlobalAlloc
GetCommandLineA
GetVersion
HeapFree
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

LoadStringA

Exports

Exports

??0CWinInetErrors@@QAE@ABV0@@Z
??0CWinInetErrors@@QAE@K@Z
??0CWinInetErrors@@QAE@XZ
??1CWinInetErrors@@UAE@XZ
??4CWinInetErrors@@QAEAAV0@ABV0@@Z
??_7CWinInetErrors@@6B@
?GetMessageA@CWinInetErrors@@QAEPBDK@Z
?GetMessageA@CWinInetErrors@@QAEPBDXZ
_GetErrorMessage@4

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bvrpnac.dll
.dll windows:4 windows x86 arch:x86

74f76ade39787cea4915a308be331567

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bvrpctln

MakeFullPathName
_Profile_GetProfile@4
?stristr@@YGPADPBD0@Z

kernel32

FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetPrivateProfileStringA
lstrcpyA
CloseHandle
CreateFileA
lstrlenA
lstrcpynA
WriteFile
SetFilePointer
ReadFile
GetFileSize
LoadLibraryA
OpenProcess
GetTickCount
CreateProcessA
GetExitCodeProcess
GetProcAddress
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
lstrcmpiA
SetEndOfFile
lstrcmpA
WaitForSingleObject
CreateMutexA
MoveFileA
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
MultiByteToWideChar
lstrcpyW
lstrcatA
CreateDirectoryA
RemoveDirectoryA
GetModuleFileNameA
GetPrivateProfileIntA

user32

LoadImageA
DestroyIcon
PostMessageA
SendMessageA
RegisterWindowMessageA
PeekMessageA
DispatchMessageA
GetWindowThreadProcessId
wsprintfA
LoadStringA
wvsprintfA
IsWindow
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey

shell32

Shell_NotifyIconA

msvcrt

_adjust_fdiv
_initterm
strstr
strchr
malloc
realloc
free
strrchr
wcsncpy
_splitpath
strncpy
strtoul
__dllonexit
_onexit
_ultoa

shlwapi

PathStripPathA
PathRenameExtensionA
PathFindExtensionA

Exports

Exports

AbortCreateNewFileName
BeginGetEventEx
CloseNAC
CopyEvent
CopyFolder
CopyUniqueEvent
CreateCallNIF
CreateCallNIFEx
CreateMailNIF
CreateMailNIFEx
CreateNAC
CreateNIF
CreateNIFEx
CreateNewFileName
CreateScanReceivedThread
DeleteCallNIF
DeleteEvent
DeleteFolder
DeleteMailNIF
DeleteNIF
DestroyNAC
EditEvent
EndGetEventEx
EndScanReceivedThread
EnumEvent
EnumFolder
EventBuffToEventComm
EventCommToEventBuff
GetDocFileName
GetDocPath
GetEvent
GetEventCount
GetEventEx
GetEventList
GetEventStatus
GetFolder
GetFolderContent
GetFolderCount
GetFolderDir
InitNAC
MoveEvent
MoveEventEx
MoveFolder
MoveUniqueEvent
NewEvent
NewEventBuf
NewFolder
NewUserFolder
RenameFolder
SetCallBackEvent
SetCallBackFolder
SetEditEventInfo
SetEventActive
SetEventStatus
SetFolder
SetMailState
WfcomDestroyed
nac_cancelled
nac_fNig
nac_recus

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdataSW
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mPhonetools.exe
.exe windows:4 windows x86 arch:x86

ede06f7404aa9a3abcf079e9d93447c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Draw
ImageList_LoadImageA
ord6
InitCommonControlsEx
PropertySheetA
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
ImageList_Add
ImageList_DrawEx

bvrpctln

?Resize_OnSize@@YGXPAUHWND__@@IHH@Z
?Resize_Exit@@YGXPAUHWND__@@@Z
_Profile_GetStringEx@28
_Profile_GetIntEx@20
_CenterWindow@4
?strreplace@@YGPADPADPBD1@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
?GetInt@CProfile@@QBEHPBD0H@Z
_Profile_GetString@24
_Profile_SetInt@16
_Profile_SetString@16
_Profile_SetBoolean@16
?BrowseEdit@@YG_NPAUHWND__@@K@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
??1CWaitDialog@@UAE@XZ
?DoModal@CWaitDialog@@QAEHKK@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?HideCancel@CWaitDialog@@QBEABV1@XZ
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
?HideGroup@@YGXPAUHWND__@@_NH@Z
?SetControlsState@@YAXPAUHWND__@@HHHZZ
?Resize_OnGetMinMaxInfo@@YGXPAUHWND__@@PAUtagMINMAXINFO@@@Z
_Profile_GetBinary@20
?SetProgressText@CWaitDialog@@QBEABV1@PBD@Z
_Profile_SetBinary@20
ord1
ord2
_Profile_GetCompany@0
_Profile_GetRoot@0
_Profile_SetRoot@4
??1CDynArray@@QAE@XZ
?CheckGroupBox_GetCheck@@YGIPAUHWND__@@@Z
?CheckGroupBox_Create@@YG_NPAUHWND__@@HIII@Z
?ConvertStaticToGroupLine@@YGXPAUHWND__@@H_N@Z
?PocketHTML@@YGXPAUHWND__@@@Z
?strmatch@@YG_NPBD0@Z
??1CProfile@@UAE@XZ
?Resize_SavePlacement@@YGXPAUHWND__@@PBD@Z
?Resize_UpdateWndRect@@YG_NPAUHWND__@@I@Z
_Profile_GetProfile@4
?Resize_LoadPlacement@@YGXPAUHWND__@@PBDHH@Z
??0CDynArray@@QAE@HH@Z
?strltrim@@YGPADPAD@Z
?strrtrim@@YGPADPAD@Z
?GetString@CProfile@@QBEHPBD00PADI@Z
??0CProfile@@QAE@PBD_N@Z
_Profile_GetInt@16
_Profile_GetBoolean@16
?AddDialogHeader@@YG_NPAUHWND__@@PAUDialogHeader@@@Z
?InsertItem@CDynArray@@QAEPAXH@Z
?GetItemPtr@CDynArray@@QBEPAXH@Z
_Profile_GetAppName@0
?Infobox_Create@@YGPAUHWND__@@PAU1@PAUINFOBOX@@@Z
?GetInt@CProfile@@QBEHPBDH@Z
?GotoNextSection@CProfile@@QAE_NXZ
?MessageBoxPlus@@YAHPAUMSGBOXPLUSW@@ZZ
?SetWindowTextA@CWaitDialog@@QBEABV1@PBD@Z
?SetIcon@CWaitDialog@@QBEABV1@PAUHICON__@@@Z
?SetBarText@CWaitDialog@@QBEABV1@PBD@Z
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
_FitToScreen@16
MakeFullPathName
?TextScroller@@YGXPAUHWND__@@_N@Z

kernel32

GetNumberFormatA
GetLocaleInfoA
lstrcpynA
MoveFileA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryW
WideCharToMultiByte
GetModuleHandleA
CreateThread
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
GlobalFree
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
GetTickCount
GetLastError
CreateMutexA
ExpandEnvironmentStringsW
CreateProcessW
IsBadStringPtrA
_lread
_lclose
_lopen
ReadFile
GetFileSize
ReleaseMutex
FileTimeToSystemTime
GetFileTime
GetTimeFormatA
GetDateFormatA
GetLocalTime
GetCurrentThreadId
GetCurrentProcess
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA
LocalFree
GetShortPathNameA
SystemTimeToFileTime
GetVersionExA
CompareFileTime
GetSystemTimeAsFileTime
SetFilePointer
IsBadWritePtr
IsBadReadPtr
LoadLibraryExW
GetProcAddress
FreeLibrary
lstrlenA
lstrcatA
MultiByteToWideChar
MulDiv
lstrcpyW
lstrcmpW
lstrcpynW
lstrlenW
lstrcpyA
GetPrivateProfileIntA
lstrcmpiA
GetPrivateProfileStringA
lstrcmpA
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameW

user32

IsZoomed
GetSystemMetrics
WaitForInputIdle
FindWindowExW
InsertMenuItemA
FillRect
CreateWindowExA
GetWindowRect
SetWindowPos
GetWindowLongA
ShowWindow
DefWindowProcA
RegisterClassExA
IsRectEmpty
GetDC
CreateIconIndirect
ReleaseDC
LoadIconA
GetClassNameA
SetRect
OffsetRect
SetWindowRgn
RemoveMenu
SetMenuItemInfoA
GetWindowPlacement
ShowOwnedPopups
wsprintfW
GetMenuStringA
PostQuitMessage
DestroyIcon
RedrawWindow
GetCaretPos
wvsprintfA
SetClipboardViewer
IsClipboardFormatAvailable
AnimateWindow
GetMenuItemInfoA
IsWindow
UpdateLayeredWindow
SetTimer
ReleaseCapture
SetCapture
GetCapture
SendMessageA
GetParent
GetDlgCtrlID
KillTimer
InvalidateRect
CallWindowProcA
DrawTextA
LoadStringA
SetWindowLongA
GetDlgItem
LoadCursorA
GetClassInfoExA
DrawTextW
GetWindowTextW
CreateWindowExW
RegisterClassA
EndPaint
BeginPaint
SetRectEmpty
LoadImageA
wsprintfA
RegisterWindowMessageA
SetWindowTextA
GetWindowTextA
DrawTextExA
DrawTextExW
DrawFocusRect
GetKeyState
EnableMenuItem
CheckMenuItem
CheckMenuRadioItem
GetMenuState
GetMenuItemID
ClientToScreen
EndDialog
DialogBoxParamA
CheckDlgButton
EnableWindow
GetSysColor
AdjustWindowRect
SetWindowTextW
GetDialogBaseUnits
FindWindowExA
CreateAcceleratorTableA
IsWindowVisible
GetLastActivePopup
FindWindowA
UpdateWindow
CreateDialogParamW
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
IsWindowEnabled
GetAncestor
GetWindow
PostMessageW
GetWindowLongW
SetWindowLongW
GetDlgItemTextA
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
DestroyWindow
MapWindowPoints
GetClientRect
CreateDialogParamA
SetForegroundWindow
IsIconic
PostMessageA
SetCursorPos
GetCursorPos
SetWindowsHookExA
GetMessageA
TranslateAcceleratorA
CallNextHookEx
IsDialogMessageA
DrawIconEx
GetActiveWindow
SystemParametersInfoA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
SendDlgItemMessageA
ModifyMenuA
CreatePopupMenu
InsertMenuA
DestroyMenu
PtInRect
GetFocus
GetMenuItemCount
MoveWindow
LoadMenuA
DeleteMenu
AppendMenuA
GetSubMenu
ScreenToClient
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MessageBoxA
SetFocus
MessageBeep
OpenClipboard
GetClipboardData
GetNextDlgTabItem
CloseClipboard
GetWindowTextLengthA
SendMessageW
SetActiveWindow
SetCursor
GetDlgItemInt

gdi32

StartPage
ExtTextOutA
TextOutA
EndPage
EndDoc
RestoreDC
SaveDC
StartDocA
SetBkColor
CreateSolidBrush
GetTextExtentPoint32A
CreatePen
SetROP2
LineTo
GetDeviceCaps
CreateFontIndirectA
GetTextAlign
SetTextAlign
MoveToEx
GetTextExtentPoint32W
GetCurrentPositionEx
TextOutW
GetStockObject
CreateRectRgn
SetTextColor
SetBkMode
GetTextMetricsA
PtInRegion
CreateDIBSection
CreateBitmap
SetPixel
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
BitBlt
DeleteDC
GetObjectA
ExtCreateRegion
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgExA

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
ShellExecuteExW
DragQueryFileA
DragFinish
ShellExecuteW
ExtractIconExA
ShellExecuteExA
SHGetFolderPathA

shlwapi

PathAddExtensionA
StrCatBuffA
PathMatchSpecA
StrChrA
PathStripPathA
StrFormatByteSizeA
PathIsURLW
StrCSpnA
StrToIntExA
StrFromTimeIntervalA
wnsprintfA
PathRemoveArgsW
PathIsURLA
StrDupA
StrFormatByteSize64A
PathGetArgsA
PathRemoveArgsA
SHDeleteKeyA
StrStrIA
StrStrW
StrStrA
StrChrW
StrTrimA
PathFindFileNameA
AssocQueryStringA
SHSetValueA
SHGetValueA
PathRemoveExtensionA
PathRemoveFileSpecW
PathAppendW
PathCombineA
PathRenameExtensionA
PathRemoveFileSpecA
PathFileExistsA
PathAppendA

ole32

CoCreateInstance
CoTaskMemFree
StgCreateDocfile
CoUninitialize
CoInitialize
CoTaskMemAlloc

bvrpnac

InitNAC
SetCallBackEvent
SetCallBackFolder
GetFolder
GetEvent
nac_cancelled
SetEventStatus
CloseNAC
CreateNewFileName
NewEvent
AbortCreateNewFileName
nac_recus
nac_fNig
GetDocPath
NewFolder
RenameFolder
DeleteFolder
CopyFolder
MoveFolder
EnumFolder
CopyEvent
MoveEvent
GetEventEx
EnumEvent
BeginGetEventEx
EndGetEventEx
SetEventActive
EditEvent
DeleteEvent

liveupdateclienttools

?LiveUpdateMessage@@YGIPBDPAUHWND__@@II@Z
?LiveUpdateErrorMessage@@YGXPAUHWND__@@K@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI@Z
?GetLUConfig@@YGXPBDPAH11@Z
?LiveUpdateLauncher@@YGHPBD@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@I@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKIP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdateConfiguration@@YGHPBDPAUHWND__@@PAK@Z
?IsLiveUpdateInProgress@@YGHPAUHWND__@@@Z

modexch

ord4
ord6
ord5

pbkuser

__InitializePbkUserEx@8
ord2
ord4
ord3

rascnxmngr

_RasCM_EnumConnections@12
_RasCM_ViewConnections@12
_RasCM_GetConnectionIcon@4
_RasCM_Connection@12
_RasCM_Uninit@4
_RasCM_Disconnect@4
_RasCM_GetConnectionStatistics@8
_RasCM_ViewLog@12
_RasCM_InitEx@12
_RasCM_SetModemInfos@8
_RasCM_Disconnection@8
_RasCM_GetDefaultConnection@4
_RasCM_ConnectionWizard@12
_RasCM_SetDefaultConnection@12
_RasCM_SetConnectionCustomInfo@16

wfp1n

ord28
ord196
ord101
ord120
ord114
ord85
ord11
ord10
ord121
ord175
ord174
ord25

newui

?GlobalSubclassDialog@@YGXXZ
?SetBorderXP@@YGXPAUHWND__@@@Z
?SetBorderXP@@YGXPAUHWND__@@PBGK@Z
?LoadPNG@@YGPAUHBITMAP__@@PBD@Z
?LoadColorScheme@@YG_NPBDK@Z
?nuiCreateInstance@@YGPAXABU_GUID@@@Z
?LoadPNGFromResource@@YGPAUHBITMAP__@@PAUHINSTANCE__@@PBG@Z

modemwiz

?RefreshPNP@@YGHPAUHWND__@@K@Z
?PlugModemWizard@@YGHPAUHWND__@@PAUPMWIZARD@@K@Z

aboutn

ord1

wunpacln

ord2

msvcp60

?_Xran@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvcrt

__p___argc
__p___argv
fprintf
free
fopen
fputs
fclose
_ftol
strtod
sprintf
malloc
strncpy
??2@YAPAXI@Z
wcspbrk
iswspace
wcschr
wcstol
_ismbcspace
__CxxFrameHandler
strtoul
strtol
wcslen
_except_handler3
_winminor
_winmajor
memset
strtok
strchr
realloc
_snprintf
strlen
memcpy
memmove
abs
strcpy
strcat
toupper
atol
_mbsnbcpy
_mbschr
time
_mbsrchr
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_mbstok
gmtime
atoi

setupapi

CM_Get_Parent
SetupDiCreateDeviceInfoList
CM_Get_Child
CM_Get_Device_IDA
SetupDiOpenDeviceInfoA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
CM_Get_Sibling

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

winmm

PlaySoundA

ws2_32

htons

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wfcomrc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/Data_ESM.cab
.cab
Aboutn.dll
.dll windows:4 windows x86 arch:x86

d615ef1afd3bfcab3c16b81909a4943b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bvrpctln

?ExpandBox@@YGXHPAUHWND__@@HH@Z
?SizeCtrlToText@@YG?AUtagSIZE@@PAUHWND__@@H@Z
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
?PocketHTML@@YGXPAUHWND__@@@Z
ord2
_CenterWindow@4

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

FreeLibrary
_lread
GetProcAddress
_lclose
_lopen
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
GetModuleFileNameA
lstrcpyA
WinExec
lstrcatA
GetFileAttributesA
GlobalMemoryStatusEx
GetVersionExA
GetSystemInfo
GetPrivateProfileStringA
DisableThreadLibraryCalls
LoadLibraryA

user32

SetWindowTextA
ShowWindow
GetDlgItem
LoadStringA
GetParent
DialogBoxParamA
GetWindowLongA
IsWindow
wsprintfA
SetCursor
LoadCursorA
CreateWindowExA
DestroyWindow
MapWindowPoints
GetWindowRect
SetDlgItemTextA
SendMessageA
GetDlgItemTextA
GetClassLongA
SetWindowLongA
EndDialog

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

shlwapi

PathIsURLA
StrFormatByteSize64A

msvcrt

free
_initterm
malloc
_adjust_fdiv
strrchr

Exports

Exports

About
AboutEx
ExtAbout
GetProduct

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BVRPNac.dll
.dll windows:4 windows x86 arch:x86

74f76ade39787cea4915a308be331567

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bvrpctln

MakeFullPathName
_Profile_GetProfile@4
?stristr@@YGPADPBD0@Z

kernel32

FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetPrivateProfileStringA
lstrcpyA
CloseHandle
CreateFileA
lstrlenA
lstrcpynA
WriteFile
SetFilePointer
ReadFile
GetFileSize
LoadLibraryA
OpenProcess
GetTickCount
CreateProcessA
GetExitCodeProcess
GetProcAddress
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
lstrcmpiA
SetEndOfFile
lstrcmpA
WaitForSingleObject
CreateMutexA
MoveFileA
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
MultiByteToWideChar
lstrcpyW
lstrcatA
CreateDirectoryA
RemoveDirectoryA
GetModuleFileNameA
GetPrivateProfileIntA

user32

LoadImageA
DestroyIcon
PostMessageA
SendMessageA
RegisterWindowMessageA
PeekMessageA
DispatchMessageA
GetWindowThreadProcessId
wsprintfA
LoadStringA
wvsprintfA
IsWindow
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey

shell32

Shell_NotifyIconA

msvcrt

_adjust_fdiv
_initterm
strstr
strchr
malloc
realloc
free
strrchr
wcsncpy
_splitpath
strncpy
strtoul
__dllonexit
_onexit
_ultoa

shlwapi

PathStripPathA
PathRenameExtensionA
PathFindExtensionA

Exports

Exports

AbortCreateNewFileName
BeginGetEventEx
CloseNAC
CopyEvent
CopyFolder
CopyUniqueEvent
CreateCallNIF
CreateCallNIFEx
CreateMailNIF
CreateMailNIFEx
CreateNAC
CreateNIF
CreateNIFEx
CreateNewFileName
CreateScanReceivedThread
DeleteCallNIF
DeleteEvent
DeleteFolder
DeleteMailNIF
DeleteNIF
DestroyNAC
EditEvent
EndGetEventEx
EndScanReceivedThread
EnumEvent
EnumFolder
EventBuffToEventComm
EventCommToEventBuff
GetDocFileName
GetDocPath
GetEvent
GetEventCount
GetEventEx
GetEventList
GetEventStatus
GetFolder
GetFolderContent
GetFolderCount
GetFolderDir
InitNAC
MoveEvent
MoveEventEx
MoveFolder
MoveUniqueEvent
NewEvent
NewEventBuf
NewFolder
NewUserFolder
RenameFolder
SetCallBackEvent
SetCallBackFolder
SetEditEventInfo
SetEventActive
SetEventStatus
SetFolder
SetMailState
WfcomDestroyed
nac_cancelled
nac_fNig
nac_recus

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdataSW
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Custom/Skin.png
.png
Custom/Thumbs.db
DeviceSDK/PCMResource.dll
.dll windows:4 windows x86 arch:x86

b2e50cc60a521158b3ea2d099cbea42b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Guide/UserGuide.pdf
.pdf
- http://Mac.software
- http://www.ctia.org
- http://www.fcc.gov/oet/fccid,
Help/MPhoneTools.chm
.chm
Help/PhoneBk.chm
.chm
Help/RasCnxMngr.chm
.chm
LiveUpdateClientTools.dll
.dll windows:4 windows x86 arch:x86

203e2c1818026311fad86f0af3a18d12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathA

comctl32

ImageList_GetIconSize
PropertySheetA

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
InternetErrorDlg
HttpOpenRequestA
InternetSetOptionA
FtpGetFileSize
FtpOpenFileA
InternetCrackUrlA
InternetGetConnectedStateEx
InternetAutodialHangup
InternetGetConnectedState
HttpQueryInfoA
InternetConnectA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetQueryDataAvailable

kernel32

IsBadCodePtr
GetTickCount
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
lstrcatA
GetPrivateProfileIntA
lstrcpyA
GetModuleFileNameA
GetLastError
DeleteFileA
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
SystemTimeToFileTime
GetSystemTime
lstrlenA
lstrcpynA
lstrcmpA
CompareFileTime
FindClose
FindNextFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
WritePrivateProfileStringA
FindFirstFileA
GlobalFree
GlobalUnlock
GlobalHandle
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
GetShortPathNameA
WaitForSingleObject
GetExitCodeThread
SetThreadPriority
CreateThread
TerminateThread
Sleep
FreeLibrary
CreateEventA
GetExitCodeProcess
SetEvent
OpenEventA
CreateDirectoryA
WriteFile
CreateFileA
GlobalLock
GlobalReAlloc
GlobalAlloc
LocalFree
FormatMessageA
SetStdHandle
GetProfileStringA
SetFilePointer
GetTimeFormatA
GetLocalTime
HeapFree
HeapAlloc
GetProcessHeap
GetVersionExA
MulDiv
ReadFile
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
GetCurrentProcess
TerminateProcess
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapSize
GetVersion
GetCommandLineA
FlushFileBuffers
HeapReAlloc
ExitProcess
RtlUnwind
SetEndOfFile
RaiseException
LocalAlloc
LoadLibraryA
InterlockedExchange

user32

WaitForInputIdle
GetWindowLongA
SetWindowLongA
DrawIcon
DestroyIcon
MapWindowPoints
CreateDialogParamA
GetDC
ReleaseDC
GetSysColor
FindWindowA
SetDlgItemTextA
LoadBitmapA
LoadImageA
LoadIconA
GetActiveWindow
DestroyWindow
UnregisterClassA
RegisterWindowMessageA
GetDlgItemTextA
IsDlgButtonChecked
EnableWindow
GetDlgItem
EndDialog
LoadStringA
CheckDlgButton
CheckRadioButton
SendMessageA
DialogBoxParamA
DefWindowProcA
GetWindowRect
SystemParametersInfoA
SetTimer
KillTimer
GetClientRect
CreateWindowExA
RegisterClassA
AdjustWindowRect
SetWindowPos
SendDlgItemMessageA
CallWindowProcA
ShowWindow
RegisterClassExA
LoadCursorA
SetCursor
BeginPaint
GetWindowTextA
DrawTextA
EndPaint
MonitorFromWindow
GetMonitorInfoA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
GetParent
wsprintfA
GetDesktopWindow
IsWindow
PostMessageA
UpdateWindow
IsWindowVisible
InvalidateRect
SetWindowTextA

gdi32

CreateFontIndirectA
GetStockObject
SelectObject
GetDeviceCaps
SetBkMode

advapi32

RegCloseKey
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
EqualSid
RegQueryValueExA
RegOpenKeyExA
FreeSid

shell32

ShellExecuteExA
Shell_NotifyIconA

wunpacln

ord2

bvrpctln

_DrawGradientRect@20
?PocketHTML@@YGXPAUHWND__@@@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ

ws2_32

WSAStartup
inet_ntoa
inet_addr
WSAGetLastError
gethostbyname
recvfrom
sendto
closesocket
setsockopt
WSACleanup
WSASocketA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathCanonicalizeA
PathFileExistsA
PathIsRelativeA

Exports

Exports

?CreateListOfUpdate@@YGKPBD00@Z
?GetCurrentMaster@@YGHPBDPADK@Z
?GetCurrentMaster@@YGHPBDPADKI@Z
?GetLUConfig@@YGXPBDPAH1111@Z
?GetLUConfig@@YGXPBDPAH11@Z
?GetListOfUpdate@@YGIPBDPAPAD0@Z
?GetListOfUpdate@@YGIPBDPAPAD@Z
?IsKernelInInstall@@YGHXZ
?IsLiveUpdateInProgress@@YGHPAUHWND__@@@Z
?IsLiveUpdateInstalled@@YGHXZ
?IsLiveUpdateNeeded@@YGIPBD@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@I@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@IPAH@Z
?IsLiveUpdateNeededClient@@YGHPBD0@Z
?IsPatchesInDownload@@YGHXZ
?LiveUpdate@@YGHPBD00IPAUHWND__@@PAKK0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKK0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKK@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI0P6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKIP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdateAutomateLauncher@@YGHPBD@Z
?LiveUpdateConfiguration@@YGHPBDPAUHWND__@@PAK@Z
?LiveUpdateErrorMessage@@YGXPAUHWND__@@K@Z
?LiveUpdateLauncher@@YGHPBD@Z
?LiveUpdateLauncher@@YGHPBDG@Z
?LiveUpdateLauncher@@YGHPBDGPAK@Z
?LiveUpdateMessage@@YGIPBDPAUHWND__@@I@Z
?LiveUpdateMessage@@YGIPBDPAUHWND__@@II@Z
?ResetLUConfig@@YGHPBD@Z
?ResetLUConfig@@YGHPBDI@Z
?SetKernelIsInstalled@@YGKH@Z
?SetLUConfig@@YGKPBDHHH@Z
?SetLUConfig@@YGKPBDHHHHH@Z
?WaitEndCalleeProcess@@YGHPBD0@Z
vbIsFatalErorLiveUpdate
vbIsLiveUpdateInProgress
vbIsLiveUpdateInstalled
vbIsLiveUpdateNeeded
vbIsSevereErrorLiveUpdate
vbLiveUpdate
vbLiveUpdateAutomateLauncher
vbLiveUpdateConfiguration
vbLiveUpdateErrorMessage
vbLiveUpdateLauncher
vbLiveUpdateMessage
vbResetLUConfig
vbResetLUConfigEx
vbSetKernelIsInstalled
vbWaitEndCalleeProcess

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ModExch.dll
.dll windows:4 windows x86 arch:x86

76f3fbbe73169862d0921fdc68ad71a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
lstrcpyA
HeapAlloc
HeapReAlloc
CreateMutexA
HeapDestroy
GlobalAlloc
HeapCreate
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
Sleep
CreateThread
_lcreat
_lwrite
_lclose
WaitForSingleObject
lstrlenA
ReleaseMutex
OpenProcess
HeapSize

user32

GetMessageA
CreateAcceleratorTableA
RegisterWindowMessageA
IsWindow
TranslateAcceleratorA
SetScrollInfo
RedrawWindow
InvalidateRect
ScrollWindowEx
SetRect
ReleaseDC
GetDC
GetScrollInfo
EndPaint
BeginPaint
GetWindowLongA
SystemParametersInfoA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetKeyState
LockWindowUpdate
UpdateWindow
SetWindowLongA
IsDialogMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadImageA
RegisterClassExA
LoadStringA
wvsprintfA
GetWindowThreadProcessId
FindWindowA
SetWindowPos
CreateWindowExA
ShowWindow
SetFocus
MoveWindow
PostQuitMessage
DefWindowProcA
SendMessageA
CheckMenuItem
EnableMenuItem
PostMessageA
DestroyWindow
SetWindowPlacement
GetWindowPlacement
IsWindowVisible
IsIconic

gdi32

GetStockObject
SetTextColor
SetBkColor
SetWindowOrgEx
ExtTextOutA
SelectObject
GetTextExtentPoint32A

comdlg32

FindTextA
GetSaveFileNameA

advapi32

InitializeSecurityDescriptor
RevertToSelf
OpenProcessToken
ImpersonateLoggedOnUser
SetSecurityDescriptorDacl

msvcrt

??3@YAXPAX@Z
memmove
??2@YAPAXI@Z
free
_initterm
malloc
_adjust_fdiv

bvrpctln

_Profile_SetBinary@20
_Profile_GetBinary@20

shlwapi

StrStrIA

Exports

Exports

meCreateWindow
meCreateWindowEx
meDestroyWindow
meGetWindow
mePrintf
meSetBufferingLevel
meShowHideWindow

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ModemWiz.dll
.dll windows:4 windows x86 arch:x86

3a912daa5e0753e22439b6199c894c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

newui

?LoadPNG@@YGPAUHBITMAP__@@PBD@Z
?LoadPNGFromResource@@YGPAUHBITMAP__@@PAUHINSTANCE__@@PB_W@Z

bvrpctln

?GetKeyName@CProfile@@QBEPBDXZ
??1CProfile@@UAE@XZ
?GetInt@CProfile@@QBEHPBDH@Z
?GetKeyValue@CProfile@@QBEPBDXZ
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?Load@CProfile@@QAE_NPBD@Z
?Load@CProfile@@QAE_NPBD0@Z
??0CProfile@@QAE@PBD_N@Z
??1CWaitDialog@@UAE@XZ
?DoModal@CWaitDialog@@QAEHKK@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?strremove@@YGPADPADPBD@Z
_Profile_GetIntEx@20
?GetString@CProfile@@QBEHPBD00PADI@Z
_CenterWindow@4
?PwdApiChangePassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
_HTML_Load@12
_Profile_GetRoot@0
_HTML_CreateEx@24
?strmatch@@YG_NPBD0@Z
?FindChapter@CProfile@@ABEPAUChapter@1@PBD@Z
?GotoNextSectionOfChapter@CProfile@@QAE_NXZ
?PocketHTML@@YGXPAUHWND__@@@Z
?PwdApiGetPassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?HideCancel@CWaitDialog@@QBEABV1@XZ
??0CDynArray@@QAE@HH@Z
?InsertItem@CDynArray@@QAEPAXH@Z
??1CDynArray@@QAE@XZ
?DeleteAllItems@CDynArray@@QAEXXZ
?SyncChapterWithSection@CProfile@@QAE_NXZ
?GetString@CProfile@@QBEHPBD0PADI@Z
?stristr@@YGPADPBD0@Z
?GetChapterName@CProfile@@QBEPBDXZ
?GetSectionName@CProfile@@QBEPBDXZ
?GetItemPtr@CDynArray@@QBEPAXH@Z
?DeleteItem@CDynArray@@QAEHH@Z
?GetInt@CProfile@@QBEHPBD0H@Z
_RTF_Save@8
_RTF_CreateEx@24
_RTF_GetEditCtrl@4
MakeFullPathName
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z

kernel32

FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
HeapDestroy
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
GetTickCount
Sleep
lstrcpyA
GetModuleFileNameA
lstrcmpiA
CloseHandle
ReadFile
CreateFileA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteFile
SetFilePointer
MoveFileA
DeleteFileA
lstrlenA
lstrcmpA
MultiByteToWideChar
GetLastError
lstrcpynA
GetPrivateProfileIntA
InterlockedDecrement
GlobalFree
SetEvent
GetPrivateProfileStringA
CreateThread
CreateEventA
GetPrivateProfileSectionA
GetWindowsDirectoryA
GetVersionExA
FindClose
FindNextFileA
FindFirstFileA
GetEnvironmentStrings
lstrcatA
GetCurrentProcess
FileTimeToSystemTime
GetFileTime
GetExitCodeProcess
WaitForSingleObject
GetFileSize
InterlockedIncrement
GetFileAttributesA
SetDefaultCommConfigA
GetDefaultCommConfigA
WideCharToMultiByte
LocalFree
FormatMessageA
OpenEventA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MulDiv
GetCurrentThreadId
lstrlenW
IsDBCSLeadByte
DisableThreadLibraryCalls
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
ExpandEnvironmentStringsA
FlushInstructionCache
SetLastError
WaitForMultipleObjects
DeviceIoControl
TerminateProcess
CreateProcessA
HeapFree
GetProcessHeap
GetACP
InterlockedExchange
LocalAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetThreadLocale
InterlockedCompareExchange
GetStringTypeW
SetStdHandle
WriteConsoleA
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
ExitProcess
HeapReAlloc
GetConsoleOutputCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
GetSystemInfo
VirtualQuery
WriteConsoleW
FlushFileBuffers
QueryDosDeviceA
GetLocaleInfoA

user32

PeekMessageA
PostMessageA
wvsprintfA
SetDlgItemTextA
EnableWindow
DrawFocusRect
GetSysColor
GetFocus
GetActiveWindow
GetDC
ReleaseDC
UpdateWindow
GetDlgItem
ShowWindow
UnhookWindowsHookEx
CheckRadioButton
CallNextHookEx
GetAncestor
InvalidateRect
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageA
SetFocus
GetWindowLongA
SetWindowLongA
DialogBoxParamA
DestroyWindow
GetWindowTextA
EndDialog
SetWindowTextA
SendMessageA
FindWindowA
IsWindow
SetWindowPos
ScreenToClient
GetWindowRect
ExitWindowsEx
KillTimer
SetTimer
CreateDialogParamA
GetForegroundWindow
SetCursor
LoadCursorA
GetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
WaitForInputIdle
CopyImage
DrawIconEx
DestroyIcon
GetSystemMetrics
LoadImageA
IsDlgButtonChecked
RegisterDeviceNotificationA
UnregisterDeviceNotification
CallWindowProcA
RegisterClassExA
GetClassInfoExA
IsWindowUnicode
GetClientRect
MapWindowPoints
CharNextA
DefWindowProcA
RegisterClassA
GetParent
CreateWindowExA
LoadStringA
RegisterWindowMessageA
wsprintfA
SetWindowsHookExA
UnregisterClassA

gdi32

GetTextExtentPoint32A
DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetStockObject
GetObjectA
SetTextColor
SetBkColor
ExtTextOutA
SelectObject

comdlg32

GetOpenFileNameA
GetFileTitleA

shell32

ShellExecuteExA

ole32

CoUninitialize
CoInitialize
CoGetClassObject
CoGetObject
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
SafeArrayUnaccessData
SafeArrayAccessData
VarUI4FromStr
GetErrorInfo
VariantClear
SysAllocString
SafeArrayDestroy

comm

?SetupDCB@CComm@@QAEHH@Z
?SendATCmd@CComm@@QAAHPADHZZ
?Open@CComm@@QAEHW4COMM_TYPES@@PBDH@Z
??0CComm@@QAE@K@Z
?Close@CComm@@QAEHXZ
?WaitForInput@CComm@@QAAHKHZZ
??1CComm@@QAE@XZ

wunpacln

ord2

shlwapi

PathAppendA
PathRemoveFileSpecA
PathAddBackslashA
PathStripPathA
PathFileExistsA
PathIsRelativeA
PathRenameExtensionA
StrTrimA

comctl32

ImageList_Draw
PropertySheetA

tapi32

lineGetMessage
lineShutdown
lineGetDevCapsA
lineNegotiateAPIVersion
lineGetTranslateCapsA
lineGetCountryA
lineConfigDialogA
lineInitializeExA

cfgmgr32

CMP_WaitNoPendingInstallEvents
CM_Reenumerate_DevNode
CM_Get_DevNode_Status
CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Device_IDA
CM_Get_Device_ID_ListA

setupapi

SetupDiClassGuidsFromNameW
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiBuildDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiEnumDriverInfoW
SetupDiSetSelectedDriverW
SetupDiSetDeviceRegistryPropertyW
SetupDiRegisterDeviceInfo
SetupDiGetINFClassW
SetupDiGetDeviceInstanceIdA
SetupDiOpenDeviceInfoA
SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiOpenDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiEnumDeviceInterfaces
SetupDiDestroyClassImageList
SetupGetStringFieldA
SetupCloseInfFile
SetupFindNextLine
SetupGetMultiSzFieldA
SetupFindFirstLineA
SetupOpenInfFileA
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceA
SetupDiGetClassImageList
SetupDiGetClassImageIndex
SetupDiCreateDevRegKeyA

Exports

Exports

??0CTapi2@@QAE@ABV0@@Z
??0CTapi2@@QAE@_NK@Z
??0CTapi@@QAE@_NK@Z
??1CTapi2@@UAE@XZ
??1CTapi@@QAE@XZ
??4CTapi2@@QAEAAV0@ABV0@@Z
??4CTapi@@QAEAAV0@ABV0@@Z
??_7CTapi2@@6B@
??_FCTapi2@@QAEXXZ
??_FCTapi@@QAEXXZ
?ActiveSyncToModem@@YGHPAUHWND__@@K@Z
?AskForReboot@@YGHPAUHWND__@@PBD11@Z
?CGMobileToModem@@YGHPAUHWND__@@K@Z
?DetectAndInstallModem@@YGHPAUHWND__@@PAUMODWIZINFO@@@Z
?DetectModem@@YGHPBDPAUDETECTEDDEVICE@@K@Z
?DriverCleanup@@YGXPBD@Z
?EnumLines@CTapi2@@QAE_NP6G_NPADKJ@ZJ@Z
?EnumLines@CTapi@@QAE_NP6G_NPADKJ@ZJ@Z
?FillCountryList@CTapi2@@QAEXPAUHWND__@@K@Z
?FillCountryList@CTapi@@QAEXPAUHWND__@@K@Z
?FillLocationInfo@CTapi2@@QAEXPAUHWND__@@K@Z
?FillLocationInfo@CTapi@@QAEXPAUHWND__@@K@Z
?FindHardware@@YGHPAD0H@Z
?FindModem@@YGHPAD0H@Z
?GetAttachedPort@CTapi2@@QAE_NPBDPAD@Z
?GetCountryName@CTapi2@@QAEPADKPAD@Z
?GetCountryName@CTapi@@QAEPADKPAD@Z
?GetCurrentLocation@CTapi2@@QAEKPAK@Z
?GetCurrentLocation@CTapi@@QAEKPAK@Z
?GetDevCaps@CTapi2@@AAEPAUlinedevcaps_tag@@PAU2@KK@Z
?GetDevCaps@CTapi@@AAEPAUlinedevcaps_tag@@PAU2@KK@Z
?GetDeviceComPort@@YGHPBDPAD@Z
?GetDeviceId@CTapi2@@QAEKPBD@Z
?GetFriendlyName@@YGHPAD000H@Z
?GetHlineApp@CTapi2@@QBEKXZ
?GetHlineApp@CTapi@@QAEKXZ
?GetLocationInfo@CTapi2@@QAEHKPAKPAD@Z
?GetLocationInfo@CTapi@@QAEHKPAKPAD@Z
?GetModemHardwareId@@YGHPAD0H@Z
?GetNumDevices@CTapi2@@QBEKXZ
?GetNumDevices@CTapi@@QAEKXZ
?GetNumLines@CTapi2@@QAEKXZ
?GetNumLines@CTapi@@QAEKXZ
?GetPortLinkType@@YGKH@Z
?GetPortLinkType@@YGKPBD@Z
?GetSerialPorts@@YGHPAUCOMPORTSINFO@@H@Z
?GetSoftModem@CTapi2@@QAEPBDXZ
?GetSoftModem@CTapi@@QAEPBDXZ
?GetTapiAttachedPort@CTapi2@@QAEHPAD@Z
?GetTapiAttachedPort@CTapi@@QAEHPAD@Z
?INetToModem@@YGHPAUHWND__@@K@Z
?Initialize@CTapi2@@QAE_NXZ
?Initialize@CTapi@@QAE_NXZ
?InstallModem@@YGHPAUHWND__@@PAD111HK@Z
?InstallModemEx@@YGHPAUHWND__@@PAUINSTALLMODEM@@@Z
?Managed_PIN@@YGHPAUHWND__@@PAU_MANAGED_PIN@@@Z
?ModemToCGMobile@@YGHPAUHWND__@@K@Z
?ModemToINet@@YGHPAUHWND__@@K@Z
?ModemToUDisk@@YGHPAUHWND__@@K@Z
?ModemWizard@@YGHPAUHWND__@@PAUMODWIZINFO@@@Z
?OnDrawItem@CTapi2@@QAEXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?OnDrawItem@CTapi@@QAEXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?OnMeasureItem@CTapi2@@QAEXPAUHWND__@@PAUtagMEASUREITEMSTRUCT@@@Z
?OnMeasureItem@CTapi@@QAEXPAUHWND__@@PAUtagMEASUREITEMSTRUCT@@@Z
?OpenRegKey@CTapi2@@QAEPAUHKEY__@@PAD@Z
?OpenRegKey@CTapi@@QAEPAUHKEY__@@PAD@Z
?PlugModemWizard@@YGHPAUHWND__@@PAUPMWIZARD@@K@Z
?RefreshPNP@@YGHPAUHWND__@@K@Z
?RemoveModem@@YGHPBD@Z
?SetBaudRate@CTapi2@@QAEXPADH@Z
?SetBaudRate@CTapi@@QAEXPADH@Z
?SetFlags@CTapi2@@QAEXK@Z
?SetFlags@CTapi@@QAEXK@Z
?ShowModemCapacities@@YGHPAUHWND__@@H@Z
?Shutdown@CTapi2@@QAEXXZ
?Shutdown@CTapi@@QAEXXZ
?UDiskToModem@@YGHPAUHWND__@@K@Z
?mwCreateInstance@@YGPAXABU_GUID@@@Z

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PbkRes.dll
.dll windows:4 windows x86 arch:x86

ce6ef31899b31809ae0c71c094c6f083

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1253
ord342
ord823
ord1182
ord1168

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

_InitPbkRes@0

Sections

.text
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 299B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Prpgf2n.dll
.dll windows:4 windows x86 arch:x86

c8df85496032bad984b5a362e2e9ded6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
GetFileAttributesA
MulDiv
GlobalFree

user32

EnableWindow
LoadStringA
MessageBoxA
DestroyWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
ShowWindow
SetDlgItemTextA
wsprintfA
PeekMessageA

gdi32

TextOutA
GetTextExtentPoint32A
SetAbortProc
StartDocA
SetStretchBltMode
GetObjectA
StretchDIBits
GetDeviceCaps
DeleteDC
SetBkMode
EndPage
StartPage
DeleteObject
EndDoc

comdlg32

PrintDlgA

grconv

ord3
ord2

msvcrt

_adjust_fdiv
free
strrchr
_initterm
malloc

Exports

Exports

PrintDialog
PrintOnePage
PrintPgf2

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RasCnxMngr.dll
.dll windows:4 windows x86 arch:x86

df22d5fc7f3d722d523e39db374e605a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathA

comctl32

ImageList_SetOverlayImage
PropertySheetA
ord2
InitCommonControlsEx
ImageList_LoadImageA
ord6
ImageList_GetIcon
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_AddMasked

kernel32

WideCharToMultiByte
lstrlenW
GetModuleFileNameA
CloseHandle
GetTimeFormatA
lstrcatA
GetDateFormatA
WriteFile
CreateFileA
GetLocalTime
LoadLibraryW
GetModuleFileNameW
GetFileAttributesA
GetSystemDirectoryA
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
LoadLibraryA
SetLastError
RemoveDirectoryA
DeleteFileA
GetPrivateProfileSectionNamesA
FormatMessageA
GlobalAlloc
SystemTimeToFileTime
CreateEventA
SetEvent
CreateThread
FileTimeToSystemTime
LocalFree
LocalAlloc
GetNumberFormatA
GetLocaleInfoA
GetFileTime
GetCurrentProcess
ReadFile
SetFilePointer
GetSystemTime
WaitForMultipleObjects
WaitForSingleObject
GlobalUnlock
CreateDirectoryA
lstrcpyA
lstrcmpA
GetTickCount
Sleep
GetPrivateProfileStringA
lstrcpynA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
MultiByteToWideChar
GetLastError
RaiseException
InterlockedExchange
InterlockedDecrement
GetVersionExW
lstrcmpiA
GlobalLock
MulDiv
lstrlenA
GetPrivateProfileIntA
LoadLibraryExW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
FreeLibrary

user32

LoadIconA
LoadBitmapA
WinHelpA
ExitWindowsEx
FindWindowA
SetMenuItemInfoA
InvalidateRect
SetTimer
PostThreadMessageA
PostQuitMessage
SendMessageA
GetDlgItem
SetWindowLongA
EndDialog
SetDlgItemTextA
DialogBoxParamA
GetWindowTextLengthA
EnableWindow
IsDlgButtonChecked
CheckRadioButton
MsgWaitForMultipleObjects
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
CreateDialogIndirectParamA
GetSystemMenu
EnableMenuItem
wsprintfA
DefWindowProcA
TrackPopupMenu
SetMenuDefaultItem
GetParent
PostMessageA
GetWindowLongA
GetSubMenu
LoadMenuA
DeleteMenu
RegisterClipboardFormatA
CheckMenuRadioItem
CheckMenuItem
RemoveMenu
GetDlgItemTextA
LoadStringA
SetFocus
MessageBoxA
GetWindowTextA
CheckDlgButton
ShowWindow
IsWindowVisible
RegisterWindowMessageA
DrawFocusRect
GetSysColor
GetFocus
DestroyIcon
GetNextDlgTabItem
IsWindow
GetMessageA
IsDialogMessageA
TranslateMessage
BeginDeferWindowPos
GetTopWindow
DeferWindowPos
GetWindow
EndDeferWindowPos
SetWindowPlacement
GetKeyState
GetWindowPlacement
CreateWindowExA
IsZoomed
wvsprintfA
SetPropA
GetPropA
RemovePropA
GetClientRect
FillRect
GetDC
ReleaseDC
GetSystemMetrics
ScreenToClient
PeekMessageA
DispatchMessageA
SetWindowTextA
SetWindowPos
GetWindowRect
MapWindowPoints
LoadCursorA
SetCursor
CreateDialogParamA
LoadImageA
UpdateWindow
DestroyWindow
CopyImage
DrawIconEx
DestroyMenu

gdi32

SetBkColor
SelectObject
GetTextExtentPoint32A
GetStockObject
DeleteObject
GetDeviceCaps
GetObjectA
CreateFontIndirectA
ExtTextOutA
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey

shell32

ExtractIconA
ExtractIconExA

ole32

CoInitializeEx
CoGetObject
CoCreateInstance
OleUninitialize
CoInitialize
CoUninitialize
ReleaseStgMedium
StringFromGUID2
DoDragDrop
OleInitialize
CreateStreamOnHGlobal

oleaut32

SafeArrayCreateVector
SysFreeString
SysAllocStringLen
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayDestroy
SafeArrayCreate
SysAllocString

bvrpctln

_Profile_GetBoolean@16
_Profile_SetBoolean@16
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
_Profile_GetString@24
_Profile_DeleteValue@12
_Profile_SetString@16
_Profile_GetBinary@20
_Profile_GetInt@16
_Profile_SetBinary@20
_Profile_SetInt@16
_Profile_GetStringEx@28
?stristr@@YGPADPBD0@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
MakeFullPathName
?GetString@CProfile@@QBEHPBD00PADI@Z
?strremove@@YGPADPADPBD@Z
_Profile_GetCompany@0
?Load@CProfile@@QAE_NPBD@Z
?Unload@CProfile@@QAEXXZ
??0CProfile@@QAE@PBD_N@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?GetInt@CProfile@@QBEHPBD0H@Z
?GetInt@CProfile@@QBEHPBDH@Z
??1CProfile@@UAE@XZ
_CenterWindow@4

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

msvcrt

memmove
strrchr
strncpy
_osver
??2@YAPAXI@Z
_winminor
strstr
_mbsnbcmp
realloc
malloc
free
strchr
strtok
_winmajor
wcspbrk
__CxxFrameHandler
sscanf
sprintf
calloc
tolower
toupper
isalpha
_except_handler3
isdigit
_makepath
_splitpath
wcscat
atoi
wcscpy
memset
memcpy
_CxxThrowException
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
_itoa
_strnicmp
??1type_info@@UAE@XZ

tapi32

lineGetIconA
lineConfigDialogA

shlwapi

StrFromTimeIntervalA
PathRenameExtensionA
PathAppendW
PathFileExistsA
PathAppendA
StrStrA
StrFormatByteSizeA
PathRemoveFileSpecW
PathCombineA
StrTrimA
PathStripPathA

Exports

Exports

RasCM_RemoveAllConnection
RasCM_RemoveConnection
Rundll_Dial
_RasCM_ClearConnectionStatistics@4
_RasCM_Connect@16
_RasCM_Connection@12
_RasCM_ConnectionProperties@12
_RasCM_ConnectionWizard@12
_RasCM_CreateDynamicConnection@16
_RasCM_DeleteDynamicConnection@4
_RasCM_DetectModem@12
_RasCM_Disconnect@4
_RasCM_Disconnection@8
_RasCM_EnumConnections@12
_RasCM_EnumConnectionsEx@16
_RasCM_GetConnectStatus@4
_RasCM_GetConnectionCustomInfo@16
_RasCM_GetConnectionIcon@4
_RasCM_GetConnectionStatistics@8
_RasCM_GetConnectionStatus@8
_RasCM_GetDefaultConnection@4
_RasCM_GetFallbackConnection@8
_RasCM_GetLastConnectedTime@12
_RasCM_GetRASHandle@4
_RasCM_HideConnections@4
_RasCM_Init@8
_RasCM_InitEx@12
_RasCM_IsConnectionAvailable@4
_RasCM_IsDynamicConnection@8
_RasCM_IsMMSConnection@4
_RasCM_ReadConnectionData@12
_RasCM_SetConnectionCustomInfo@16
_RasCM_SetDefaultConnection@12
_RasCM_SetModem@12
_RasCM_SetModemInfos@8
_RasCM_SetOperator@12
_RasCM_Uninit@4
_RasCM_ViewConnections@12
_RasCM_ViewLog@12
_RasCM_WaitForConnection@8
_hpeEntry@16

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdataSW
Size: 4KB - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SMStempl.txt
WinInetErrors.dll
.dll windows:4 windows x86 arch:x86

096ff27345571a78330d298d2f9eab37

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GlobalAlloc
GetCommandLineA
GetVersion
HeapFree
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

LoadStringA

Exports

Exports

??0CWinInetErrors@@QAE@ABV0@@Z
??0CWinInetErrors@@QAE@K@Z
??0CWinInetErrors@@QAE@XZ
??1CWinInetErrors@@UAE@XZ
??4CWinInetErrors@@QAEAAV0@ABV0@@Z
??_7CWinInetErrors@@6B@
?GetMessageA@CWinInetErrors@@QAEPBDK@Z
?GetMessageA@CWinInetErrors@@QAEPBDXZ
_GetErrorMessage@4

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bvrpctln.dll
.dll windows:4 windows x86 arch:x86

742915a85752f9717e8e687b06c0e4bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathW

kernel32

AddAtomA
RaiseException
InterlockedExchange
lstrcpyA
GetWindowsDirectoryA
WriteProfileStringA
GetProfileStringA
FormatMessageA
QueryPerformanceFrequency
QueryPerformanceCounter
FlushFileBuffers
WaitForMultipleObjects
CreateEventW
ResumeThread
GetCurrentProcessId
FormatMessageW
FileTimeToSystemTime
GetDateFormatW
FindFirstFileW
_lopen
GetModuleFileNameA
WideCharToMultiByte
DeleteFileA
lstrcmpA
lstrcpynW
InterlockedDecrement
lstrlenW
MultiByteToWideChar
Sleep
GlobalReAlloc
GlobalUnlock
GlobalHandle
GlobalAlloc
GlobalLock
lstrlenA
UnmapViewOfFile
CloseHandle
GlobalAddAtomA
GlobalDeleteAtom
_lclose
_lcreat
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
CreateEventA
_llseek
GlobalFindAtomA
GetVersionExA
ReadFile
GetFileSize
CreateFileA
lstrcmpiA
WriteFile
CreateFileW
GetCurrentThreadId
lstrcpynA
GlobalFree
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyW
GetLastError
LocalFree
LocalAlloc
GetComputerNameA
lstrcatA
RemoveDirectoryA
FindClose
FindNextFileA
SetLastError
GetFullPathNameA
FindFirstFileA
MoveFileA
DebugBreak
OutputDebugStringA
WaitForSingleObject
CopyFileA
GetTempPathA
GetEnvironmentVariableA
GetFileAttributesExA
CreateDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileInformationByHandle
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointerEx
lstrcmpiW
lstrcmpW
SystemTimeToFileTime
GetCurrentDirectoryW
SetEndOfFile
lstrcatW
CreateDirectoryW
GetFileAttributesW
SetFilePointer
GetFileSizeEx
GetSystemTime
GetTickCount
LeaveCriticalSection
EnterCriticalSection
CreateThread
SetEvent
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
_lread
_lwrite
IsBadReadPtr
CompareFileTime
HeapDestroy
HeapCreate
HeapFree
LoadLibraryExW
GetLocaleInfoW
GetModuleFileNameW
GetPrivateProfileStringW
GetAtomNameW
DeleteAtom
AddAtomW
LoadLibraryW
GetProcessHeap
HeapAlloc
DisableThreadLibraryCalls
MulDiv
GetTempFileNameA
GetModuleHandleW
GetFileAttributesA

user32

GetCapture
SetWindowRgn
SetWindowTextW
RegisterClassExW
LoadCursorW
GetNextDlgTabItem
PostMessageW
UnregisterClassW
RegisterClassW
ChildWindowFromPoint
GetWindowTextLengthA
ScrollWindowEx
TrackMouseEvent
IsWindowVisible
SystemParametersInfoA
DestroyIcon
SetCursorPos
DrawIcon
SystemParametersInfoW
GetDlgItemTextW
CreateDialogParamW
MessageBeep
WinHelpA
UpdateWindow
GetClassNameA
TranslateMessage
EqualRect
MapWindowPoints
ShowWindow
DestroyWindow
SetWindowLongA
DrawTextExA
IsZoomed
SetWindowPlacement
GetWindowPlacement
ChangeClipboardChain
SetClipboardViewer
DrawTextExW
PeekMessageW
DispatchMessageW
LoadImageW
GetWindowThreadProcessId
GetPropW
GetWindowRgn
DefWindowProcW
GetUpdateRect
IsCharAlphaNumericA
SetPropA
LoadIconA
GetPropA
RemovePropA
GetIconInfo
DrawEdge
LoadStringW
SetWindowsHookExW
GetWindowTextLengthW
AdjustWindowRectEx
ScreenToClient
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetWindowTextW
DrawTextW
CreateWindowExW
GetWindowLongW
CheckDlgButton
SetMenuDefaultItem
SetPropW
GetTopWindow
IntersectRect
SendMessageW
FrameRect
DrawFocusRect
IsMenu
InvalidateRect
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
DrawIconEx
GetWindowDC
DrawFrameControl
DrawStateA
ClientToScreen
PtInRect
CallWindowProcW
CallWindowProcA
InflateRect
SetCapture
IsWindow
IsWindowUnicode
SetWindowLongW
LoadImageA
GetActiveWindow
SetRect
RegisterClassExA
BeginPaint
EndPaint
RedrawWindow
KillTimer
SetTimer
GetSysColorBrush
FillRect
GetDesktopWindow
IsDlgButtonChecked
CharNextA
wsprintfW
IsWindowEnabled
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
DrawTextA
GetWindow
GetMenu
GetSystemMetrics
DialogBoxParamA
SetWindowTextA
EndDialog
wvsprintfA
GetDC
ReleaseDC
UnregisterClassA
RegisterClassA
DefWindowProcA
InsertMenuItemA
UnhookWindowsHookEx
SetWindowsHookExA
SetFocus
GetKeyState
GetAncestor
CallNextHookEx
OffsetRect
GetMenuItemCount
AppendMenuW
GetCursorPos
GetMenuItemInfoW
GetMenuItemInfoA
GetSysColor
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
TrackPopupMenuEx
GetMenuStringA
MsgWaitForMultipleObjects
SetCursor
LoadCursorA
ReleaseCapture
PeekMessageA
DispatchMessageA
MessageBoxA
PostMessageA
GetWindowLongA
EnableWindow
SendInput
WindowFromPoint
RegisterWindowMessageW
GetCursor
GetWindowTextA
GetDlgCtrlID
GetParent
GetClassInfoExW
LoadMenuA
GetSubMenu
EnableMenuItem
DeleteMenu
LoadStringA
InsertMenuA
TrackPopupMenu
GetFocus
IsChild
wsprintfA
CreateDialogParamA
SetWindowPos
GetClientRect
SendMessageA
DestroyMenu
CreateWindowExA
GetDlgItem
IsDialogMessageA
GetWindowRect
SetForegroundWindow
SetActiveWindow
FindWindowA
GetDCEx
GetClassLongW
SendMessageTimeoutA
GetMenuState
IsIconic
PostQuitMessage
GetMessageA
LoadCursorFromFileA
GetSystemMenu
MoveWindow

gdi32

ExtSelectClipRgn
SelectClipRgn
SaveDC
GetTextExtentPointA
ExtTextOutA
RestoreDC
ExcludeClipRect
GetObjectW
GetDeviceCaps
CreateFontIndirectW
SetTextAlign
CreateRectRgnIndirect
EnumFontFamiliesA
GetStockObject
SelectObject
DeleteDC
BitBlt
SetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
SetDIBits
CreateDIBSection
CreatePatternBrush
CreateBitmapIndirect
PatBlt
TextOutA
CreateRoundRectRgn
StretchBlt
SetStretchBltMode
SetLayout
ExtTextOutW
GetDIBits
GetTextMetricsW
EnumFontFamiliesExA
OffsetWindowOrgEx
OffsetRgn
SetWindowOrgEx
GetCurrentPositionEx
GetCurrentObject
GetTextColor
Polygon
UnrealizeObject
DeleteObject
SetBrushOrgEx
GetTextExtentPoint32W
GetPixel
CreatePen
GetTextExtentPoint32A
LineTo
MoveToEx
CreateSolidBrush
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
SetPixel
SetPixelV
CreateBitmap
PtInRegion
CreateEllipticRgn
CreateHatchBrush
TextOutW
Rectangle

winspool.drv

ClosePrinter
EnumPrintersA
ord201
OpenPrinterA
ord202
GetPrinterA

comdlg32

GetSaveFileNameA
ChooseFontA
GetOpenFileNameA

advapi32

CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptDecrypt
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegSetValueExW
RegCreateKeyExW
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExA
CryptAcquireContextA

shell32

ord25
ord18
SHGetFolderLocation
ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHGetDesktopFolder
ord2
SHGetFileInfoW
ord4
SHGetPathFromIDListW
ShellExecuteA
ShellExecuteW
SHGetDataFromIDListW
SHFileOperationW

ole32

CoTaskMemFree
CoTaskMemAlloc
GetHGlobalFromStream
CLSIDFromProgID
CoUninitialize
CreateBindCtx
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
OleSetContainedObject
OleCreateFromFile
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfile
OleRun
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringByteLen
VariantClear
SysStringLen
VariantChangeType
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SysStringByteLen
VariantInit
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SysAllocStringLen
OleLoadPicture
SysFreeString

comctl32

ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragMove
ImageList_DragLeave
ImageList_EndDrag
ImageList_Create
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_Add
ImageList_Remove
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_DrawIndirect
ord17
CreateToolbarEx
InitCommonControlsEx
ImageList_Destroy
ImageList_Duplicate
ImageList_GetImageCount
ImageList_Draw
ImageList_SetDragCursorImage

oledlg

ord1

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ

msvcrt

wcslen
wcsstr
free
malloc
wcsncpy
_splitpath
swprintf
_except_handler3
strncmp
wcscpy
wcscat
wcsrchr
_wtoi
rand
_purecall
strchr
fclose
fgets
fopen
wcschr
iswxdigit
memmove
strstr
_strnicmp
_strupr
isdigit
??2@YAPAXI@Z
strrchr
_CxxThrowException
strpbrk
_stricmp
_close
strncpy
_open
_errno
_read
_write
_lseek
remove
_tempnam
calloc
srand
_winminor
_winmajor
wcscmp
_ftol
_CIpow
_strdup
_vsnprintf
_wcsnicmp
iswspace
_osver
_makepath
isspace
strtol
mbstowcs
wcstombs
_strcmpi
toupper
towupper
strtok
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
atoi
_filelength
_wcsicmp
_unlink
realloc

urlmon

CreateURLMoniker

wininet

InternetCrackUrlW

msimg32

AlphaBlend
GradientFill

msvfw32

MCIWndCreateA

avifil32

AVIFileExit
AVIFileInfoA
AVIFileOpenA
AVIFileRelease
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamGetFrameOpen
AVIStreamLength
AVIStreamStart
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrame
AVIStreamSetFormat
AVIMakeCompressedStream
AVIFileCreateStreamA
AVIStreamWrite
AVIFileInit

shlwapi

UrlGetPartW
PathAppendA
PathFindExtensionW
PathRemoveBackslashA
SHCreateStreamOnFileW
StrToIntExW
PathAppendW
PathRemoveFileSpecW
StrRChrW
PathIsDirectoryW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecA
PathIsRelativeA
StrFormatKBSizeW
PathMatchSpecW
StrStrIA
StrStrA
StrCpyW
StrStrW
StrStrIW
UrlGetPartA
PathAddBackslashW
PathRenameExtensionA
PathFindFileNameA
StrCmpNIA
PathAddBackslashA
PathRelativePathToA
PathFileExistsW
PathCreateFromUrlW
UrlCombineW
PathRenameExtensionW
UrlIsW
PathFindExtensionA
StrToIntW
StrTrimW
StrChrW
StrCmpNIW
SHDeleteEmptyKeyA
SHDeleteKeyA
PathAddExtensionA

wsock32

WSAStartup
gethostbyname
WSACleanup

Exports

Exports

??0CAvi@@QAE@PBD@Z
??0CDynArray@@QAE@HH@Z
??0CDynArray@@QAE@XZ
??0CPacFile@@QAE@PBD0@Z
??0CProfile@@QAE@ABV0@@Z
??0CProfile@@QAE@PBD_N@Z
??0CWaitDialog@@QAE@ABV0@@Z
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z
??1CAvi@@QAE@XZ
??1CDynArray@@QAE@XZ
??1CPacFile@@QAE@XZ
??1CProfile@@UAE@XZ
??1CWaitDialog@@UAE@XZ
??4CAvi@@QAEAAV0@ABV0@@Z
??4CDynArray@@QAEAAV0@ABV0@@Z
??4CPacFile@@QAEAAV0@ABV0@@Z
??4CProfile@@QAEAAV0@ABV0@@Z
??4CWaitDialog@@QAEAAV0@ABV0@@Z
??BCWaitDialog@@QBEPAUHWND__@@XZ
??_7CProfile@@6B@
??_7CWaitDialog@@6B@
??_C@_00A@?$AA@
??_FCAvi@@QAEXXZ
??_FCPacFile@@QAEXXZ
??_FCProfile@@QAEXXZ
?AddDialogHeader@@YG_NPAUHWND__@@PAUDialogHeader@@@Z
?AddItem@CDynArray@@QAEHPAX@Z
?AddItem@CDynArray@@QAEPAXXZ
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
?AnimatedPng_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?AppendItem@CDynArray@@QAEHPAX@Z
?AppendItem@CDynArray@@QAEPAXXZ
?AppendZip@@YGPAUHZIP__@@PBGPBD@Z
?AppendZip@@YGPAUHZIP__@@PB_WPBD@Z
?ArrangeControls@@YAXPAUHWND__@@W4ARRANGE_WAY@@HHHZZ
?BrowseEdit@@YG_NPAUHWND__@@K@Z
?BtnMenu_Init@@YG_NPAUHWND__@@@Z
?BtnMenu_Init@@YG_NPAUHWND__@@H@Z
?BtnMenu_OnDrawItem@@YGXPAUHWND__@@PBUtagDRAWITEMSTRUCT@@@Z
?BtnMenu_PopMenu@@YGHPAUHWND__@@PAUHMENU__@@@Z
?CheckGroupBox_Create@@YG_NPAUHWND__@@HIII@Z
?CheckGroupBox_GetCheck@@YGIPAUHWND__@@@Z
?CheckGroupBox_SetCheck@@YGXPAUHWND__@@I@Z
?CheckVideoType@CAvi@@QAE_NXZ
?CloseZip@@YGKPAUHZIP__@@@Z
?ConvertStaticToGroupLine@@YGXPAUHWND__@@H_N@Z
?CountOfStream@CAvi@@QAEIXZ
?Create@CDynArray@@QAEXHH@Z
?CreateVideoStream@CAvi@@QAE_NPAUtagBITMAPINFOHEADER@@K@Z
?CreateZip@@YGPAUHZIP__@@PAXIPBD@Z
?CreateZip@@YGPAUHZIP__@@PBD0@Z
?CreateZipA@@YGPAUHZIP__@@PBD0@Z
?CreateZipHandle@@YGPAUHZIP__@@PAXPBD@Z
?CreateZipW@@YGPAUHZIP__@@PBGPBD@Z
?CreateZipW@@YGPAUHZIP__@@PB_WPBD@Z
?DeleteAllItems@CDynArray@@QAEXXZ
?DeleteItem@CDynArray@@QAEHH@Z
?Destroy@CDynArray@@QAEXXZ
?DoModal@CWaitDialog@@QAEHKK@Z
?DrawHTML@@YGHPAUHDC__@@PBDHPAUtagRECT@@I@Z
?DrawHTMLA@@YGHPAUHDC__@@PBDHPAUtagRECT@@I@Z
?DrawHTMLW@@YGHPAUHDC__@@PBGHPAUtagRECT@@I@Z
?ExpandBox@@YGXHPAUHWND__@@HH@Z
?FakeProgress_CreateFromControl@@YGPAUHWND__@@PAU1@HK@Z
?FileCreate@CAvi@@QAE_NPBD@Z
?FileOpen@CAvi@@QAE_NPBD@Z
?FileRelease@CAvi@@QAEXXZ
?FindChapter@CProfile@@ABEPAUChapter@1@PBD@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD0@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?FindSection@CProfile@@ABEPAUSection@1@PBD@Z
?FindZipItem@@YGKPAUHZIP__@@PBD_NPAHPAUZIPENTRY@@@Z
?FindZipItemA@@YGKPAUHZIP__@@PBD_NPA_KPAUZIPENTRYA@@@Z
?FindZipItemW@@YGKPAUHZIP__@@PBG_NPA_KPAUZIPENTRYW@@@Z
?FindZipItemW@@YGKPAUHZIP__@@PB_W_NPA_KPAUZIPENTRYW@@@Z
?FormatBarText@CWaitDialog@@QBAABV1@PBDZZ
?FormatProgressText@CWaitDialog@@QBAABV1@PBDZZ
?FormatZipMessage@@YGIPAUHZIP__@@KPADI@Z
?FormatZipMessageA@@YGIPAUHZIP__@@KPADI@Z
?FormatZipMessageW@@YGIPAUHZIP__@@KPAGI@Z
?FormatZipMessageW@@YGIPAUHZIP__@@KPA_WI@Z
?Free@CProfile@@AAEXPAUSection@1@PAUChapter@1@@Z
?GetChapterName@CProfile@@QBEPBDXZ
?GetChildRect@CWaitDialog@@IBE?AUtagRECT@@PAUHWND__@@@Z
?GetInt@CProfile@@QBEHPBD0H@Z
?GetInt@CProfile@@QBEHPBDH@Z
?GetItem@CDynArray@@QBE_NHPAX@Z
?GetItemCount@CDynArray@@QBEHXZ
?GetItemPtr@CDynArray@@QBEPAXH@Z
?GetItemSize@CDynArray@@QBEHXZ
?GetKeyName@CProfile@@QBEPBDXZ
?GetKeyValue@CProfile@@QBEPBDXZ
?GetLine@CPacFile@@QAEPADPADH@Z
?GetMessageBoxCheck@@YGHPBD@Z
?GetMessageBoxCheck@@YGHPBG@Z
?GetPtr@CPacFile@@QAEPAEXZ
?GetSafeHwnd@CWaitDialog@@QBEPAUHWND__@@XZ
?GetSectionName@CProfile@@QBEPBDXZ
?GetSize@CPacFile@@QAEHXZ
?GetString@CProfile@@QBEHPBD00PADI@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
?GetUserContext@CWaitDialog@@QBEPAXXZ
?GetZipItem@@YGKPAUHZIP__@@HPAUZIPENTRY@@@Z
?GetZipItemA@@YGKPAUHZIP__@@_KPAUZIPENTRYA@@@Z
?GetZipItemW@@YGKPAUHZIP__@@_KPAUZIPENTRYW@@@Z
?GotoChapter@CProfile@@QAE_NPBD@Z
?GotoFirstChapter@CProfile@@QAE_NXZ
?GotoFirstKey@CProfile@@QAE_NXZ
?GotoFirstSection@CProfile@@QAE_NXZ
?GotoFirstSectionOfChapter@CProfile@@QAE_NXZ
?GotoKey@CProfile@@QAE_NPBD@Z
?GotoNextChapter@CProfile@@QAE_NXZ
?GotoNextKey@CProfile@@QAE_NXZ
?GotoNextSection@CProfile@@QAE_NXZ
?GotoNextSectionOfChapter@CProfile@@QAE_NXZ
?GotoSection@CProfile@@QAE_NPBD@Z
?HTML_LoadW@@YGHPAUHWND__@@PBGK@Z
?HideCancel@CWaitDialog@@QBEABV1@XZ
?HideControlAndMoveV@@YAXPAUHWND__@@_NHHZZ
?HideGroup@@YGXPAUHWND__@@_NH@Z
?HideProgressBar@CWaitDialog@@QBEABV1@XZ
?Infobox_Create@@YGPAUHWND__@@PAU1@PAUINFOBOX@@@Z
?Infobox_CreateW@@YGPAUHWND__@@PAU1@PAUINFOBOXW@@@Z
?InitAnimatedPng@@YGXXZ
?InitFakeProgress@@YGXXZ
?InitSimpleBrowser@@YGXXZ
?InitTabbedBrowser@@YGXXZ
?InsertButton@@YG_NPAUHWND__@@IPAUHICON__@@@Z
?InsertItem@CDynArray@@QAEHHPAX@Z
?InsertItem@CDynArray@@QAEPAXH@Z
?IsBoxExpanded@@YG_NPAUHWND__@@H@Z
?IsCancelled@CWaitDialog@@QBE_NXZ
?IsEntryComment@CProfile@@ABE_NPBD@Z
?IsLoaded@CProfile@@QBE_NXZ
?LinkControls@@YGHPAUHWND__@@HH_NH@Z
?Load@CPacFile@@QAE_NPBD0@Z
?Load@CProfile@@QAE_NPBD0@Z
?Load@CProfile@@QAE_NPBD@Z
?LoadTree@CProfile@@AAE_NPAVCPacFile@@@Z
?LoadVideoStream@CAvi@@QAE_NH@Z
?MemAlloc@CProfile@@AAEPAXK@Z
?MemFree@CProfile@@AAEXPAX@Z
?MessageBoxCheck@@YGHPAUHWND__@@PAUHINSTANCE__@@PBD2K2K@Z
?MessageBoxCheck@@YGHPAUHWND__@@PAUHINSTANCE__@@PBG2K2K@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
?MessageBoxPlus@@YAHPAUMSGBOXPLUSW@@ZZ
?MoveControlsH@@YAXPAUHWND__@@H_N1HZZ
?MoveControlsV@@YAXPAUHWND__@@H_NHZZ
?OnCommand@CWaitDialog@@IAEXPAUHWND__@@H0I@Z
?OnInitDialog@CWaitDialog@@IAEHPAUHWND__@@0J@Z
?OpenZip@@YGPAUHZIP__@@PBD0@Z
?OpenZip@@YGPAUHZIP__@@PBXIPBD@Z
?OpenZipA@@YGPAUHZIP__@@PBD0@Z
?OpenZipHandle@@YGPAUHZIP__@@PAXPBD@Z
?OpenZipW@@YGPAUHZIP__@@PBGPBD@Z
?OpenZipW@@YGPAUHZIP__@@PB_WPBD@Z
?PocketHTML@@YGXPAUHWND__@@@Z
?Profile_GetBooleanEx@@YGHPAUHKEY__@@PBD11H@Z
?PwdApiChangePassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?PwdApiGetPassword@@YGJPAUPASSWORDAPIPARAM@@@Z
?RemoveZipItem@@YGKPAUHZIP__@@_K@Z
?Resize_Exit@@YGXPAUHWND__@@@Z
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
?Resize_LoadPlacement@@YGXPAUHWND__@@PBDHH@Z
?Resize_OnGetMinMaxInfo@@YGXPAUHWND__@@PAUtagMINMAXINFO@@@Z
?Resize_OnNCHitTest@@YGIPAUHWND__@@HH@Z
?Resize_OnSize@@YGXPAUHWND__@@IHH@Z
?Resize_SavePlacement@@YGXPAUHWND__@@PBD@Z
?Resize_SetFlags@@YGXPAUHWND__@@II@Z
?Resize_SetMaxSize@@YGXPAUHWND__@@AAUtagSIZE@@@Z
?Resize_SetMinSize@@YGXPAUHWND__@@AAUtagSIZE@@@Z
?Resize_UpdateClientRect@@YG_NPAUHWND__@@HH@Z
?Resize_UpdateWndRect@@YG_NPAUHWND__@@I@Z
?SetAnimatedIcon@CWaitDialog@@QBEABV1@PBD@Z
?SetBarText@CWaitDialog@@QBEABV1@PBD@Z
?SetControlsState@@YAXPAUHWND__@@HHHZZ
?SetIcon@CWaitDialog@@QBEABV1@PAUHICON__@@@Z
?SetItem@CDynArray@@QAE_NHPAX@Z
?SetMessageBoxCheck@@YGXPBDH@Z
?SetMessageBoxCheck@@YGXPBGH@Z
?SetProgressPos@CWaitDialog@@QBEABV1@H@Z
?SetProgressRange@CWaitDialog@@QBEABV1@HH@Z
?SetProgressText@CWaitDialog@@QBEABV1@PBD@Z
?SetUnzipBaseDir@@YGKPAUHZIP__@@PBD@Z
?SetUnzipBaseDirA@@YGKPAUHZIP__@@PBD@Z
?SetUnzipBaseDirW@@YGKPAUHZIP__@@PBG@Z
?SetUnzipBaseDirW@@YGKPAUHZIP__@@PB_W@Z
?SetWindowTextA@CWaitDialog@@QBEABV1@PBD@Z
?SetWindowTitle@CWaitDialog@@QBEABV1@PBD@Z
?ShouldTerminate@CWaitDialog@@QBE_NXZ
?SimpleBrowser_ApplyColorScheme@@YGXH@Z
?SizeControls@@YAXPAUHWND__@@KHHZZ
?SizeCtrlToText@@YG?AUtagSIZE@@PAUHWND__@@H@Z
?SizeCtrlToTextEx@@YG?AUtagSIZE@@PAUHWND__@@HK@Z
?SyncChapterWithSection@CProfile@@QAE_NXZ
?TabbedBrowser_SetCustomDesign@@YGXPBG@Z
?TextScroller@@YGXPAUHWND__@@_N@Z
?Unload@CPacFile@@QAEXXZ
?Unload@CProfile@@QAEXXZ
?Unpac@CPacFile@@AAEHPBD0PAEPAK@Z
?UnzipItem@@YGKPAUHZIP__@@HPBD@Z
?UnzipItemA@@YGKPAUHZIP__@@_KPBD@Z
?UnzipItemHandle@@YGKPAUHZIP__@@_KPAX@Z
?UnzipItemMemory@@YGKPAUHZIP__@@_KPAXI@Z
?UnzipItemW@@YGKPAUHZIP__@@_KPBG@Z
?UnzipItemW@@YGKPAUHZIP__@@_KPB_W@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?VideoAddFrame@CAvi@@QAE_NPAEH@Z
?VideoGetFrame@CAvi@@QAEPAUtagBITMAPINFO@@J@Z
?VideoGetFrameAsBitmap@CAvi@@QAEPAUHBITMAP__@@JK@Z
?VideoHeight@CAvi@@QAEIXZ
?VideoRate@CAvi@@QAEIXZ
?VideoStreamEnd@CAvi@@QAEJXZ
?VideoStreamStart@CAvi@@QAEJXZ
?VideoWidth@CAvi@@QAEIXZ
?ZipAdd@@YGKPAUHZIP__@@PBD1@Z
?ZipAdd@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddA@@YGKPAUHZIP__@@PBD1@Z
?ZipAddA@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddFolder@@YGKPAUHZIP__@@PBD@Z
?ZipAddFolderA@@YGKPAUHZIP__@@PBD@Z
?ZipAddFolderW@@YGKPAUHZIP__@@PBG@Z
?ZipAddFolderW@@YGKPAUHZIP__@@PB_W@Z
?ZipAddHandle@@YGKPAUHZIP__@@PBDPAX@Z
?ZipAddHandle@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddHandleA@@YGKPAUHZIP__@@PBDPAX@Z
?ZipAddHandleA@@YGKPAUHZIP__@@PBDPAXI@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PBGPAX@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PBGPAXI@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PB_WPAX@Z
?ZipAddHandleW@@YGKPAUHZIP__@@PB_WPAXI@Z
?ZipAddW@@YGKPAUHZIP__@@PBG1@Z
?ZipAddW@@YGKPAUHZIP__@@PBGPAXI@Z
?ZipAddW@@YGKPAUHZIP__@@PB_W1@Z
?ZipAddW@@YGKPAUHZIP__@@PB_WPAXI@Z
?ZipGetMemory@@YGKPAUHZIP__@@PAPAXPAK@Z
?ZipSetCompression@@YGKPAUHZIP__@@H@Z
?apCreateInstance@@YGPAXABU_GUID@@@Z
?striremove@@YGPADPADPBD@Z
?striremove@@YGPAGPAGPBG@Z
?strireplace@@YGPADPADPBD1@Z
?strireplace@@YGPAGPAGPBG1@Z
?stristr@@YGPADPBD0@Z
?strltrim@@YGPADPAD@Z
?strmatch@@YG_NPBD0@Z
?strmatch@@YG_NPBG0@Z
?strremove@@YGPADPADPBD@Z
?strremove@@YGPAGPAGPBG@Z
?strrepc@@YGPADPADDD@Z
?strrepc@@YGPAGPAGGG@Z
?strreplace@@YGPADPADPBD1@Z
?strreplace@@YGPAGPAGPBG1@Z
?strrtrim@@YGPADPAD@Z
?vaMoveControlsH@@YGXPAUHWND__@@H_N1PAH@Z
?vaMoveControlsV@@YGXPAUHWND__@@H_NPAH@Z
BvrpctlGetVer
CreateDitherButton
CreateGrayedBitmap
CreateGrayedButton
CreateHeader
DuplicateBitmap
ExtTransBitmap
GetBoldFont
GetDitherBrush
GetNormalFont
HDrawBitmap
HTextOut
HTransBitmap
LinkCreate
LoadMappedBitmap
LoadMappedButton
MakeFullPathName
SysColorChange
TransBitmap
_AddSizeGrip@4
_CalculateEMSCount@8
_CenterWindow@4
_CreateEMSWnd@16
_CreateHtmlSlideView@20
_DestroyEMSWnd@8
_DrawGradientRect@20
_EMSPrint@8
_EMSPrintW@8
_EMSStreamToHTML@20
_EMSToDGR@16
_EMSToDGRW@16
_EMSToHTML@16
_EMSToHTMLW@16
_EditList_AddString@8
_EditList_Create@12
_EditList_GetCount@4
_EditList_GetText@16
_EditList_GetTextLen@8
_EditList_ReadFile@8
_EditList_WriteFile@8
_EnChangeNotifyAvailable@4
_FitToScreen@16
_GetDefaultCtrlFontNameA@0
_GetDefaultCtrlFontNameW@0
_GetEMSLevel@4
_GetEMSToolBar@4
_GetResourceInstance@4
_GetResourcePath@8
_HTMLToEMS@24
_HTMLToEMSW@24
_HTML_AddText@12
_HTML_BlockQuoteText@4
_HTML_CallScript@20
_HTML_CallScriptW@20
_HTML_CanCopy@4
_HTML_CanGoBack@4
_HTML_CanGoForward@4
_HTML_Create@20
_HTML_CreateBrowser@20
_HTML_CreateBrowserW@20
_HTML_CreateEx@24
_HTML_CreateExW@24
_HTML_CreateW@20
_HTML_FindElementById@12
_HTML_FindElementByIdW@12
_HTML_GetAttribute@20
_HTML_GetAttributeW@20
_HTML_GetBoundingRect@8
_HTML_GetCaretPos@8
_HTML_GetCharset@12
_HTML_GetCharsetW@12
_HTML_GetChecked@12
_HTML_GetCheckedW@12
_HTML_GetEditFormat@4
_HTML_GetElementRect@12
_HTML_GetElementRectW@12
_HTML_GetInputValue@16
_HTML_GetInputValueW@16
_HTML_GetSelectedText@8
_HTML_GetSelectedTextW@8
_HTML_GetTagText@20
_HTML_GetTagTextW@20
_HTML_GetText@20
_HTML_GoBack@4
_HTML_GoForward@4
_HTML_GoHome@4
_HTML_Load@12
_HTML_Navigate@12
_HTML_NavigateW@12
_HTML_Print@24
_HTML_PrintToDGR@20
_HTML_PrintToDGRW@20
_HTML_PrintW@24
_HTML_Refresh2@8
_HTML_Refresh@4
_HTML_RemoveTag@12
_HTML_RemoveTagW@12
_HTML_ReplaceSelectionText@8
_HTML_ReplaceSelectionTextW@8
_HTML_Select_AddOption@16
_HTML_Select_AddOptionW@16
_HTML_Select_GetSelectedOption@28
_HTML_Select_GetSelectedOptionW@28
_HTML_Select_RemoveAllOptions@8
_HTML_Select_RemoveAllOptionsW@8
_HTML_SetAttribute@16
_HTML_SetAttributeW@16
_HTML_SetCharset@8
_HTML_SetCharsetW@8
_HTML_SetChecked@12
_HTML_SetCheckedW@12
_HTML_SetDisplayed@12
_HTML_SetDisplayedW@12
_HTML_SetEditFormat@12
_HTML_SetEnabled@12
_HTML_SetEnabledW@12
_HTML_SetExternal@8
_HTML_SetFont@16
_HTML_SetFontW@16
_HTML_SetImage@12
_HTML_SetImageW@12
_HTML_SetInputValue@12
_HTML_SetInputValueW@12
_HTML_SetTagText@16
_HTML_SetTagTextW@16
_HTML_SetText@20
_HTML_SetToolTip@12
_HTML_SetToolTipW@12
_HTML_SetZoomFactor@8
_HTML_Stop@4
_HTML_TranslateAccelerator@8
_HistCombo_Init@8
_HistCombo_Update@4
_InitSmartCaption@0
_InitSplitter@4
_InitSplitterWnd@0
_InsertText@12
_InsertTextW@12
_IsInternetConnected@4
_IsInternetConnectedT@8
_IsInternetConnectedW@4
_Link_Create@8
_Link_SetColors@12
_MakeFullPathNameW@12
_ParseSendToURL@4
_PrintEMSContent@36
_Profile_CheckEntry@12
_Profile_CheckEntryEx@16
_Profile_CheckEntryExW@16
_Profile_CheckEntryW@12
_Profile_DeleteSection@8
_Profile_DeleteSectionW@8
_Profile_DeleteValue@12
_Profile_DeleteValueW@12
_Profile_GetAppName@0
_Profile_GetAppNameW@0
_Profile_GetBinary@20
_Profile_GetBinaryEx@24
_Profile_GetBinaryExW@24
_Profile_GetBinarySize@12
_Profile_GetBinarySizeEx@16
_Profile_GetBinarySizeExW@16
_Profile_GetBinarySizeW@12
_Profile_GetBinaryW@20
_Profile_GetBoolean@16
_Profile_GetBooleanExW@20
_Profile_GetBooleanW@16
_Profile_GetCompany@0
_Profile_GetCompanyW@0
_Profile_GetInt@16
_Profile_GetIntEx@20
_Profile_GetIntExW@20
_Profile_GetIntW@16
_Profile_GetProfile@4
_Profile_GetProfileEx@8
_Profile_GetProfileExW@8
_Profile_GetProfileW@4
_Profile_GetRoot@0
_Profile_GetRootW@0
_Profile_GetSection@8
_Profile_GetSectionEx@12
_Profile_GetSectionExW@12
_Profile_GetSectionW@8
_Profile_GetString@24
_Profile_GetStringEx@28
_Profile_GetStringExW@28
_Profile_GetStringW@24
_Profile_RenameSection@12
_Profile_RenameSectionW@12
_Profile_SetAppName@4
_Profile_SetAppNameW@4
_Profile_SetBinary@20
_Profile_SetBinaryW@20
_Profile_SetBoolean@16
_Profile_SetBooleanW@16
_Profile_SetCompany@4
_Profile_SetCompanyW@4
_Profile_SetInt@16
_Profile_SetIntW@16
_Profile_SetProfile@4
_Profile_SetRoot@4
_Profile_SetRootW@4
_Profile_SetString@16
_Profile_SetStringW@16
_RTF_Create@16
_RTF_CreateEx@24
_RTF_GetCharEffects@12
_RTF_GetEditCtrl@4
_RTF_GetParaAlignment@8
_RTF_GetText@12
_RTF_Open@8
_RTF_OpenEx@12
_RTF_Reset@28
_RTF_Save@8
_RTF_SetText@12
_Rebar_ChevronPushed@8
_Rebar_MenuChevronPushed@8
_Rebar_MenuDrawItem@8
_Rebar_MenuMeasureItem@8
_SaveEmsHtmlDocument@16
_SaveEmsHtmlDocumentW@16
_SetEMSLevel@8
_SetHtmlSlideGradientColor@12
_SetSplitter@12
_ShowSizeGrip@8
_ShowSlider@8

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mPhonetools.exe
.exe windows:4 windows x86 arch:x86

ede06f7404aa9a3abcf079e9d93447c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_GetIconSize
ImageList_Draw
ImageList_LoadImageA
ord6
InitCommonControlsEx
PropertySheetA
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
ImageList_Add
ImageList_DrawEx

bvrpctln

?Resize_OnSize@@YGXPAUHWND__@@IHH@Z
?Resize_Exit@@YGXPAUHWND__@@@Z
_Profile_GetStringEx@28
_Profile_GetIntEx@20
_CenterWindow@4
?strreplace@@YGPADPADPBD1@Z
?FindKey@CProfile@@ABEPAUKey@1@PBD@Z
?GetString@CProfile@@QBEHPBD0PADI@Z
?GetInt@CProfile@@QBEHPBD0H@Z
_Profile_GetString@24
_Profile_SetInt@16
_Profile_SetString@16
_Profile_SetBoolean@16
?BrowseEdit@@YG_NPAUHWND__@@K@Z
?MessageBoxPlus@@YAHPAUMSGBOXPLUS@@ZZ
??1CWaitDialog@@UAE@XZ
?DoModal@CWaitDialog@@QAEHKK@Z
?UseFakeProgress@CWaitDialog@@QBEABV1@XZ
?HideCancel@CWaitDialog@@QBEABV1@XZ
??0CWaitDialog@@QAE@PAUHWND__@@P6GHPBV0@@ZPAX@Z
?Resize_Init@@YG_NPAUHWND__@@IQAUSIZING@@H@Z
?HideGroup@@YGXPAUHWND__@@_NH@Z
?SetControlsState@@YAXPAUHWND__@@HHHZZ
?Resize_OnGetMinMaxInfo@@YGXPAUHWND__@@PAUtagMINMAXINFO@@@Z
_Profile_GetBinary@20
?SetProgressText@CWaitDialog@@QBEABV1@PBD@Z
_Profile_SetBinary@20
ord1
ord2
_Profile_GetCompany@0
_Profile_GetRoot@0
_Profile_SetRoot@4
??1CDynArray@@QAE@XZ
?CheckGroupBox_GetCheck@@YGIPAUHWND__@@@Z
?CheckGroupBox_Create@@YG_NPAUHWND__@@HIII@Z
?ConvertStaticToGroupLine@@YGXPAUHWND__@@H_N@Z
?PocketHTML@@YGXPAUHWND__@@@Z
?strmatch@@YG_NPBD0@Z
??1CProfile@@UAE@XZ
?Resize_SavePlacement@@YGXPAUHWND__@@PBD@Z
?Resize_UpdateWndRect@@YG_NPAUHWND__@@I@Z
_Profile_GetProfile@4
?Resize_LoadPlacement@@YGXPAUHWND__@@PBDHH@Z
??0CDynArray@@QAE@HH@Z
?strltrim@@YGPADPAD@Z
?strrtrim@@YGPADPAD@Z
?GetString@CProfile@@QBEHPBD00PADI@Z
??0CProfile@@QAE@PBD_N@Z
_Profile_GetInt@16
_Profile_GetBoolean@16
?AddDialogHeader@@YG_NPAUHWND__@@PAUDialogHeader@@@Z
?InsertItem@CDynArray@@QAEPAXH@Z
?GetItemPtr@CDynArray@@QBEPAXH@Z
_Profile_GetAppName@0
?Infobox_Create@@YGPAUHWND__@@PAU1@PAUINFOBOX@@@Z
?GetInt@CProfile@@QBEHPBDH@Z
?GotoNextSection@CProfile@@QAE_NXZ
?MessageBoxPlus@@YAHPAUMSGBOXPLUSW@@ZZ
?SetWindowTextA@CWaitDialog@@QBEABV1@PBD@Z
?SetIcon@CWaitDialog@@QBEABV1@PAUHICON__@@@Z
?SetBarText@CWaitDialog@@QBEABV1@PBD@Z
?AlignControls@@YAXPAUHWND__@@W4ALIGN_WAY@@HHZZ
_FitToScreen@16
MakeFullPathName
?TextScroller@@YGXPAUHWND__@@_N@Z

kernel32

GetNumberFormatA
GetLocaleInfoA
lstrcpynA
MoveFileA
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryW
WideCharToMultiByte
GetModuleHandleA
CreateThread
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
GlobalFree
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
GetTickCount
GetLastError
CreateMutexA
ExpandEnvironmentStringsW
CreateProcessW
IsBadStringPtrA
_lread
_lclose
_lopen
ReadFile
GetFileSize
ReleaseMutex
FileTimeToSystemTime
GetFileTime
GetTimeFormatA
GetDateFormatA
GetLocalTime
GetCurrentThreadId
GetCurrentProcess
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA
LocalFree
GetShortPathNameA
SystemTimeToFileTime
GetVersionExA
CompareFileTime
GetSystemTimeAsFileTime
SetFilePointer
IsBadWritePtr
IsBadReadPtr
LoadLibraryExW
GetProcAddress
FreeLibrary
lstrlenA
lstrcatA
MultiByteToWideChar
MulDiv
lstrcpyW
lstrcmpW
lstrcpynW
lstrlenW
lstrcpyA
GetPrivateProfileIntA
lstrcmpiA
GetPrivateProfileStringA
lstrcmpA
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
GetModuleFileNameW

user32

IsZoomed
GetSystemMetrics
WaitForInputIdle
FindWindowExW
InsertMenuItemA
FillRect
CreateWindowExA
GetWindowRect
SetWindowPos
GetWindowLongA
ShowWindow
DefWindowProcA
RegisterClassExA
IsRectEmpty
GetDC
CreateIconIndirect
ReleaseDC
LoadIconA
GetClassNameA
SetRect
OffsetRect
SetWindowRgn
RemoveMenu
SetMenuItemInfoA
GetWindowPlacement
ShowOwnedPopups
wsprintfW
GetMenuStringA
PostQuitMessage
DestroyIcon
RedrawWindow
GetCaretPos
wvsprintfA
SetClipboardViewer
IsClipboardFormatAvailable
AnimateWindow
GetMenuItemInfoA
IsWindow
UpdateLayeredWindow
SetTimer
ReleaseCapture
SetCapture
GetCapture
SendMessageA
GetParent
GetDlgCtrlID
KillTimer
InvalidateRect
CallWindowProcA
DrawTextA
LoadStringA
SetWindowLongA
GetDlgItem
LoadCursorA
GetClassInfoExA
DrawTextW
GetWindowTextW
CreateWindowExW
RegisterClassA
EndPaint
BeginPaint
SetRectEmpty
LoadImageA
wsprintfA
RegisterWindowMessageA
SetWindowTextA
GetWindowTextA
DrawTextExA
DrawTextExW
DrawFocusRect
GetKeyState
EnableMenuItem
CheckMenuItem
CheckMenuRadioItem
GetMenuState
GetMenuItemID
ClientToScreen
EndDialog
DialogBoxParamA
CheckDlgButton
EnableWindow
GetSysColor
AdjustWindowRect
SetWindowTextW
GetDialogBaseUnits
FindWindowExA
CreateAcceleratorTableA
IsWindowVisible
GetLastActivePopup
FindWindowA
UpdateWindow
CreateDialogParamW
DispatchMessageW
TranslateMessage
IsDialogMessageW
GetMessageW
IsWindowEnabled
GetAncestor
GetWindow
PostMessageW
GetWindowLongW
SetWindowLongW
GetDlgItemTextA
PeekMessageA
DispatchMessageA
MsgWaitForMultipleObjects
DestroyWindow
MapWindowPoints
GetClientRect
CreateDialogParamA
SetForegroundWindow
IsIconic
PostMessageA
SetCursorPos
GetCursorPos
SetWindowsHookExA
GetMessageA
TranslateAcceleratorA
CallNextHookEx
IsDialogMessageA
DrawIconEx
GetActiveWindow
SystemParametersInfoA
IsDlgButtonChecked
SetDlgItemInt
SetDlgItemTextA
SendDlgItemMessageA
ModifyMenuA
CreatePopupMenu
InsertMenuA
DestroyMenu
PtInRect
GetFocus
GetMenuItemCount
MoveWindow
LoadMenuA
DeleteMenu
AppendMenuA
GetSubMenu
ScreenToClient
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MessageBoxA
SetFocus
MessageBeep
OpenClipboard
GetClipboardData
GetNextDlgTabItem
CloseClipboard
GetWindowTextLengthA
SendMessageW
SetActiveWindow
SetCursor
GetDlgItemInt

gdi32

StartPage
ExtTextOutA
TextOutA
EndPage
EndDoc
RestoreDC
SaveDC
StartDocA
SetBkColor
CreateSolidBrush
GetTextExtentPoint32A
CreatePen
SetROP2
LineTo
GetDeviceCaps
CreateFontIndirectA
GetTextAlign
SetTextAlign
MoveToEx
GetTextExtentPoint32W
GetCurrentPositionEx
TextOutW
GetStockObject
CreateRectRgn
SetTextColor
SetBkMode
GetTextMetricsA
PtInRegion
CreateDIBSection
CreateBitmap
SetPixel
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
BitBlt
DeleteDC
GetObjectA
ExtCreateRegion
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgExA

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegDeleteValueA
RegQueryInfoKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
ShellExecuteExW
DragQueryFileA
DragFinish
ShellExecuteW
ExtractIconExA
ShellExecuteExA
SHGetFolderPathA

shlwapi

PathAddExtensionA
StrCatBuffA
PathMatchSpecA
StrChrA
PathStripPathA
StrFormatByteSizeA
PathIsURLW
StrCSpnA
StrToIntExA
StrFromTimeIntervalA
wnsprintfA
PathRemoveArgsW
PathIsURLA
StrDupA
StrFormatByteSize64A
PathGetArgsA
PathRemoveArgsA
SHDeleteKeyA
StrStrIA
StrStrW
StrStrA
StrChrW
StrTrimA
PathFindFileNameA
AssocQueryStringA
SHSetValueA
SHGetValueA
PathRemoveExtensionA
PathRemoveFileSpecW
PathAppendW
PathCombineA
PathRenameExtensionA
PathRemoveFileSpecA
PathFileExistsA
PathAppendA

ole32

CoCreateInstance
CoTaskMemFree
StgCreateDocfile
CoUninitialize
CoInitialize
CoTaskMemAlloc

bvrpnac

InitNAC
SetCallBackEvent
SetCallBackFolder
GetFolder
GetEvent
nac_cancelled
SetEventStatus
CloseNAC
CreateNewFileName
NewEvent
AbortCreateNewFileName
nac_recus
nac_fNig
GetDocPath
NewFolder
RenameFolder
DeleteFolder
CopyFolder
MoveFolder
EnumFolder
CopyEvent
MoveEvent
GetEventEx
EnumEvent
BeginGetEventEx
EndGetEventEx
SetEventActive
EditEvent
DeleteEvent

liveupdateclienttools

?LiveUpdateMessage@@YGIPBDPAUHWND__@@II@Z
?LiveUpdateErrorMessage@@YGXPAUHWND__@@K@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKI@Z
?GetLUConfig@@YGXPBDPAH11@Z
?LiveUpdateLauncher@@YGHPBD@Z
?IsLiveUpdateNeeded@@YGIPBDPAKPAUHWND__@@I@Z
?LiveUpdate@@YGHPBDPAUHWND__@@PAKKIP6GHKKKKKU_SYSTEMTIME@@PAX@Z4@Z
?LiveUpdateConfiguration@@YGHPBDPAUHWND__@@PAK@Z
?IsLiveUpdateInProgress@@YGHPAUHWND__@@@Z

modexch

ord4
ord6
ord5

pbkuser

__InitializePbkUserEx@8
ord2
ord4
ord3

rascnxmngr

_RasCM_EnumConnections@12
_RasCM_ViewConnections@12
_RasCM_GetConnectionIcon@4
_RasCM_Connection@12
_RasCM_Uninit@4
_RasCM_Disconnect@4
_RasCM_GetConnectionStatistics@8
_RasCM_ViewLog@12
_RasCM_InitEx@12
_RasCM_SetModemInfos@8
_RasCM_Disconnection@8
_RasCM_GetDefaultConnection@4
_RasCM_ConnectionWizard@12
_RasCM_SetDefaultConnection@12
_RasCM_SetConnectionCustomInfo@16

wfp1n

ord28
ord196
ord101
ord120
ord114
ord85
ord11
ord10
ord121
ord175
ord174
ord25

newui

?GlobalSubclassDialog@@YGXXZ
?SetBorderXP@@YGXPAUHWND__@@@Z
?SetBorderXP@@YGXPAUHWND__@@PBGK@Z
?LoadPNG@@YGPAUHBITMAP__@@PBD@Z
?LoadColorScheme@@YG_NPBDK@Z
?nuiCreateInstance@@YGPAXABU_GUID@@@Z
?LoadPNGFromResource@@YGPAUHBITMAP__@@PAUHINSTANCE__@@PBG@Z

modemwiz

?RefreshPNP@@YGHPAUHWND__@@K@Z
?PlugModemWizard@@YGHPAUHWND__@@PAUPMWIZARD@@K@Z

aboutn

ord1

wunpacln

ord2

msvcp60

?_Xran@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB

msvcrt

__p___argc
__p___argv
fprintf
free
fopen
fputs
fclose
_ftol
strtod
sprintf
malloc
strncpy
??2@YAPAXI@Z
wcspbrk
iswspace
wcschr
wcstol
_ismbcspace
__CxxFrameHandler
strtoul
strtol
wcslen
_except_handler3
_winminor
_winmajor
memset
strtok
strchr
realloc
_snprintf
strlen
memcpy
memmove
abs
strcpy
strcat
toupper
atol
_mbsnbcpy
_mbschr
time
_mbsrchr
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_mbstok
gmtime
atoi

setupapi

CM_Get_Parent
SetupDiCreateDeviceInfoList
CM_Get_Child
CM_Get_Device_IDA
SetupDiOpenDeviceInfoA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
CM_Get_Sibling

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

winmm

PlaySoundA

ws2_32

htons

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
wfcomrc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/Drivers.cab
.cab
drivers.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91
Signer

Actual PE Digest

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/PTUMWBUS.inf
$TEMP/DGPTUMW/PTUMWCDF.inf
$TEMP/DGPTUMW/PTUMWCSP.INF
$TEMP/DGPTUMW/PTUMWMDM.inf
$TEMP/DGPTUMW/PTUMWNET.inf
$TEMP/DGPTUMW/PTUMWNSP.INF
$TEMP/DGPTUMW/PTUMWVSP.INF
$TEMP/DGPTUMW/Setup.exe
.exe windows:4 windows x86 arch:x86

44e10d0057a430f7aebde91deb548c53

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45
Signer

Actual PE Digest

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
DuplicateHandle
GetVolumeInformationA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
HeapFree
RtlUnwind
HeapAlloc
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
SetEndOfFile
ExitThread
CreateThread
HeapSize
GetACP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
InterlockedDecrement
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateEventA
WriteFile
ReadFile
SetEvent
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetCurrentProcess
SetFileAttributesA
GetSystemInfo
TerminateProcess
OpenProcess
CompareStringW
GetVersion
MultiByteToWideChar
InterlockedExchange
GetSystemDefaultLangID
OpenMutexA
GetTickCount
CreateMutexA
GetModuleFileNameA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetDiskFreeSpaceA
CopyFileA
MoveFileExA
GetVersionExA
GetTempPathA
Sleep
MulDiv
GetWindowsDirectoryA
GetPrivateProfileStringA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
CompareStringA
CreateDirectoryA
FindFirstFileA
FindClose
CreateProcessA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
RaiseException
SizeofResource

user32

CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CopyAcceleratorTableA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SendMessageA
ShowScrollBar
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IsRectEmpty
SetRect
InvalidateRect
PostThreadMessageA
RegisterClipboardFormatA
GetClassLongA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
CallNextHookEx
InvalidateRgn
MessageBoxA
DrawIcon
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
CharUpperA
ExitWindowsEx
PostMessageA
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
IsWindowEnabled
GetLastActivePopup
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetParent
GetWindowLongA

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
RectVisible
Escape
ExtTextOutA
CreateSolidBrush
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteValueA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode
CM_Locate_DevNodeA
SetupDiOpenDevRegKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/Setup64.exe
.exe windows:4 windows x64 arch:x64

8c803c668877880bc64f87c5dadd47c4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:7b:8c:f4:0e:40:81:63:8b:48:e9:da:3a:2a:16:49:fc:24:c0:f8
Signer

Actual PE Digest

52:7b:8c:f4:0e:40:81:63:8b:48:e9:da:3a:2a:16:49:fc:24:c0:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVolumeInformationA
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
HeapFree
RtlUnwindEx
HeapAlloc
RtlLookupFunctionEntry
ExitProcess
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapSize
DuplicateHandle
IsValidCodePage
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
LCMapStringA
LCMapStringW
HeapSetInformation
HeapCreate
RtlVirtualUnwind
GetStringTypeA
GetStringTypeW
GetStdHandle
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
GetModuleFileNameW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetCurrentProcessId
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
CreateEventA
WriteFile
ReadFile
SetEvent
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetCurrentProcess
SetFileAttributesA
GetSystemInfo
TerminateProcess
OpenProcess
CompareStringW
GetVersion
MultiByteToWideChar
GetSystemDefaultLangID
OpenMutexA
GetTickCount
CreateMutexA
GetModuleFileNameA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
DeviceIoControl
GetModuleHandleA
GetDiskFreeSpaceA
CopyFileA
MoveFileExA
GetVersionExA
GetTempPathA
Sleep
MulDiv
GetWindowsDirectoryA
GetPrivateProfileStringA
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
CompareStringA
FindFirstFileA
CreateDirectoryA
FindClose
CreateProcessA
WaitForSingleObject
CloseHandle
GetSystemDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
GetACP
SizeofResource

user32

CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassNameA
CopyAcceleratorTableA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SendMessageA
ShowScrollBar
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
PostThreadMessageA
RegisterClipboardFormatA
GetClassLongPtrA
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
GetClassLongA
IsRectEmpty
MessageBoxA
DrawIcon
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
CharUpperA
ExitWindowsEx
PostMessageA
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
IsWindowEnabled
GetLastActivePopup
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
GetWindowLongA
GetParent

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible
SelectObject
Escape
ExtTextOutA
CreateSolidBrush
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
CreateFontIndirectA
GetDeviceCaps
DeleteDC
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
SHDeleteValueA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
CM_Reenumerate_DevNode
CM_Locate_DevNodeA
SetupDiOpenDevRegKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/UnInstall.exe
.exe windows:4 windows x86 arch:x86

9f4048e0f9cc8fd046bb81435de7007b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

48:94:90:82:30:f9:e8:04:a8:f8:3c:9e:0e:71:02:bb:f5:5e:c0:4f
Signer

Actual PE Digest

48:94:90:82:30:f9:e8:04:a8:f8:3c:9e:0e:71:02:bb:f5:5e:c0:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
GetVolumeInformationA
HeapSize
GetACP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
GetTickCount
GetExitCodeThread
TerminateThread
PurgeComm
ResetEvent
WriteFile
WaitCommEvent
ReadFile
GetOverlappedResult
SetEvent
GetCommTimeouts
SetCommTimeouts
SetCommMask
SetupComm
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
TerminateProcess
WaitForSingleObject
GetCurrentProcess
GetModuleHandleA
FindClose
GetSystemDefaultLangID
OpenMutexA
CreateMutexA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
Sleep
DeviceIoControl
CopyFileA
MoveFileExA
CreateProcessA
CloseHandle
GetVersionExA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetTempPathA
GetModuleFileNameA
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetPrivateProfileStringA
FindFirstFileA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
GetLastError
LocalFree
LocalAlloc
CreateThread
lstrlenA

user32

InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
PostThreadMessageA
RegisterClipboardFormatA
IsChild
MessageBeep
SendDlgItemMessageA
GetNextDlgGroupItem
CharUpperA
MessageBoxA
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
RectVisible
SelectObject
Escape
ExtTextOutA
DeleteDC
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
GetObjectA
CreateFontIndirectA
CreateSolidBrush
GetDeviceCaps
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

shell32

SHFileOperationA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
SetupDiCallClassInstaller

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/UnInstall64.exe
.exe windows:4 windows x64 arch:x64

7be5b14f7194f062d01c9d7393603aca

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

49:fb:10:ee:ea:5f:12:c6:ae:11:2c:39:34:3f:02:83:39:49:f1:1b
Signer

Actual PE Digest

49:fb:10:ee:ea:5f:12:c6:ae:11:2c:39:34:3f:02:83:39:49:f1:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
GetFileAttributesA
GetFileTime
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualQuery
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapSize
GetACP
LeaveCriticalSection
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
GetStdHandle
HeapSetInformation
HeapCreate
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GetModuleFileNameW
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
FreeResource
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
GetTickCount
GetExitCodeThread
TerminateThread
PurgeComm
ResetEvent
WriteFile
WaitCommEvent
ReadFile
GetOverlappedResult
SetEvent
GetCommTimeouts
SetCommTimeouts
SetCommMask
SetupComm
FindNextFileA
RemoveDirectoryA
DeleteFileA
GetSystemInfo
TerminateProcess
WaitForSingleObject
GetCurrentProcess
GetModuleHandleA
FindClose
GetSystemDefaultLangID
OpenMutexA
CreateMutexA
GetFullPathNameA
GetLogicalDriveStringsA
CreateFileA
Sleep
DeviceIoControl
CopyFileA
MoveFileExA
CreateProcessA
CloseHandle
GetVersionExA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
GetTempPathA
GetModuleFileNameA
MulDiv
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
FindFirstFileA
GetPrivateProfileStringA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
GetLastError
LocalFree
LocalAlloc
IsValidCodePage
lstrlenA

user32

IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
UnregisterClassA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowThreadProcessId
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
EnableWindow
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CopyRect
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
PostThreadMessageA
RegisterClipboardFormatA
GetCapture
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
IsChild
SetRect
CharUpperA
MessageBoxA
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
IsIconic
GetClientRect
LoadIconA
GetSystemMetrics
FillRect
RedrawWindow
GetSysColor
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
EndDialog
GetNextDlgTabItem
GetParent
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
ModifyMenuA

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
RectVisible
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
DeleteDC
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetStockObject
GetObjectA
CreateFontIndirectA
CreateSolidBrush
GetDeviceCaps
TextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

shell32

SHFileOperationA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

setupapi

SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDeleteDeviceInfo
SetupDiRemoveDevice
SetupDiCallClassInstaller

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/DIFxAPI.dll
.dll windows:6 windows x64 arch:x64

ceb920209f99ac3a5c67dbf30edbb1c2

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f4:69:b9:5c:65:18:8a:12:ea:59:04:15:58:02:b6:44:82:7e:6d:08
Signer

Actual PE Digest

f4:69:b9:5c:65:18:8a:12:ea:59:04:15:58:02:b6:44:82:7e:6d:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

DIFXAPI.pdb

Imports

msvcrt

mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
memmove
memcpy
??1type_info@@UEAA@XZ
_amsg_exit
_initterm
_XcptFilter
__C_specific_handler
__dllonexit
_wcsupr
_wcslwr
_errno
__CxxFrameHandler
_unlock
iswdigit
iswalpha
_isatty
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
_vscwprintf
??3@YAXPEAX@Z
_onexit
_lock
_wcsnicmp
wcsrchr
wcspbrk
wcschr
??2@YAPEAX_K@Z
_CxxThrowException
wcsstr
_wcsicmp
??_U@YAPEAX_K@Z
_vsnwprintf
_resetstkoflw
malloc
free
??_V@YAXPEAX@Z
memset
memcmp

ntdll

RtlNtStatusToDosError
VerSetConditionMask
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

kernel32

WaitForMultipleObjects
GetThreadLocale
SetEndOfFile
SetFilePointer
CreateEventW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
GetVersionExA
RaiseException
VirtualProtect
Sleep
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
GetSystemTimeAsFileTime
DeviceIoControl
GetSystemDirectoryW
LocalReAlloc
LocalAlloc
GetEnvironmentVariableW
RemoveDirectoryW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
CloseHandle
CreateFileW
MoveFileExW
GetSystemWindowsDirectoryW
EnterCriticalSection
HeapReAlloc
HeapAlloc
HeapFree
DeleteCriticalSection
OutputDebugStringA
InitializeCriticalSection
HeapDestroy
LeaveCriticalSection
GetLastError
FindResourceW
lstrcmpiW
SizeofResource
LockResource
LoadResource
FindResourceExW
VerifyVersionInfoW
lstrlenW
SetFileAttributesW
DeleteFileW
SetLastError
LoadLibraryW
GetVersionExW
GetProcAddress
FreeLibrary
GetFileSize
CreateFileMappingW
MapViewOfFile
MultiByteToWideChar
UnmapViewOfFile
WideCharToMultiByte
CompareStringW
LocalFree
GetFullPathNameW
GetFileAttributesW
CreateDirectoryW
CopyFileW
GetTempFileNameW
SetEvent

user32

CharLowerW
UnregisterClassA
CharPrevW

setupapi

pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupDiClassNameFromGuidW
SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdW
SetupDiOpenDevRegKey
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiSetClassInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
CM_Get_Device_IDW
SetupDiSetDeviceRegistryPropertyW
CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW
CM_Get_DevNode_Status
CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
SetupDiGetDeviceRegistryPropertyW
SetupDiEnumDeviceInfo
CM_Enumerate_Classes
SetupDiOpenClassRegKey
SetupGetTargetPathW
SetupInstallFromInfSectionW
SetupDiGetClassDevsW
SetupPromptReboot
SetupDiDestroyDeviceInfoList
SetupInstallFilesFromInfSectionW
SetupDefaultQueueCallbackW
SetupFindFirstLineW
SetupCommitFileQueueW
SetupQueueCopyW
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupCopyOEMInfW
SetupInstallServicesFromInfSectionW
SetupOpenInfFileW
SetupCloseInfFile
SetupFindNextLine
SetupFindNextMatchLineW
SetupGetStringFieldW
SetupGetIntField
SetupGetFieldCount
SetupDiGetActualSectionToInstallW
SetupOpenFileQueue
SetupGetLineCountW
SetupCloseFileQueue
SetupOpenAppendInfFileW

advapi32

FreeSid
RegCloseKey
AllocateAndInitializeSid
CheckTokenMembership
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetEntriesInAclW
QueryServiceStatus
OpenSCManagerW
OpenServiceW
ControlService
StartServiceW
DeleteService
CloseServiceHandle

ole32

CoInitialize
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CoUninitialize

wintrust

WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

crypt32

CertFreeCertificateContext
CertFreeCTLContext
CertGetCTLContextProperty
CryptQueryObject

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWBus.sys
.sys windows:5 windows x64 arch:x64

e7d26bc0fc9bfbee01e9d7b95a7f9a6e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:24:a1:e8:40:32:a0:3d:77:b8:3b:2e:9d:92:fe:43:c5:a5:db:28
Signer

Actual PE Digest

82:24:a1:e8:40:32:a0:3d:77:b8:3b:2e:9d:92:fe:43:c5:a5:db:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\MssBus\ccgp\objfre_wnet_AMD64\amd64\PTUMWBus.pdb

Imports

ntoskrnl.exe

DbgPrint
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
RtlQueryRegistryValues
ExFreePool
KeInitializeEvent
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
IoCreateDevice
IofCallDriver
IofCompleteRequest
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
KeWaitForSingleObject
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
IoDeleteDevice
IoSetDeviceInterfaceState
IoInvalidateDeviceRelations
ObfReferenceObject
PoCallDriver
PoRequestPowerIrp
IoCancelIrp
KeSetEvent
swprintf
IoReleaseCancelSpinLock
RtlCompareMemory
IoDetachDevice
IoBuildDeviceIoControlRequest
ZwClose
ZwSetValueKey
IoOpenDeviceRegistryKey
RtlInitUnicodeString
ZwQueryValueKey
strncmp
IoGetCurrentProcess
ZwOpenKey
strlen
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
PsGetVersion

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWCDF.sys
.sys windows:5 windows x64 arch:x64

5cb4f7505d6fde1fc25366e0b2c226eb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:48:65:86:77:76:38:bd:4d:be:f8:fa:04:52:b2:bb:0d:34:e6:89
Signer

Actual PE Digest

81:48:65:86:77:76:38:bd:4d:be:f8:fa:04:52:b2:bb:0d:34:e6:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGCDFREE\objfre_wnet_AMD64\amd64\PTUMWCDF.pdb

Imports

ntoskrnl.exe

KeWaitForSingleObject
IofCallDriver
IoBuildDeviceIoControlRequest
KeInitializeEvent
ExFreePool
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
KeSetEvent
IofCompleteRequest
IoCancelIrp
__C_specific_handler
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
IoDetachDevice
IoRegisterDeviceInterface
IoFreeWorkItem
IoAttachDeviceToDeviceStack
PoSetPowerState
IoDeleteDevice
IoAllocateWorkItem
IoCreateDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
MmMapLockedPagesSpecifyCache
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeClearEvent
KeAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
PoRequestPowerIrp
ObfDereferenceObject
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
RtlFreeUnicodeString
IoSetDeviceInterfaceState
KeDelayExecutionThread
PoStartNextPowerIrp
PoCallDriver
IoQueueWorkItem
KeGetCurrentIrql
PsTerminateSystemThread
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
ObReferenceObjectByHandle
PsCreateSystemThread
PsGetVersion

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 640B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWCSP.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

db:e4:7f:20:1c:04:64:d8:93:2e:f1:e3:36:1c:4a:4f:0a:5a:d4:6e
Signer

Actual PE Digest

db:e4:7f:20:1c:04:64:d8:93:2e:f1:e3:36:1c:4a:4f:0a:5a:d4:6e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWCSP.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWFLT.sys
.sys windows:5 windows x64 arch:x64

4d60b33a663134a92bbb8c456e3f229d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:04:b8:71:f0:45:9c:d5:36:18:e5:45:da:36:ae:b8:dc:6e:ac:b2
Signer

Actual PE Digest

3d:04:b8:71:f0:45:9c:d5:36:18:e5:45:da:36:ae:b8:dc:6e:ac:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WWANFLT\driver\objfre_wnet_AMD64\amd64\PTUMWFLT.pdb

Imports

ntoskrnl.exe

ExFreePool
RtlCopyMemory
RtlZeroMemory
ExAllocatePoolWithTag
KeSetEvent
KeWaitForSingleObject
IofCallDriver
KeInitializeEvent
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
ObfDereferenceObject
IoGetAttachedDeviceReference
IoIsWdmVersionAvailable
IofCompleteRequest
DbgPrint
IoDetachDevice
PoCallDriver
PoStartNextPowerIrp
RtlCopyUnicodeString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 256B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 640B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWMdm.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:d0:c8:16:a2:bb:e3:39:45:ef:8d:0f:4a:88:65:7e:16:84:f0:0c
Signer

Actual PE Digest

51:d0:c8:16:a2:bb:e3:39:45:ef:8d:0f:4a:88:65:7e:16:84:f0:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWMdm.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWNET.sys
.sys windows:5 windows x64 arch:x64

da1d33725c81da360226d09cbfa47dec

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:a7:26:d2:74:04:67:d4:ec:2e:4c:5b:bc:f6:a3:9c:24:ab:30:2a
Signer

Actual PE Digest

3b:a7:26:d2:74:04:67:d4:ec:2e:4c:5b:bc:f6:a3:9c:24:ab:30:2a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WLAN\objfre_wnet_AMD64\amd64\PTUMWNET.pdb

Imports

ntoskrnl.exe

RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlZeroMemory
ExAllocatePoolWithTag
IoIsWdmVersionAvailable
RtlCopyUnicodeString
IofCompleteRequest
KeWaitForSingleObject
KeSetEvent
KeResetEvent
ObfReferenceObject
IoInitializeIrp
KeInitializeEvent
KeInitializeMutex
ObfDereferenceObject
KeReleaseMutex
KeDelayExecutionThread
KeReadStateEvent
RtlAppendUnicodeStringToString
RtlCompareMemory
ZwOpenKey
IofCallDriver
MmGetSystemRoutineAddress
DbgBreakPoint
KeCancelTimer
IoFreeIrp
KeInitializeTimer
KeSetTimer
ZwClose
IoOpenDeviceRegistryKey
ZwSetValueKey
ZwQueryValueKey
ObReferenceObjectByName
IoDriverObjectType
strncmp
RtlFreeUnicodeString
RtlIntegerToUnicodeString
ExFreePoolWithTag
IoCreateDevice
RtlInitUnicodeString
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoDeleteDevice
PsGetVersion
IoCancelIrp
RtlCopyMemory
ExQueryDepthSList
ExpInterlockedPushEntrySList
ExpInterlockedPopEntrySList
MmMapLockedPagesSpecifyCache
IoFreeMdl
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
_local_unwind
RtlFillMemory
MmMapLockedPages
RtlMoveMemory
IoAllocateIrp
__C_specific_handler
IoGetCurrentProcess
KeAcquireSpinLockRaiseToDpc
KeGetCurrentIrql
DbgPrint
KeReleaseSpinLock
RtlUnicodeToMultiByteN

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

ndis.sys

NdisMGetDeviceProperty
NdisMDeregisterAdapterShutdownHandler
NdisMSetAttributesEx
NdisOpenConfiguration
NdisReadNetworkAddress
NdisCloseConfiguration
NdisMRegisterAdapterShutdownHandler
NdisInitializeTimer
NdisCancelTimer
NdisInitializeWrapper
NdisMRegisterMiniport
NdisTerminateWrapper
NdisScheduleWorkItem
NdisFreeBufferPool
NdisAllocatePacketPoolEx
NdisAllocateBufferPool
NdisFreePacketPool
NdisAllocatePacket
NdisAllocateBuffer
NdisFreePacket
NdisSetEvent
NdisAllocateMemoryWithTag
NdisFreeMemory
NdisWaitEvent
NdisInitializeEvent
NdisSetTimer

Exports

Exports

GetDriverObject

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 79B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWNSP.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:8d:dd:78:ec:02:b9:6c:c0:2f:af:cb:f3:a8:62:37:b6:ad:b2:02
Signer

Actual PE Digest

20:8d:dd:78:ec:02:b9:6c:c0:2f:af:cb:f3:a8:62:37:b6:ad:b2:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWNSP.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/PTUMWVsp.sys
.sys windows:5 windows x64 arch:x64

252ca1dbda6dc031032373b345b38772

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3e:62:44:d5:6a:ad:04:ad:f7:fd:bd:6c:d4:4e:4e:04:b9:80:77:1b
Signer

Actual PE Digest

3e:62:44:d5:6a:ad:04:ad:f7:fd:bd:6c:d4:4e:4e:04:b9:80:77:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_AMD64\amd64\PTUMWVsp.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
IofCallDriver
IoAllocateIrp
KeInitializeEvent
IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeWaitForMultipleObjects
__C_specific_handler
IoQueueWorkItem
KeInitializeDpc
KeRemoveQueueDpc
RtlZeroMemory
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
RtlCopyMemory
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeGetCurrentIrql
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
RtlFillMemory
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoDeleteDevice
IoDetachDevice
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
RtlMoveMemory
KeLowerIrql
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

GetDriverObject
MakeHextoString

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 128B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/amd64/ptumwcit.dll
.dll windows:6 windows x64 arch:x64

d6b435b87f63d366712b4b9f28e182ff

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

24:9d:94:1b:cf:df:57:6c:3a:dc:92:6a:10:70:44:25
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/06/2009, 00:00

Not After

13/07/2010, 23:59

Subject

CN=DEVGURU CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Team,O=DEVGURU CO LTD,L=Seocho-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4a:f8:4d:4e:b6:04:9e:a5:40:28:24:3b:b9:78:75:91:18:eb:4c:49
Signer

Actual PE Digest

4a:f8:4d:4e:b6:04:9e:a5:40:28:24:3b:b9:78:75:91:18:eb:4c:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\project\workings\pantech\px5000_px800_umw190_um185\trunk\app\net_coinst\coinst\objfre_wlh_amd64\amd64\ptumwcit.pdb

Imports

msvcrt

_XcptFilter
__C_specific_handler
_amsg_exit
free
_initterm
malloc

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
SetUnhandledExceptionFilter

Exports

Exports

DGCoInstaller

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/DIFxAPI.dll
.dll windows:6 windows x86 arch:x86

c8bb176aa316a8a34b7e7e1439c67e13

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11/10/2005, 21:55

Not After

26/04/2010, 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:10:c3:52:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/10/2005, 23:24

Not After

11/01/2007, 23:34

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

26:98:6b:1f:23:b8:07:df:c1:05:57:1b:9c:b8:b1:59:1a:1f:7c:a1
Signer

Actual PE Digest

26:98:6b:1f:23:b8:07:df:c1:05:57:1b:9c:b8:b1:59:1a:1f:7c:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DIFXAPI.pdb

Imports

ntdll

RtlUnwind
RtlNtStatusToDosError
VerSetConditionMask

kernel32

VerifyVersionInfoW
GetVersionExW
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryW
DeleteFileW
SetFileAttributesW
GetEnvironmentVariableW
CompareStringW
GetFileAttributesW
MoveFileExW
GetTempFileNameW
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CreateFileW
GetSystemWindowsDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameW
CopyFileW
LocalFree
RemoveDirectoryW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
CreateDirectoryW
LocalReAlloc
LocalAlloc
GetProcessHeap
ReleaseMutex
GetSystemDirectoryW
DeviceIoControl
WaitForSingleObject
CreateMutexW
GetSystemTimeAsFileTime
Sleep
RaiseException
GetVersionExA
HeapSize
GetCommandLineA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
ExitProcess
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
GetThreadLocale
WaitForMultipleObjects
InterlockedCompareExchange
SetEvent
CreateEventW
SetEndOfFile
SetLastError
InterlockedExchange
lstrcmpiW
InterlockedDecrement
GetLastError
InterlockedIncrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
HeapFree
HeapReAlloc
EnterCriticalSection
HeapAlloc
LeaveCriticalSection
HeapDestroy
GetModuleHandleW
DeleteCriticalSection
GetModuleFileNameA
OutputDebugStringA
HeapCreate
InitializeCriticalSection
TlsGetValue

user32

UnregisterClassA
CharLowerW
CharPrevW

setupapi

CM_Query_And_Remove_SubTreeW
SetupDiSetDeviceRegistryPropertyW
SetupQueueCopyIndirectW
SetupDiCallClassInstaller
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetSelectedDevice
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiGetDeviceInstanceIdW
SetupDiCreateDeviceInfoList
SetupDiGetDriverInfoDetailW
SetupDiGetSelectedDriverW
SetupDiSetClassInstallParamsW
SetupDiClassNameFromGuidW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Locate_DevNodeW
CM_Get_DevNode_Status
CM_Setup_DevNode
SetupDiGetDeviceRegistryPropertyW
SetupGetTargetPathW
SetupInstallFilesFromInfSectionW
SetupPromptReboot
SetupInstallFromInfSectionW
SetupInstallServicesFromInfSectionW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupOpenFileQueue
SetupCommitFileQueueW
SetupQueueCopyW
SetupCloseFileQueue
SetupGetLineCountW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetFieldCount
SetupGetIntField
CM_Enumerate_Classes
SetupDiEnumDeviceInfo
SetupInitDefaultQueueCallbackEx
SetupDefaultQueueCallbackW
SetupDiGetClassDevsW
SetupDiOpenClassRegKey
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
SetupGetStringFieldW
pSetupGetGlobalFlags
pSetupSetGlobalFlags
SetupOpenAppendInfFileW
SetupCopyOEMInfW
SetupTermDefaultQueueCallback

advapi32

FreeSid
CheckTokenMembership
AllocateAndInitializeSid
RegDeleteKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
SetEntriesInAclW
QueryServiceStatus
DeleteService
ControlService
CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceW
RegCloseKey

ole32

StringFromCLSID
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

wintrust

CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust

crypt32

CertFreeCertificateContext
CertGetCTLContextProperty
CryptQueryObject
CertFreeCTLContext

Exports

Exports

DIFXAPISetLogCallbackA
DIFXAPISetLogCallbackW
DriverPackageGetPathA
DriverPackageGetPathW
DriverPackageInstallA
DriverPackageInstallW
DriverPackagePreinstallA
DriverPackagePreinstallW
DriverPackageUninstallA
DriverPackageUninstallW
SetDifxLogCallbackA
SetDifxLogCallbackW

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWBus.sys
.sys windows:5 windows x86 arch:x86

9cbcba194ab7c64647d495f5bde8d87c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:d8:73:c1:38:7a:8f:ab:fd:60:76:a6:f0:ef:f0:63:af:5b:8d:ef
Signer

Actual PE Digest

fc:d8:73:c1:38:7a:8f:ab:fd:60:76:a6:f0:ef:f0:63:af:5b:8d:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\MssBus\ccgp\objfre_wnet_x86\i386\PTUMWBus.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
RtlQueryRegistryValues
ExFreePool
KeInitializeEvent
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
memset
IoCreateDevice
IofCallDriver
IofCompleteRequest
PoStartNextPowerIrp
IoFreeIrp
IoAllocateIrp
KeWaitForSingleObject
memcpy
IoRegisterDeviceInterface
IoDeleteDevice
IoSetDeviceInterfaceState
IoInvalidateDeviceRelations
ObfReferenceObject
PoCallDriver
PoRequestPowerIrp
IoCancelIrp
KeSetEvent
swprintf
IoReleaseCancelSpinLock
InterlockedExchange
RtlCompareMemory
IoDetachDevice
IoBuildDeviceIoControlRequest
InterlockedIncrement
InterlockedDecrement
ZwClose
ZwSetValueKey
IoOpenDeviceRegistryKey
RtlInitUnicodeString
ZwQueryValueKey
strncmp
strlen
IoGetCurrentProcess
ZwOpenKey
KeTickCount
KeBugCheckEx
DbgPrint
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
PsGetVersion

hal

KfReleaseSpinLock
KfAcquireSpinLock

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 384B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWCDF.sys
.sys windows:5 windows x86 arch:x86

55bf1df966eeb71a4c5e901ed223becf

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:d6:aa:24:c0:9a:4e:18:aa:ba:20:32:bc:e4:78:71:cb:72:4c:70
Signer

Actual PE Digest

88:d6:aa:24:c0:9a:4e:18:aa:ba:20:32:bc:e4:78:71:cb:72:4c:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGCDFREE\objfre_wnet_x86\i386\PTUMWCDF.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
KeSetEvent
IofCompleteRequest
IoCancelIrp
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
IoDeleteDevice
IoFreeWorkItem
IoDetachDevice
IoRegisterDeviceInterface
IoAttachDeviceToDeviceStack
PoSetPowerState
IoAllocateWorkItem
IoCreateDevice
InterlockedDecrement
ExFreePool
IoIsWdmVersionAvailable
RtlCopyUnicodeString
MmMapLockedPagesSpecifyCache
KeInitializeEvent
IoBuildDeviceIoControlRequest
InterlockedExchange
IofCallDriver
KeClearEvent
KefAcquireSpinLockAtDpcLevel
IoReleaseCancelSpinLock
KeInitializeSpinLock
PoRequestPowerIrp
ObfDereferenceObject
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
KeDelayExecutionThread
RtlFreeUnicodeString
IoSetDeviceInterfaceState
PoStartNextPowerIrp
PoCallDriver
IoQueueWorkItem
InterlockedIncrement
KeWaitForMultipleObjects
KeSetPriorityThread
KeGetCurrentThread
PsTerminateSystemThread
ObReferenceObjectByHandle
PsCreateSystemThread
KeTickCount
KeBugCheckEx
RtlUnwind
KeWaitForSingleObject
PsGetVersion

hal

KfAcquireSpinLock
KfReleaseSpinLock
KeGetCurrentIrql

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 640B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWCSP.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:ab:0d:82:ce:12:d8:85:91:67:6f:ec:3d:74:a2:6c:60:5b:23:b7
Signer

Actual PE Digest

c1:ab:0d:82:ce:12:d8:85:91:67:6f:ec:3d:74:a2:6c:60:5b:23:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWCSP.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWFLT.sys
.sys windows:5 windows x86 arch:x86

2927b2275285cabfd2e57ee44bfb11bb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:df:0f:27:8b:b9:0b:0c:38:c7:72:c0:23:aa:bb:54:38:af:bb:a7
Signer

Actual PE Digest

99:df:0f:27:8b:b9:0b:0c:38:c7:72:c0:23:aa:bb:54:38:af:bb:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WWANFLT\driver\objfre_wnet_x86\i386\PTUMWFLT.pdb

Imports

ntoskrnl.exe

ExFreePool
ExAllocatePoolWithTag
KeSetEvent
KeWaitForSingleObject
IofCallDriver
KeInitializeEvent
InterlockedDecrement
IoDeleteDevice
IoAttachDeviceToDeviceStack
IoCreateDevice
ObfDereferenceObject
IoGetAttachedDeviceReference
IoIsWdmVersionAvailable
InterlockedIncrement
IofCompleteRequest
DbgPrint
IoDetachDevice
PoCallDriver
PoStartNextPowerIrp
RtlCopyUnicodeString
KeTickCount

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 261B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 640B - Virtual size: 626B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWMdm.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:96:59:43:7d:2a:46:82:c7:dc:ba:b8:83:0f:b8:4f:68:1c:f2:98
Signer

Actual PE Digest

d7:96:59:43:7d:2a:46:82:c7:dc:ba:b8:83:0f:b8:4f:68:1c:f2:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWMdm.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWNET.sys
.sys windows:5 windows x86 arch:x86

7dafef9f7a4310213fdac28fad7add09

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:8f:95:99:81:d0:d0:95:70:be:82:51:71:8f:3e:c3:26:6d:58:e8
Signer

Actual PE Digest

03:8f:95:99:81:d0:d0:95:70:be:82:51:71:8f:3e:c3:26:6d:58:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\WLAN\objfre_wnet_x86\i386\PTUMWNET.pdb

Imports

ntoskrnl.exe

IofCallDriver
MmGetSystemRoutineAddress
DbgBreakPoint
KeCancelTimer
IoFreeIrp
KeInitializeTimer
KeSetTimer
ZwClose
IoOpenDeviceRegistryKey
ZwQueryValueKey
ZwOpenKey
ObReferenceObjectByName
IoDriverObjectType
strncmp
KeTickCount
KeBugCheckEx
KeReadStateEvent
KeDelayExecutionThread
KeReleaseMutex
KeQuerySystemTime
RtlCompareMemory
ObfDereferenceObject
KeInitializeMutex
KeInitializeEvent
IoInitializeIrp
ObfReferenceObject
InterlockedExchange
KeResetEvent
KeSetEvent
KeWaitForSingleObject
IofCompleteRequest
KeInitializeSpinLock
RtlCopyUnicodeString
IoIsWdmVersionAvailable
ExAllocatePoolWithTag
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlAppendUnicodeStringToString
RtlFreeUnicodeString
ExFreePool
RtlIntegerToUnicodeString
IoCreateDevice
RtlInitUnicodeString
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoDeleteDevice
PsGetVersion
IoCancelIrp
ExInterlockedPushEntrySList
ExInterlockedPopEntrySList
MmMapLockedPagesSpecifyCache
ExDeleteNPagedLookasideList
ExInitializeNPagedLookasideList
_local_unwind2
_except_handler3
memmove
IoAllocateIrp
IoGetCurrentProcess
ZwSetValueKey
DbgPrint
RtlUnicodeToMultiByteN

hal

KfReleaseSpinLock
KfAcquireSpinLock
KeGetCurrentIrql

usbd.sys

USBD_CreateConfigurationRequestEx
USBD_ParseConfigurationDescriptorEx

ndis.sys

NdisMDeregisterAdapterShutdownHandler
NdisMSetAttributesEx
NdisOpenConfiguration
NdisReadNetworkAddress
NdisCloseConfiguration
NdisMRegisterAdapterShutdownHandler
NdisInitializeTimer
NdisCancelTimer
NdisInitializeWrapper
NdisMRegisterMiniport
NdisTerminateWrapper
NdisScheduleWorkItem
NdisAdjustBufferLength
NdisFreeBuffer
NdisFreeBufferPool
NdisAllocatePacketPoolEx
NdisMGetDeviceProperty
NdisFreePacketPool
NdisAllocatePacket
NdisAllocateBuffer
NdisFreePacket
NdisQueryBufferOffset
NDIS_BUFFER_TO_SPAN_PAGES
NdisSetEvent
NdisAllocateMemoryWithTag
NdisBufferVirtualAddress
NdisBufferLength
NdisFreeMemory
NdisAcquireSpinLock
NdisReleaseSpinLock
NdisWaitEvent
NdisFreeSpinLock
NdisAllocateSpinLock
NdisInitializeEvent
NdisInterlockedIncrement
NdisInterlockedDecrement
NdisAllocateBufferPool
NdisSetTimer

Exports

Exports

_GetDriverObject@4

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWNSP.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:7e:fd:bb:7a:b4:08:5c:47:c2:78:cb:8e:85:a4:a3:57:72:28:f1
Signer

Actual PE Digest

74:7e:fd:bb:7a:b4:08:5c:47:c2:78:cb:8e:85:a4:a3:57:72:28:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWNSP.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/PTUMWVsp.sys
.sys windows:5 windows x86 arch:x86

157bf221a267f6953850adfbcfda95c0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:58:fe:ea:d3:d7:34:dd:fa:62:e8:4b:22:6c:fb:23:b8:7f:48:b2
Signer

Actual PE Digest

43:58:fe:ea:d3:d7:34:dd:fa:62:e8:4b:22:6c:fb:23:b8:7f:48:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Project\Workings\PANTECH\PX5000_PX800_UMW190_UM185\trunk\drv\DGSerial\driver\objfre_wnet_x86\i386\PTUMWVsp.pdb

Imports

ntoskrnl.exe

IoCancelIrp
IoFreeIrp
KeSetTimer
ExFreePoolWithTag
PoRequestPowerIrp
IofCompleteRequest
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeInsertQueueDpc
IoReuseIrp
IoFreeWorkItem
IoAllocateIrp
IofCallDriver
KeWaitForMultipleObjects
IoQueueWorkItem
KeRemoveQueueDpc
KeInitializeDpc
ExAllocatePoolWithTag
IoAllocateWorkItem
KeCancelTimer
KeClearEvent
ZwClose
ZwQueryValueKey
ZwOpenKey
RtlInitUnicodeString
DbgPrint
KeWaitForSingleObject
IoGetCurrentProcess
IoCreateDevice
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
KeDelayExecutionThread
IoOpenDeviceRegistryKey
RtlDeleteRegistryValue
IoSetDeviceInterfaceState
IoRegisterDeviceInterface
IoDeleteSymbolicLink
IoCreateSymbolicLink
RtlIntegerToUnicodeString
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlWriteRegistryValue
wcslen
RtlCompareMemory
IoGetDeviceProperty
IoDeleteDevice
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
KeInitializeTimer
IoIsWdmVersionAvailable
RtlCopyUnicodeString
KeInitializeMutex
IoReleaseCancelSpinLock
ExAllocatePoolWithQuotaTag
memmove
KeQuerySystemTime
KeInitializeEvent
IoAcquireCancelSpinLock
ObfDereferenceObject
PoStartNextPowerIrp
PoCallDriver
strncmp
KeTickCount
KeBugCheckEx
KeSetEvent
RtlUnwind
ObReferenceObjectByName
PsGetVersion
IoDriverObjectType
RtlUnicodeToMultiByteN

hal

KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
KfLowerIrql

usbd.sys

USBD_ParseConfigurationDescriptorEx
USBD_CreateConfigurationRequestEx

wmilib.sys

WmiSystemControl

Exports

Exports

_GetDriverObject@4
_MakeHextoString@16

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 128B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/i386/ptumwcit.dll
.dll windows:6 windows x86 arch:x86

1b11fbe93323f636a2ae3876719cacca

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

24:9d:94:1b:cf:df:57:6c:3a:dc:92:6a:10:70:44:25
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/06/2009, 00:00

Not After

13/07/2010, 23:59

Subject

CN=DEVGURU CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Team,O=DEVGURU CO LTD,L=Seocho-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

52:d1:8e:99:1f:04:f9:f7:b9:77:53:3e:e7:f2:ad:a7:d7:b1:45:d7
Signer

Actual PE Digest

52:d1:8e:99:1f:04:f9:f7:b9:77:53:3e:e7:f2:ad:a7:d7:b1:45:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\workings\pantech\px5000_px800_umw190_um185\trunk\app\net_coinst\coinst\objfre_wlh_x86\i386\ptumwcit.pdb

Imports

msvcrt

_except_handler4_common
_XcptFilter
_adjust_fdiv
_amsg_exit
_initterm
free
malloc

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess

Exports

Exports

DGCoInstaller

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ia64/DIFxAPI.dll
$TEMP/DGPTUMW/ia64/PTUMWBus.sys
$TEMP/DGPTUMW/ia64/PTUMWCDF.sys
$TEMP/DGPTUMW/ia64/PTUMWCSP.sys
$TEMP/DGPTUMW/ia64/PTUMWFLT.sys
$TEMP/DGPTUMW/ia64/PTUMWMdm.sys
$TEMP/DGPTUMW/ia64/PTUMWNET.sys
$TEMP/DGPTUMW/ia64/PTUMWNSP.sys
$TEMP/DGPTUMW/ia64/PTUMWVsp.sys
$TEMP/DGPTUMW/ia64/ptumwcit.dll
$TEMP/DGPTUMW/ptumwbus.cat
$TEMP/DGPTUMW/ptumwcdf.cat
$TEMP/DGPTUMW/ptumwcsp.cat
$TEMP/DGPTUMW/ptumwmcp.dll
.dll windows:4 windows x86 arch:x86

238f2adf8ea4e5391510972f652c82be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:a4:26:bc:0d:95:a9:b4:d5:7f:9f:08:ef:7b:6a:0c:9c:f3:a8:53
Signer

Actual PE Digest

f9:a4:26:bc:0d:95:a9:b4:d5:7f:9f:08:ef:7b:6a:0c:9c:f3:a8:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
InterlockedExchange
MultiByteToWideChar
DisableThreadLibraryCalls
GetProcAddress
LoadLibraryA
OutputDebugStringA
WriteFile
GetOverlappedResult
ReadFile
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
CreateFileA
CloseHandle
GetLastError
lstrlenA
DeviceIoControl
WideCharToMultiByte
GlobalAlloc
GlobalFree
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
VirtualAlloc
GetModuleHandleA
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeA
CM_Get_Parent
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Device_IDA

Exports

Exports

UNI_DoRegisterSKTDriver
UNI_GetComPortName
UNI_GetLastError
WMC_ESyncMgr
WMC_GetCMPortA
WMC_GetCMPortW
WMC_GetConnectionInfo
WMC_GetDiagPortA
WMC_GetDiagPortW
WMC_GetEmergencyDLMode
WMC_GetMdmPortA
WMC_GetMdmPortW
WMC_GetNDISMode
WMC_GetNDISPacketCounts
WMC_GetNMEAPortA
WMC_GetNMEAPortW
WMC_GetPortA
WMC_GetPortW
WMC_GetPower
WMC_SetNDISMode
WMC_SetPower
WMC_WriteVendorCmd
WMC_WriteVendorCmdEx
WMC_usbClose
WMC_usbOpen
WMC_usbRead
WMC_usbWrite

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ptumwmcp64.dll
.dll windows:4 windows x64 arch:x64

42c074f2a4b704ff542e4f77f14177a8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

15/04/2008, 00:00

Not After

31/05/2011, 23:59

Subject

CN=pantech co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D Center,O=pantech co ltd,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:10:c7:e7:19:83:74:72:49:f3:c4:b6:dc:05:ca:b6:92:a1:22:3d
Signer

Actual PE Digest

d8:10:c7:e7:19:83:74:72:49:f3:c4:b6:dc:05:ca:b6:92:a1:22:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LocalAlloc
LocalFree
MultiByteToWideChar
GetProcAddress
LoadLibraryA
OutputDebugStringA
WriteFile
GetOverlappedResult
ReadFile
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
CreateFileA
CloseHandle
GetLastError
lstrlenA
DeviceIoControl
WideCharToMultiByte
GlobalAlloc
DisableThreadLibraryCalls
GlobalFree
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
RtlPcToFileHeader
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleA
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetProcessHeap
GetCPInfo
GetOEMCP
IsValidCodePage
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
HeapSetInformation
HeapCreate
HeapDestroy
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
RtlUnwindEx
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Locate_DevNodeA
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
CM_Get_Sibling
CM_Get_Parent
CM_Get_Device_IDA

Exports

Exports

UNI_DoRegisterSKTDriver
UNI_GetComPortName
UNI_GetLastError
WMC_ESyncMgr
WMC_GetCMPortA
WMC_GetCMPortW
WMC_GetConnectionInfo
WMC_GetDiagPortA
WMC_GetDiagPortW
WMC_GetEmergencyDLMode
WMC_GetMdmPortA
WMC_GetMdmPortW
WMC_GetNDISMode
WMC_GetNDISPacketCounts
WMC_GetNMEAPortA
WMC_GetNMEAPortW
WMC_GetPortA
WMC_GetPortW
WMC_GetPower
WMC_SetNDISMode
WMC_SetPower
WMC_WriteVendorCmd
WMC_WriteVendorCmdEx
WMC_usbClose
WMC_usbOpen
WMC_usbRead
WMC_usbWrite

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/DGPTUMW/ptumwmdm.cat
$TEMP/DGPTUMW/ptumwnet.cat
$TEMP/DGPTUMW/ptumwnsp.cat
$TEMP/DGPTUMW/ptumwvsp.cat
$TEMP/InstUtil.dll
.dll windows:4 windows x86 arch:x86

51b502ad9595050b276c7a141a5d558c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
GetSystemInfo
GetProcAddress
GetModuleHandleA
lstrcpyA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

GetSystemMetrics

Exports

Exports

osplatform
osversion
winosversion

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/ISSetup.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d2de62954e2245a65e4524f1ce87517e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

WaitForInputIdle

gdi32

CreatePalette

advapi32

LookupPrivilegeValueA

shell32

SHGetMalloc

ole32

WriteClassStm

oleaut32

BSTR_UserFree

rpcrt4

UuidCreate

winmm

mciSendCommandA

version

GetFileVersionInfoA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
InstallEngineTypelib
RemoveEngineTypelib

Sections

.text
Size: 390KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Pantech UM185 driver.3guman.com/Original Disc/MPT/Language.ini
Pantech UM185 driver.3guman.com/Original Disc/MPT/Redist/gdiplus.dll
.dll windows:5 windows x86 arch:x86

7941976a82dd7ff8b1a2ea069878fab3

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
RaiseException
Sleep
CloseHandle
WriteFile
CreateFileA
WaitForSingleObject
SetEvent
lstrcmpiA
CreateThread
CreateEventA
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
GetSystemDefaultLCID
GetProcAddress
GetModuleHandleW
GetACP
GetVersionExA
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
GetCommandLineA
GetSystemInfo
HeapReAlloc
HeapFree
VirtualAlloc
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
IsDBCSLeadByteEx
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
GetFileTime
SearchPathW
SearchPathA
InterlockedIncrement
CreateSemaphoreA
lstrcpyW
lstrcatW
LoadLibraryW
lstrcpyA
lstrcatA
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetProfileSectionA
CreateFileW
SetEndOfFile
SetFilePointer
ReadFile
UnlockFile
GetFileInformationByHandle
LockFile
FlushFileBuffers
GetLastError
VirtualFree
GlobalAlloc
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
GetSystemDirectoryW
GetWindowsDirectoryA
FreeLibrary
HeapDestroy
LoadLibraryA

user32

ReleaseDC
LoadBitmapW
LoadBitmapA
wsprintfW
SystemParametersInfoA
GetDC
wsprintfA
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
GetIconInfo
ClientToScreen
wvsprintfA
GetDCEx
GetWindowLongA
GetClassLongA

gdi32

GetNearestPaletteIndex
GetDIBColorTable
FillRgn
SetMiterLimit
CreateSolidBrush
StrokePath
GetGraphicsMode
SetPolyFillMode
FillPath
StrokeAndFillPath
GetViewportExtEx
ExtTextOutA
GetTextCharsetInfo
TranslateCharsetInfo
PolylineTo
Polyline
LineTo
GetCurrentPositionEx
ArcTo
SetArcDirection
SelectClipPath
GetPath
CloseFigure
AbortPath
FlattenPath
WidenPath
BeginPath
Ellipse
AngleArc
PolyBezierTo
PolyBezier
RoundRect
PolyDraw
Pie
Chord
Arc
EndPath
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
MoveToEx
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
StretchBlt
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreatePen
CreateDIBitmap
CreatePatternBrush
ExtSelectClipRgn
GetBkMode
GetTextAlign
ModifyWorldTransform
ExtCreateRegion
CreateCompatibleBitmap
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
PolyPolygon
PlayMetaFileRecord
ExtCreatePen
GetWorldTransform
GetROP2
SetROP2
Rectangle
Polygon
IntersectClipRect
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
ExtTextOutW
SetBitmapBits
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileW
GetEnhMetaFileA
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreatePalette
GetSystemPaletteEntries
GetSystemPaletteUse
GetDeviceCaps
ExtEscape
GetObjectType
GetPixel
SetDIBColorTable
DeleteObject
SelectPalette
GetTextFaceA
GetTextMetricsA
GetTextFaceW
GetTextMetricsW
EnumFontFamiliesExA
EnumFontFamiliesExW
SelectObject
CreateFontIndirectW
CreateFontIndirectA
GetRegionData
DeleteDC
CreateDCA
CreateICA
CreateRectRgn
GetRandomRgn
LPtoDP
GetWindowExtEx
PolyPolyline
GetWindowOrgEx
GetViewportOrgEx
GetMapMode
SetICMMode
Escape
GetDCOrgEx
GetObjectA
GetCurrentObject
GetDIBits
CreateCompatibleDC
CreateDIBSection
RealizePalette
GetPaletteEntries
GdiFlush
PatBlt
CreateBrushIndirect

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueW
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyExW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegEnumValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/Redist/msvcp60.dll
.dll windows:4 windows x86 arch:x86

1b1839992700df52b049b87961a724e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memmove
__CxxFrameHandler
free
localeconv
_Gettnames
_Getdays
_Getmonths
__mb_cur_max
atan2
cos
exp
ldexp
log
pow
sin
sqrt
??2@YAPAXI@Z
strtoul
_errno
strtol
sprintf
strcspn
fclose
fwrite
fputc
ungetc
fgetc
fgetpos
fseek
fsetpos
setvbuf
memchr
memset
ungetwc
fgetwc
_Strftime
fopen
_iob
setlocale
malloc
realloc
__crtCompareStringA
__lc_collate_cp
_unlock
__lc_handle
_lock
__setlc_active
__unguarded_readlc_active
__crtLCMapStringA
__lc_codepage
towlower
towupper
strcmp
_pctype
_isctype
_ftol
strtod
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
memcmp
memcpy
strlen
_CxxThrowException
wcslen
??4exception@@QAEAAV0@ABV0@@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
fflush
?what@exception@@UBEPBDXZ
fputwc

kernel32

DisableThreadLibraryCalls
MultiByteToWideChar
DeleteCriticalSection
InterlockedExchange
LeaveCriticalSection
Sleep
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte

Exports

Exports

??0?$_Complex_base@M@std@@QAE@ABM0@Z
??0?$_Complex_base@N@std@@QAE@ABN0@Z
??0?$_Complex_base@O@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locinfo@std@@QAE@ABV01@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_Winit@std@@QAE@XZ
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_alloc@std@@QAE@ABV01@@Z
??0bad_alloc@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_exception@std@@QAE@ABV01@@Z
??0bad_exception@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0domain_error@std@@QAE@ABV01@@Z
??0domain_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0facet@locale@std@@IAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0length_error@std@@QAE@ABV01@@Z
??0length_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z
??0locale@std@@QAE@W4_Uninitialized@1@@Z
??0locale@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0messages_base@std@@QAE@I@Z
??0money_base@std@@QAE@I@Z
??0ostrstream@std@@QAE@PADHH@Z
??0out_of_range@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0overflow_error@std@@QAE@ABV01@@Z
??0overflow_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0range_error@std@@QAE@ABV01@@Z
??0range_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0runtime_error@std@@QAE@ABV01@@Z
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0strstream@std@@QAE@PADHH@Z
??0time_base@std@@QAE@I@Z
??0underflow_error@std@@QAE@ABV01@@Z
??0underflow_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1?$_Mpunct@D@std@@UAE@XZ
??1?$_Mpunct@G@std@@UAE@XZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_filebuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_fstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_fstream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ifstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ifstream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@UAE@XZ
??1?$basic_ofstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ofstream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@UAE@XZ
??1?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@UAE@XZ
??1?$codecvt@DDH@std@@UAE@XZ
??1?$codecvt@GDH@std@@UAE@XZ
??1?$collate@D@std@@UAE@XZ
??1?$collate@G@std@@UAE@XZ
??1?$ctype@D@std@@UAE@XZ
??1?$ctype@G@std@@UAE@XZ
??1?$messages@D@std@@UAE@XZ
??1?$messages@G@std@@UAE@XZ
??1?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1?$moneypunct@D$00@std@@UAE@XZ
??1?$moneypunct@D$0A@@std@@UAE@XZ
??1?$moneypunct@G$00@std@@UAE@XZ
??1?$moneypunct@G$0A@@std@@UAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1?$numpunct@D@std@@UAE@XZ
??1?$numpunct@G@std@@UAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@UAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@UAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_alloc@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_exception@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1domain_error@std@@UAE@XZ
??1facet@locale@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1istrstream@std@@UAE@XZ
??1length_error@std@@UAE@XZ
??1locale@std@@QAE@XZ
??1logic_error@std@@UAE@XZ
??1messages_base@std@@UAE@XZ
??1money_base@std@@UAE@XZ
??1ostrstream@std@@UAE@XZ
??1out_of_range@std@@UAE@XZ
??1overflow_error@std@@UAE@XZ
??1range_error@std@@UAE@XZ
??1runtime_error@std@@UAE@XZ
??1strstream@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??1underflow_error@std@@UAE@XZ
??4?$_Complex_base@M@std@@QAEAAV01@ABV01@@Z
??4?$_Complex_base@N@std@@QAEAAV01@ABV01@@Z
??4?$_Complex_base@O@std@@QAEAAV01@ABV01@@Z
??4?$_Ctr@M@std@@QAEAAV01@ABV01@@Z
??4?$_Ctr@N@std@@QAEAAV01@ABV01@@Z
??4?$_Ctr@O@std@@QAEAAV01@ABV01@@Z
??4?$allocator@X@std@@QAEAAV01@ABV01@@Z
??4?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_fstream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ios@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ios@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@G@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??4?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??4?$char_traits@D@std@@QAEAAU01@ABU01@@Z
??4?$char_traits@G@std@@QAEAAU01@ABU01@@Z
??4?$complex@M@std@@QAEAAV01@ABM@Z
??4?$complex@M@std@@QAEAAV01@ABV01@@Z
??4?$complex@N@std@@QAEAAV01@ABN@Z
??4?$complex@N@std@@QAEAAV01@ABV01@@Z
??4?$complex@O@std@@QAEAAV01@ABO@Z
??4?$complex@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@C@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@D@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@E@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@F@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@G@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@H@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@I@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@J@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@K@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@M@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@N@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@O@std@@QAEAAV01@ABV01@@Z
??4?$numeric_limits@_N@std@@QAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Locinfo@std@@QAEAAV01@ABV01@@Z
??4_Lockit@std@@QAEAAV01@ABV01@@Z
??4_Num_base@std@@QAEAAU01@ABU01@@Z
??4_Num_float_base@std@@QAEAAU01@ABU01@@Z
??4_Num_int_base@std@@QAEAAU01@ABU01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_alloc@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_exception@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4domain_error@std@@QAEAAV01@ABV01@@Z
??4id@locale@std@@QAEAAV012@ABV012@@Z
??4ios_base@std@@QAEAAV01@ABV01@@Z
??4length_error@std@@QAEAAV01@ABV01@@Z
??4locale@std@@QAEAAV01@ABV01@@Z
??4logic_error@std@@QAEAAV01@ABV01@@Z
??4out_of_range@std@@QAEAAV01@ABV01@@Z
??4overflow_error@std@@QAEAAV01@ABV01@@Z
??4range_error@std@@QAEAAV01@ABV01@@Z
??4runtime_error@std@@QAEAAV01@ABV01@@Z
??4underflow_error@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??5std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAF@Z
??5std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBF@Z
??6std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??7ios_base@std@@QBE_NXZ
??8locale@std@@QBE_NABV01@@Z
??8std@@YA_NABMABV?$complex@M@0@@Z
??8std@@YA_NABNABV?$complex@N@0@@Z
??8std@@YA_NABOABV?$complex@O@0@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??8std@@YA_NABV?$complex@M@0@0@Z
??8std@@YA_NABV?$complex@M@0@ABM@Z
??8std@@YA_NABV?$complex@N@0@0@Z
??8std@@YA_NABV?$complex@N@0@ABN@Z
??8std@@YA_NABV?$complex@O@0@0@Z
??8std@@YA_NABV?$complex@O@0@ABO@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??8std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??9locale@std@@QBE_NABV01@@Z
??9std@@YA_NABMABV?$complex@M@0@@Z
??9std@@YA_NABNABV?$complex@N@0@@Z
??9std@@YA_NABOABV?$complex@O@0@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??9std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??9std@@YA_NABV?$complex@M@0@0@Z
??9std@@YA_NABV?$complex@M@0@ABM@Z

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/Setup.gif
.gif
Pantech UM185 driver.3guman.com/Original Disc/MPT/SetupSkin.cab
.cab
Pantech UM185 driver.3guman.com/Original Disc/MPT/StringTable_ENU.ini
Pantech UM185 driver.3guman.com/Original Disc/MPT/StringTable_ESM.ini
Pantech UM185 driver.3guman.com/Original Disc/MPT/_Setup.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/layout.bin
Pantech UM185 driver.3guman.com/Original Disc/MPT/setup.exe
.exe windows:4 windows x86 arch:x86

8f244019e52c417786599750d44c515a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

51:73:78:36:c0:c4:38:4b:ea:53:d3:31:00:c9:8f:35
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

21/01/2009, 00:00

Not After

31/01/2012, 23:59

Subject

CN=Avanquest,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Technology,O=Avanquest,L=Paris,ST=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:98:dd:d5:73:b9:f9:60:28:3a:06:9f:ac:51:54:e0:c3:f9:8c:7e
Signer

Actual PE Digest

3a:98:dd:d5:73:b9:f9:60:28:3a:06:9f:ac:51:54:e0:c3:f9:8c:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

LoadLibraryExA
QueryPerformanceFrequency
CreateEventA
ReadFile
CompareStringA
CompareStringW
GlobalSize
SizeofResource
FreeResource
SearchPathA
FindNextFileA
GetTempFileNameA
GetExitCodeProcess
TerminateProcess
OpenProcess
GetLocalTime
InitializeCriticalSection
GetCurrentProcessId
GetVersion
LeaveCriticalSection
EnterCriticalSection
GetCurrentThread
VirtualQuery
VirtualProtect
UnmapViewOfFile
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
SetEvent
ResetEvent
QueryPerformanceCounter
SystemTimeToFileTime
lstrcmpA
MoveFileExA
GetDiskFreeSpaceA
GetSystemDirectoryA
GetSystemInfo
IsBadReadPtr
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
lstrcpyA
lstrlenA
Sleep
CloseHandle
CreateProcessA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
RemoveDirectoryA
DeleteFileA
ResumeThread
SetThreadContext
MulDiv
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
SetEndOfFile
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
TlsGetValue
TlsAlloc
CreateDirectoryA
FindFirstFileA
FindClose
lstrcmpiA
lstrcpynA
WriteFile
GetDriveTypeA
SetFilePointer
GetFileAttributesA
ReleaseMutex
GetPrivateProfileIntA
lstrcatA
LoadLibraryA
GetSystemDefaultLangID
CreateMutexA
FreeLibrary
SetErrorMode
GetTickCount
FindResourceExA
FindResourceA
LoadResource
LockResource
GetWindowsDirectoryA
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageA
GetTempPathA
GetVersionExA
CreateFileA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
SetLastError
WaitForSingleObject
ExitProcess
GetCurrentProcess
DuplicateHandle
GetThreadContext
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
TlsSetValue
GetCurrentThreadId
GetCommandLineA
GetStartupInfoA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
DeleteCriticalSection
InterlockedExchange
GetFileSize

user32

SetWindowLongA
SetWindowTextA
SendMessageA
GetDlgItem
wsprintfA
WaitForInputIdle
CharUpperA
MessageBoxA
DialogBoxIndirectParamA
SetDlgItemTextA
MsgWaitForMultipleObjects
CharLowerBuffA
SetFocus
BeginPaint
EndPaint
LoadStringA
FillRect
ScreenToClient
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
SendDlgItemMessageA
GetMessageA
DefWindowProcA
GetParent
GetWindow
SystemParametersInfoA
MapWindowPoints
SetWindowPos
GetPropA
EnableMenuItem
SetPropA
RemovePropA
ShowWindow
IsWindow
GetSysColor
LoadImageA
CreateDialogParamA
GetDC
ReleaseDC
SetActiveWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
CreateDialogIndirectParamA
SetForegroundWindow
GetDesktopWindow
GetClientRect
EnableWindow
IsWindowEnabled
GetWindowDC
UpdateWindow
InvalidateRect
DrawIcon
MapDialogRect
GetClassNameA
CallWindowProcA
DrawFocusRect
InflateRect
DrawTextA
CopyRect
EnumChildWindows
CreateWindowExA
RegisterClassExA
IntersectRect
GetDlgItemTextA
GetWindowLongA
GetWindowRect
MoveWindow
EndDialog
LoadIconA

gdi32

CreateCompatibleBitmap
CreateDCA
GetStockObject
GetTextExtentPoint32A
CreatePatternBrush
DeleteMetaFile
SetMetaFileBitsEx
SetStretchBltMode
SelectClipRgn
SetPixel
PatBlt
PlayMetaFile
StretchBlt
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
CreateDIBitmap
SaveDC
SetBkMode
SetTextColor
TextOutA
RestoreDC
GetTextExtentPointA
CreateFontIndirectA
SetBkColor
CreateRectRgn
DeleteObject
CreateSolidBrush
GetDIBColorTable
GetSystemPaletteEntries
CreatePalette
CreateHalftonePalette
GetDeviceCaps
GetObjectA
CreateCompatibleDC
UnrealizeObject
SelectPalette
RealizePalette
SelectObject
BitBlt
DeleteDC
SetMapMode

advapi32

RegCloseKey
RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
SHGetSpecialFolderLocation

ole32

CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
SysReAllocStringLen
SysStringLen
GetErrorInfo
VariantClear
VariantChangeType

lz32

LZOpenFileA
LZCopy
LZClose

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/MPT/setup.ini
Pantech UM185 driver.3guman.com/Original Disc/MPT/setup.inx
Pantech UM185 driver.3guman.com/Original Disc/MPT/setup.iss
Pantech UM185 driver.3guman.com/Original Disc/Start.exe
.exe windows:4 windows x86 arch:x86

262d2b45b6f4e295f6aa087a031c6215

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRenameExtensionA
StrRChrA
StrDupA
PathFileExistsA
PathRemoveFileSpecA
PathAppendA

kernel32

CloseHandle
WaitForSingleObject
GetModuleHandleA
GetTickCount
CreateThread
CreateEventA
lstrcatA
lstrcmpiA
GetPrivateProfileStringA
GetModuleFileNameA
SetEvent
lstrlenA
Sleep
GetStartupInfoA

user32

FindWindowExA
PostMessageA
LoadCursorA
LoadIconA
LoadImageA
RegisterClassExA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
GetClientRect
BeginPaint
GetSysColor
DrawTextA
EndPaint
GetDC
ReleaseDC
GetWindowLongA
AdjustWindowRectEx
MonitorFromWindow
GetMonitorInfoA
MoveWindow
GetSystemMenu
EnableMenuItem
DefWindowProcA
DestroyWindow
PostQuitMessage
TranslateMessage

gdi32

GetStockObject
SelectObject
SetTextColor
SetBkMode
GetTextExtentPoint32A

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteExA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Pantech UM185 driver.3guman.com/Original Disc/Start.ini
Pantech UM185 driver.3guman.com/Original Disc/autorun.inf

Sharing

General

Malware Config

Signatures

Files

4a9446e5cc2412c6405cea69dddb93be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2eCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 110KB

.ndata Size: - Virtual size: 52KB

.rsrc Size: 3KB - Virtual size: 2KB

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

44e10d0057a430f7aebde91deb548c53

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2eCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

c8:53:29:fb:51:75:0d:e5:2f:9f:1c:9c:35:dc:9d:59:83:c2:34:91
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 110KB

.ndata
Size: - Virtual size: 52KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

bb:58:a8:5b:b6:6b:44:4d:8c:43:bc:a9:d2:bb:ae:67:04:c6:6f:45
Signer

.text
Size: 276KB - Virtual size: 272KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 148KB - Virtual size: 162KB

.rsrc
Size: 196KB - Virtual size: 195KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

52:7b:8c:f4:0e:40:81:63:8b:48:e9:da:3a:2a:16:49:fc:24:c0:f8
Signer

.text
Size: 373KB - Virtual size: 372KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 150KB - Virtual size: 174KB

.pdata
Size: 27KB - Virtual size: 26KB

.rsrc
Size: 195KB - Virtual size: 195KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

16:1a:4c:1d:0e:56:9c:c6:28:c8:6c:e1:01:80:ae:2e
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

48:94:90:82:30:f9:e8:04:a8:f8:3c:9e:0e:71:02:bb:f5:5e:c0:4f
Signer