4258687a66e69e5649db7f85ad71a58c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4258687a66e69e5649db7f85ad71a58c_JaffaCakes118
Size

23.6MB
MD5

4258687a66e69e5649db7f85ad71a58c
SHA1

3ac19ed8f74c69149727d86e0e88623cfcbb90cd
SHA256

311b1c60e191465b7d029c91faa41ac00a007da533338904ccd021bcafc493e6
SHA512

fcd525180031a251ca4d3d4646d007e6e370a86beebffd2bc99b9c6cdb51ad68fe543ffc74338bb0b0df5bdab63d43335257b9f2dded63ea322db55115357c65
SSDEEP

393216:J9tgxnFCBnWPpAUlu1D3wwaUea6/Kz/MX4O4xloI88hCCePfoE8aB19BOE:JfyQpWPLuZ3ww11Eo/MoO4xOoCCodOE

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/version.dll	acprotect
static1/unpack001/nat.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/version.dll	upx
static1/unpack001/nat.dll	upx

Unsigned PE 34 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsisos.dll
unpack001/$PLUGINSDIR/version.dll
unpack002/out.upx
unpack001/AZMain.dll
unpack001/CCheck.dll
unpack001/MCheck.dll
unpack001/MegafileCMC.dll
unpack001/MegafileCMCU.dll
unpack001/MurekaAVD.exe
unpack001/MurekaWma.dll
unpack001/UNACEV2.DLL
unpack001/UnEGG32.dll
unpack001/avcodec-54.dll
unpack001/avdevice-54.dll
unpack001/avfilter-3.dll
unpack001/avformat-54.dll
unpack001/avutil-51.dll
unpack001/avutil-52.dll
unpack001/cabinet.dll
unpack001/calMbc.dll
unpack001/checkDCF.dll
unpack001/ippcore-5.2.dll
unpack001/ippi-5.2.dll
unpack001/ippipx-5.2.dll
unpack001/libguide40.dll
unpack003/out.upx
unpack001/postproc-52.dll
unpack001/sendPurchasedData.dll
unpack001/swresample-0.dll
unpack001/swscale-2.dll
unpack001/unace32.exe
unpack001/unrar4.dll

Files

4258687a66e69e5649db7f85ad71a58c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ed0d71376e55d58ab36dc7d3ffda898

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-02-2015 00:00

Not After

23-02-2016 23:59

Subject

CN=PEOPLE IN COMMS Co.\,Ltd.,O=PEOPLE IN COMMS Co.\,Ltd.,L=Guro-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathW
SetFileTime
CloseHandle
GetShortPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
GetFullPathNameW
CreateDirectoryW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
SetFileAttributesW
ExpandEnvironmentStringsW
LoadLibraryW
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcpyA
lstrcpyW
lstrcatW
GetSystemDirectoryW
GetVersion
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetModuleHandleW
lstrcmpiW
lstrcmpW
WaitForSingleObject
GlobalFree
GlobalAlloc
LoadLibraryExW
GetExitCodeProcess
FreeLibrary
WritePrivateProfileStringW
SetErrorMode
GetCommandLineW
GetPrivateProfileStringW
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
WriteFile
lstrlenA
WideCharToMultiByte

user32

EndDialog
ScreenToClient
GetWindowRect
RegisterClassW
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
wsprintfW
CreateWindowExW
SystemParametersInfoW
AppendMenuW
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
GetDC
SetWindowLongW
LoadImageW
SendMessageTimeoutW
FindWindowExW
EmptyClipboard
OpenClipboard
TrackPopupMenu
EndPaint
ShowWindow
GetDlgItem
IsWindow
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$DOCUMENTS/uninstall.exe.nsis
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

ec5fddc407d2b4e0a16fc4d786afc555

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
GetPropW
CharPrevW
MapWindowPoints
DrawFocusRect
GetWindowLongW
GetClientRect
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
LoadCursorW
RemovePropW
DrawTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 626B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsisos.dll
.dll windows:1 windows x86 arch:x86

a70233c77fd258ec47709388c2338273

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetEnvironmentStringsA
GetVersionExA
RtlUnwind
RtlZeroMemory
lstrcpyA

crtdll

_fdopen
_open_osfhandle
_ultoa
fclose
_cexit
malloc
printf
raise
setbuf
strcpy

Exports

Exports

osplatform
osversion

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 80B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 588B - Virtual size: 588B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 156B - Virtual size: 156B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 96B - Virtual size: 96B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/version.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetWindowsVersion
IsWindows2000
IsWindows7
IsWindows8
IsWindows95
IsWindows98
IsWindowsME
IsWindowsNT351
IsWindowsNT40
IsWindowsPlatform9x
IsWindowsPlatformNT
IsWindowsServer2003
IsWindowsServer2008
IsWindowsServer2008R2
IsWindowsServer2012
IsWindowsVista
IsWindowsXP
IsWindowsXPx64

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AZMain.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ALZDllInit
ALZDllInitEx
ALZDllInitEx2
Add
AddEx
Cancel
Extract
ExtractEx
ExtractStream
ExtractStreamEx
Flush
GetArchiveComment
GetArchiveList
GetArchiveString
GetArchiveStringEx
GetArchiveStringEx2
GetArchiveStringStream
GetArchiveStringStreamEx
GetFileType
GetFileTypeName
GetFileTypeStream
SetArchiveComment

Sections

CODE
Size: 707KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 774KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ark32.dll
.dll windows:5 windows x86 arch:x86

9e2b5dac9271a775929c6bd39d534957

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\devel\Ark6\bin\Ark32.pdb

Imports

kernel32

FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
FileTimeToDosDateTime
InterlockedIncrement
InterlockedDecrement
FreeLibrary
lstrcpyA
DeleteFileW
GetFileAttributesExW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetModuleFileNameW
LoadLibraryW
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
SetEvent
WaitForSingleObject
ResetEvent
SetFileAttributesW
Sleep
WriteFile
CreateFileA
ReadFile
SetFilePointer
GetFileTime
MoveFileW
LocalFileTimeToFileTime
lstrcpynA
GetTickCount
SetThreadPriority
InterlockedExchange
FileTimeToLocalFileTime
lstrcmpW
VirtualAlloc
VirtualFree
GetModuleHandleW
GlobalMemoryStatus
CreateProcessW
GetExitCodeProcess
QueryPerformanceCounter
GetCurrentProcess
GetThreadTimes
GetSystemInfo
GetVersion
CreatePipe
DuplicateHandle
TerminateThread
SetFileTime
GlobalAlloc
GlobalFree
WaitForMultipleObjects
CreateSemaphoreW
ReleaseSemaphore
GetCurrentProcessId
GetCurrentThreadId
GetCPInfo
IsDBCSLeadByte
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetThreadLocale
GetACP
LoadLibraryA
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
GetCommandLineA
ExitThread
CreateThread
SetStdHandle
GetFileType
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
CompareStringW
RtlUnwind
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentThread
CloseHandle
GetFileSizeEx
CreateFileW
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryW
lstrcpyW
lstrlenA
GetLastError
GetFileAttributesW
GetFileAttributesA
lstrcatW
lstrlenW
TerminateProcess
GetVersionExW

user32

FindWindowW
CharToOemBuffA
wsprintfW
CharUpperW
SendMessageW

advapi32

AccessCheck
OpenThreadToken
RevertToSelf
ImpersonateSelf
GetFileSecurityW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AreAllAccessesGranted

oleaut32

VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString

Exports

Exports

CreateArk
CreateArkCompressor

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ark32lgpl.dll
.dll windows:5 windows x86 arch:x86

213561b663826c12cff8d69c48cf7345

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\devel\Ark6\bin\Ark32lgpl.pdb

Imports

kernel32

VirtualFree
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
CloseHandle
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
CompareFileTime
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RaiseException
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA

user32

CharUpperW
CharNextA

oleaut32

VariantClear
SysAllocString
SysAllocStringByteLen

Exports

Exports

AllocWinZipJPEGDecompressor
AreMoreWinZipJPEGBytesAvailable
AreMoreWinZipJPEGSlicesAvailable
Create7zArc
EncodeWinZipJPEGBlocksToBuffer
FreeWinZipJPEGDecompressor
IsFinalWinZipJPEGBundle
ReadNextWinZipJPEGBundle
ReadNextWinZipJPEGSlice
ReadWinZipJPEGHeader
WinZipJPEGBundleMetadataBytes
WinZipJPEGBundleMetadataLength

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AzCDImage.dll
.dll windows:4 windows x86 arch:x86

2ffa83954e77e711d0b8f8a84222eb71

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0c:0b:a5:c2:0e:64:cc:aa:47:e7:0b:ae:99:1d:33:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

19-11-2008 00:00

Not After

19-11-2009 23:59

Subject

CN=ESTsoft Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=ESTsoft Corp.,L=Gwanak-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

50:94:c4:82:77:7b:9d:cc:1f:8d:f2:91:fd:f7:05:6a:48:55:29:e6
Signer

Actual PE Digest

50:94:c4:82:77:7b:9d:cc:1f:8d:f2:91:fd:f7:05:6a:48:55:29:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SourceBank\Product\ALZip\ALZip7.x\CDImage\PluginCDImage\Release\AzCDImage.pdb

Imports

kernel32

GetCurrentDirectoryA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
FreeResource
GetCPInfo
GetOEMCP
HeapFree
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
RaiseException
ExitProcess
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetPrivateProfileStringA
GetStringTypeA
GetStringTypeW
GetStdHandle
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetConsoleCtrlHandler
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetAtomNameA
GlobalGetAtomNameA
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FreeLibrary
GetModuleHandleA
GetFileTime
GetFileAttributesA
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcAddress
CreateFileA
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LoadLibraryA
GetThreadLocale
DeleteFileA
MoveFileA
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
InterlockedExchange
MultiByteToWideChar
CreateDirectoryA
GetLastError
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
IsValidCodePage
SizeofResource

user32

ScrollWindowEx
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DestroyIcon
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
GetWindowTextLengthA
GetWindowTextA
CharLowerA
CharLowerW
CharUpperA
CharUpperW
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
InflateRect
GetDialogBaseUnits
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
EqualRect
GetMenuItemInfoA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
AppendMenuA
GetMenuStringA
GetMenuState
GetSystemMetrics
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
OffsetRect

gdi32

ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
StartDocA
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
GetCurrentPositionEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextMetricsA
SetWindowExtEx
ScaleWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PlayMetaFile
GetDeviceCaps
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CreateDCA
CopyMetaFileA
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueA
RegCloseKey
RegCreateKeyA

shell32

ExtractIconA
SHGetFileInfoA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA

ole32

OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
CoDisconnectObject
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadClassStg

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantClear
SafeArrayRedim
VariantChangeType
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
VariantInit

Exports

Exports

CDIMG_CloseFile
CDIMG_DeleteNode
CDIMG_ExpandTree
CDIMG_ExtractISO
CDIMG_GetFirstChild
CDIMG_GetFullPath
CDIMG_GetItemInfo
CDIMG_GetNextSibling
CDIMG_GetRootItem
CDIMG_OpenFile

Sections

.text
Size: 336KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CCheck.dll
.dll windows:4 windows x86 arch:x86

5acd62a90aaaf423d31a9533b0f7685b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSAStartup
gethostname
gethostbyname
inet_addr
WSACleanup

wininet

InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetSetCookieA
InternetQueryOptionA
HttpSendRequestA
InternetErrorDlg
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

mfc42

ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord6467
ord800
ord860
ord2614
ord5300
ord540
ord858
ord1567
ord268
ord2818
ord535
ord537
ord939
ord2915
ord4202
ord4129
ord4278
ord6283
ord6282
ord859
ord1116
ord940
ord941
ord926
ord5710
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord823
ord5683

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
fopen
fclose
fread
_mbsstr
__CxxFrameHandler
atoi
_mbctype
_atoi64
_stati64
malloc
free
_mbscmp

kernel32

LocalFree
LocalAlloc
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
lstrlenA
GetLastError
WideCharToMultiByte

user32

GetDesktopWindow

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

CopyrightInfo

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FCvScan.dll
.dll windows:4 windows x86 arch:x86

6d02900a881b4a5a53e9db1d1f2f84f6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d7:a8:38:f4:1d:b8:be:e0:6f:50:a5:f1:ef:c7:c0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-11-2012 00:00

Not After

28-12-2013 23:59

Subject

CN=INCA Internet Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=INCA Internet Co.\,Ltd.,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:27:95:03:b4:60:da:09:98:fb:e7:d6:83:a7:ae:8a:79:e3:33:71
Signer

Actual PE Digest

0d:27:95:03:b4:60:da:09:98:fb:e7:d6:83:a7:ae:8a:79:e3:33:71

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\project\fcvscan\trunk\bin\release\FCvScan.pdb

Imports

kernel32

GetCurrentProcess
GetFullPathNameA
CreateFileA
GetCPInfo
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
GetProcessHeap
RtlUnwind
RaiseException
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetDriveTypeA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetThreadLocale
GlobalGetAtomNameA
GetCurrentProcessId
GlobalAddAtomA
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
InterlockedDecrement
GetModuleFileNameW
SetLastError
SetErrorMode
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
CloseHandle
SetEvent
GetModuleFileNameA
SystemTimeToFileTime
GetLocalTime
FreeLibrary
WaitForSingleObject
GetProcAddress
LoadLibraryA
CreateEventA
RemoveDirectoryA
DeleteFileA
GetPrivateProfileStringA
GetVersion
lstrlenA
MultiByteToWideChar
InterlockedExchange
CompareStringW
CompareStringA
GetLastError
GetModuleHandleA
GetCommandLineA
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualFree
WideCharToMultiByte

user32

ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadCursorA
GetSystemMetrics
GetDC
DestroyMenu
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
SendMessageA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
UnhookWindowsHookEx
PostMessageA
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowLongA

gdi32

ScaleWindowExtEx
DeleteDC
GetStockObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
GetDeviceCaps
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
PtVisible

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantClear
VariantChangeType

Exports

Exports

FC_Initialize
FC_UnInitialize
FC_Virus_Cure
FC_Virus_Scan

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FCvServer.ini
KGridDownloadModule.exe
.exe windows:5 windows x86 arch:x86

ef4f7b8f1d11743bfe15b083902b8c37

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-02-2015 00:00

Not After

23-02-2016 23:59

Subject

CN=PEOPLE IN COMMS Co.\,Ltd.,O=PEOPLE IN COMMS Co.\,Ltd.,L=Guro-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MegaFile\__Bin\Release\KGridDownloadModule.pdb

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringA
GetTimeZoneInformation
GetProcessHeap
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetStdHandle
GetSystemTimeAsFileTime
HeapSize
HeapReAlloc
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapAlloc
GetFileType
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
SetErrorMode
GlobalGetAtomNameW
GetFileTime
GetFileSizeEx
GetFileAttributesW
lstrcpyW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
GetCurrentDirectoryW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenA
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
InterlockedDecrement
CopyFileW
GlobalSize
MulDiv
GlobalAddAtomW
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
GlobalFree
GetCurrentProcessId
lstrlenW
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
GetCurrentProcess
GetTempFileNameW
GetTempPathW
LocalFree
FormatMessageW
Sleep
GetTickCount
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetLastError

user32

PostThreadMessageW
LoadMenuW
GetSysColorBrush
SetRectEmpty
DeleteMenu
ReleaseCapture
LoadCursorW
WindowFromPoint
SetCapture
CharUpperW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
RegisterClipboardFormatW
GetMenu
CopyAcceleratorTableW
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
DestroyMenu
GetMenuItemInfoW
InflateRect
CopyRect
UnhookWindowsHookEx
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
WaitMessage
PeekMessageW
DispatchMessageW
WinHelpW
SystemParametersInfoW
OffsetRect
MessageBeep
RedrawWindow
ToUnicodeEx
MapVirtualKeyW
GetKeyboardLayout
GetKeyboardState
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
SetParent
IsZoomed
PostQuitMessage
PostMessageW
EnableWindow
KillTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetTimer
SetClassLongW
IsMenu
InvalidateRect
IsRectEmpty
BringWindowToTop
LockWindowUpdate
SetWindowLongW
EnumChildWindows
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
MapVirtualKeyExW
GetKeyNameTextW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
SetRect
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
PtInRect
DrawStateW

gdi32

DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
OffsetRgn
GetRgnBox
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
CombineRgn
StretchBlt
SetPixel
CreateDIBSection
GetBkColor
SetRectRgn
GetMapMode
DPtoLP
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetTextExtentPoint32W
ExtTextOutW
CreateCompatibleDC
CreateFontIndirectW
GetObjectW
CopyMetaFileW
GetDeviceCaps
PatBlt
BitBlt
CreateBitmap

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyW

shell32

DragQueryFileW
SHAppBarMessage
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
SHGetFileInfoW
DragFinish

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
OleDuplicateData
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop

oleaut32

SafeArrayDestroy
VariantCopy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocString
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

gdiplus

GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageWidth

ws2_32

WSASetLastError
WSACleanup
WSAStartup

nat

ord16
ord17
ord22
ord26
ord5
ord23
ord15

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MCheck.dll
.dll windows:4 windows x86 arch:x86

2a205da87032d33aadbbb53e005320a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

inet_addr
gethostbyname
WSAStartup
gethostname
WSACleanup

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetErrorDlg
HttpSendRequestA
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetSetCookieA
InternetQueryOptionA

kernel32

GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
FreeLibrary
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalFree
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
GetCurrentDirectoryA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
GetACP
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
FormatMessageA
GetLastError
lstrcpynA
lstrlenA
lstrcatA
lstrcpyA
FindClose
FindFirstFileA
GetDriveTypeA
GlobalLock
GetModuleFileNameA
GetVersionExA
WideCharToMultiByte
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
CloseHandle
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
SetLastError
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetProcAddress
LoadLibraryA
GetFullPathNameA
GetModuleHandleA
GlobalUnlock
GetFileAttributesA

user32

IsIconic
SystemParametersInfoA
RegisterWindowMessageA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
UnregisterClassA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextA
SetWindowTextA
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
ClientToScreen
GetSystemMetrics
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetDesktopWindow
GetClientRect
GetDlgItem
GetWindowRect
GetParent
GetKeyState
SetWindowsHookExA

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

comctl32

ord17

Exports

Exports

L_DownFiltering

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaInfo.dll
.dll windows:4 windows x86 arch:x86

9516debaeb501cc020b83265018f09ca

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01-05-2012 00:00

Not After

31-12-2012 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:22:0b:5b:1e:8c:5c:de:dd:07:2a:b1:df:5c:f3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

19-10-2012 00:00

Not After

19-10-2013 23:59

Subject

CN=MediaArea.net,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=MediaArea.net,L=Curienne,ST=France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:6f:63:13:bc:ce:a9:c5:96:56:7c:2a:84:c4:b4:db:61:15:53:f4
Signer

Actual PE Digest

b9:6f:63:13:bc:ce:a9:c5:96:56:7c:2a:84:c4:b4:db:61:15:53:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
ResumeThread
GetVersion
CreateFileA
CreateFileW
GetLastError
ReadFile
WriteFile
SetFilePointer
GetFileSize
GetFileTime
GetTimeZoneInformation
GetFileAttributesA
GetFileAttributesW
GetFullPathNameA
GetFullPathNameW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindClose
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetLocaleInfoW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

Exports

Exports

MediaInfoA_Close
MediaInfoA_Count_Get
MediaInfoA_Delete
MediaInfoA_Get
MediaInfoA_GetI
MediaInfoA_Inform
MediaInfoA_New
MediaInfoA_New_Quick
MediaInfoA_Open
MediaInfoA_Open_Buffer
MediaInfoA_Open_Buffer_Continue
MediaInfoA_Open_Buffer_Continue_GoTo_Get
MediaInfoA_Open_Buffer_Finalize
MediaInfoA_Open_Buffer_Init
MediaInfoA_Open_NextPacket
MediaInfoA_Option
MediaInfoA_Output_Buffer_Get
MediaInfoA_Output_Buffer_GetI
MediaInfoA_Save
MediaInfoA_Set
MediaInfoA_SetI
MediaInfoA_State_Get
MediaInfoListA_Close
MediaInfoListA_Count_Get
MediaInfoListA_Count_Get_Files
MediaInfoListA_Delete
MediaInfoListA_Get
MediaInfoListA_GetI
MediaInfoListA_Inform
MediaInfoListA_New
MediaInfoListA_New_Quick
MediaInfoListA_Open
MediaInfoListA_Open_Buffer
MediaInfoListA_Option
MediaInfoListA_Save
MediaInfoListA_Set
MediaInfoListA_SetI
MediaInfoListA_State_Get
MediaInfoList_Close
MediaInfoList_Count_Get
MediaInfoList_Count_Get_Files
MediaInfoList_Delete
MediaInfoList_Get
MediaInfoList_GetI
MediaInfoList_Inform
MediaInfoList_New
MediaInfoList_New_Quick
MediaInfoList_Open
MediaInfoList_Open_Buffer
MediaInfoList_Option
MediaInfoList_Save
MediaInfoList_Set
MediaInfoList_SetI
MediaInfoList_State_Get
MediaInfo_Close
MediaInfo_Count_Get
MediaInfo_Delete
MediaInfo_Get
MediaInfo_GetI
MediaInfo_Info_Version
MediaInfo_Inform
MediaInfo_New
MediaInfo_New_Quick
MediaInfo_Open
MediaInfo_Open_Buffer
MediaInfo_Open_Buffer_Continue
MediaInfo_Open_Buffer_Continue_GoTo_Get
MediaInfo_Open_Buffer_Finalize
MediaInfo_Open_Buffer_Init
MediaInfo_Open_NextPacket
MediaInfo_Option
MediaInfo_Output_Buffer_Get
MediaInfo_Output_Buffer_GetI
MediaInfo_Save
MediaInfo_Set
MediaInfo_SetI
MediaInfo_State_Get

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 536KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MegafileCMC.dll
.dll windows:4 windows x86 arch:x86

091a712d7b38a46feebe7e18199ff0e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

gethostbyname
WSACleanup
gethostname
WSAStartup
inet_addr

wininet

HttpOpenRequestA
InternetSetOptionA
InternetConnectA
InternetOpenA
HttpQueryInfoA
InternetGetConnectedState
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
InternetErrorDlg
HttpSendRequestA
InternetQueryOptionA
InternetSetCookieA

winmm

mmioClose
mmioAscend
mmioRead
mmioDescend
mmioSeek
mmioOpenA

kernel32

GetFullPathNameA
MulDiv
GetModuleHandleA
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
LockResource
LoadResource
FindResourceA
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
CreateThread
ExitThread
GetACP
HeapSize
HeapReAlloc
GetVolumeInformationA
GetSystemTime
GetLocalTime
GetCommandLineA
RaiseException
ExitProcess
SetStdHandle
GetFileType
SetHandleCount
GetStartupInfoA
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindFirstFileA
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalAlloc
GlobalUnlock
DeleteCriticalSection
GlobalFree
MultiByteToWideChar
LocalFree
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
SetLastError
WriteFile
GetFileSize
GetFileAttributesA
CreateFileA
SetFilePointer
GetFileAttributesExA
GetCurrentDirectoryA
WideCharToMultiByte
FormatMessageA
GetLastError
GetVersionExA
GlobalLock
GetDriveTypeA
GetDiskFreeSpaceA
CreateDirectoryA
CopyFileA
RemoveDirectoryA
DeleteFileA
lstrcpyA
lstrcatA
lstrlenA
lstrcpynA
EnterCriticalSection
LeaveCriticalSection
AllocConsole
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
WriteConsoleA
FindNextFileA
GetTempPathA
GetTickCount
CreateProcessA
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
CloseHandle
GetModuleFileNameA
GetTimeZoneInformation

user32

AdjustWindowRectEx
SetActiveWindow
MapWindowPoints
UpdateWindow
LoadIconA
CreateDialogIndirectParamA
EndDialog
UnregisterClassA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GrayStringA
DrawTextA
EndPaint
BeginPaint
ClientToScreen
ScreenToClient
CopyRect
CharUpperA
wsprintfA
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
UnhookWindowsHookEx
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
PostMessageA
RedrawWindow
IsWindow
GetWindowLongA
GetSystemMetrics
GetDC
ReleaseDC
SetRect
SystemParametersInfoA
LoadCursorA
SendMessageA
GetDesktopWindow
GetClientRect
GetDlgItem
SetWindowTextA
GetWindowRect
GetParent
GetKeyState
OffsetRect
GetSysColor
SetWindowsHookExA
TabbedTextOutA

gdi32

ExtTextOutA
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
Escape
DeleteObject
GetDeviceCaps
CreateBitmap
CreateFontIndirectA
GetTextExtentPointA
GetTextExtentPoint32A
GetObjectA
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

comctl32

ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

L_MurekaAddBillingLog
L_MurekaGetHash
L_MurekaIsZipfile
L_MurekaMemoryRelease
L_MurekaPayLog
L_MurekaSearchDownload
L_MurekaSearchUpload
L_MurekaSetZipOption
L_MurekaZipCancel

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MegafileCMCU.dll
.dll windows:5 windows x86 arch:x86

dff646b3c707a09a1a80b82581345395

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

z:\TaggingMovie\TaggingMovie_Miso\TaggingMovie_MisoU\WinRelease\MegafileCMCU.pdb

Imports

kernel32

FlushFileBuffers
GetCurrentProcess
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
Sleep
ExitProcess
HeapReAlloc
RaiseException
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualFree
VirtualAlloc
HeapCreate
SetFilePointer
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
WriteFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
lstrlenA
InterlockedIncrement
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GlobalAddAtomW
GetLastError
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
InterlockedDecrement
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
CloseHandle
TerminateProcess
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
HeapDestroy
SizeofResource

user32

DestroyMenu
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorW
GetSystemMetrics
GetSysColorBrush
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
PostMessageW
UnhookWindowsHookEx
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
UnregisterClassW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
SetForegroundWindow

gdi32

DeleteDC
GetStockObject
TextOutW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindExtensionW
PathFindFileNameW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

L_MurekaAddBillingLog_U
L_MurekaGetHash_U
L_MurekaIsZipfile_U
L_MurekaMemoryRelease_U
L_MurekaPayLog_U
L_MurekaSearchDownload_U
L_MurekaSearchUpload_U
L_MurekaSetZipOption_U
L_MurekaZipCancel_U

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MegafileDownload.exe
.exe windows:5 windows x86 arch:x86

bd90fdbacdf7399269fe1b5a6c9bc7c3

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-02-2015 00:00

Not After

23-02-2016 23:59

Subject

CN=PEOPLE IN COMMS Co.\,Ltd.,O=PEOPLE IN COMMS Co.\,Ltd.,L=Guro-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MegaFile\__Bin\Release\MegafileDownload.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW

kernel32

HeapReAlloc
HeapSize
SetStdHandle
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetProcessHeap
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
VirtualQuery
GetSystemInfo
RaiseException
RtlUnwind
InterlockedCompareExchange
SizeofResource
LockResource
LoadResource
FindResourceW
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
CopyFileW
CreateEventW
SetEvent
CloseHandle
WaitForSingleObject
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetFileAttributesW
lstrcpyW
OutputDebugStringA
Sleep
GetDriveTypeW
GetDiskFreeSpaceExW
CreateDirectoryW
GetVolumeInformationW
GetLastError
WinExec
lstrlenW
WideCharToMultiByte
CreatePipe
DuplicateHandle
GetCurrentProcess
CreateProcessW
PeekNamedPipe
ReadFile
lstrlenA
MultiByteToWideChar
TerminateProcess
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
GetSystemTime
ExitProcess
HeapAlloc
GetConsoleMode
GetConsoleCP
CreateThread
ExitThread
GetFileType
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
SetErrorMode
GlobalFlags
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
GetCurrentDirectoryW
GetExitCodeThread
TerminateThread
TlsGetValue
GetFileTime
LocalAlloc
GetFullPathNameW
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
GetThreadLocale
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
FreeResource
GetCurrentProcessId
GlobalDeleteAtom
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetModuleHandleW
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetFileSizeEx
GetSystemDirectoryW
GetTempFileNameW
CreateFileW
GetTempPathW
LocalFree
FormatMessageW
SetThreadPriority
SuspendThread
ResumeThread
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement

user32

EnableScrollBar
UnionRect
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
UnregisterClassW
GetNextDlgGroupItem
InvalidateRgn
SetRect
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
IsMenu
GetSystemMenu
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
PostThreadMessageW
SetRectEmpty
DeleteMenu
WindowFromPoint
GetSysColorBrush
ReleaseCapture
SetCapture
SetWindowRgn
IsRectEmpty
CharUpperW
DestroyMenu
GetMenuItemInfoW
MapVirtualKeyW
GetKeyNameTextW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
CharNextW
ShowOwnedPopups
GetMessageW
TranslateMessage
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
UpdateLayeredWindow
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
IntersectRect
SendMessageW
EnableWindow
LoadIconW
SetTimer
IsIconic
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
FillRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetMenuDefaultItem
GetMenuDefaultItem
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
SetWindowPos
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
WinHelpW
MessageBeep
IsZoomed
PostQuitMessage
GetMenuState
GetMenuStringW
DestroyCursor
GetWindowRgn
GetCapture
CreateMenu
GetSystemMetrics
GetClientRect
DrawIcon
GetWindowRect
CharUpperBuffW
LoadCursorW
InvalidateRect
PostMessageW
InflateRect
OffsetRect
UpdateWindow
CopyRect
FrameRect
SystemParametersInfoW
PtInRect
KillTimer
LoadMenuW
GetSubMenu
GetCursorPos
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
BringWindowToTop
GetParent
GetSysColor
RedrawWindow
SetCursor
MessageBoxA
DestroyIcon
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ExitWindowsEx
DispatchMessageW
PeekMessageW
WaitMessage
RemoveMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreateHatchBrush
GetDCOrgEx
GetTextColor
PatBlt
SetRectRgn
CombineRgn
GetTextExtentPoint32W
Ellipse
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
CreateDIBSection
CreatePolygonRgn
Polyline
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CopyMetaFileW
GetDeviceCaps
CreateRectRgn
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
GetBkColor
DPtoLP
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
DeleteObject
GetObjectW
GetStockObject
CreateRectRgnIndirect
SetPixel
CreateSolidBrush
CreateEllipticRgn
CreateFontIndirectW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
SHChangeNotify
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderLocation
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHAppBarMessage
SHGetFileInfoW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
UrlUnescapeW
StrRetToStrW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoTaskMemFree
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoInitializeEx
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
IsAccelerator
OleTranslateAccelerator
CoTaskMemAlloc

oleaut32

VariantCopy
SafeArrayDestroy
SafeArrayGetDim
SystemTimeToVariantTime
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VariantInit
VariantChangeType
SysStringLen
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen
VariantTimeToSystemTime

gdiplus

GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDeleteGraphics
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipCreateBitmapFromScan0

ws2_32

sendto
recvfrom
WSAAsyncSelect
ntohl
inet_ntoa
WSACleanup
WSAStartup
closesocket
shutdown
WSASetLastError
listen
bind
getsockname
accept
__WSAFDIsSet
connect
setsockopt
socket
gethostbyname
inet_addr
getservbyname
htons
send
getpeername
htonl
WSAGetLastError
recv
select

wininet

InternetOpenW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetCrackUrlW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetCanonicalizeUrlW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

timeGetTime
PlaySoundW

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MegafileUpload.exe
.exe windows:5 windows x86 arch:x86

e26d70bb6a0548c186678c9881745391

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-02-2015 00:00

Not After

23-02-2016 23:59

Subject

CN=PEOPLE IN COMMS Co.\,Ltd.,O=PEOPLE IN COMMS Co.\,Ltd.,L=Guro-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\MegaFile\__Bin\Release\MegafileUpload.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW

kernel32

QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
VirtualFree
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
CreateMutexA
FormatMessageA
HeapCreate
GetStartupInfoA
WideCharToMultiByte
SizeofResource
SetHandleCount
LockResource
LoadResource
FindResourceW
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetFileSizeEx
CreateFileW
WaitForSingleObject
GetCurrentThread
lstrlenW
GetLastError
TlsAlloc
MultiByteToWideChar
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
OutputDebugStringW
lstrcpyW
lstrlenA
OutputDebugStringA
LocalFree
FormatMessageW
GetSystemTimeAsFileTime
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateIoCompletionPort
CreateEventA
HeapAlloc
GetProcessHeap
HeapFree
TlsGetValue
TlsSetValue
InterlockedCompareExchange
InterlockedExchange
Sleep
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetStdHandle
HeapSize
VirtualQuery
GetSystemInfo
ExitProcess
HeapReAlloc
GetConsoleMode
GetConsoleCP
GetFileType
CreateThread
ExitThread
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
FindResourceExW
VirtualProtect
GetProfileIntW
SearchPathW
SetErrorMode
SleepEx
SetEvent
CreateEventW
GlobalGetAtomNameW
GlobalFlags
LocalReAlloc
GlobalHandle
GlobalReAlloc
LocalAlloc
GetFileTime
FileTimeToLocalFileTime
WritePrivateProfileStringW
GetPrivateProfileIntW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
GetCurrentProcessId
GetModuleHandleA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetThreadLocale
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GetSystemTime
GetCurrentDirectoryW
GetTickCount
GetTempFileNameW
GetCurrentProcess
GetTempPathW
ReleaseMutex
SetThreadPriority
GetExitCodeThread
SuspendThread
ResumeThread
CreateDirectoryW
GetFileAttributesW
VirtualAlloc
TerminateThread
QueueUserAPC
GetCurrentThreadId
SetLastError
PostQueuedCompletionStatus
InterlockedExchangeAdd
GetQueuedCompletionStatus

user32

MapVirtualKeyExW
IsCharLowerW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
SetCursorPos
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
UnionRect
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
CopyImage
OpenClipboard
DrawStateW
RegisterClipboardFormatW
EnumChildWindows
LockWindowUpdate
IsMenu
GetSystemMenu
SetClassLongW
SetParent
NotifyWinEvent
CreateAcceleratorTableW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
WindowFromPoint
DeleteMenu
UnregisterClassW
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
InvalidateRgn
CopyAcceleratorTableW
SetRect
GetSysColorBrush
DestroyMenu
GetMenuItemInfoW
WaitMessage
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
MessageBeep
IsZoomed
PostQuitMessage
MapVirtualKeyW
GetKeyNameTextW
GetWindowThreadProcessId
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
CharUpperW
ReleaseCapture
SetCapture
ClientToScreen
SetWindowRgn
FillRect
IsRectEmpty
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
IsClipboardFormatAvailable
GetActiveWindow
GetCursorPos
ValidateRect
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
CharNextW
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
SetFocus
RegisterClassW
AdjustWindowRectEx
EnableWindow
SendMessageW
PostMessageW
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
CharUpperBuffW
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
CreateMenu
GetWindowRgn
DestroyCursor
TranslateMessage
InvalidateRect
GetWindowRect
UpdateWindow
RedrawWindow
SetTimer
KillTimer
GetParent
SetCursor
GetSysColor
InflateRect
CopyRect
PtInRect
OffsetRect
FrameRect
DrawIcon
ScreenToClient
IsIconic
GetClientRect
SetActiveWindow
FlashWindow
LoadIconW
GetSystemMetrics
LoadCursorW
SystemParametersInfoW
MessageBoxA
DestroyIcon
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ExitWindowsEx
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPos
SetWindowLongW
GetWindowLongW
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetClassInfoW

gdi32

SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
PatBlt
SetRectRgn
SetPolyFillMode
GetTextExtentPoint32W
GetRgnBox
GetTextMetricsW
OffsetRgn
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
CreateDIBSection
CreatePolygonRgn
Polyline
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
RestoreDC
SetBkMode
SaveDC
Ellipse
CreateEllipticRgn
CopyMetaFileW
GetTextColor
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateRectRgn
CreatePen
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
LPtoDP
DPtoLP
GetMapMode
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgnIndirect
SetPixel
GetStockObject
GetObjectW
DeleteObject
CombineRgn
CreateFontIndirectW
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegOpenKeyW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

ReleaseStgMedium
OleDuplicateData
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleLockRunning
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
OleGetClipboard
CoUninitialize
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
SysAllocString
VariantChangeType
VariantInit
OleCreateFontIndirect
SysStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime

gdiplus

GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdiplusStartup
GdiplusShutdown
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

wsock32

getpeername
getservbyname
gethostbyname
socket
send
recv
shutdown
ord1141
ord1142
ioctlsocket
select
inet_ntoa
listen
closesocket
getsockname
getsockopt
setsockopt
connect
bind
WSAGetLastError
accept
htons
WSASetLastError
__WSAFDIsSet
htonl
ntohl
WSAStartup
WSACleanup

ws2_32

getaddrinfo
WSASocketW
WSASend
WSARecv
freeaddrinfo

wininet

InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW
timeGetTime

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 355KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MurekaAVD.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 488KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wjbfxocz
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mtondqoj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MurekaWma.dll
.dll windows:4 windows x86 arch:x86

912a734a8d2be9fc202856550ddf8125

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateSyncReader

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
WriteFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
SetLastError
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrcpynA
lstrcpyA
lstrcatA
GetLastError
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
WideCharToMultiByte
lstrlenA
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetFileSize
SetFilePointer
ReadFile
GetFileType
CloseHandle
FreeEnvironmentStringsA

user32

SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetWindow

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetStockObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

comctl32

ord17

ole32

CoUninitialize
CoInitialize

Exports

Exports

L_MurekaWmaClose
L_MurekaWmaGetTotalPlayTime
L_MurekaWmaGetWaveFormat
L_MurekaWmaInit
L_MurekaWmaOpenMemory
L_MurekaWmaReadSamples
L_MurekaWmaReadSamplesInit
L_MurekaWmaRelease
L_MurekaWmaSetParams

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TachionLive/ENGS/BWT.dll
.dll windows:4 windows x86 arch:x86

79afe1eaf59cd956b13910336d802a69

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:3c:35:ee:d5:f9:f5:75:ba:46:fa:bc:8d:47:cb:6e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02-12-2011 00:00

Not After

06-12-2012 23:59

Subject

CN=INCA Internet Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=INCA Internet Co.\,Ltd.,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

93:34:04:b8:14:40:05:c3:b1:ae:ea:2b:cd:1c:91:74:bd:b3:36:a4
Signer

Actual PE Digest

93:34:04:b8:14:40:05:c3:b1:ae:ea:2b:cd:1c:91:74:bd:b3:36:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\MyWork\Projects\BWT\Bin\bwt\BWT.pdb

Imports

wininet

InternetSetOptionW
InternetReadFile
HttpSendRequestW
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
InternetOpenW

crypt32

CertFindCertificateInStore
CertOpenSystemStoreW
CertCloseStore
CertFreeCertificateContext

rpcrt4

UuidCreate

kernel32

GetConsoleOutputCP
WriteConsoleW
ReadFile
WriteConsoleA
SetStdHandle
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
GetLastError
CreateThread
WaitForSingleObject
CloseHandle
lstrlenA
MultiByteToWideChar
Sleep
OutputDebugStringA
CreateFileA
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetExitCodeThread
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
FlushFileBuffers
lstrlenW
UnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode

user32

UnregisterClassA

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW

Exports

Exports

BWTControl

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TachionLive/ENGS/BWTTrustList.dat
TachionLive/ENGS/BwtTrust.dll
.dll windows:4 windows x86 arch:x86

3e92611209e4fc449dfefc8bbb9b0e4f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:3c:35:ee:d5:f9:f5:75:ba:46:fa:bc:8d:47:cb:6e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02-12-2011 00:00

Not After

06-12-2012 23:59

Subject

CN=INCA Internet Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=INCA Internet Co.\,Ltd.,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:42:b7:66:30:2f:88:7d:3b:6e:44:81:f9:dc:c8:bf:d1:e2:14:50
Signer

Actual PE Digest

55:42:b7:66:30:2f:88:7d:3b:6e:44:81:f9:dc:c8:bf:d1:e2:14:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\MyWork\Projects\BWT\Bin\Release\BwtTrust.pdb

Imports

psapi

GetMappedFileNameW

kernel32

CreateFileMappingW
GetCurrentProcess
QueryDosDeviceW
GetLogicalDriveStringsW
SetEndOfFile
SetFilePointer
GetFileSize
WriteFile
GetDriveTypeW
GetLastError
MapViewOfFile
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
SystemTimeToFileTime
GetSystemTime
SetEvent
FindClose
UnmapViewOfFile
SetFileAttributesW
DeleteFileW
GetFileAttributesW
CloseHandle
CreateFileW
CompareStringW
OpenFileMappingW
TlsSetValue
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
SetEnvironmentVariableA
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
VirtualAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CreateFileA
FlushFileBuffers
CompareStringA

advapi32

RegQueryValueExW
RegCloseKey
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
RegOpenKeyExW

Exports

Exports

RequestService

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TachionLive/ENGS/TYAVP2_001.bin
TachionLive/ENGS/TYAVP2_002.bin
TachionLive/ENGS/TYAVP2_003.bin
TachionLive/ENGS/TYAVP2_004.bin
TachionLive/ENGS/TYAVP2_005.bin
TachionLive/ENGS/TYAVP2_006.bin
TachionLive/ENGS/TYAVP_000.bin
TachionLive/ENGS/tyav32.dll
.dll windows:4 windows x86 arch:x86

1b19d4901c625376223a001248b24cfa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:a8:38:f4:1d:b8:be:e0:6f:50:a5:f1:ef:c7:c0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-11-2012 00:00

Not After

28-12-2013 23:59

Subject

CN=INCA Internet Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=INCA Internet Co.\,Ltd.,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

03:98:d2:e6:6d:a8:d7:3b:d2:f4:3e:ed:59:4a:7b:3f:7b:6b:33:a9
Signer

Actual PE Digest

03:98:d2:e6:6d:a8:d7:3b:d2:f4:3e:ed:59:4a:7b:3f:7b:6b:33:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetExitCodeProcess
OpenProcess
SetFileAttributesA
DeleteFileA
WaitForSingleObject
FindNextFileA
ExpandEnvironmentStringsA
MoveFileA
GetLogicalDriveStringsA
SetEndOfFile
WriteProcessMemory
VirtualProtectEx
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetFileSize
OutputDebugStringA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
WideCharToMultiByte
GetPrivateProfileStringA
GetLocalTime
OutputDebugStringW
FormatMessageA
GetSystemInfo
Sleep
GetFileTime
WritePrivateProfileStringA
MoveFileExA
ReadProcessMemory
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
HeapSize
QueryDosDeviceA
TerminateThread
CreateThread
DuplicateHandle
CreateRemoteThread
LocalFree
GetLogicalDrives
GetSystemDirectoryA
SetLastError
GetWindowsDirectoryA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
OpenMutexA
CreateMutexA
Process32First
Process32Next
CreateToolhelp32Snapshot
Module32First
Module32Next
GetCurrentThread
DeviceIoControl
GetFileAttributesA
OpenFileMappingA
GetTempPathA
GetTempFileNameA
FindFirstFileA
FindClose
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTickCount
CopyFileA
MultiByteToWideChar
GetLastError
WriteFile
SetFilePointer
ReadFile
GetVersionExA
GetDriveTypeA
CreateFileA
CloseHandle
SetFileTime
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetStdHandle
GlobalFree
GlobalAlloc
VirtualAlloc
VirtualProtect
VirtualFree
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
RtlUnwind
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
HeapReAlloc
FatalAppExitA
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
TlsAlloc
TlsFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FlushFileBuffers
SetEnvironmentVariableA

advapi32

AdjustTokenPrivileges
IsTextUnicode
GetNamedSecurityInfoA
SetNamedSecurityInfoA
GetUserNameA
LookupAccountNameA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyA
OpenProcessToken
RegEnumKeyA
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityA
OpenThreadToken
ImpersonateSelf
LookupPrivilegeValueA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ws2_32

WSCInstallProvider
WSCDeinstallProvider
WSCEnumProtocols
WSCGetProviderPath
WSACleanup

psapi

GetModuleFileNameExA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

sfc

ord5

shlwapi

PathRemoveFileSpecA

imagehlp

MapFileAndCheckSumA

Exports

Exports

RecoverInlineHooking
TYAVSmartCure
TYAVSmartScan
TYAutoScanMemory
TYCheckBootVirus
TYCheckExceptList
TYCheckFile
TYCheckFileEx
TYCoreCheckBootVirus
TYCoreCheckFileCBCureEx
TYCoreCheckFileEx
TYCoreGetEngineDate
TYCoreInitEngine
TYCoreRecoveryBootVirus
TYCoreRecoveryFile
TYCoreSetOption
TYCoreSetReportCallBack
TYCoreUnInitEngine
TYCreateCache
TYCureMemory
TYDelInstance
TYEnableNetworkScan
TYGetBWTVer
TYGetBWTVerEx
TYGetBootInfo
TYGetEngineDate
TYGetEngineDateW
TYGetFileCRC
TYGetFileCRCEX
TYGetFileCRCEX2
TYGetPatternNum
TYInitEngine
TYListFile
TYListFileCRC
TYNewInstance
TYRecoveryBootVirus
TYRecoveryFile
TYRecoveryFileW
TYScanMemory
TYSetLiveUpdate
TYSetOption
TYStopNetworkScan
TYUnInitEngine

Sections

.text
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TachionLive/TeCtrl.dll
.dll windows:4 windows x86 arch:x86

f63f2b68fd95e29caae6665f3975597a

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01-05-2012 00:00

Not After

31-12-2012 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:01

Not After

23-05-2016 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:3c:35:ee:d5:f9:f5:75:ba:46:fa:bc:8d:47:cb:6e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

02-12-2011 00:00

Not After

06-12-2012 23:59

Subject

CN=INCA Internet Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Software,O=INCA Internet Co.\,Ltd.,L=Seoul,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:ec:5b:c8:28:ad:7d:82:43:95:57:0b:26:33:11:43:3e:9f:e9:c3
Signer

Actual PE Digest

5c:ec:5b:c8:28:ad:7d:82:43:95:57:0b:26:33:11:43:3e:9f:e9:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Project\TeCtrl\TACHUEI\Sym\Release\TeCtrl.pdb

Imports

kernel32

WaitForSingleObject
CreateRemoteThread
GetModuleHandleA
OpenProcess
UnmapViewOfFile
QueryDosDeviceA
GetLogicalDriveStringsA
MapViewOfFile
CreateFileMappingA
TerminateThread
CreateThread
DuplicateHandle
LocalFree
LocalAlloc
HeapFree
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
SetEvent
InterlockedExchange
GetVersion
CreateMutexA
OpenMutexA
GlobalMemoryStatus
RemoveDirectoryA
FindClose
FindNextFileA
SetFileAttributesA
FindFirstFileA
CreateDirectoryA
GetTempPathA
Sleep
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
GetTickCount
lstrlenW
GetCurrentProcess
CompareStringW
lstrcmpiA
lstrcmpiW
lstrlenA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
OutputDebugStringA
OutputDebugStringW
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
ResetEvent
ExpandEnvironmentStringsA
GetWindowsDirectoryA
Module32Next
Module32First
CreateToolhelp32Snapshot
Process32Next
Process32First
GetThreadLocale
SetEnvironmentVariableA
SetEndOfFile
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
GetVersionExA
GetFileAttributesA
CloseHandle
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetLastError
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetConsoleCtrlHandler
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GlobalAlloc
SetLastError
GlobalFree
FreeLibrary
CreateFileA
GetFileSize
ReadFile
CompareStringA
RaiseException
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
ExitProcess
WriteFile
GetStdHandle
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA

user32

CharUpperW
CharUpperA
CharLowerW
CharLowerA
UnregisterClassA
wsprintfA

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
AdjustTokenPrivileges

shlwapi

PathIsRelativeA
PathFindExtensionA

imagehlp

MapAndLoad
UnMapAndLoad

wintrust

WinVerifyTrust

crypt32

CertCloseStore
CertFreeCertificateContext
CertFindCertificateInStore
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertGetNameStringA

Exports

Exports

NPAS_Clsid2MalwareName
NPAS_CreateClsidList
NPAS_CreateMD5List
NPAS_CreateMalname2ClsidList
NPAS_FreeClsidList
NPAS_FreeMD5List
NPAS_FreeMalnameList
NPAVEnableBWT
NPAVGetBWTVer
NpeAutoMemScan
NpeBWTDepotClear
NpeBWTDepotCommit
NpeBWTDepotCure
NpeBWTDepotQuery
NpeBWTDepotRollBack
NpeCheckExceptList
NpeCure
NpeDeleteInstance
NpeEnableBWT
NpeFindOwnerProc
NpeFree
NpeGetBWTDepotEnable
NpeGetBWTVer
NpeGetRestoreList
NpeGetScannedCount
NpeGetVer
NpeLoad
NpeMemoryCure
NpeMemoryScan
NpeNewInstance
NpeNewInstanceEx
NpePauseProc
NpePauseRegistry
NpePauseSSmartScan
NpeProcScan
NpeRegistryScan
NpeResumeProc
NpeResumeRegistry
NpeResumeSSmartScan
NpeSQuickScan
NpeSSmartScan
NpeScan
NpeSetArchiveOption
NpeSetBDCorePluginPath
NpeSetBWTCallBack
NpeSetEnginePath
NpeSetLiveUpdate
NpeSetOption
NpeSetOptionEx
NpeSetProxy
NpeSetScanMode
NpeStopNetworkscan
NpeStopProc
NpeStopRegistry
NpeStopSSmartScan
NpeStopScan
NpeUnLoad

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
UnEGG32.dll
.dll windows:5 windows x86 arch:x86

b611c8a927676248e17197e77abb8e18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SVN\alzip\trunk\ALZip\UnEGG\bin\UnEGG32.pdb

Imports

kernel32

WaitForSingleObject
CloseHandle
ResumeThread
WaitForMultipleObjects
SystemTimeToFileTime
FileTimeToSystemTime
WriteFile
CreateFileA
GetFileSize
SetFilePointer
ReadFile
GetLastError
VirtualFree
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEvent
InitializeCriticalSection
ResetEvent
CreateEventW
CreateFileW
SetFileTime
QueryPerformanceCounter
GetCurrentThreadId
GetDriveTypeA
GetDriveTypeW
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindClose
GetFileType
SetEndOfFile
GetFileTime
GetFileInformationByHandle
GetFileAttributesA
GetFileAttributesW
SetFileAttributesA
SetFileAttributesW
GetLongPathNameA
GetLongPathNameW
GetShortPathNameA
GetShortPathNameW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
DeleteFileW
SetLastError
VirtualQuery
VirtualProtect
OpenEventW
Sleep
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetModuleHandleA
CompareStringW
CompareStringA
ExitThread
CreateThread
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetModuleHandleW
ExitProcess
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlushFileBuffers
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringW
HeapSize
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

SetLastErrorEx

shell32

SHGetFileInfoW

Exports

Exports

EGG_CloseArchive
EGG_CreateEgg
EGG_DestroyEgg
EGG_Extract
EGG_GetFileCount
EGG_GetFileHeader
EGG_IsValidArchive
EGG_OpenArchive
EGG_Test

Sections

.text
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec-54.dll
.dll windows:4 windows x86 arch:x86

81637aae43862b8092a3cfa86132078d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fileno
_open
_strdup
_unlink
_write
__dllonexit
__doserrno
__mb_cur_max
__pioinfo
__setusermatherr
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_filelengthi64
_fileno
_fstati64
_ftime
_initterm
_iob
_lock
_lseeki64
_onexit
_setjmp3
_stricmp
_strnicmp
isxdigit
localeconv
localtime
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
puts
qsort
raise
rand
realloc
rename
setlocale
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strspn
strstr
strtok
strtol
strtoul
_unlock
_vsnprintf
_write
abort
acos
atan
atan2
atoi
bsearch
calloc
exit
fclose
feof
fflush
fgetc
fgetpos
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fsetpos
ftell
fwrite
getc
getenv
islower
isspace
isupper
tan
time
tolower
toupper
ungetc
vfprintf
vsprintf
wcslen

user32

CheckDlgButton
DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetWindowLongA
IsDlgButtonChecked
MessageBoxA
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
wsprintfA

avutil-52

av_asprintf
av_base64_decode
av_base64_encode
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprintf
av_calloc
av_crc
av_crc_get_table
av_crc_init
av_ctz
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_dict_set
av_div_q
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_fifo_space
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_default_channel_layout
av_get_media_type_string
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_pointers
av_image_get_buffer_size
av_init_lls
av_lfg_init
av_log
av_log_get_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_alloc
av_md5_final
av_md5_init
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_opt_free
av_opt_set
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_parse_color
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_realloc
av_realloc_f
av_reduce
av_rescale_q
av_rescale_rnd
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_solve_lls
av_strdup
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strtok
av_tempfile
av_timecode_adjust_ntsc_framenum2
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_update_lls
av_vlog
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font

Exports

Exports

audio_resample
audio_resample_close
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_get_codec_descriptor
av_codec_get_pkt_timebase
av_codec_is_decoder
av_codec_is_encoder
av_codec_next
av_codec_set_codec_descriptor
av_codec_set_pkt_timebase
av_copy_packet
av_dct_calc
av_dct_end
av_dct_init
av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_padded_malloc
av_fast_padded_mallocz
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_frame_get_best_effort_timestamp
av_frame_get_channel_layout
av_frame_get_channels
av_frame_get_decode_error_flags
av_frame_get_metadata
av_frame_get_pkt_duration
av_frame_get_pkt_pos
av_frame_get_sample_rate
av_frame_set_best_effort_timestamp
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_decode_error_flags
av_frame_set_metadata
av_frame_set_pkt_duration
av_frame_set_pkt_pos
av_frame_set_sample_rate
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_packet_shrink_side_data
av_packet_split_side_data
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_shrink_packet
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio3
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video
avcodec_encode_video2
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt
avcodec_find_best_pix_fmt2
avcodec_find_best_pix_fmt_of_2
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_frame
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_context_defaults3
avcodec_get_edge_width
avcodec_get_frame_class
avcodec_get_frame_defaults
avcodec_get_name
avcodec_get_pix_fmt_loss
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_version
aver_isf_history
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_aac_parse_header
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_adx_decode_header
avpriv_align_put_bits
avpriv_check_timecode_rate
avpriv_copy_bits
avpriv_copy_pce_data
avpriv_dca_sample_rates
avpriv_dirac_parse_sequence_header
avpriv_dv_codec_profile
avpriv_dv_frame_profile
avpriv_dv_frame_profile2
avpriv_flac_is_extradata_valid
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_framenum_to_drop_timecode
avpriv_framenum_to_smpte_timecode
avpriv_h264_has_num_reorder_frames
avpriv_init_smpte_timecode
avpriv_lock_avformat
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_mpv_find_start_code
avpriv_put_string
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_timecode_to_string
avpriv_toupper4
avpriv_unlock_avformat
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset
avsubtitle_free
dsputil_init
ff_aanscales
ff_dct32_fixed
ff_dct32_float
ff_dct32_float_avx
ff_dct32_float_sse
ff_dct32_float_sse2
ff_dct_common_init
ff_dct_encode_init
ff_dct_encode_init_x86
ff_dct_end
ff_dct_init
ff_dct_init_x86
ff_dct_quantize_c
ff_dnxhd_cid_table
ff_dnxhd_get_cid_table
ff_faandct
ff_faandct248
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fdct248_islow_10
ff_fdct248_islow_8
ff_fdct_ifast
ff_fdct_ifast248
ff_fdct_mmx
ff_fdct_mmxext
ff_fdct_sse2
ff_fft_calc_3dnow
ff_fft_calc_3dnowext
ff_fft_calc_avx
ff_fft_calc_sse
ff_fft_end
ff_fft_end_fixed
ff_fft_init
ff_fft_init_fixed
ff_fft_init_x86
ff_fft_permute_sse
ff_find_pix_fmt
ff_framenum_to_drop_timecode
ff_framenum_to_smtpe_timecode
ff_idct_xvid_mmx
ff_idct_xvid_mmx_add
ff_idct_xvid_mmx_put
ff_idct_xvid_mmxext
ff_idct_xvid_mmxext_add
ff_idct_xvid_mmxext_put
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_init_smtpe_timecode
ff_jpeg_fdct_islow_10
ff_jpeg_fdct_islow_8
ff_mdct_calc_c
ff_mdct_calc_c_fixed
ff_mdct_calcw_c
ff_mdct_end
ff_mdct_end_fixed
ff_mdct_init
ff_mdct_init_fixed
ff_mdct_win_fixed
ff_mdct_win_float
ff_mmx_idct
ff_mmxext_idct
ff_raw_pix_fmt_tags
ff_rdft_end
ff_rdft_init
ff_simple_idct248_put
ff_simple_idct44_add
ff_simple_idct48_add
ff_simple_idct84_add
ff_simple_idct_10
ff_simple_idct_8
ff_simple_idct_add_10
ff_simple_idct_add_8
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put_10
ff_simple_idct_put_8
ff_simple_idct_put_mmx

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avdevice-54.dll
.dll windows:4 windows x86 arch:x86

7b33092859821c1c5d854e434521b068

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
DescribePixelFormat
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateFileW
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_strdup
_wcsdup
__dllonexit
__mb_cur_max
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
_stricmp
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
raise
realloc
setlocale
signal
sscanf
strchr
strcmp
strerror
strlen
strncmp
strstr
strtok
strtol
strtoul
_unlock
_vsnprintf
abort
atof
atoi
calloc
fclose
ferror
fflush
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
islower
isspace
isupper
tolower
ungetc
wcscmp
wcscpy
wcslen

ole32

CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EndPaint
EnumDisplaySettingsA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetParent
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

avcodec-54

av_destruct_packet
av_get_pcm_codec
av_new_packet
av_packet_new_side_data
avcodec_find_decoder
avpicture_fill
avpicture_get_size
avpicture_layout

avfilter-3

av_abuffersink_params_alloc
av_buffersink_get_buffer_ref
av_buffersink_params_alloc
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_parse
avfilter_inout_free
avfilter_link
avfilter_register_all
avfilter_unref_buffer

avformat-54

av_register_input_format
av_register_output_format
avformat_new_stream
avpriv_set_pts_info

avutil-52

av_bprint_chars
av_bprint_finalize
av_bprint_init
av_bprintf
av_default_item_name
av_dict_get
av_file_map
av_file_unmap
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_pix_fmt_name
av_get_sample_fmt_name
av_log
av_malloc
av_mallocz
av_mul_q
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_rescale
av_rescale_q
av_strdup

Exports

Exports

avdevice_configuration
avdevice_license
avdevice_register_all
avdevice_version

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avfilter-3.dll
.dll windows:4 windows x86 arch:x86

bd172abdb3eb13907d22297f36b36334

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesExA
GetFullPathNameA
GetLastError
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetWindowsDirectoryA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_access
_chmod
_close
_fdopen
_open
_read
_rmdir
_strdup
_unlink
_write
__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_exit
_findclose
_findfirst
_findnext
_fullpath
_get_osfhandle
_initterm
_iob
_lock
_lseeki64
_mbsrchr
_mkdir
_onexit
_setjmp3
_stat
_stricmp
_strnicmp
isxdigit
localeconv
localtime
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
perror
printf
putchar
puts
qsort
raise
rand
realloc
rename
rewind
setlocale
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
_unlock
_vsnprintf
abort
atan2
atof
atoi
atol
bsearch
calloc
fclose
fflush
fgets
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getc
getenv
gmtime
isalpha
isgraph
islower
isspace
isupper
time
tolower
ungetc
vfprintf
wcslen

user32

MessageBoxA

avcodec-54

av_frame_get_best_effort_timestamp
av_frame_get_channel_layout
av_frame_get_metadata
av_frame_get_pkt_pos
av_frame_set_channel_layout
av_frame_set_channels
av_frame_set_pkt_pos
av_frame_set_sample_rate
av_free_packet
av_init_packet
av_rdft_calc
av_rdft_end
av_rdft_init
avcodec_alloc_context
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_decode_video2
avcodec_encode_video
avcodec_find_best_pix_fmt_of_2
avcodec_find_decoder
avcodec_find_encoder
avcodec_flush_buffers
avcodec_free_frame
avcodec_open
avcodec_open2
dsputil_init

avformat-54

av_find_best_stream
av_find_input_format
av_read_frame
av_register_all
av_seek_frame
avformat_close_input
avformat_find_stream_info
avformat_match_stream_specifier
avformat_open_input

avutil-52

av_adler32_update
av_asprintf
av_audio_fifo_alloc
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_init
av_bprint_strftime
av_bprintf
av_calloc
av_channel_layout_extract_channel
av_compare_ts
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fifo_alloc
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_free
av_freep
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_int
av_get_media_type_string
av_get_packed_sample_fmt
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_token
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_max_pixsteps
av_image_get_linesize
av_lfg_init
av_log
av_malloc
av_mallocz
av_mul_q
av_opt_eval_flags
av_opt_find
av_opt_free
av_opt_set
av_opt_set_defaults
av_opt_set_from_string
av_opt_set_int
av_parse_color
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_read_image_line
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_sample_fmt_is_planar
av_samples_alloc
av_samples_copy
av_samples_fill_arrays
av_samples_set_silence
av_set_options_string
av_strcasecmp
av_strdup
av_strerror
av_strlcatf
av_strlcpy
av_strtod
av_strtok
av_timecode_init_from_string
av_timecode_make_string
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_vlog
av_write_image_line
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font

postproc-52

pp_free_context
pp_free_mode
pp_get_context
pp_get_mode_by_name_and_quality
pp_postprocess

swresample-0

swr_alloc
swr_alloc_set_opts
swr_convert
swr_free
swr_init
swr_next_pts
swr_set_channel_mapping
swr_set_matrix

swscale-2

sws_freeContext
sws_freeVec
sws_getCachedContext
sws_getContext
sws_getGaussianVec
sws_get_class
sws_isSupportedInput
sws_isSupportedOutput
sws_scale
sws_scaleVec

Exports

Exports

av_abuffersink_params_alloc
av_asrc_buffer_add_audio_buffer_ref
av_asrc_buffer_add_buffer
av_asrc_buffer_add_samples
av_buffersink_get_buffer_ref
av_buffersink_get_frame_rate
av_buffersink_params_alloc
av_buffersink_poll_frame
av_buffersink_read
av_buffersink_read_samples
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_ref
av_buffersrc_buffer
av_buffersrc_get_nb_failed_requests
av_buffersrc_write_frame
av_filter_next
avfilter_add_matrix
avfilter_af_aconvert
avfilter_af_afifo
avfilter_af_aformat
avfilter_af_amerge
avfilter_af_amix
avfilter_af_anull
avfilter_af_aresample
avfilter_af_asendcmd
avfilter_af_asetnsamples
avfilter_af_asetpts
avfilter_af_asettb
avfilter_af_ashowinfo
avfilter_af_asplit
avfilter_af_astreamsync
avfilter_af_atempo
avfilter_af_channelmap
avfilter_af_channelsplit
avfilter_af_earwax
avfilter_af_ebur128
avfilter_af_join
avfilter_af_pan
avfilter_af_silencedetect
avfilter_af_volume
avfilter_af_volumedetect
avfilter_all_channel_layouts
avfilter_asink_abuffer
avfilter_asink_abuffersink
avfilter_asink_anullsink
avfilter_asink_ffabuffersink
avfilter_asrc_abuffer
avfilter_asrc_aevalsrc
avfilter_asrc_anullsrc
avfilter_avf_concat
avfilter_avf_showspectrum
avfilter_avf_showwaves
avfilter_avsrc_amovie
avfilter_avsrc_movie
avfilter_config_links
avfilter_configuration
avfilter_copy_buf_props
avfilter_copy_buffer_ref_props
avfilter_copy_frame_props
avfilter_fill_frame_from_audio_buffer_ref
avfilter_fill_frame_from_buffer_ref
avfilter_fill_frame_from_video_buffer_ref
avfilter_free
avfilter_get_audio_buffer_ref_from_arrays
avfilter_get_audio_buffer_ref_from_frame
avfilter_get_buffer_ref_from_frame
avfilter_get_by_name
avfilter_get_class
avfilter_get_matrix
avfilter_get_video_buffer_ref_from_arrays
avfilter_get_video_buffer_ref_from_frame
avfilter_graph_add_filter
avfilter_graph_alloc
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse
avfilter_graph_parse2
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_filter
avfilter_inout_alloc
avfilter_inout_free
avfilter_insert_filter
avfilter_license
avfilter_link
avfilter_link_free
avfilter_link_set_closed
avfilter_make_format64_list
avfilter_mul_matrix
avfilter_open
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_process_command
avfilter_ref_buffer
avfilter_register
avfilter_register_all
avfilter_sub_matrix
avfilter_transform
avfilter_uninit
avfilter_unref_buffer
avfilter_unref_bufferp
avfilter_version
avfilter_vf_alphaextract
avfilter_vf_alphamerge
avfilter_vf_ass
avfilter_vf_bbox
avfilter_vf_blackdetect
avfilter_vf_blackframe
avfilter_vf_boxblur
avfilter_vf_colormatrix
avfilter_vf_copy
avfilter_vf_crop
avfilter_vf_cropdetect
avfilter_vf_decimate
avfilter_vf_delogo
avfilter_vf_deshake
avfilter_vf_drawbox
avfilter_vf_drawtext
avfilter_vf_edgedetect
avfilter_vf_fade
avfilter_vf_field
avfilter_vf_fieldorder
avfilter_vf_fifo
avfilter_vf_format
avfilter_vf_fps
avfilter_vf_framestep
avfilter_vf_geq
avfilter_vf_gradfun
avfilter_vf_hflip
avfilter_vf_hqdn3d
avfilter_vf_hue
avfilter_vf_idet
avfilter_vf_lut
avfilter_vf_lutrgb
avfilter_vf_lutyuv
avfilter_vf_mp
avfilter_vf_negate
avfilter_vf_noformat
avfilter_vf_null
avfilter_vf_overlay
avfilter_vf_pad
avfilter_vf_pixdesctest
avfilter_vf_removelogo
avfilter_vf_scale
avfilter_vf_select
avfilter_vf_sendcmd
avfilter_vf_setdar
avfilter_vf_setfield
avfilter_vf_setpts
avfilter_vf_setsar
avfilter_vf_settb
avfilter_vf_showinfo
avfilter_vf_slicify
avfilter_vf_smartblur
avfilter_vf_split
avfilter_vf_super2xsai
avfilter_vf_swapuv
avfilter_vf_thumbnail
avfilter_vf_tile
avfilter_vf_tinterlace
avfilter_vf_transpose
avfilter_vf_unsharp
avfilter_vf_vflip
avfilter_vf_yadif
avfilter_vsink_buffer
avfilter_vsink_buffersink
avfilter_vsink_ffbuffersink
avfilter_vsink_nullsink
avfilter_vsrc_buffer
avfilter_vsrc_cellauto
avfilter_vsrc_color
avfilter_vsrc_life
avfilter_vsrc_mandelbrot
avfilter_vsrc_mptestsrc
avfilter_vsrc_nullsrc
avfilter_vsrc_rgbtestsrc
avfilter_vsrc_smptebars
avfilter_vsrc_testsrc
ff_default_query_formats

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat-54.dll
.dll windows:4 windows x86 arch:x86

c56d7f29defa8cf45f8d803c3e4210bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

DeregisterEventSource
RegisterEventSourceA
ReportEventA

avifil32

AVIFileExit
AVIFileGetStream
AVIFileInfoA
AVIFileInit
AVIFileOpenA
AVIFileRelease
AVIStreamInfoA
AVIStreamRead
AVIStreamReadFormat
AVIStreamRelease

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
GetDeviceCaps
GetObjectA
SelectObject

kernel32

CloseHandle
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_fdopen
_fileno
_open
_read
_rmdir
_setmode
_strdup
_unlink
_write
__dllonexit
__mb_cur_max
_amsg_exit
_errno
_exit
_fileno
_fstati64
_ftime
_getch
_initterm
_iob
_lock
_lseeki64
_mkdir
_onexit
_setmode
_sopen
_stat
_stati64
_stricmp
_strnicmp
isxdigit
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
printf
putc
qsort
raise
rand
realloc
rename
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
_unlock
_vsnprintf
_wfopen
_wsopen
abort
atoi
bsearch
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
gmtime
isalnum
islower
isprint
isspace
isupper
time
tolower
toupper
ungetc
vfprintf
wcslen
wcsstr

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

winmm

timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

avcodec-54

av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_codec_get_codec_descriptor
av_codec_set_codec_descriptor
av_codec_set_pkt_timebase
av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_padded_malloc
av_fast_realloc
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_grow_packet
av_init_packet
av_log_ask_for_sample
av_log_missing_feature
av_new_packet
av_packet_get_side_data
av_packet_merge_side_data
av_packet_new_side_data
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_xiphlacing
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_copy_context
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_descriptor_get
avcodec_find_decoder
avcodec_find_encoder
avcodec_free_frame
avcodec_get_chroma_sub_sample
avcodec_get_frame_defaults
avcodec_get_name
avcodec_get_type
avcodec_is_open
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avpicture_get_size
avpriv_aac_parse_header
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_adx_decode_header
avpriv_align_put_bits
avpriv_copy_bits
avpriv_copy_pce_data
avpriv_dca_sample_rates
avpriv_dirac_parse_sequence_header
avpriv_dv_codec_profile
avpriv_dv_frame_profile
avpriv_flac_is_extradata_valid
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_h264_has_num_reorder_frames
avpriv_lock_avformat
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_mpv_find_start_code
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avpriv_toupper4
avpriv_unlock_avformat
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset
ff_dnxhd_cid_table
ff_dnxhd_get_cid_table
ff_find_pix_fmt
ff_raw_pix_fmt_tags

avutil-52

av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_init
av_base64_decode
av_base64_encode
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_init
av_bprintf
av_calloc
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_d2q
av_default_item_name
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_find_info_tag
av_free
av_freep
av_gcd
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_media_type_string
av_get_pix_fmt
av_get_pix_fmt_name
av_get_random_seed
av_gettime
av_image_check_size
av_lfg_init
av_log
av_log_get_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_alloc
av_md5_final
av_md5_init
av_md5_sum
av_md5_update
av_mul_q
av_opt_flag_is_set
av_opt_free
av_opt_get
av_opt_get_int
av_opt_set
av_opt_set_defaults
av_opt_set_dict
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_rc4_crypt
av_rc4_init
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_small_strptime
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_strtok
av_tempfile
av_timecode_check_frame_rate
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_smpte_tc_string
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_usleep
av_vlog

Exports

Exports

av_add_index_entry
av_append_packet
av_close_input_file
av_codec_get_id
av_codec_get_tag
av_convert_lang_to
av_demuxer_open
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_find_stream_info
av_fmt_ctx_get_duration_estimation_method
av_get_frame_filename
av_get_output_timestamp
av_get_packet
av_gettime@LIBAVFORMAT_54
av_guess_codec
av_guess_format
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_new_program
av_new_stream
av_oformat_next
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_rdt_dynamic_payload_handlers
av_register_rtp_dynamic_payload_handlers
av_sdp_create
av_seek_frame
av_set_pts_info
av_url_split
av_write_frame
av_write_trailer
avformat_alloc_context
avformat_alloc_output_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_get_class
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_version
avformat_write_header
avio_alloc_context
avio_check
avio_close
avio_close_dyn_buf
avio_closep
avio_enum_protocols
avio_flush
avio_get_str
avio_get_str16be
avio_get_str16le
avio_open
avio_open2
avio_open_dyn_buf
avio_pause
avio_printf
avio_put_str
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avpriv_dv_get_packet
avpriv_dv_init_demux
avpriv_dv_produce_packet
avpriv_new_chapter
avpriv_set_pts_info
ff_inet_aton
ff_mpegts_parse_close
ff_mpegts_parse_open
ff_mpegts_parse_packet
ff_rtp_get_local_rtcp_port
ff_rtp_get_local_rtp_port
ff_rtsp_parse_line
ff_socket_nonblock
ffio_open_dyn_packet_buf
ffio_set_buf_size
ffurl_close
ffurl_open
ffurl_protocol_next
ffurl_read_complete
ffurl_seek
ffurl_size
ffurl_write
get_crc_table
url_feof

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-51.dll
.dll windows:4 windows x86 arch:x86

2a02b5115e60c41a84db8184252c5a92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
QueryPerformanceCounter
SetConsoleTextAttribute
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery

msvcrt

_close
_isatty
_open
_read
__dllonexit
__setusermatherr
_amsg_exit
_errno
_fstat
_get_osfhandle
_initterm
_iob
_lock
_onexit
_stricmp
_strnicmp
_unlock
_vsnprintf
_winmajor
abort
acos
asin
atan
bsearch
calloc
ceil
clock
cosh
floor
fprintf
fputs
free
frexp
fwrite
getenv
gmtime
isspace
localeconv
localtime
malloc
memcpy
memset
mktime
realloc
sinh
strchr
strcmp
strcpy
strlen
strncmp
strspn
strtol
strtoul
tan
tanh
time
toupper
vfprintf

Exports

Exports

av_add_q
av_adler32_update
av_aes_crypt
av_aes_init
av_aes_size
av_base64_decode
av_base64_encode
av_bmg_get
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_item_name
av_des_crypt
av_des_init
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_eval_expr
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_find_opt
av_flt2int
av_force_cpu_flags
av_free
av_free_expr
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bits_per_sample_fmt
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_double
av_get_int
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_q
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_string
av_get_token
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log_default_callback
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_next_option
av_opt_find
av_opt_flag_is_set
av_opt_free
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_show2
av_parse_and_eval_expr
av_parse_color
av_parse_expr
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_descriptors
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_reverse
av_samples_alloc
av_samples_fill_arrays
av_set_double
av_set_int
av_set_options_string
av_set_q
av_set_string3
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_solve_lls
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_strtod
av_sub_q
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_size
av_update_lls
av_vlog
av_write_image_line
avutil_configuration
avutil_license
avutil_version
ff_get_cpu_flags_x86
ff_inverse
ff_log2_tab
ff_set_systematic_pal2
ff_sqrt_tab

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-52.dll
.dll windows:4 windows x86 arch:x86

8b40e0c10cf825582424578dcd91b64a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateEventA
CreateFileMappingA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetStdHandle
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
ResumeThread
SetConsoleTextAttribute
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_isatty
_open
_read
_tempnam
__dllonexit
__mb_cur_max
__setusermatherr
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_beginthreadex
_endthreadex
_errno
_fstati64
_ftime
_get_osfhandle
_initterm
_iob
_lock
_onexit
_setjmp3
isxdigit
localeconv
localtime
longjmp
malloc
memcmp
memcpy
memmove
memset
mktime
realloc
setlocale
sinh
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strspn
strtol
strtoul
_unlock
abort
acos
asin
atan
atoi
bsearch
calloc
clock
cosh
fprintf
fputc
fputs
free
frexp
getc
getenv
gmtime
islower
isspace
isupper
tan
tanh
time
tolower
toupper
ungetc
wcslen

Exports

Exports

av_add_q
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_init
av_aes_size
av_asprintf
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_calloc
av_channel_layout_extract_channel
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_ctz
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_get_category
av_default_item_name
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_dynarray_add
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_find_opt
av_flt2int
av_force_cpu_flags
av_free
av_freep
av_gcd
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bits_per_sample_fmt
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_double
av_get_int
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_q
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_string
av_get_token
av_gettime
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log2
av_log2_16bit
av_log_default_callback
av_log_format_line
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_next_option
av_opt_child_class_next
av_opt_child_next
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_get
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_next
av_opt_ptr
av_opt_set
av_opt_set_bin
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_cpu_flags
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_descriptors
av_pix_fmt_get_chroma_sub_sample
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_realloc_f
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_reverse
av_sample_fmt_is_planar
av_samples_alloc
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_cpu_flags_mask
av_set_double
av_set_int
av_set_options_string
av_set_q
av_set_string3
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_small_strptime
av_solve_lls
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_strtod
av_strtok
av_sub_q
av_tempfile
av_timecode_adjust_ntsc_framenum2
av_timecode_check_frame_rate
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_tree_node_size
av_update_lls
av_usleep
av_vlog
av_write_image_line
av_xtea_crypt
av_xtea_init
avpriv_cga_font
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avpriv_vga16_font
avutil_configuration
avutil_license
avutil_version
ff_cpu_cpuid
ff_cpu_cpuid_test
ff_cpu_xgetbv
ff_float_dsp_init_x86
ff_get_cpu_flags_x86
ff_log2_tab
ff_vector_fmac_scalar_avx
ff_vector_fmac_scalar_sse
ff_vector_fmul_avx
ff_vector_fmul_sse

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
az7z.dll
.dll windows:4 windows x86 arch:x86

08a50ed330b8fbf2f27ee9f915892572

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01-08-1996 00:00

Not After

31-12-2020 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06-08-2003 00:00

Not After

05-08-2013 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

21:16:70:cb:fb:60:6d:88:a3:6b:c9:83:1d:01:9a:bd
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

10-11-2006 08:23

Not After

30-11-2008 05:31

Subject

CN=ESTsoft Corp.,OU=Development Department,O=ESTsoft Corp.,L=SEOUL,ST=GYEONGGI-DO,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ALTOOLS\Product\ALZip\7-Zip\7-Zip\7-Zip32\src\Release\az7z.pdb

Imports

kernel32

GetVersionExA
DeleteFileA
DeleteFileW
CloseHandle
GetExitCodeThread
WaitForSingleObject
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCurrentProcessId
ResumeThread
lstrcpynA
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetFileApisToANSI
AreFileApisANSI
FileTimeToSystemTime
FindClose
FindFirstFileA
GetLastError
GlobalFree
GlobalReAlloc
GlobalAlloc
GetTempFileNameA
GetTempPathA
GetTempFileNameW
GetTempPathW
CompareStringA
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
FreeLibrary
LoadLibraryExA
LoadLibraryA
LoadLibraryExW
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
LocalFree
FormatMessageA
FormatMessageW
SetFileAttributesA
MoveFileA
RemoveDirectoryA
CreateDirectoryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetWindowsDirectoryW
GetSystemDirectoryW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryW
GetShortPathNameA
lstrlenA
GetFullPathNameA
SetCurrentDirectoryW
GetCurrentDirectoryW
SearchPathA
GetFullPathNameW
SearchPathW
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileW
SetLastError
FindNextFileA
FindNextFileW
FindFirstChangeNotificationW
GetLogicalDriveStringsA
CreateFileA
GetFileSize
SetFilePointer
GetFileInformationByHandle
ReadFile
SetFileTime
WriteFile
SetEndOfFile
CreateFileW
CompareFileTime
CreateEventA
SetEvent
EnterCriticalSection
LeaveCriticalSection
ResetEvent
WaitForMultipleObjects
VirtualFree
VirtualAlloc
CreateThread
InitializeCriticalSection
DeleteCriticalSection
DosDateTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeA
GetTickCount
SetFileApisToOEM
lstrcatA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedExchange
SetConsoleCtrlHandler
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetTimeZoneInformation
GetStdHandle
HeapCreate
HeapDestroy
HeapReAlloc
FatalAppExitA
Sleep
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetProcessHeap
GetCommandLineA
ExitProcess
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitThread
GetCurrentThreadId
HeapAlloc
RaiseException
RtlUnwind
HeapFree

user32

GetLastActivePopup
GetWindow
GetWindowThreadProcessId
CharPrevExA
wsprintfA
CharPrevA
CharToOemA
CharLowerW
CharUpperW
CharLowerA
CharUpperA
CharNextA
RegisterWindowMessageA
InvalidateRect
EndDialog
EnumWindows
GetDlgItem
GetWindowTextLengthW
GetDlgItemTextW
GetWindowTextLengthA
GetDlgItemTextA
SetDlgItemTextW
DestroyWindow
SetDlgItemTextA
SendMessageA
LoadStringA
SetWindowTextA
SendDlgItemMessageA
ShowWindow
EnableWindow
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
GetDesktopWindow
GetWindowRect
SystemParametersInfoA
SetWindowPos
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostMessageA
SetWindowLongA
GetWindowLongA
CreateDialogParamA

ole32

CoUninitialize
CoInitialize

oleaut32

SysAllocStringLen
SysStringLen
VariantChangeType
VariantCopy
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString

Exports

Exports

SevenZip
SevenZip2
SevenZip3
SevenZipCloseArchive
SevenZipFindFirst
SevenZipFindNext
SevenZipOpenArchive

Sections

.text
Size: 513KB - Virtual size: 512KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cabinet.dll
.dll windows:5 windows x86 arch:x86

9265de4279ec2b9cc932b695004ba8dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

cabinet.pdb

Imports

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
CreateFileA
ReadFile
WriteFile
CloseHandle
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrcmpiA
lstrlenA
CreateDirectoryA
SetFileAttributesA
GetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteFileA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ole32

CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

DeleteExtractedFiles
DllGetVersion
Extract
FCIAddFile
FCICreate
FCIDestroy
FCIFlushCabinet
FCIFlushFolder
FDICopy
FDICreate
FDIDestroy
FDIIsCabinet
FDITruncateCabinet
GetDllVersion

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
calMbc.dll
.dll windows:4 windows x86 arch:x86

83be0c2305f3dc645f80ef424342afe1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Hans\Documents\Visual Studio Projects\calMbc\Release\calMbc.pdb

Imports

kernel32

GlobalFindAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
ExitProcess
GetSystemTimeAsFileTime
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
TerminateProcess
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
lstrcmpW
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
RaiseException
GlobalFlags
InterlockedIncrement
WritePrivateProfileStringA
SetErrorMode
lstrcatA
InterlockedDecrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CloseHandle
GlobalAddAtomA
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetTimeZoneInformation
InterlockedExchange

user32

RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
wsprintfA
GetSystemMetrics
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
DestroyMenu
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageA
PostQuitMessage
GetDesktopWindow
GetSysColor

gdi32

GetStockObject
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
Escape

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit

wininet

InternetQueryOptionA
InternetReadFile
InternetQueryDataAvailable
InternetErrorDlg
HttpSendRequestA
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetSetCookieA

ws2_32

gethostbyname
inet_ntoa
WSACleanup
WSAStartup
gethostname

Exports

Exports

SendMBCLog_Filtering
SendMBCLog_Osp

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
checkDCF.dll
.dll windows:5 windows x86 arch:x86

c424e2b132370a4ab540bd7034f5f741

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Monster\Desktop\checkDCF\Release\checkDCF.pdb

Imports

kernel32

GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EncodePointer
RtlUnwind
MultiByteToWideChar
GetLastError
ReadFile
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
SetFilePointer
SetStdHandle
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetEndOfFile
GetProcessHeap
LCMapStringW
GetStringTypeW
HeapSize
WriteConsoleW
CreateFileW

Exports

Exports

checkDCF

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
conkeeper.dll
.dll windows:5 windows x86 arch:x86

2b4a2be19ec97bb41bfc6d6dea85e24d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ed:d9:63:eb:e2:d7:74:d0:b3:7a:2e:ca:2a:56:b7
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

05-03-2013 00:00

Not After

04-04-2015 23:59

Subject

CN=iMBC Co.\, Ltd.,O=iMBC Co.\, Ltd.,L=Yeouido-dong,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\project_svn\conkeeper\공통필터링모듈\CONKEEPER_v2\conkeeper_DLL\Release\conkeeper.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

urlmon

URLDownloadToFileA

kernel32

GetStdHandle
CompareStringW
FlushFileBuffers
CreateFileW
GetPrivateProfileStringA
DeleteFileA
Sleep
OpenMutexA
CloseHandle
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetStringTypeW
LCMapStringW
MultiByteToWideChar
WriteConsoleW
SetStdHandle
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
EncodePointer
DecodePointer
HeapAlloc
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetCurrentThreadId
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
SetEnvironmentVariableA
GetModuleFileNameW
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapReAlloc
LoadLibraryW

user32

FindWindowA
SendMessageTimeoutA

shell32

ShellExecuteA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestA
InternetReadFile

Exports

Exports

initConKeeper

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
detect.exe
.exe windows:5 windows x86 arch:x86

d5667544cf63f3b42aed4f043bd1436d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ed:d9:63:eb:e2:d7:74:d0:b3:7a:2e:ca:2a:56:b7
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

05-03-2013 00:00

Not After

04-04-2015 23:59

Subject

CN=iMBC Co.\, Ltd.,O=iMBC Co.\, Ltd.,L=Yeouido-dong,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WorkForiMBC\conkeeper_svn\공통필터링모듈\trunk\detect\Release\Detect.pdb

Imports

kernel32

GetTempPathA
OpenFileMappingA
lstrlenA
MultiByteToWideChar
CreateDirectoryA
GetCurrentProcess
QueryDosDeviceA
Process32First
VirtualFree
OpenProcess
GetFileAttributesA
lstrlenW
GetLogicalDriveStringsA
VirtualAlloc
Process32Next
CreateFileMappingA
GetModuleHandleA
CreateToolhelp32Snapshot
DuplicateHandle
GetCurrentProcessId
GetTickCount
GetLastError
OpenMutexA
GetModuleFileNameA
CloseHandle
DeleteFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetVersionExA
LockResource
LoadLibraryA
GetProcAddress
Sleep
SizeofResource
WideCharToMultiByte
LoadResource
FreeLibrary
FindResourceW
FindResourceExW
UnmapViewOfFile
MapViewOfFile
GetFileSize
CreateFileA
FlushConsoleInputBuffer
GlobalMemoryStatus
GetStdHandle
GetFileType
GetVersion
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSetInformation
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
CreateMutexA
GetSystemTimeAsFileTime
HeapDestroy
InitializeCriticalSectionAndSpinCount
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
DecodePointer
EncodePointer
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
SetLastError
GetCurrentThreadId

user32

FindWindowA
RegisterClassA
DefWindowProcA
CreateWindowExA
MessageBoxA
GetWindowThreadProcessId
PostQuitMessage
SendMessageTimeoutA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
PeekMessageA
DispatchMessageA
TranslateMessage
FindWindowExA
EnumWindows
GetClassNameA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

oleaut32

VarUdateFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen

psapi

GetMappedFileNameW

iphlpapi

GetAdaptersInfo

ws2_32

socket
WSAGetLastError
htons
ioctlsocket
select
connect
shutdown
setsockopt
recv
gethostbyname
WSACleanup
WSAStartup
inet_ntoa
gethostname
send
closesocket
WSASetLastError

msvcr100

??3@YAXPAX@Z
memmove_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
sprintf_s
memmove
free
_mbsstr
memchr
localeconv
_wassert
vsprintf_s
strncpy
printf
??_V@YAXPAX@Z
rand
strcpy_s
srand
memcpy_s
strcspn
_localtime64
_vscprintf
_splitpath
_time64
_mbscmp
strchr
fputc
_unlock_file
_localtime64_s
ungetc
fgetpos
_fseeki64
fflush
fgetc
strnlen
fsetpos
setvbuf
_lock_file
strftime
fwrite
fclose
sprintf
atoi
tolower
_mbsrchr
fopen
asctime
towlower
??8type_info@@QBE_NABV0@@Z
_purecall
_CIpow
iswdigit
_ismbcspace
fread
_mbsinc
malloc
fseek
_access
_chdir
_fsopen
strstr
strncmp
_errno
___lc_codepage_func
___lc_handle_func
memcpy
_CxxThrowException
__CxxFrameHandler3
strerror
setlocale
__uncaught_exception
__crtLCMapStringA
__pctype_func
isupper
_calloc_crt
islower
memset
__iob_func
_free_locale
abort
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_time32
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
qsort
wcsstr
_vsnprintf
vfprintf
_iob
strcmp
_pctype
__mb_cur_max
_isctype
_ftol
getenv
_setmode
ftell
fgets
fprintf
sscanf
strtoul
fputs
signal
_fileno
_stat32
_getch
_gmtime32
??2@YAPAXI@Z
iswspace
realloc

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
detect_service.exe
.exe windows:5 windows x86 arch:x86

75d7f94bf43302a1908094808419d2cb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:ed:d9:63:eb:e2:d7:74:d0:b3:7a:2e:ca:2a:56:b7
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

05-03-2013 00:00

Not After

04-04-2015 23:59

Subject

CN=iMBC Co.\, Ltd.,O=iMBC Co.\, Ltd.,L=Yeouido-dong,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\project_svn\conkeeper\공통필터링모듈\luncher\Release\detect_service.pdb

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
Process32First
OpenProcess
Sleep
GetExitCodeProcess
TerminateProcess
GetLastError
OpenMutexA
Process32Next
CreateFileMappingA
GetModuleFileNameA
CreateMutexA
CreateToolhelp32Snapshot
CloseHandle
OpenFileMappingA
HeapSize
HeapAlloc
ExitThread
ResumeThread
CreateThread
GetCommandLineA
HeapSetInformation
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
RtlUnwind
HeapReAlloc
GetStringTypeW
IsProcessorFeaturePresent

shell32

ShellExecuteExA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ippcore-5.2.dll
.dll windows:4 windows x86 arch:x86

0e7c365b005593db9b28cb78e8ef7598

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libguide40

ord705

kernel32

FreeEnvironmentStringsW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo

Exports

Exports

ippAlignPtr
ippFree
ippGetCpuClocks
ippGetCpuFreqMhz
ippGetCpuType
ippGetLibVersion
ippGetMaxCacheSizeB
ippGetNumCoresOnDie
ippGetNumThreads
ippGetStatusString
ippMalloc
ippSetDenormAreZeros
ippSetFlushToZero
ippSetNumThreads
ippStaticInit
ippStaticInitCpu
threads_omp_of_n_ipp

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ippi-5.2.dll
.dll windows:4 windows x86 arch:x86

645887943932e0434e30e1c9fa6a9d90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ippcore-5.2

ippGetCpuType

kernel32

LoadLibraryW
GetProcAddress
LocalFree
GetLastError
FormatMessageW
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameW
WriteFile
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
VirtualProtect
GetSystemInfo
CloseHandle
FreeLibrary
UnhandledExceptionFilter

user32

MessageBoxW
MessageBeep

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

Exports

Exports

ippiAbs_16s_AC4IR
ippiAbs_16s_AC4R
ippiAbs_16s_C1IR
ippiAbs_16s_C1R
ippiAbs_16s_C3IR
ippiAbs_16s_C3R
ippiAbs_16s_C4IR
ippiAbs_16s_C4R
ippiAbs_32f_AC4IR
ippiAbs_32f_AC4R
ippiAbs_32f_C1IR
ippiAbs_32f_C1R
ippiAbs_32f_C3IR
ippiAbs_32f_C3R
ippiAbs_32f_C4IR
ippiAbs_32f_C4R
ippiAddC_16s_AC4IRSfs
ippiAddC_16s_AC4RSfs
ippiAddC_16s_C1IRSfs
ippiAddC_16s_C1RSfs
ippiAddC_16s_C3IRSfs
ippiAddC_16s_C3RSfs
ippiAddC_16s_C4IRSfs
ippiAddC_16s_C4RSfs
ippiAddC_16sc_AC4IRSfs
ippiAddC_16sc_AC4RSfs
ippiAddC_16sc_C1IRSfs
ippiAddC_16sc_C1RSfs
ippiAddC_16sc_C3IRSfs
ippiAddC_16sc_C3RSfs
ippiAddC_16u_AC4IRSfs
ippiAddC_16u_AC4RSfs
ippiAddC_16u_C1IRSfs
ippiAddC_16u_C1RSfs
ippiAddC_16u_C3IRSfs
ippiAddC_16u_C3RSfs
ippiAddC_16u_C4IRSfs
ippiAddC_16u_C4RSfs
ippiAddC_32f_AC4IR
ippiAddC_32f_AC4R
ippiAddC_32f_C1IR
ippiAddC_32f_C1R
ippiAddC_32f_C3IR
ippiAddC_32f_C3R
ippiAddC_32f_C4IR
ippiAddC_32f_C4R
ippiAddC_32fc_AC4IR
ippiAddC_32fc_AC4R
ippiAddC_32fc_C1IR
ippiAddC_32fc_C1R
ippiAddC_32fc_C3IR
ippiAddC_32fc_C3R
ippiAddC_32sc_AC4IRSfs
ippiAddC_32sc_AC4RSfs
ippiAddC_32sc_C1IRSfs
ippiAddC_32sc_C1RSfs
ippiAddC_32sc_C3IRSfs
ippiAddC_32sc_C3RSfs
ippiAddC_8u_AC4IRSfs
ippiAddC_8u_AC4RSfs
ippiAddC_8u_C1IRSfs
ippiAddC_8u_C1RSfs
ippiAddC_8u_C3IRSfs
ippiAddC_8u_C3RSfs
ippiAddC_8u_C4IRSfs
ippiAddC_8u_C4RSfs
ippiAddRandGauss_Direct_16s_AC4IR
ippiAddRandGauss_Direct_16s_C1IR
ippiAddRandGauss_Direct_16s_C3IR
ippiAddRandGauss_Direct_16s_C4IR
ippiAddRandGauss_Direct_16u_AC4IR
ippiAddRandGauss_Direct_16u_C1IR
ippiAddRandGauss_Direct_16u_C3IR
ippiAddRandGauss_Direct_16u_C4IR
ippiAddRandGauss_Direct_32f_AC4IR
ippiAddRandGauss_Direct_32f_C1IR
ippiAddRandGauss_Direct_32f_C3IR
ippiAddRandGauss_Direct_32f_C4IR
ippiAddRandGauss_Direct_8u_AC4IR
ippiAddRandGauss_Direct_8u_C1IR
ippiAddRandGauss_Direct_8u_C3IR
ippiAddRandGauss_Direct_8u_C4IR
ippiAddRandUniform_Direct_16s_AC4IR
ippiAddRandUniform_Direct_16s_C1IR
ippiAddRandUniform_Direct_16s_C3IR
ippiAddRandUniform_Direct_16s_C4IR
ippiAddRandUniform_Direct_16u_AC4IR
ippiAddRandUniform_Direct_16u_C1IR
ippiAddRandUniform_Direct_16u_C3IR
ippiAddRandUniform_Direct_16u_C4IR
ippiAddRandUniform_Direct_32f_AC4IR
ippiAddRandUniform_Direct_32f_C1IR
ippiAddRandUniform_Direct_32f_C3IR
ippiAddRandUniform_Direct_32f_C4IR
ippiAddRandUniform_Direct_8u_AC4IR
ippiAddRandUniform_Direct_8u_C1IR
ippiAddRandUniform_Direct_8u_C3IR
ippiAddRandUniform_Direct_8u_C4IR
ippiAddRotateShift
ippiAdd_16s_AC4IRSfs
ippiAdd_16s_AC4RSfs
ippiAdd_16s_C1IRSfs
ippiAdd_16s_C1RSfs
ippiAdd_16s_C3IRSfs
ippiAdd_16s_C3RSfs
ippiAdd_16s_C4IRSfs
ippiAdd_16s_C4RSfs
ippiAdd_16sc_AC4IRSfs
ippiAdd_16sc_AC4RSfs
ippiAdd_16sc_C1IRSfs
ippiAdd_16sc_C1RSfs
ippiAdd_16sc_C3IRSfs
ippiAdd_16sc_C3RSfs
ippiAdd_16u_AC4IRSfs
ippiAdd_16u_AC4RSfs
ippiAdd_16u_C1IRSfs
ippiAdd_16u_C1RSfs
ippiAdd_16u_C3IRSfs
ippiAdd_16u_C3RSfs
ippiAdd_16u_C4IRSfs
ippiAdd_16u_C4RSfs
ippiAdd_32f_AC4IR
ippiAdd_32f_AC4R
ippiAdd_32f_C1IR
ippiAdd_32f_C1R
ippiAdd_32f_C3IR
ippiAdd_32f_C3R
ippiAdd_32f_C4IR
ippiAdd_32f_C4R
ippiAdd_32fc_AC4IR
ippiAdd_32fc_AC4R
ippiAdd_32fc_C1IR
ippiAdd_32fc_C1R
ippiAdd_32fc_C3IR
ippiAdd_32fc_C3R
ippiAdd_32sc_AC4IRSfs
ippiAdd_32sc_AC4RSfs
ippiAdd_32sc_C1IRSfs
ippiAdd_32sc_C1RSfs
ippiAdd_32sc_C3IRSfs
ippiAdd_32sc_C3RSfs
ippiAdd_8u_AC4IRSfs
ippiAdd_8u_AC4RSfs
ippiAdd_8u_C1IRSfs
ippiAdd_8u_C1RSfs
ippiAdd_8u_C3IRSfs
ippiAdd_8u_C3RSfs
ippiAdd_8u_C4IRSfs
ippiAdd_8u_C4RSfs
ippiAlphaCompC_16u_AC4R
ippiAlphaCompC_16u_AP4R
ippiAlphaCompC_16u_C1R
ippiAlphaCompC_16u_C3R
ippiAlphaCompC_16u_C4R
ippiAlphaCompC_8u_AC4R
ippiAlphaCompC_8u_AP4R
ippiAlphaCompC_8u_C1R
ippiAlphaCompC_8u_C3R
ippiAlphaCompC_8u_C4R
ippiAlphaComp_16u_AC1R
ippiAlphaComp_16u_AC4R
ippiAlphaComp_16u_AP4R
ippiAlphaComp_8u_AC1R
ippiAlphaComp_8u_AC4R
ippiAlphaComp_8u_AP4R
ippiAlphaPremulC_16u_AC4IR
ippiAlphaPremulC_16u_AC4R
ippiAlphaPremulC_16u_AP4IR
ippiAlphaPremulC_16u_AP4R
ippiAlphaPremulC_16u_C1IR
ippiAlphaPremulC_16u_C1R
ippiAlphaPremulC_16u_C3IR
ippiAlphaPremulC_16u_C3R
ippiAlphaPremulC_16u_C4IR
ippiAlphaPremulC_16u_C4R
ippiAlphaPremulC_8u_AC4IR
ippiAlphaPremulC_8u_AC4R
ippiAlphaPremulC_8u_AP4IR
ippiAlphaPremulC_8u_AP4R
ippiAlphaPremulC_8u_C1IR
ippiAlphaPremulC_8u_C1R
ippiAlphaPremulC_8u_C3IR
ippiAlphaPremulC_8u_C3R
ippiAlphaPremulC_8u_C4IR
ippiAlphaPremulC_8u_C4R
ippiAlphaPremul_16u_AC4IR
ippiAlphaPremul_16u_AC4R
ippiAlphaPremul_16u_AP4IR
ippiAlphaPremul_16u_AP4R
ippiAlphaPremul_8u_AC4IR
ippiAlphaPremul_8u_AC4R
ippiAlphaPremul_8u_AP4IR
ippiAlphaPremul_8u_AP4R
ippiAndC_16u_AC4IR
ippiAndC_16u_AC4R
ippiAndC_16u_C1IR
ippiAndC_16u_C1R
ippiAndC_16u_C3IR
ippiAndC_16u_C3R
ippiAndC_16u_C4IR
ippiAndC_16u_C4R
ippiAndC_32s_AC4IR
ippiAndC_32s_AC4R
ippiAndC_32s_C1IR
ippiAndC_32s_C1R
ippiAndC_32s_C3IR
ippiAndC_32s_C3R
ippiAndC_32s_C4IR
ippiAndC_32s_C4R
ippiAndC_8u_AC4IR
ippiAndC_8u_AC4R
ippiAndC_8u_C1IR
ippiAndC_8u_C1R
ippiAndC_8u_C3IR
ippiAndC_8u_C3R
ippiAndC_8u_C4IR
ippiAndC_8u_C4R
ippiAnd_16u_AC4IR
ippiAnd_16u_AC4R
ippiAnd_16u_C1IR
ippiAnd_16u_C1R
ippiAnd_16u_C3IR
ippiAnd_16u_C3R
ippiAnd_16u_C4IR
ippiAnd_16u_C4R
ippiAnd_32s_AC4IR
ippiAnd_32s_AC4R
ippiAnd_32s_C1IR
ippiAnd_32s_C1R
ippiAnd_32s_C3IR
ippiAnd_32s_C3R
ippiAnd_32s_C4IR
ippiAnd_32s_C4R
ippiAnd_8u_AC4IR
ippiAnd_8u_AC4R
ippiAnd_8u_C1IR
ippiAnd_8u_C1R
ippiAnd_8u_C3IR
ippiAnd_8u_C3R
ippiAnd_8u_C4IR
ippiAnd_8u_C4R
ippiCompColorKey_16s_C1R
ippiCompColorKey_16s_C3R
ippiCompColorKey_16s_C4R
ippiCompColorKey_16u_C1R
ippiCompColorKey_16u_C3R
ippiCompColorKey_16u_C4R
ippiCompColorKey_8u_C1R
ippiCompColorKey_8u_C3R
ippiCompColorKey_8u_C4R
ippiCompareC_16s_AC4R
ippiCompareC_16s_C1R
ippiCompareC_16s_C3R
ippiCompareC_16s_C4R
ippiCompareC_16u_AC4R
ippiCompareC_16u_C1R
ippiCompareC_16u_C3R
ippiCompareC_16u_C4R
ippiCompareC_32f_AC4R
ippiCompareC_32f_C1R
ippiCompareC_32f_C3R
ippiCompareC_32f_C4R
ippiCompareC_8u_AC4R
ippiCompareC_8u_C1R
ippiCompareC_8u_C3R
ippiCompareC_8u_C4R
ippiCompareEqualEpsC_32f_AC4R
ippiCompareEqualEpsC_32f_C1R
ippiCompareEqualEpsC_32f_C3R
ippiCompareEqualEpsC_32f_C4R
ippiCompareEqualEps_32f_AC4R
ippiCompareEqualEps_32f_C1R
ippiCompareEqualEps_32f_C3R
ippiCompareEqualEps_32f_C4R
ippiCompare_16s_AC4R
ippiCompare_16s_C1R
ippiCompare_16s_C3R
ippiCompare_16s_C4R
ippiCompare_16u_AC4R
ippiCompare_16u_C1R
ippiCompare_16u_C3R
ippiCompare_16u_C4R
ippiCompare_32f_AC4R
ippiCompare_32f_C1R
ippiCompare_32f_C3R
ippiCompare_32f_C4R
ippiCompare_8u_AC4R
ippiCompare_8u_C1R
ippiCompare_8u_C3R
ippiCompare_8u_C4R
ippiComplement_32s_C1IR
ippiConvFull_16s_AC4R
ippiConvFull_16s_C1R
ippiConvFull_16s_C3R
ippiConvFull_32f_AC4R
ippiConvFull_32f_C1R
ippiConvFull_32f_C3R
ippiConvFull_8u_AC4R
ippiConvFull_8u_C1R
ippiConvFull_8u_C3R
ippiConvValid_16s_AC4R
ippiConvValid_16s_C1R
ippiConvValid_16s_C3R
ippiConvValid_32f_AC4R
ippiConvValid_32f_C1R
ippiConvValid_32f_C3R
ippiConvValid_8u_AC4R
ippiConvValid_8u_C1R
ippiConvValid_8u_C3R
ippiConvert_16s32f_AC4R
ippiConvert_16s32f_C1R
ippiConvert_16s32f_C3R
ippiConvert_16s32f_C4R
ippiConvert_16s32s_AC4R
ippiConvert_16s32s_C1R
ippiConvert_16s32s_C3R
ippiConvert_16s32s_C4R
ippiConvert_16s8u_AC4R
ippiConvert_16s8u_C1R
ippiConvert_16s8u_C3R
ippiConvert_16s8u_C4R
ippiConvert_16u32f_AC4R
ippiConvert_16u32f_C1R
ippiConvert_16u32f_C3R
ippiConvert_16u32f_C4R
ippiConvert_16u32s_AC4R
ippiConvert_16u32s_C1R
ippiConvert_16u32s_C3R
ippiConvert_16u32s_C4R
ippiConvert_16u8u_AC4R
ippiConvert_16u8u_C1R
ippiConvert_16u8u_C3R
ippiConvert_16u8u_C4R
ippiConvert_1u8u_C1R
ippiConvert_32f16s_AC4R
ippiConvert_32f16s_C1R
ippiConvert_32f16s_C3R
ippiConvert_32f16s_C4R
ippiConvert_32f16u_AC4R
ippiConvert_32f16u_C1R
ippiConvert_32f16u_C3R
ippiConvert_32f16u_C4R
ippiConvert_32f8s_AC4R
ippiConvert_32f8s_C1R
ippiConvert_32f8s_C3R
ippiConvert_32f8s_C4R
ippiConvert_32f8u_AC4R
ippiConvert_32f8u_C1R
ippiConvert_32f8u_C3R
ippiConvert_32f8u_C4R
ippiConvert_32s8s_AC4R
ippiConvert_32s8s_C1R
ippiConvert_32s8s_C3R
ippiConvert_32s8s_C4R
ippiConvert_32s8u_AC4R
ippiConvert_32s8u_C1R
ippiConvert_32s8u_C3R
ippiConvert_32s8u_C4R
ippiConvert_8s32f_AC4R
ippiConvert_8s32f_C1R
ippiConvert_8s32f_C3R
ippiConvert_8s32f_C4R
ippiConvert_8s32s_AC4R
ippiConvert_8s32s_C1R
ippiConvert_8s32s_C3R
ippiConvert_8s32s_C4R
ippiConvert_8u16s_AC4R
ippiConvert_8u16s_C1R
ippiConvert_8u16s_C3R
ippiConvert_8u16s_C4R
ippiConvert_8u16u_AC4R
ippiConvert_8u16u_C1R
ippiConvert_8u16u_C3R
ippiConvert_8u16u_C4R
ippiConvert_8u1u_C1R
ippiConvert_8u32f_AC4R
ippiConvert_8u32f_C1R
ippiConvert_8u32f_C3R
ippiConvert_8u32f_C4R
ippiConvert_8u32s_AC4R
ippiConvert_8u32s_C1R
ippiConvert_8u32s_C3R
ippiConvert_8u32s_C4R
ippiCopyConstBorder_16s_AC4R
ippiCopyConstBorder_16s_C1R
ippiCopyConstBorder_16s_C3R
ippiCopyConstBorder_16s_C4R
ippiCopyConstBorder_16u_AC4R
ippiCopyConstBorder_16u_C1R
ippiCopyConstBorder_16u_C3R
ippiCopyConstBorder_16u_C4R
ippiCopyConstBorder_32s_AC4R
ippiCopyConstBorder_32s_C1R
ippiCopyConstBorder_32s_C3R
ippiCopyConstBorder_32s_C4R
ippiCopyConstBorder_8u_AC4R
ippiCopyConstBorder_8u_C1R
ippiCopyConstBorder_8u_C3R
ippiCopyConstBorder_8u_C4R
ippiCopyReplicateBorder_16s_AC4IR
ippiCopyReplicateBorder_16s_AC4R
ippiCopyReplicateBorder_16s_C1IR
ippiCopyReplicateBorder_16s_C1R
ippiCopyReplicateBorder_16s_C3IR
ippiCopyReplicateBorder_16s_C3R
ippiCopyReplicateBorder_16s_C4IR
ippiCopyReplicateBorder_16s_C4R
ippiCopyReplicateBorder_16u_AC4IR
ippiCopyReplicateBorder_16u_AC4R
ippiCopyReplicateBorder_16u_C1IR
ippiCopyReplicateBorder_16u_C1R
ippiCopyReplicateBorder_16u_C3IR
ippiCopyReplicateBorder_16u_C3R
ippiCopyReplicateBorder_16u_C4IR
ippiCopyReplicateBorder_16u_C4R
ippiCopyReplicateBorder_32s_AC4IR
ippiCopyReplicateBorder_32s_AC4R
ippiCopyReplicateBorder_32s_C1IR
ippiCopyReplicateBorder_32s_C1R
ippiCopyReplicateBorder_32s_C3IR
ippiCopyReplicateBorder_32s_C3R
ippiCopyReplicateBorder_32s_C4IR
ippiCopyReplicateBorder_32s_C4R
ippiCopyReplicateBorder_8u_AC4IR
ippiCopyReplicateBorder_8u_AC4R
ippiCopyReplicateBorder_8u_C1IR
ippiCopyReplicateBorder_8u_C1R
ippiCopyReplicateBorder_8u_C3IR
ippiCopyReplicateBorder_8u_C3R
ippiCopyReplicateBorder_8u_C4IR
ippiCopyReplicateBorder_8u_C4R
ippiCopyWrapBorder_32s_C1IR
ippiCopyWrapBorder_32s_C1R
ippiCopy_16s_AC4C3R
ippiCopy_16s_AC4MR
ippiCopy_16s_AC4R
ippiCopy_16s_C1C3R
ippiCopy_16s_C1C4R
ippiCopy_16s_C1MR
ippiCopy_16s_C1R
ippiCopy_16s_C3AC4R
ippiCopy_16s_C3C1R
ippiCopy_16s_C3CR
ippiCopy_16s_C3MR
ippiCopy_16s_C3P3R
ippiCopy_16s_C3R
ippiCopy_16s_C4C1R
ippiCopy_16s_C4CR
ippiCopy_16s_C4MR
ippiCopy_16s_C4P4R
ippiCopy_16s_C4R
ippiCopy_16s_P3C3R
ippiCopy_16s_P4C4R
ippiCopy_16u_AC4C3R
ippiCopy_16u_AC4MR
ippiCopy_16u_AC4R
ippiCopy_16u_C1C3R
ippiCopy_16u_C1C4R
ippiCopy_16u_C1MR
ippiCopy_16u_C1R
ippiCopy_16u_C3AC4R
ippiCopy_16u_C3C1R
ippiCopy_16u_C3CR
ippiCopy_16u_C3MR
ippiCopy_16u_C3P3R
ippiCopy_16u_C3R
ippiCopy_16u_C4C1R
ippiCopy_16u_C4CR
ippiCopy_16u_C4MR
ippiCopy_16u_C4P4R
ippiCopy_16u_C4R
ippiCopy_16u_P3C3R
ippiCopy_16u_P4C4R
ippiCopy_32f_AC4C3R
ippiCopy_32f_AC4MR
ippiCopy_32f_AC4R
ippiCopy_32f_C1C3R
ippiCopy_32f_C1C4R
ippiCopy_32f_C1MR
ippiCopy_32f_C1R
ippiCopy_32f_C3AC4R
ippiCopy_32f_C3C1R
ippiCopy_32f_C3CR
ippiCopy_32f_C3MR
ippiCopy_32f_C3P3R
ippiCopy_32f_C3R
ippiCopy_32f_C4C1R
ippiCopy_32f_C4CR
ippiCopy_32f_C4MR
ippiCopy_32f_C4P4R
ippiCopy_32f_C4R
ippiCopy_32f_P3C3R
ippiCopy_32f_P4C4R
ippiCopy_32s_AC4C3R
ippiCopy_32s_AC4MR
ippiCopy_32s_AC4R
ippiCopy_32s_C1C3R
ippiCopy_32s_C1C4R
ippiCopy_32s_C1MR
ippiCopy_32s_C1R

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ippipx-5.2.dll
.dll windows:4 windows x86 arch:x86

708a9f843202588e00b0e24812a08533

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ippcore-5.2

threads_omp_of_n_ipp

libguide40

ord707
ord136
ord106
ord124
ord706
ord135
ord126
ord150
ord138
ord148
ord145
ord141
ord144

kernel32

FreeEnvironmentStringsA
GetSystemInfo
VirtualProtect
SetStdHandle
SetFilePointer
CloseHandle
GetStringTypeW
GetStringTypeA
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
HeapReAlloc
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
VirtualAlloc
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapSize
GetLocaleInfoA

Exports

Exports

ippiAbs_16s_AC4IR
ippiAbs_16s_AC4R
ippiAbs_16s_C1IR
ippiAbs_16s_C1R
ippiAbs_16s_C3IR
ippiAbs_16s_C3R
ippiAbs_16s_C4IR
ippiAbs_16s_C4R
ippiAbs_32f_AC4IR
ippiAbs_32f_AC4R
ippiAbs_32f_C1IR
ippiAbs_32f_C1R
ippiAbs_32f_C3IR
ippiAbs_32f_C3R
ippiAbs_32f_C4IR
ippiAbs_32f_C4R
ippiAddC_16s_AC4IRSfs
ippiAddC_16s_AC4RSfs
ippiAddC_16s_C1IRSfs
ippiAddC_16s_C1RSfs
ippiAddC_16s_C3IRSfs
ippiAddC_16s_C3RSfs
ippiAddC_16s_C4IRSfs
ippiAddC_16s_C4RSfs
ippiAddC_16sc_AC4IRSfs
ippiAddC_16sc_AC4RSfs
ippiAddC_16sc_C1IRSfs
ippiAddC_16sc_C1RSfs
ippiAddC_16sc_C3IRSfs
ippiAddC_16sc_C3RSfs
ippiAddC_16u_AC4IRSfs
ippiAddC_16u_AC4RSfs
ippiAddC_16u_C1IRSfs
ippiAddC_16u_C1RSfs
ippiAddC_16u_C3IRSfs
ippiAddC_16u_C3RSfs
ippiAddC_16u_C4IRSfs
ippiAddC_16u_C4RSfs
ippiAddC_32f_AC4IR
ippiAddC_32f_AC4R
ippiAddC_32f_C1IR
ippiAddC_32f_C1R
ippiAddC_32f_C3IR
ippiAddC_32f_C3R
ippiAddC_32f_C4IR
ippiAddC_32f_C4R
ippiAddC_32fc_AC4IR
ippiAddC_32fc_AC4R
ippiAddC_32fc_C1IR
ippiAddC_32fc_C1R
ippiAddC_32fc_C3IR
ippiAddC_32fc_C3R
ippiAddC_32sc_AC4IRSfs
ippiAddC_32sc_AC4RSfs
ippiAddC_32sc_C1IRSfs
ippiAddC_32sc_C1RSfs
ippiAddC_32sc_C3IRSfs
ippiAddC_32sc_C3RSfs
ippiAddC_8u_AC4IRSfs
ippiAddC_8u_AC4RSfs
ippiAddC_8u_C1IRSfs
ippiAddC_8u_C1RSfs
ippiAddC_8u_C3IRSfs
ippiAddC_8u_C3RSfs
ippiAddC_8u_C4IRSfs
ippiAddC_8u_C4RSfs
ippiAddRandGauss_Direct_16s_AC4IR
ippiAddRandGauss_Direct_16s_C1IR
ippiAddRandGauss_Direct_16s_C3IR
ippiAddRandGauss_Direct_16s_C4IR
ippiAddRandGauss_Direct_16u_AC4IR
ippiAddRandGauss_Direct_16u_C1IR
ippiAddRandGauss_Direct_16u_C3IR
ippiAddRandGauss_Direct_16u_C4IR
ippiAddRandGauss_Direct_32f_AC4IR
ippiAddRandGauss_Direct_32f_C1IR
ippiAddRandGauss_Direct_32f_C3IR
ippiAddRandGauss_Direct_32f_C4IR
ippiAddRandGauss_Direct_8u_AC4IR
ippiAddRandGauss_Direct_8u_C1IR
ippiAddRandGauss_Direct_8u_C3IR
ippiAddRandGauss_Direct_8u_C4IR
ippiAddRandUniform_Direct_16s_AC4IR
ippiAddRandUniform_Direct_16s_C1IR
ippiAddRandUniform_Direct_16s_C3IR
ippiAddRandUniform_Direct_16s_C4IR
ippiAddRandUniform_Direct_16u_AC4IR
ippiAddRandUniform_Direct_16u_C1IR
ippiAddRandUniform_Direct_16u_C3IR
ippiAddRandUniform_Direct_16u_C4IR
ippiAddRandUniform_Direct_32f_AC4IR
ippiAddRandUniform_Direct_32f_C1IR
ippiAddRandUniform_Direct_32f_C3IR
ippiAddRandUniform_Direct_32f_C4IR
ippiAddRandUniform_Direct_8u_AC4IR
ippiAddRandUniform_Direct_8u_C1IR
ippiAddRandUniform_Direct_8u_C3IR
ippiAddRandUniform_Direct_8u_C4IR
ippiAddRotateShift
ippiAdd_16s_AC4IRSfs
ippiAdd_16s_AC4RSfs
ippiAdd_16s_C1IRSfs
ippiAdd_16s_C1RSfs
ippiAdd_16s_C3IRSfs
ippiAdd_16s_C3RSfs
ippiAdd_16s_C4IRSfs
ippiAdd_16s_C4RSfs
ippiAdd_16sc_AC4IRSfs
ippiAdd_16sc_AC4RSfs
ippiAdd_16sc_C1IRSfs
ippiAdd_16sc_C1RSfs
ippiAdd_16sc_C3IRSfs
ippiAdd_16sc_C3RSfs
ippiAdd_16u_AC4IRSfs
ippiAdd_16u_AC4RSfs
ippiAdd_16u_C1IRSfs
ippiAdd_16u_C1RSfs
ippiAdd_16u_C3IRSfs
ippiAdd_16u_C3RSfs
ippiAdd_16u_C4IRSfs
ippiAdd_16u_C4RSfs
ippiAdd_32f_AC4IR
ippiAdd_32f_AC4R
ippiAdd_32f_C1IR
ippiAdd_32f_C1R
ippiAdd_32f_C3IR
ippiAdd_32f_C3R
ippiAdd_32f_C4IR
ippiAdd_32f_C4R
ippiAdd_32fc_AC4IR
ippiAdd_32fc_AC4R
ippiAdd_32fc_C1IR
ippiAdd_32fc_C1R
ippiAdd_32fc_C3IR
ippiAdd_32fc_C3R
ippiAdd_32sc_AC4IRSfs
ippiAdd_32sc_AC4RSfs
ippiAdd_32sc_C1IRSfs
ippiAdd_32sc_C1RSfs
ippiAdd_32sc_C3IRSfs
ippiAdd_32sc_C3RSfs
ippiAdd_8u_AC4IRSfs
ippiAdd_8u_AC4RSfs
ippiAdd_8u_C1IRSfs
ippiAdd_8u_C1RSfs
ippiAdd_8u_C3IRSfs
ippiAdd_8u_C3RSfs
ippiAdd_8u_C4IRSfs
ippiAdd_8u_C4RSfs
ippiAlphaCompC_16u_AC4R
ippiAlphaCompC_16u_AP4R
ippiAlphaCompC_16u_C1R
ippiAlphaCompC_16u_C3R
ippiAlphaCompC_16u_C4R
ippiAlphaCompC_8u_AC4R
ippiAlphaCompC_8u_AP4R
ippiAlphaCompC_8u_C1R
ippiAlphaCompC_8u_C3R
ippiAlphaCompC_8u_C4R
ippiAlphaComp_16u_AC1R
ippiAlphaComp_16u_AC4R
ippiAlphaComp_16u_AP4R
ippiAlphaComp_8u_AC1R
ippiAlphaComp_8u_AC4R
ippiAlphaComp_8u_AP4R
ippiAlphaPremulC_16u_AC4IR
ippiAlphaPremulC_16u_AC4R
ippiAlphaPremulC_16u_AP4IR
ippiAlphaPremulC_16u_AP4R
ippiAlphaPremulC_16u_C1IR
ippiAlphaPremulC_16u_C1R
ippiAlphaPremulC_16u_C3IR
ippiAlphaPremulC_16u_C3R
ippiAlphaPremulC_16u_C4IR
ippiAlphaPremulC_16u_C4R
ippiAlphaPremulC_8u_AC4IR
ippiAlphaPremulC_8u_AC4R
ippiAlphaPremulC_8u_AP4IR
ippiAlphaPremulC_8u_AP4R
ippiAlphaPremulC_8u_C1IR
ippiAlphaPremulC_8u_C1R
ippiAlphaPremulC_8u_C3IR
ippiAlphaPremulC_8u_C3R
ippiAlphaPremulC_8u_C4IR
ippiAlphaPremulC_8u_C4R
ippiAlphaPremul_16u_AC4IR
ippiAlphaPremul_16u_AC4R
ippiAlphaPremul_16u_AP4IR
ippiAlphaPremul_16u_AP4R
ippiAlphaPremul_8u_AC4IR
ippiAlphaPremul_8u_AC4R
ippiAlphaPremul_8u_AP4IR
ippiAlphaPremul_8u_AP4R
ippiAndC_16u_AC4IR
ippiAndC_16u_AC4R
ippiAndC_16u_C1IR
ippiAndC_16u_C1R
ippiAndC_16u_C3IR
ippiAndC_16u_C3R
ippiAndC_16u_C4IR
ippiAndC_16u_C4R
ippiAndC_32s_AC4IR
ippiAndC_32s_AC4R
ippiAndC_32s_C1IR
ippiAndC_32s_C1R
ippiAndC_32s_C3IR
ippiAndC_32s_C3R
ippiAndC_32s_C4IR
ippiAndC_32s_C4R
ippiAndC_8u_AC4IR
ippiAndC_8u_AC4R
ippiAndC_8u_C1IR
ippiAndC_8u_C1R
ippiAndC_8u_C3IR
ippiAndC_8u_C3R
ippiAndC_8u_C4IR
ippiAndC_8u_C4R
ippiAnd_16u_AC4IR
ippiAnd_16u_AC4R
ippiAnd_16u_C1IR
ippiAnd_16u_C1R
ippiAnd_16u_C3IR
ippiAnd_16u_C3R
ippiAnd_16u_C4IR
ippiAnd_16u_C4R
ippiAnd_32s_AC4IR
ippiAnd_32s_AC4R
ippiAnd_32s_C1IR
ippiAnd_32s_C1R
ippiAnd_32s_C3IR
ippiAnd_32s_C3R
ippiAnd_32s_C4IR
ippiAnd_32s_C4R
ippiAnd_8u_AC4IR
ippiAnd_8u_AC4R
ippiAnd_8u_C1IR
ippiAnd_8u_C1R
ippiAnd_8u_C3IR
ippiAnd_8u_C3R
ippiAnd_8u_C4IR
ippiAnd_8u_C4R
ippiCompColorKey_16s_C1R
ippiCompColorKey_16s_C3R
ippiCompColorKey_16s_C4R
ippiCompColorKey_16u_C1R
ippiCompColorKey_16u_C3R
ippiCompColorKey_16u_C4R
ippiCompColorKey_8u_C1R
ippiCompColorKey_8u_C3R
ippiCompColorKey_8u_C4R
ippiCompareC_16s_AC4R
ippiCompareC_16s_C1R
ippiCompareC_16s_C3R
ippiCompareC_16s_C4R
ippiCompareC_16u_AC4R
ippiCompareC_16u_C1R
ippiCompareC_16u_C3R
ippiCompareC_16u_C4R
ippiCompareC_32f_AC4R
ippiCompareC_32f_C1R
ippiCompareC_32f_C3R
ippiCompareC_32f_C4R
ippiCompareC_8u_AC4R
ippiCompareC_8u_C1R
ippiCompareC_8u_C3R
ippiCompareC_8u_C4R
ippiCompareEqualEpsC_32f_AC4R
ippiCompareEqualEpsC_32f_C1R
ippiCompareEqualEpsC_32f_C3R
ippiCompareEqualEpsC_32f_C4R
ippiCompareEqualEps_32f_AC4R
ippiCompareEqualEps_32f_C1R
ippiCompareEqualEps_32f_C3R
ippiCompareEqualEps_32f_C4R
ippiCompare_16s_AC4R
ippiCompare_16s_C1R
ippiCompare_16s_C3R
ippiCompare_16s_C4R
ippiCompare_16u_AC4R
ippiCompare_16u_C1R
ippiCompare_16u_C3R
ippiCompare_16u_C4R
ippiCompare_32f_AC4R
ippiCompare_32f_C1R
ippiCompare_32f_C3R
ippiCompare_32f_C4R
ippiCompare_8u_AC4R
ippiCompare_8u_C1R
ippiCompare_8u_C3R
ippiCompare_8u_C4R
ippiComplement_32s_C1IR
ippiConvFull_16s_AC4R
ippiConvFull_16s_C1R
ippiConvFull_16s_C3R
ippiConvFull_32f_AC4R
ippiConvFull_32f_C1R
ippiConvFull_32f_C3R
ippiConvFull_8u_AC4R
ippiConvFull_8u_C1R
ippiConvFull_8u_C3R
ippiConvValid_16s_AC4R
ippiConvValid_16s_C1R
ippiConvValid_16s_C3R
ippiConvValid_32f_AC4R
ippiConvValid_32f_C1R
ippiConvValid_32f_C3R
ippiConvValid_8u_AC4R
ippiConvValid_8u_C1R
ippiConvValid_8u_C3R
ippiConvert_16s32f_AC4R
ippiConvert_16s32f_C1R
ippiConvert_16s32f_C3R
ippiConvert_16s32f_C4R
ippiConvert_16s32s_AC4R
ippiConvert_16s32s_C1R
ippiConvert_16s32s_C3R
ippiConvert_16s32s_C4R
ippiConvert_16s8u_AC4R
ippiConvert_16s8u_C1R
ippiConvert_16s8u_C3R
ippiConvert_16s8u_C4R
ippiConvert_16u32f_AC4R
ippiConvert_16u32f_C1R
ippiConvert_16u32f_C3R
ippiConvert_16u32f_C4R
ippiConvert_16u32s_AC4R
ippiConvert_16u32s_C1R
ippiConvert_16u32s_C3R
ippiConvert_16u32s_C4R
ippiConvert_16u8u_AC4R
ippiConvert_16u8u_C1R
ippiConvert_16u8u_C3R
ippiConvert_16u8u_C4R
ippiConvert_1u8u_C1R
ippiConvert_32f16s_AC4R
ippiConvert_32f16s_C1R
ippiConvert_32f16s_C3R
ippiConvert_32f16s_C4R
ippiConvert_32f16u_AC4R
ippiConvert_32f16u_C1R
ippiConvert_32f16u_C3R
ippiConvert_32f16u_C4R
ippiConvert_32f8s_AC4R
ippiConvert_32f8s_C1R
ippiConvert_32f8s_C3R
ippiConvert_32f8s_C4R
ippiConvert_32f8u_AC4R
ippiConvert_32f8u_C1R
ippiConvert_32f8u_C3R
ippiConvert_32f8u_C4R
ippiConvert_32s8s_AC4R
ippiConvert_32s8s_C1R
ippiConvert_32s8s_C3R
ippiConvert_32s8s_C4R
ippiConvert_32s8u_AC4R
ippiConvert_32s8u_C1R
ippiConvert_32s8u_C3R
ippiConvert_32s8u_C4R
ippiConvert_8s32f_AC4R
ippiConvert_8s32f_C1R
ippiConvert_8s32f_C3R
ippiConvert_8s32f_C4R
ippiConvert_8s32s_AC4R
ippiConvert_8s32s_C1R
ippiConvert_8s32s_C3R
ippiConvert_8s32s_C4R
ippiConvert_8u16s_AC4R
ippiConvert_8u16s_C1R
ippiConvert_8u16s_C3R
ippiConvert_8u16s_C4R
ippiConvert_8u16u_AC4R
ippiConvert_8u16u_C1R
ippiConvert_8u16u_C3R
ippiConvert_8u16u_C4R
ippiConvert_8u1u_C1R
ippiConvert_8u32f_AC4R
ippiConvert_8u32f_C1R
ippiConvert_8u32f_C3R
ippiConvert_8u32f_C4R
ippiConvert_8u32s_AC4R
ippiConvert_8u32s_C1R
ippiConvert_8u32s_C3R
ippiConvert_8u32s_C4R
ippiCopyConstBorder_16s_AC4R
ippiCopyConstBorder_16s_C1R
ippiCopyConstBorder_16s_C3R
ippiCopyConstBorder_16s_C4R
ippiCopyConstBorder_16u_AC4R
ippiCopyConstBorder_16u_C1R
ippiCopyConstBorder_16u_C3R
ippiCopyConstBorder_16u_C4R
ippiCopyConstBorder_32s_AC4R
ippiCopyConstBorder_32s_C1R
ippiCopyConstBorder_32s_C3R
ippiCopyConstBorder_32s_C4R
ippiCopyConstBorder_8u_AC4R
ippiCopyConstBorder_8u_C1R
ippiCopyConstBorder_8u_C3R
ippiCopyConstBorder_8u_C4R
ippiCopyReplicateBorder_16s_AC4IR
ippiCopyReplicateBorder_16s_AC4R
ippiCopyReplicateBorder_16s_C1IR
ippiCopyReplicateBorder_16s_C1R
ippiCopyReplicateBorder_16s_C3IR
ippiCopyReplicateBorder_16s_C3R
ippiCopyReplicateBorder_16s_C4IR
ippiCopyReplicateBorder_16s_C4R
ippiCopyReplicateBorder_16u_AC4IR
ippiCopyReplicateBorder_16u_AC4R
ippiCopyReplicateBorder_16u_C1IR
ippiCopyReplicateBorder_16u_C1R
ippiCopyReplicateBorder_16u_C3IR
ippiCopyReplicateBorder_16u_C3R
ippiCopyReplicateBorder_16u_C4IR
ippiCopyReplicateBorder_16u_C4R
ippiCopyReplicateBorder_32s_AC4IR
ippiCopyReplicateBorder_32s_AC4R
ippiCopyReplicateBorder_32s_C1IR
ippiCopyReplicateBorder_32s_C1R
ippiCopyReplicateBorder_32s_C3IR
ippiCopyReplicateBorder_32s_C3R
ippiCopyReplicateBorder_32s_C4IR
ippiCopyReplicateBorder_32s_C4R
ippiCopyReplicateBorder_8u_AC4IR
ippiCopyReplicateBorder_8u_AC4R
ippiCopyReplicateBorder_8u_C1IR
ippiCopyReplicateBorder_8u_C1R
ippiCopyReplicateBorder_8u_C3IR
ippiCopyReplicateBorder_8u_C3R
ippiCopyReplicateBorder_8u_C4IR
ippiCopyReplicateBorder_8u_C4R
ippiCopyWrapBorder_32s_C1IR
ippiCopyWrapBorder_32s_C1R
ippiCopy_16s_AC4C3R
ippiCopy_16s_AC4MR
ippiCopy_16s_AC4R
ippiCopy_16s_C1C3R
ippiCopy_16s_C1C4R
ippiCopy_16s_C1MR
ippiCopy_16s_C1R
ippiCopy_16s_C3AC4R
ippiCopy_16s_C3C1R
ippiCopy_16s_C3CR
ippiCopy_16s_C3MR
ippiCopy_16s_C3P3R
ippiCopy_16s_C3R
ippiCopy_16s_C4C1R
ippiCopy_16s_C4CR
ippiCopy_16s_C4MR
ippiCopy_16s_C4P4R
ippiCopy_16s_C4R
ippiCopy_16s_P3C3R
ippiCopy_16s_P4C4R
ippiCopy_16u_AC4C3R
ippiCopy_16u_AC4MR
ippiCopy_16u_AC4R
ippiCopy_16u_C1C3R
ippiCopy_16u_C1C4R
ippiCopy_16u_C1MR
ippiCopy_16u_C1R
ippiCopy_16u_C3AC4R
ippiCopy_16u_C3C1R
ippiCopy_16u_C3CR
ippiCopy_16u_C3MR
ippiCopy_16u_C3P3R
ippiCopy_16u_C3R
ippiCopy_16u_C4C1R
ippiCopy_16u_C4CR
ippiCopy_16u_C4MR
ippiCopy_16u_C4P4R
ippiCopy_16u_C4R
ippiCopy_16u_P3C3R
ippiCopy_16u_P4C4R
ippiCopy_32f_AC4C3R
ippiCopy_32f_AC4MR
ippiCopy_32f_AC4R
ippiCopy_32f_C1C3R
ippiCopy_32f_C1C4R
ippiCopy_32f_C1MR
ippiCopy_32f_C1R
ippiCopy_32f_C3AC4R
ippiCopy_32f_C3C1R
ippiCopy_32f_C3CR
ippiCopy_32f_C3MR
ippiCopy_32f_C3P3R
ippiCopy_32f_C3R
ippiCopy_32f_C4C1R
ippiCopy_32f_C4CR
ippiCopy_32f_C4MR
ippiCopy_32f_C4P4R
ippiCopy_32f_C4R
ippiCopy_32f_P3C3R
ippiCopy_32f_P4C4R
ippiCopy_32s_AC4C3R
ippiCopy_32s_AC4MR
ippiCopy_32s_AC4R
ippiCopy_32s_C1C3R
ippiCopy_32s_C1C4R
ippiCopy_32s_C1MR
ippiCopy_32s_C1R

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 220KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libguide40.dll
.dll windows:4 windows x86 arch:x86

fb01e389dde72dc5b85c9e61837430ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
FormatMessageA
GetStdHandle
AllocConsole
GetLastError
CreateThread
GetCurrentThread
SetThreadAffinityMask
SetThreadPriority
ResumeThread
CloseHandle
GetEnvironmentVariableA
SetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
ResetEvent
WaitForSingleObject
SetEvent
Sleep
TlsSetValue
TlsGetValue
GetProcessAffinityMask
GetCurrentProcess
GetProcAddress
GetSystemInfo
TlsAlloc
LoadLibraryA
TlsFree
TerminateThread
QueryPerformanceCounter
QueryPerformanceFrequency
DuplicateHandle
GetExitCodeThread
SleepEx
VirtualQuery
ExitProcess
TerminateProcess
SetStdHandle
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
LocalFree
SetConsoleCtrlHandler
GetCommandLineA
GetVersion
FlushFileBuffers
WriteFile
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
WideCharToMultiByte
RtlUnwind
GetCurrentThreadId
SetLastError
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
ReadFile

Exports

Exports

KMP_ALIGNED_SHARABLE_MALLOC
KMP_CALLOC
KMP_FREE
KMP_GET_BLOCKTIME
KMP_GET_LIBRARY
KMP_GET_NUM_KNOWN_THREADS
KMP_GET_STACKSIZE
KMP_GET_STACKSIZE_S
KMP_LOCK_COND_BROADCAST
KMP_LOCK_COND_SIGNAL
KMP_LOCK_COND_WAIT
KMP_MALLOC
KMP_NEST_LOCK_COND_BROADCAST
KMP_NEST_LOCK_COND_SIGNAL
KMP_NEST_LOCK_COND_WAIT
KMP_PRINT_BANNER
KMP_REALLOC
KMP_SET_AFFINITY
KMP_SET_BLOCKTIME
KMP_SET_LIBRARY
KMP_SET_LIBRARY_SERIAL
KMP_SET_LIBRARY_THROUGHPUT
KMP_SET_LIBRARY_TURNAROUND
KMP_SET_PARALLEL_NAME
KMP_SET_STACKSIZE
KMP_SET_STACKSIZE_S
KMP_SET_STATS
KMP_SET_WARNINGS_OFF
KMP_SET_WARNINGS_ON
KMP_SHARABLE_CALLOC
KMP_SHARABLE_FREE
KMP_SHARABLE_MALLOC
KMP_SHARABLE_REALLOC
OMP_DESTROY_LOCK
OMP_DESTROY_NEST_LOCK
OMP_GET_DYNAMIC
OMP_GET_MAX_THREADS
OMP_GET_NESTED
OMP_GET_NUM_PROCS
OMP_GET_NUM_THREADS
OMP_GET_THREAD_NUM
OMP_GET_WTICK
OMP_GET_WTIME
OMP_INIT_LOCK
OMP_INIT_NEST_LOCK
OMP_IN_PARALLEL
OMP_SET_DYNAMIC
OMP_SET_LOCK
OMP_SET_NESTED
OMP_SET_NEST_LOCK
OMP_SET_NUM_THREADS
OMP_TEST_LOCK
OMP_TEST_NEST_LOCK
OMP_UNSET_LOCK
OMP_UNSET_NEST_LOCK
VT_getthid
__kmp_acquire_bootstrap_lock
__kmp_acquire_lock
__kmp_dispatch_dxo_4
__kmp_dispatch_dxo_8
__kmp_fork_call
__kmp_invoke_microtask
__kmp_launch_monitor
__kmp_launch_worker
__kmp_reap_monitor
__kmp_reap_worker
__kmp_release
__kmp_release_bootstrap_lock
__kmp_release_lock
__kmp_test_lock
__kmp_wait_sleep
__kmp_wait_yield_4
__kmp_wait_yield_8
__kmpc_atomic_4
__kmpc_atomic_8
__kmpc_atomic_fixed4_add
__kmpc_atomic_fixed8_add
__kmpc_atomic_float4_add
__kmpc_atomic_float8_add
__kmpc_barrier
__kmpc_barrier_master
__kmpc_barrier_master_nowait
__kmpc_barrier_reduce_master
__kmpc_begin
__kmpc_bound_num_threads
__kmpc_bound_thread_num
__kmpc_copyprivate
__kmpc_critical
__kmpc_destroy_lock
__kmpc_destroy_nest_lock
__kmpc_dispatch_fini_4
__kmpc_dispatch_fini_8
__kmpc_dispatch_init_4
__kmpc_dispatch_init_8
__kmpc_dispatch_next_4
__kmpc_dispatch_next_8
__kmpc_end
__kmpc_end_barrier_master
__kmpc_end_barrier_reduce_master
__kmpc_end_critical
__kmpc_end_master
__kmpc_end_ordered
__kmpc_end_serialized_parallel
__kmpc_end_single
__kmpc_end_taskq
__kmpc_end_taskq_task
__kmpc_flush
__kmpc_for_static_fini
__kmpc_for_static_init_4
__kmpc_for_static_init_8
__kmpc_fork_call
__kmpc_global_num_threads
__kmpc_global_thread_num
__kmpc_in_parallel
__kmpc_in_ssp
__kmpc_init_lock
__kmpc_init_nest_lock
__kmpc_invoke_task_func
__kmpc_master
__kmpc_ok_to_fork
__kmpc_ordered
__kmpc_pop_num_threads
__kmpc_push_num_threads
__kmpc_reduce_master_nowait
__kmpc_serialized_parallel
__kmpc_set_lock
__kmpc_set_nest_lock
__kmpc_single
__kmpc_ssp_begin
__kmpc_ssp_distance_4
__kmpc_ssp_distance_8
__kmpc_ssp_end
__kmpc_ssp_fork
__kmpc_ssp_get_max_threads
__kmpc_ssp_init_thread
__kmpc_ssp_num_threads
__kmpc_ssp_post_4
__kmpc_ssp_post_8
__kmpc_ssp_set_event
__kmpc_ssp_set_max_threads
__kmpc_ssp_thread_num
__kmpc_ssp_wait_4
__kmpc_ssp_wait_8
__kmpc_task
__kmpc_task_buffer
__kmpc_taskq
__kmpc_taskq_task
__kmpc_test_lock
__kmpc_test_nest_lock
__kmpc_threadprivate
__kmpc_threadprivate_cached
__kmpc_threadprivate_register
__kmpc_threadprivate_register_vec
__kmpc_unset_lock
__kmpc_unset_nest_lock
kmp_aligned_sharable_malloc
kmp_calloc
kmp_free
kmp_get_blocktime
kmp_get_library
kmp_get_num_known_threads
kmp_get_stacksize
kmp_get_stacksize_s
kmp_lock_cond_broadcast
kmp_lock_cond_signal
kmp_lock_cond_wait
kmp_malloc
kmp_nest_lock_cond_broadcast
kmp_nest_lock_cond_signal
kmp_nest_lock_cond_wait
kmp_print_banner
kmp_realloc
kmp_set_affinity
kmp_set_blocktime
kmp_set_library
kmp_set_library_serial
kmp_set_library_throughput
kmp_set_library_turnaround
kmp_set_parallel_name
kmp_set_stacksize
kmp_set_stacksize_s
kmp_set_stats
kmp_set_warnings_off
kmp_set_warnings_on
kmp_sharable_calloc
kmp_sharable_free
kmp_sharable_malloc
kmp_sharable_realloc
kmpc_aligned_sharable_malloc
kmpc_calloc
kmpc_free
kmpc_get_banner
kmpc_get_poolmode
kmpc_get_poolsize
kmpc_get_poolstat
kmpc_malloc
kmpc_poolprint
kmpc_print_banner
kmpc_realloc
kmpc_set_affinity
kmpc_set_blocktime
kmpc_set_library
kmpc_set_parallel_name
kmpc_set_poolmode
kmpc_set_poolsize
kmpc_set_stacksize
kmpc_set_stacksize_s
kmpc_set_stats
kmpc_sharable_calloc
kmpc_sharable_free
kmpc_sharable_malloc
kmpc_sharable_realloc
omp_destroy_lock
omp_destroy_nest_lock
omp_get_dynamic
omp_get_max_threads
omp_get_nested
omp_get_num_procs
omp_get_num_threads
omp_get_thread_num
omp_get_wtick
omp_get_wtime
omp_in_parallel
omp_init_lock
omp_init_nest_lock
omp_set_dynamic
omp_set_lock
omp_set_nest_lock
omp_set_nested
omp_set_num_threads
omp_test_lock
omp_test_nest_lock
omp_unset_lock
omp_unset_nest_lock
ompc_set_dynamic
ompc_set_nested
ompc_set_num_threads
vtgthid

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:02

Not After

25-07-2013 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6
Signer

Actual PE Digest

05:c5:93:9c:0d:cd:fc:08:2e:51:ee:8e:e1:e0:0f:4b:d3:83:4c:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nat.dll
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

79:62:d1:17:de:49:04:86:2b:41:68:ab:36:cc:bc:6c
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

08-09-2013 00:00

Not After

08-10-2014 23:59

Subject

CN=KGRID CO.\,Ltd,O=KGRID CO.\,Ltd,L=Gangnam-gu,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

39:34:1c:16:f8:43:2c:62:38:4f:c1:6e:54:e2:57:cc:db:6d:07:3b
Signer

Actual PE Digest

39:34:1c:16:f8:43:2c:62:38:4f:c1:6e:54:e2:57:cc:db:6d:07:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

_AddHttpServer
_AddServer
_AddServerW
_AppendServer
_AutoSetupServiceApp
_Delete_KGRID
_DownloadCompleteFile
_ExistFile
_GetCurrentFileSize
_GetCurrentFileSize_KGRID
_GetCurrentPeerInfo
_GetLivePeerCount
_GetMaxSpeed
_GetTraffic
_GetTraffic_KGRID
_Init
_Init_KGRID
_New_KGRID
_NotUseServiceApp
_ReceiveSize
_ReceiveSize_KGRID
_ResumeDownload
_SetCutSpeed
_SetDownloadSpeed
_SetDownloadSpeed2
_SetDownloadSpeed_KGRID
_SetFileServerPeerCount
_SetInitServerPeerConnectCount
_SetServerConnectCount
_Speed
_Speed_KGRID
_StartDownload
_StartDownload2
_StartDownload2W
_StartDownload3
_StartDownloadForLivePeer
_StartDownloadW
_StartDownload_Chunk
_StartDownload_KGRID
_StartDownload_NHash
_Status
_Status_KGRID
_StopDownload
_StopDownload_KGRID
_SuspendDownload
_UnInit
_UnInit_KGRID
_UseDebugView

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 530KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
postproc-52.dll
.dll windows:4 windows x86 arch:x86

c260495236370ed97a48ada8e4a693ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
localeconv
malloc
memcpy
memmove
setlocale
strchr
strcmp
strerror
strlen
strncmp
strtok
strtol
_unlock
abort
atoi
calloc
fputc
free
getenv
wcslen

avutil-52

av_free
av_get_cpu_flags
av_log
av_malloc
av_mallocz
av_strlcpy

Exports

Exports

postproc_configuration
postproc_license
postproc_version
pp_free_context
pp_free_mode
pp_get_context
pp_get_mode_by_name_and_quality
pp_help
pp_postprocess

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sendPurchasedData.dll
.dll windows:5 windows x86 arch:x86

a03e9eda30a097bd16a40fd2a551ed98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Monster\Desktop\sendPurchasedData\Release\sendPurchasedData.pdb

Imports

kernel32

WaitForSingleObject
GetLastError
GetVersionExA
CloseHandle
InterlockedDecrement
WideCharToMultiByte
lstrlenW
LocalFree
CreateFileW
GetProcessHeap
SetEndOfFile
GetStringTypeW
LCMapStringW
HeapSize
FlushFileBuffers
WriteConsoleW
SetStdHandle
CreateFileA
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
HeapReAlloc
GetSystemTimeAsFileTime
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
MultiByteToWideChar
ReadFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
SetFilePointer
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
Sleep
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
RaiseException
CreateDirectoryA

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
VariantClear
SysFreeString

ws2_32

send
recv
WSACleanup
setsockopt
htons
closesocket
inet_ntoa
WSAStartup
inet_addr
getaddrinfo
freeaddrinfo
connect
socket

Exports

Exports

GetCpuId
GetHDDSerial
sendPurchasedData

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
svc_setup.exe
.exe windows:1 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

79:62:d1:17:de:49:04:86:2b:41:68:ab:36:cc:bc:6c
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

08-09-2013 00:00

Not After

08-10-2014 23:59

Subject

CN=KGRID CO.\,Ltd,O=KGRID CO.\,Ltd,L=Gangnam-gu,ST=SEOUL,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:56:25:b9:1b:d4:9b:91:83:e8:f4:bf:46:6a:66:dd:9c:de:c5:40
Signer

Actual PE Digest

7c:56:25:b9:1b:d4:9b:91:83:e8:f4:bf:46:6a:66:dd:9c:de:c5:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
swresample-0.dll
.dll windows:4 windows x86 arch:x86

bb54ca6f84ada591f67da0110e9d2b87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
localeconv
malloc
memcpy
memset
setlocale
strchr
strerror
strlen
strncmp
_unlock
abort
atoi
calloc
fputc
free
getenv
wcslen

avutil-52

av_calloc
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_default_channel_layout
av_get_packed_sample_fmt
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_log
av_malloc
av_mallocz
av_opt_set_defaults
av_opt_set_int
av_reduce
av_rescale
av_sample_fmt_is_planar

Exports

Exports

ff_float_to_int16_a_sse2
ff_float_to_int16_u_sse2
ff_float_to_int32_a_sse2
ff_float_to_int32_u_sse2
ff_int16_to_float_a_sse2
ff_int16_to_float_u_sse2
ff_int16_to_int32_a_mmx
ff_int16_to_int32_a_sse2
ff_int16_to_int32_u_mmx
ff_int16_to_int32_u_sse2
ff_int32_to_float_a_avx
ff_int32_to_float_a_sse2
ff_int32_to_float_u_avx
ff_int32_to_float_u_sse2
ff_int32_to_int16_a_mmx
ff_int32_to_int16_a_sse2
ff_int32_to_int16_u_mmx
ff_int32_to_int16_u_sse2
ff_log2_tab
ff_mix_1_1_a_float_avx
ff_mix_1_1_a_float_sse
ff_mix_1_1_a_int16_mmx
ff_mix_1_1_a_int16_sse2
ff_mix_1_1_u_float_avx
ff_mix_1_1_u_float_sse
ff_mix_1_1_u_int16_mmx
ff_mix_1_1_u_int16_sse2
ff_mix_2_1_a_float_avx
ff_mix_2_1_a_float_sse
ff_mix_2_1_a_int16_mmx
ff_mix_2_1_a_int16_sse2
ff_mix_2_1_u_float_avx
ff_mix_2_1_u_float_sse
ff_mix_2_1_u_int16_mmx
ff_mix_2_1_u_int16_sse2
ff_pack_2ch_float_to_int16_a_sse2
ff_pack_2ch_float_to_int16_u_sse2
ff_pack_2ch_float_to_int32_a_sse2
ff_pack_2ch_float_to_int32_u_sse2
ff_pack_2ch_int16_to_float_a_sse2
ff_pack_2ch_int16_to_float_u_sse2
ff_pack_2ch_int16_to_int16_a_sse2
ff_pack_2ch_int16_to_int16_u_sse2
ff_pack_2ch_int16_to_int32_a_sse2
ff_pack_2ch_int16_to_int32_u_sse2
ff_pack_2ch_int32_to_float_a_sse2
ff_pack_2ch_int32_to_float_u_sse2
ff_pack_2ch_int32_to_int16_a_sse2
ff_pack_2ch_int32_to_int16_u_sse2
ff_pack_2ch_int32_to_int32_a_sse2
ff_pack_2ch_int32_to_int32_u_sse2
ff_pack_6ch_float_to_float_a_avx
ff_pack_6ch_float_to_float_a_mmx
ff_pack_6ch_float_to_float_a_sse4
ff_pack_6ch_float_to_float_u_avx
ff_pack_6ch_float_to_float_u_mmx
ff_pack_6ch_float_to_float_u_sse4
ff_pack_6ch_float_to_int32_a_avx
ff_pack_6ch_float_to_int32_a_sse4
ff_pack_6ch_float_to_int32_u_avx
ff_pack_6ch_float_to_int32_u_sse4
ff_pack_6ch_int32_to_float_a_avx
ff_pack_6ch_int32_to_float_a_sse4
ff_pack_6ch_int32_to_float_u_avx
ff_pack_6ch_int32_to_float_u_sse4
ff_resample_int16_rounder
ff_unpack_2ch_float_to_int16_a_sse2
ff_unpack_2ch_float_to_int16_u_sse2
ff_unpack_2ch_float_to_int32_a_sse2
ff_unpack_2ch_float_to_int32_u_sse2
ff_unpack_2ch_int16_to_float_a_sse2
ff_unpack_2ch_int16_to_float_a_ssse3
ff_unpack_2ch_int16_to_float_u_sse2
ff_unpack_2ch_int16_to_float_u_ssse3
ff_unpack_2ch_int16_to_int16_a_sse2
ff_unpack_2ch_int16_to_int16_a_ssse3
ff_unpack_2ch_int16_to_int16_u_sse2
ff_unpack_2ch_int16_to_int16_u_ssse3
ff_unpack_2ch_int16_to_int32_a_sse2
ff_unpack_2ch_int16_to_int32_a_ssse3
ff_unpack_2ch_int16_to_int32_u_sse2
ff_unpack_2ch_int16_to_int32_u_ssse3
ff_unpack_2ch_int32_to_float_a_sse2
ff_unpack_2ch_int32_to_float_u_sse2
ff_unpack_2ch_int32_to_int16_a_sse2
ff_unpack_2ch_int32_to_int16_u_sse2
ff_unpack_2ch_int32_to_int32_a_sse2
ff_unpack_2ch_int32_to_int32_u_sse2
swr_alloc
swr_alloc_set_opts
swr_convert
swr_drop_output
swr_free
swr_get_class
swr_get_delay
swr_init
swr_inject_silence
swr_next_pts
swr_set_channel_mapping
swr_set_compensation
swr_set_matrix
swresample_configuration
swresample_license
swresample_version

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
swscale-2.dll
.dll windows:4 windows x86 arch:x86

bdd686222e4dc451f28b77a336761e78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_initterm
_iob
_lock
_onexit
localeconv
malloc
memcpy
memset
setlocale
strchr
strerror
strlen
strncmp
_unlock
abort
atoi
calloc
fputc
free
getenv
wcslen

avutil-52

av_free
av_freep
av_get_bits_per_pixel
av_get_cpu_flags
av_get_pix_fmt_name
av_log
av_malloc
av_mallocz
av_opt_set_defaults
av_pix_fmt_desc_get

Exports

Exports

sws_addVec
sws_allocVec
sws_alloc_context
sws_cloneVec
sws_context_class
sws_convVec
sws_convertPalette8ToPacked24
sws_convertPalette8ToPacked32
sws_format_name
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getCachedContext
sws_getCoefficients
sws_getColorspaceDetails
sws_getConstVec
sws_getContext
sws_getDefaultFilter
sws_getGaussianVec
sws_getIdentityVec
sws_get_class
sws_init_context
sws_isSupportedInput
sws_isSupportedOutput
sws_normalizeVec
sws_printVec2
sws_rgb2rgb_init
sws_scale
sws_scaleVec
sws_setColorspaceDetails
sws_shiftVec
sws_subVec
swscale_configuration
swscale_license
swscale_version

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
unace32.exe
.exe windows:5 windows x86 arch:x86

56bac85561f78132ca190bf57013fc88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\devel\Ark4\bin\unace32.pdb

Imports

kernel32

FindResourceA
FreeLibrary
LoadResource
FindResourceExA
WideCharToMultiByte
SizeofResource
GetProcAddress
LoadLibraryA
LockResource
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCommandLineA
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
unrar4.dll
.dll windows:4 windows x86 arch:x86

244d2f9772f4886a651db44514a2a29b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
Sleep
SystemTimeToFileTime
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

RARCloseArchive
RARGetDllVersion
RAROpenArchive
RAROpenArchiveEx
RARProcessFile
RARProcessFileW
RARReadHeader
RARReadHeaderEx
RARSetCallback
RARSetChangeVolProc
RARSetPassword
RARSetProcessDataProc
___CPPdebugHook

Sections

.text
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed0d71376e55d58ab36dc7d3ffda898

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5aCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 171KB

.ndata Size: - Virtual size: 180KB

.rsrc Size: 6KB - Virtual size: 6KB

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 851B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 610B

ec5fddc407d2b4e0a16fc4d786afc555

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 626B

a70233c77fd258ec47709388c2338273

Headers

File Characteristics

Imports

kernel32

crtdll

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 16B

.data Size: 80B - Virtual size: 80B

.idata Size: 588B - Virtual size: 588B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

66:a0:a9:d5:71:b5:af:be:fa:ce:81:3c:03:c6:d5:5a
Certificate

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 171KB

.ndata
Size: - Virtual size: 180KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 610B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 626B

.text
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 16B

.data
Size: 80B - Virtual size: 80B

.idata
Size: 588B - Virtual size: 588B

.reloc
Size: 156B - Virtual size: 156B

.edata
Size: 96B - Virtual size: 96B

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 4KB

CODE
Size: 30KB - Virtual size: 29KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 1024B - Virtual size: 515B

.reloc
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB

CODE
Size: 707KB - Virtual size: 707KB

DATA
Size: 11KB - Virtual size: 11KB

BSS
Size: - Virtual size: 774KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 1024B - Virtual size: 581B

.reloc
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 27KB - Virtual size: 27KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 329KB - Virtual size: 328KB

.data
Size: 36KB - Virtual size: 326KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 63KB - Virtual size: 62KB