4e6875dca7cd0e0f0adf0b442d154e54_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4e6875dca7cd0e0f0adf0b442d154e54_JaffaCakes118
Size

14.8MB
MD5

4e6875dca7cd0e0f0adf0b442d154e54
SHA1

51f2b36729ef9399012e4bcc7491e1a8db97e377
SHA256

ad639bb9d966273c305fc59b2f2a661cfb77944cd4aa0c83e3333c65cc13a510
SHA512

8b202299e72db8aa75257924ed6f20e1f857fa734d99881097312410464ea32ea1d458e201261eeaed49456385ee167c1181968b1075414fb7409bf9598b9689
SSDEEP

393216:Z9NG/Al8lpkrA1qrbirvaMAPWm1r54a2JBDr+3ApNer:Z9Upku3rHAPneDK7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/$PLUGINSDIR/DLLWaitForKillProgram.dll
unpack001/$PLUGINSDIR/FILEDownPlug120308.dll
unpack001/$PLUGINSDIR/FILEDownPlug2.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsProcess.dll
unpack001/DTLiteExe.exe
unpack001/Lang/KOR.dll

NSIS installer 2 IoCs

installer

Processes:

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

4e6875dca7cd0e0f0adf0b442d154e54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6e:ad:56:fb:10:fc:05:61:5c:a9:54:d7:71:65:99:9f
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

28-04-2016 00:00

Not After

22-01-2018 23:59

Subject

CN=EbizNetWorks,O=EbizNetWorks,L=Gangnam-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6f:6e:d1:5c:df:4b:c7:3a:6f:e6:cc:35:f3:52:4f:db:02:49:5b:85
Signer

Actual PE Digest

6f:6e:d1:5c:df:4b:c7:3a:6f:e6:cc:35:f3:52:4f:db:02:49:5b:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/DLLWaitForKillProgram.dll
.dll windows:4 windows x86 arch:x86

2e92645153848ef99816d61ac6e2a921

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
Sleep
Process32Next
Process32First
CreateToolhelp32Snapshot
GlobalFree
lstrcpyA
LocalFree
LocalAlloc

mfc42

ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord6375
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1176
ord1243
ord6467
ord4274
ord2982
ord269
ord826
ord600
ord1578

msvcrt

_strupr
toupper
??1type_info@@UAE@XZ
_onexit
__dllonexit
_EH_prolog
__CxxFrameHandler

user32

wsprintfA
MessageBoxA

Exports

Exports

DLLWaitForKillProcess
myFunction

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FILEDownPlug120308.dll
.dll windows:4 windows x86 arch:x86

1b6303fba3c09e3c12e1f0a7f2cc93ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
RtlUnwind

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Exports

Exports

Download

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FILEDownPlug2.dll
.dll windows:4 windows x86 arch:x86

1b6303fba3c09e3c12e1f0a7f2cc93ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
RtlUnwind

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Exports

Exports

Download

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsProcess.dll
.dll windows:4 windows x86 arch:x86

c9fc7f6df8fedf8f8f1f9f820c072664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
lstrcpynA
GlobalAlloc

Exports

Exports

_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTCommonRes.dll
.dll windows:5 windows x86 arch:x86

45004ad7f5ca79313ba8d7cee1894f6d

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:1b:f9:09:5b:c7:cf:13:32:f3:64:48:d1:7e:b7:08:51:63:69:06
Signer

Actual PE Digest

4b:1b:f9:09:5b:c7:cf:13:32:f3:64:48:d1:7e:b7:08:51:63:69:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Projects\dtlite5\ui\DTProRes\Win32\Release\DTCommonRes.pdb

Imports

comctl32

_TrackMouseEvent
ImageList_ReplaceIcon
ImageList_AddMasked

user32

BeginPaint
GetClientRect
SendMessageW
EndDialog
FrameRect
GetActiveWindow
EnumWindows
SetWindowLongW
GetWindowLongW
GetSysColorBrush
EndPaint
DialogBoxParamW
SetWindowTextW
GetDlgItem
ShowWindow
CreateWindowExW
GetWindowRect
ScreenToClient
MoveWindow
PostMessageW
GetDC
IsWindowVisible
ReleaseDC
MessageBoxW
EnableWindow
SetDlgItemTextW
GetParent
SetWindowPos
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageW
DestroyIcon
DrawIconEx
LoadIconW
SetCursor
GetDlgItemTextW
SetForegroundWindow
OpenClipboard
ExitWindowsEx
RegisterClassExW
IsWindowEnabled
RedrawWindow
AdjustWindowRect
UpdateWindow
CheckDlgButton
DrawIcon
GetWindowRgn
DestroyCursor
CreateMenu
SubtractRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
LockWindowUpdate
SetParent
SetRect
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
PostThreadMessageW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
MonitorFromPoint
UpdateLayeredWindow
IsMenu
UnionRect
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EnumDisplayMonitors
SetLayeredWindowAttributes
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
IsRectEmpty
OffsetRect
SetRectEmpty
WindowFromPoint
GetNextDlgGroupItem
GetMenuDefaultItem
CreatePopupMenu
CharUpperW
IsIconic
DeleteMenu
CopyImage
GetMenuItemInfoW
DestroyMenu
IntersectRect
RealChildWindowFromPoint
MapDialogRect
MapVirtualKeyW
GetKeyNameTextW
ShowOwnedPopups
SendDlgItemMessageA
LoadMenuW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetFocus
LoadCursorW
GetWindowTextW
GetTopWindow
GetWindow
GetSystemMenu
EnableMenuItem
KillTimer
SetTimer
GetAsyncKeyState
GetDlgCtrlID
GetFocus
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetKeyState
GetClassNameW
EnumChildWindows
RegisterWindowMessageW
LoadBitmapW
GetSystemMetrics
ClientToScreen
InvalidateRect
DrawTextW
GetWindowTextLengthW
CreateDialogParamW
GetMessageW
TranslateMessage
DispatchMessageW
GetUpdateRect
DestroyWindow
PostQuitMessage
UnregisterClassW
CallWindowProcW
GetPropW
ReleaseCapture
InflateRect
DrawFocusRect
SetPropW
PtInRect
SetCapture
RemovePropW
GetCursorPos
GetWindowThreadProcessId
DefWindowProcW
SetMenuItemBitmaps
CheckMenuItem
WinHelpW
GetScrollInfo
SetScrollInfo
GetClassLongW
EqualRect
MapWindowPoints
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetSysColor
SystemParametersInfoW
CopyRect
MonitorFromWindow
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
GetMessagePos
PeekMessageW
GetLastActivePopup
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
GetMonitorInfoW
GetDialogBaseUnits
DialogBoxIndirectParamW
IsWindow
DrawTextExW
IsDialogMessageW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
CreateDialogIndirectParamW
GetNextDlgTabItem
SetActiveWindow
GetDesktopWindow
MessageBeep

kernel32

VerSetConditionMask
GlobalLock
GlobalUnlock
FindClose
GetSystemTimeAsFileTime
GetSystemInfo
GetFileAttributesW
VerifyVersionInfoW
GetLocaleInfoA
GetCurrentThread
GetThreadTimes
GlobalSize
SetLastError
OutputDebugStringA
FreeResource
GetModuleHandleA
EncodePointer
GetSystemDirectoryW
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
GlobalFindAtomW
lstrcmpA
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
VirtualProtect
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileSizeEx
GetFileTime
FileTimeToSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
SetErrorMode
GlobalGetAtomNameW
GlobalFlags
CompareStringW
FlushFileBuffers
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
GetWindowsDirectoryW
lstrcpyW
GetProfileIntW
SearchPathW
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapQueryInformation
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
WritePrivateProfileStringW
TerminateProcess
GetStartupInfoW
GetStringTypeW
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
MulDiv
SystemTimeToFileTime
GetSystemTime
FlushInstructionCache
GetCurrentProcess
GetVersionExW
GetFileSize
GetUserDefaultLCID
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalAddAtomW
DeleteAtom
GetLocaleInfoW
InterlockedDecrement
InterlockedIncrement
DecodePointer
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
FindFirstFileW
RaiseException
DeleteCriticalSection
InitializeCriticalSection
CreateFileW
CreateDirectoryW
DeleteFileW
CreateEventA
LeaveCriticalSection
EnterCriticalSection
CopyFileW
LocalFree
FormatMessageW
GetCurrentDirectoryW
MoveFileExW
GetTempFileNameW
GetTempPathW
lstrlenW
GetLogicalDriveStringsW
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetModuleFileNameW
DisconnectNamedPipe
WriteFile
ReadFile
GetOverlappedResult
WaitForMultipleObjects
GetLastError
SetEvent
ConnectNamedPipe
GetCurrentProcessId
CreateNamedPipeW
Sleep
FreeLibrary
LoadLibraryExW
FindResourceExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
CreateThread
MultiByteToWideChar
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
GetTickCount
CloseHandle
CreateEventW
GetPrivateProfileStringW
GlobalFree
SetUnhandledExceptionFilter
GlobalAlloc
FormatMessageA
ResetEvent
ReleaseSemaphore
OpenEventA
VirtualFree
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead

gdi32

GetTextFaceW
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
GetBoundsRect
FillRgn
SetPaletteEntries
ExtFloodFill
SetPixelV
PtInRegion
FrameRgn
CreateRoundRectRgn
OffsetRgn
GetRgnBox
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
CreateCompatibleBitmap
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
DPtoLP
SetRectRgn
CombineRgn
GetTextMetricsW
PatBlt
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
TextOutW
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
CopyMetaFileW
CreateDIBSection
SetDIBitsToDevice
SetDIBits
GetBitmapBits
CreatePen
CreateSolidBrush
DeleteDC
CreateDCW
RoundRect
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateFontIndirectW
GetObjectW
GetDeviceCaps
DeleteObject
GetStockObject
GetTextExtentPoint32W
SelectObject

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetSaveFileNameW
GetOpenFileNameW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumValueW
RegQueryValueW
RegEnumKeyW
SetNamedSecurityInfoW
SetEntriesInAclW
LookupPrivilegeValueW
RegOpenKeyExW
AllocateAndInitializeSid
AdjustTokenPrivileges
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
SHAppBarMessage
DragFinish
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
ord680
DuplicateIcon
ShellExecuteW
DragQueryFileW

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFindExtensionW
PathIsUNCW
StrFormatKBSizeW
PathStripToRootW
PathFileExistsW

uxtheme

GetThemePartSize
GetWindowTheme
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetCurrentThemeName
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

RevokeDragDrop
RegisterDragDrop
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoGetClassObject
OleSetContainedObject
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateGuid
CoLockObjectExternal

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantInit
VariantClear
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
VarBstrCat
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Exports

Exports

??0?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@QAE@XZ
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestSimple@DTNet@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseCommon@DTNet@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@3@XZ@51
?DevicesListDialog@@YGJPAUHWND__@@KVCComBSTR@ATL@@AAV23@PAUIDaemonProEngine@@PAX@Z
?EditBox@@YGHPAUHWND__@@PB_W1PA_WK2H@Z
?GetComputerNameDialog@@YGHPAUHWND__@@PAUIDaemonProEngine@@PA_WJH@Z
?GetUserNameAndPassword@@YGHPAUHWND__@@PAUIDaemonProEngine@@PA_W2@Z
?IsDeviceInfoShowed@@YGHXZ
?IsDeviceParametersShowed@@YGHXZ
?IsEraseDialogShowed@@YGHXZ
?MessageBoxChecked@@YGIPAUHWND__@@PB_W1PAH@Z
?MessageBoxExt@DTProRes@@YGIPAUHWND__@@PB_W1111IPAUHICON__@@@Z
?ProcessingInProgress@@YGHXZ
?ReleaseDTProResObjects@@YGXXZ
?SelectImageCatalogFolder@@YGHPAUHWND__@@PAUIDaemonProEngine@@PAUITreeItems@@PAPAU3@@Z
?SetInvisibleWaitDialog@@YGX_N@Z
?ShowBurnImageDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PA_WHPAVIAttachedProgress@@2@Z
?ShowConvertImagesDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PA_WPAVIAttachedProgress@@@Z
?ShowCreateTrueCryptDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowCreateVHDDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowCreateWritableROMDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowDeviceInfo@@YGXPAUHWND__@@PAUIPhysicalDevice@@PAUIDeviceInfo@@@Z
?ShowDeviceParameters@@YGHPAUHWND__@@PAUTDeviceParametersDlg@@PAX@Z
?ShowEraseDiskDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAUIPhysicalDevice@@@Z
?ShowGrabDiskDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAUIPhysicalDevice@@PAVIAttachedProgress@@@Z
?SplashSetMessageText@@YGXPA_W@Z
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCRequestSimple@DTNet@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCResponseCommon@DTNet@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@23@XZ
?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestSimple@DTNet@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseCommon@DTNet@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@23@XZ
?get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?instance@?$singleton@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCRequestSimple@DTNet@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCResponseCommon@DTNet@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@23@A
?instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@3@A
?instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@3@A
?is_destroyed@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCRequestHandShake@DTNet@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCRequestSimple@DTNet@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCRequestSimple@DTNet@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseCommon@DTNet@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCResponseCommon@DTNet@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCResponseHandShake@DTNet@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseCommon@DTNet@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vbinary_iarchive@archive@boost@@UCResponseHandShake@DTNet@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestHandShake@DTNet@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vbinary_oarchive@archive@boost@@UCRequestSimple@DTNet@@@detail@archive@boost@@@634@A
CheckForUpdateCommand
ShowFileDialogEx
ShowInstallationNameDialogCommand
ShowLicenseDialogCommand
_AboutDialogShow@8
_CheckForUpdateCommandAsync@16
_CheckLicenseCommand@16
_CheckLicenseOwnWaitCommand@16
_CheckSPTDInstallation@20
_SplashHide@0
_SplashShow@4

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTGadget32.dll
.dll regsvr32 windows:6 windows x86 arch:x86

b0d82e80d5509dba479bde88efc70fd7

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:39:84:2a:82:c2:dd:9e:03:8b:2c:d5:b7:72:f7:2c:d8:60:8c:b9
Signer

Actual PE Digest

1f:39:84:2a:82:c2:dd:9e:03:8b:2c:d5:b7:72:f7:2c:d8:60:8c:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Projects\dtlite5\ui\Gadget\Release\Win32\DTGadget.pdb

Imports

mpr

WNetAddConnection3W

gdi32

GetBitmapBits
GetObjectW
DeleteObject

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetOpenW

kernel32

LeaveCriticalSection
GetCurrentProcessId
GetModuleFileNameW
WaitForSingleObject
EncodePointer
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExW
lstrcmpiW
GetThreadLocale
SetThreadLocale
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindFirstFileW
FindNextFileW
WriteFile
OutputDebugStringW
InitializeCriticalSection
SetEvent
OpenEventW
GetPrivateProfileStringW
GetCurrentThreadId
TerminateThread
WideCharToMultiByte
VerSetConditionMask
HeapDestroy
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
EnterCriticalSection
VerifyVersionInfoW
IsProcessorFeaturePresent
GetLocaleInfoA
GetUserDefaultLCID
WritePrivateProfileStringW
Sleep
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetOEMCP
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetStdHandle
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CloseHandle
WriteConsoleW
IsDebuggerPresent
GetStringTypeW
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
CreateThread
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
LocalFree
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetCommandLineA

user32

DialogBoxParamW
GetDlgItem
SetDlgItemTextW
SendMessageW
CharNextW
MessageBoxW
EndDialog
LoadImageW
DestroyIcon
GetIconInfo
SetWindowTextW
SetForegroundWindow
GetDlgItemTextW

advapi32

SetEntriesInAclW
AllocateAndInitializeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegDeleteKeyExW
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorSacl
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
SetNamedSecurityInfoW

shell32

ShellExecuteExW
SHGetFolderPathW
ExtractIconExW
ShellExecuteW

ole32

CoTaskMemAlloc
CoInitialize
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize

oleaut32

VarBstrCmp
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VarBstrCat
SysFreeString

shlwapi

PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTGadget64.dll
.dll regsvr32 windows:6 windows x64 arch:x64

c7cf52dbc86d40ad44223d4085deed3b

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fd:bf:ed:d9:d3:1e:9c:ce:cf:30:19:8f:89:6e:3e:0d:29:09:2e:f9
Signer

Actual PE Digest

fd:bf:ed:d9:d3:1e:9c:ce:cf:30:19:8f:89:6e:3e:0d:29:09:2e:f9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\Projects\dtlite5\ui\Gadget\Release\x64\DTGadget.pdb

Imports

mpr

WNetAddConnection3W

gdi32

DeleteObject
GetBitmapBits
GetObjectW

wininet

InternetCloseHandle
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetOpenW

kernel32

HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
GetCurrentProcess
GetSystemTimeAsFileTime
FindResourceExW
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadResource
LockResource
SizeofResource
LocalFree
FindResourceW
VerifyVersionInfoW
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetUserDefaultLCID
CreateDirectoryW
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
EncodePointer
InitializeCriticalSectionEx
LoadLibraryExW
HeapAlloc
GetThreadLocale
SetThreadLocale
SetCurrentDirectoryW
GetCurrentDirectoryW
OutputDebugStringW
InitializeCriticalSection
SetEvent
OpenEventW
GetPrivateProfileStringW
GetCurrentThreadId
GetCommandLineA
WritePrivateProfileStringW
Sleep
IsDebuggerPresent
WriteConsoleW
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetConsoleCP
GetConsoleMode
GetStdHandle
GetOEMCP
GetACP
RtlPcToFileHeader
IsValidCodePage
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
VerSetConditionMask
RtlLookupFunctionEntry
RtlUnwindEx
HeapDestroy
GetLastError
RaiseException
CloseHandle
DecodePointer
WriteFile
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcmpiW
CreateFileW
CreateThread
TerminateThread
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
IsProcessorFeaturePresent
GetStringTypeW
GetCPInfo
RtlCaptureContext

user32

SendMessageW
GetIconInfo
SetWindowTextW
SetForegroundWindow
GetDlgItemTextW
SetDlgItemTextW
GetDlgItem
EndDialog
CharNextW
MessageBoxW
LoadImageW
DestroyIcon
DialogBoxParamW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
SetNamedSecurityInfoW
SetEntriesInAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetSecurityDescriptorSacl
AllocateAndInitializeSid
RegDeleteKeyExW

ole32

CoTaskMemAlloc
CoInitialize
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize

shell32

ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
ExtractIconExW

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
LoadRegTypeLi
VarBstrCmp
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi

shlwapi

PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTHelper.exe
.exe windows:5 windows x86 arch:x86

ca82b347ae5257f190f23d5cd502a21d

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:e3:f5:29:70:b3:79:c6:c4:3b:b0:ed:a9:28:4d:5a:88:ca:33:d1
Signer

Actual PE Digest

50:e3:f5:29:70:b3:79:c6:c4:3b:b0:ed:a9:28:4d:5a:88:ca:33:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Projects\dtlite5\ui\Helper\Release\DTHelper.pdb

Imports

kernel32

DeleteCriticalSection
VerSetConditionMask
LocalFree
GetCurrentProcess
FindClose
GetSystemTimeAsFileTime
FindFirstFileW
VerifyVersionInfoW
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
WriteConsoleW
FlushFileBuffers
SetStdHandle
LCMapStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryExW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetLastError
InitializeCriticalSectionAndSpinCount
RaiseException
FindResourceW
FindResourceExW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
LoadLibraryW
GetModuleHandleW
WaitForSingleObject
GetModuleFileNameW
WriteFile
CloseHandle
DisconnectNamedPipe
ReadFile
CreateFileW
WaitNamedPipeW
GetProcAddress
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
GetFileType
GetStdHandle
GetCurrentThreadId
SetLastError
GetModuleHandleExW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCommandLineW
IsProcessorFeaturePresent
RtlUnwind
ExitProcess

user32

DestroyWindow
AllowSetForegroundWindow
LoadIconW
SendMessageW
CreateWindowExW
MessageBoxW

advapi32

GetTokenInformation
OpenProcessToken
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

ord680
ShellExecuteExW
SHChangeNotify

ole32

CoCreateInstance
CoInitializeSecurity

oleaut32

SysFreeString

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DTLite.gadget
.cab
gadget.html
.html
gadget.xml
images/DTGadget_icon.png
.png
images/btn-message-h.png
.png
images/btn-message-p.png
.png
images/btn-message.png
.png
images/btn-next-disabled.png
.png
images/btn-next-h.png
.png
images/btn-next-p.png
.png
images/btn-next.png
.png
images/btn-prev-disabled.png
.png
images/btn-prev-h.png
.png
images/btn-prev-p.png
.png
images/btn-prev.png
.png
images/container-0.png
.png
images/container-1.png
.png
images/container-2.png
.png
images/container-3.png
.png
images/container-4.png
.png
images/container-c.png
.png
images/device-bd.gif
.gif
images/device-cd.gif
.gif
images/device-dvd.gif
.gif
images/device-hdd.gif
.gif
images/device-shine.png
.png
images/device-type-back.png
.png
images/device-usb.gif
.gif
images/ico-add-device-clicked.png
.png
images/ico-add-device-hover.png
.png
images/ico-add-device.png
.png
images/ico-add-drive-to-empty-h.png
.png
images/ico-add-drive-to-empty-p.png
.png
images/ico-add-drive-to-empty.png
.png
images/ico-cd-dvd-no-disc.png
.png
images/ico-cd-dvd.png
.png
images/ico-delete-device-h.png
.png
images/ico-delete-device-p.png
.png
images/ico-delete-device.png
.png
images/ico-hdd.png
.png
images/ico-msg-unmount-all.png
.png
images/ico-run-dtpro-clicked.png
.png
images/ico-run-dtpro-hover.png
.png
images/ico-run-dtpro.png
.png
images/ico-to-bottom.png
.png
images/ico-to-top.png
.png
images/ico-unmount-all-clicked.png
.png
images/ico-unmount-all-hover.png
.png
images/ico-unmount-all.png
.png
images/ico-usb.png
.png
images/logo-dtpro.png
.png
images/message-wnd.png
.png
images/scroll-dragger-hovered.png
.png
images/scroll-dragger.png
.png
images/switcher-block-h.png
.png
images/switcher-block-p.png
.png
images/switcher-block.png
.png
jquery/jquery.min.js
.js
jquery/newfunctions.js
.js
jquery/newgadget.js
.js
message.html
.html
newstyle.css
DTLiteDLL.dll
.dll windows:5 windows x86 arch:x86

f2c55ef7a4c72e3b5b79bb50d0f6aabb

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:fc:36:fe:0a:cd:03:9e:65:b5:3c:6e:5a:bb:da:e7:b1:a5:e1:3d
Signer

Actual PE Digest

e4:fc:36:fe:0a:cd:03:9e:65:b5:3c:6e:5a:bb:da:e7:b1:a5:e1:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Projects\dtlite5\ui\tray\Tray\Win32\Release\DTLiteDLL.pdb

Imports

uxtheme

IsThemeActive
DrawThemeText
OpenThemeData
CloseThemeData
GetWindowTheme
GetThemeSysColor
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground

dtcommonres

?EditBox@@YGHPAUHWND__@@PB_W1PA_WK2H@Z
?SetInvisibleWaitDialog@@YGX_N@Z
_CheckSPTDInstallation@20
?MessageBoxExt@DTProRes@@YGIPAUHWND__@@PB_W1111IPAUHICON__@@@Z
?ShowDeviceParameters@@YGHPAUHWND__@@PAUTDeviceParametersDlg@@PAX@Z
?IsDeviceInfoShowed@@YGHXZ
?IsDeviceParametersShowed@@YGHXZ
?ReleaseDTProResObjects@@YGXXZ
_AboutDialogShow@8
?ShowGrabDiskDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAUIPhysicalDevice@@PAVIAttachedProgress@@@Z
?ShowBurnImageDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PA_WHPAVIAttachedProgress@@2@Z
?ShowConvertImagesDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PA_WPAVIAttachedProgress@@@Z
?ShowEraseDiskDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAUIPhysicalDevice@@@Z
?ShowCreateVHDDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowCreateTrueCryptDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowCreateWritableROMDialog@@YGXPAUIDaemonProEngine@@PAUHWND__@@PAX@Z
?ShowDeviceInfo@@YGXPAUHWND__@@PAUIPhysicalDevice@@PAUIDeviceInfo@@@Z

mpr

WNetAddConnection3W

kernel32

LCMapStringW
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
FindFirstFileW
lstrlenW
GetCurrentThreadId
IsValidLocale
CreateThread
CloseHandle
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
QueryPerformanceCounter
HeapAlloc
GetProcessHeap
FindResourceExW
CreateEventW
SetEvent
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
CreateNamedPipeW
GetCurrentProcessId
ConnectNamedPipe
GetLastError
WaitForMultipleObjects
GetOverlappedResult
ReadFile
WriteFile
DisconnectNamedPipe
LoadLibraryW
FreeLibrary
FindResourceA
InitializeCriticalSectionAndSpinCount
GetFileAttributesW
RaiseException
GetCurrentDirectoryW
SetCurrentDirectoryW
GetModuleFileNameA
GetStdHandle
PeekNamedPipe
GetFileInformationByHandle
GetTimeZoneInformation
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
DecodePointer
DeleteCriticalSection
Sleep
CreateMutexW
FreeEnvironmentStringsW
WaitForSingleObject
GetEnvironmentStringsW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualFree
OpenEventA
ReleaseSemaphore
ResetEvent
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualAlloc
RtlUnwind
ExitThread
GetCommandLineA
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
IsProcessorFeaturePresent
IsDebuggerPresent
VirtualProtect
SearchPathW
GetWindowsDirectoryW
GlobalFlags
GetLocaleInfoW
CompareStringW
GlobalGetAtomNameW
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
lstrcmpiW
DuplicateHandle
FormatMessageA
GetCommandLineW
UnlockFile
SetFilePointer
SetEndOfFile
OpenEventW
OpenMutexW
ResumeThread
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetProfileIntW
GetPrivateProfileIntW
SuspendThread
SetThreadPriority
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalFindAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
GetModuleHandleA
GetSystemDirectoryW
EncodePointer
OutputDebugStringA
SetLastError
CopyFileW
GlobalSize
GetThreadTimes
GetCurrentThread
WritePrivateProfileStringW
GetLocaleInfoA
VerifyVersionInfoW
lstrcpynW
MoveFileW
RemoveDirectoryW
FormatMessageW
GetSystemInfo
GetSystemTimeAsFileTime
VerSetConditionMask
GetCPInfo
GlobalAddAtomW
DeleteAtom
MulDiv
SystemTimeToFileTime
GetSystemTime
FlushInstructionCache
GetCurrentProcess
GlobalFree
MoveFileExW
GetTickCount
GetFileSize
GetTempFileNameW
GetTempPathW
GetUserDefaultLCID
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
LoadLibraryExW
GetDriveTypeW
GetLocalTime
GetVersionExW
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpA
InterlockedIncrement
InterlockedDecrement
LocalFree
lstrcpyW
LocalAlloc
GetPrivateProfileStringW
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CreateEventA
FindClose
FindNextFileW
GetVersion
DeleteFileW
CreateDirectoryW
InitializeCriticalSection
CreateFileW

user32

SetWindowRgn
DrawFrameControl
DrawStateW
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetMenuDefaultItem
GetNextDlgGroupItem
CopyAcceleratorTableW
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
IsIconic
PostThreadMessageW
RealChildWindowFromPoint
CopyImage
MapDialogRect
IntersectRect
CharUpperW
IsZoomed
ShowOwnedPopups
RegisterClipboardFormatW
SendDlgItemMessageA
MapVirtualKeyW
GetKeyNameTextW
DestroyMenu
GetWindowDC
GetNextDlgTabItem
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
IsDialogMessageW
WinHelpW
GetScrollInfo
SetScrollInfo
GetLastActivePopup
GetClassNameW
EqualRect
MapWindowPoints
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
IsMenu
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetMessageTime
PeekMessageW
GetMenuStringW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
ExitWindowsEx
GrayStringW
DrawTextExW
SetMenuItemInfoW
DeleteMenu
RemoveMenu
CreateMenu
GetMenuState
InsertMenuW
AppendMenuW
GetMenuItemInfoW
DrawEdge
TabbedTextOutW
SetRectEmpty
IsRectEmpty
SetRect
SetParent
RemovePropW
SetPropW
GetPropW
IsWindowEnabled
GetDlgItemTextW
AdjustWindowRect
SetFocus
CheckDlgButton
MessageBeep
DialogBoxIndirectParamW
GetDialogBaseUnits
GetMonitorInfoW
MonitorFromWindow
DrawFocusRect
GetWindowTextLengthW
DrawTextW
SystemParametersInfoW
CallWindowProcW
SetDlgItemTextW
EnableMenuItem
GetSystemMenu
RegisterClassExW
DefWindowProcW
GetWindowThreadProcessId
MoveWindow
EndPaint
GetSysColorBrush
BeginPaint
GetDoubleClickTime
LoadMenuW
UpdateLayeredWindow
MonitorFromPoint
TrackMouseEvent
GetComboBoxInfo
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
LockWindowUpdate
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
SetCursorPos
SetClassLongW
CopyIcon
CharUpperBuffW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
WindowFromPoint
LoadBitmapW
CopyRect
FrameRect
RedrawWindow
SetMenuDefaultItem
CreatePopupMenu
FillRect
ReleaseCapture
DestroyCursor
GetWindowRgn
DrawIcon
EndDeferWindowPos
SetCapture
PtInRect
ClientToScreen
GetCapture
GetSysColor
ReleaseDC
DrawIconEx
GetIconInfo
GetDC
ShowWindow
GetWindowPlacement
UpdateWindow
GetMessagePos
InvalidateRect
SetForegroundWindow
SetWindowPos
SetWindowLongW
GetWindowLongW
GetDesktopWindow
GetGUIThreadInfo
IsWindowVisible
PostQuitMessage
SetCursor
GetClientRect
GetCursorPos
LoadCursorW
IsWindow
AllowSetForegroundWindow
DestroyWindow
SetTimer
GetMessageW
RegisterWindowMessageW
LoadImageW
UnregisterClassW
PostMessageW
KillTimer
DialogBoxParamW
TranslateMessage
LoadIconW
EndDialog
CreateWindowExW
GetSystemMetrics
SetWindowTextA
DestroyIcon
DispatchMessageW
OffsetRect
ScreenToClient
InflateRect
MessageBoxW
SetWindowTextW
GetWindowTextW
GetWindow
GetTopWindow
GetSubMenu
ModifyMenuW
GetMenuItemID
GetMenuItemCount
UnhookWindowsHookEx
SetWindowsHookExW
GetParent
GetWindowRect
GetDlgItem
GetActiveWindow
SendMessageW
CallNextHookEx
GetFocus
GetDlgCtrlID
GetAsyncKeyState
EnableWindow
GetClassLongW

gdi32

RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
CombineRgn
SetRectRgn
GetBkColor
GetTextColor
GetRgnBox
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
StretchBlt
SetDIBColorTable
CreateEllipticRgn
CreatePolygonRgn
LineTo
Polyline
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
Escape
TextOutW
RectVisible
PtVisible
CreateHatchBrush
CreateDIBSection
Ellipse
GetBkMode
PatBlt
DPtoLP
CreatePen
CreateSolidBrush
CreateDCW
CreateCompatibleDC
SelectObject
GetBitmapBits
GetPixel
SetPixel
DeleteObject
DeleteDC
CreateCompatibleBitmap
Rectangle
BitBlt
GetStockObject
GetTextExtentPoint32W
GetDeviceCaps
GetTextMetricsW
GetTextFaceW
CreateFontIndirectW
GetObjectW
ExtTextOutW
SetBkColor
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
CreateRectRgn
CreatePatternBrush
CreateBitmap
CopyMetaFileW
SetDIBits
Polygon
SetTextColor
OffsetViewportOrgEx
RoundRect
SetBkMode

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetSaveFileNameW
GetOpenFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
LookupPrivilegeValueW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
CheckTokenMembership
RegCreateKeyA
RegEnumKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
RegDeleteKeyW
RegSetValueExW

shell32

ShellExecuteExW
SHChangeNotify
ord190
SHCreateShellItem
ord155
ShellExecuteW
SHGetDiskFreeSpaceExW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
DragQueryFileW
SHGetFileInfoW
ord680
ExtractIconExW
DuplicateIcon
Shell_NotifyIconW
SHGetFolderPathW
SHGetSpecialFolderPathW

comctl32

ord17
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw
ImageList_GetImageCount
ImageList_AddMasked
ImageList_GetIcon
ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

ole32

DoDragDrop
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
GetRunningObjectTable
CreateClassMoniker
CoInitializeEx
CoGetClassObject
CoDisconnectObject
CoRevokeClassObject
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
OleSetContainedObject
RevokeDragDrop
RegisterDragDrop
CoTaskMemFree
CLSIDFromString
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitialize
StringFromGUID2
CoCreateGuid

oleaut32

VariantChangeType
VariantCopy
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
VariantInit
VariantClear
VarBstrCat
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
LoadTypeLi
LoadRegTypeLi
SysAllocString
SysAllocStringLen
VarBstrCmp
SysStringLen
SysFreeString
SafeArrayUnaccessData

oledlg

OleUIBusyW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdiplusShutdown
GdipCreateBitmapFromStream
GdipAlloc

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Exports

Exports

GetDTObject

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DTLiteExe.exe
.exe windows:6 windows x86 arch:x86

a2af468124c063f956f8fc4d50f427e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Projects\DTLiteKor\bin\DTLiteExe.pdb

Imports

kernel32

RaiseException
GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
GetProcAddress
DecodePointer
LoadLibraryW
GetModuleFileNameW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCommandLineW
EncodePointer
RtlUnwind
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
LoadLibraryExW
LCMapStringW
CreateFileW

user32

DialogBoxParamW
MessageBoxW
EndDialog

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DiscSoftBusService.exe
.exe windows:5 windows x86 arch:x86

17e732420e3f74bbe372ba823918c7fe

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8e:a5:e5:5b:86:e2:e8:c5:24:ee:2c:fc:ed:7b:aa:8c:72:07:39:37
Signer

Actual PE Digest

8e:a5:e5:5b:86:e2:e8:c5:24:ee:2c:fc:ed:7b:aa:8c:72:07:39:37

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Projects\dtlite5\service\DiscSoftBusService\Win32\Release\DiscSoftBusService.pdb

Imports

kernel32

DeviceIoControl
SetVolumeMountPointW
DeleteVolumeMountPointW
QueryDosDeviceW
GetVolumeInformationW
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
GetVolumePathNamesForVolumeNameW
CreateEventA
InitializeCriticalSection
GetTickCount
LoadLibraryW
GetFileSize
SetThreadPriority
GetPrivateProfileStringW
LocalFree
OpenProcess
GetCurrentThread
DeleteFileW
GetFileAttributesW
SetFileAttributesW
MultiByteToWideChar
FindResourceExW
FindResourceW
GetCommandLineW
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
CreateEventW
CreateMutexW
lstrcmpiW
WideCharToMultiByte
LocalAlloc
GetComputerNameW
FormatMessageA
SizeofResource
LoadResource
Sleep
WaitForSingleObject
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
CreateThread
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcAddress
FreeLibrary
LockResource
InterlockedCompareExchange
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
DecodePointer
CreateFileW
CloseHandle
SetFileTime
GetFileTime
ReadFile
WriteFile
GetLastError
ResumeThread
ReleaseSemaphore
OpenEventA
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
ExitThread
RtlUnwind
IsProcessorFeaturePresent
EncodePointer
GetStringTypeW
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
GetCurrentProcess
ReleaseMutex
GetSystemWindowsDirectoryW
GetOverlappedResult
ResetEvent
WaitForMultipleObjects
CancelIo
InterlockedExchangeAdd
VerSetConditionMask
FindClose
GetSystemTimeAsFileTime
GetSystemInfo
CreateDirectoryW
FindFirstFileW
FindNextFileW
VerifyVersionInfoW
GetUserDefaultLCID
WritePrivateProfileStringW
GetSystemTime
SystemTimeToFileTime
lstrlenA
GetThreadTimes
GetProcessAffinityMask
SetThreadAffinityMask
WaitForSingleObjectEx
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc
VirtualFree
SetLastError
GetFileSizeEx
SetFilePointerEx
GetModuleHandleA
GetDiskFreeSpaceW
SetFilePointer
LocalFileTimeToFileTime
GetCurrentDirectoryW
GetFileAttributesExW
FileTimeToSystemTime
AllocateUserPhysicalPages
FreeUserPhysicalPages
MapUserPhysicalPages
SetEndOfFile
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
SleepEx

user32

CharUpperBuffW
CharLowerBuffW
DestroyWindow
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DefWindowProcW
PostMessageW
SendMessageW
LoadStringW
MessageBoxW
CharNextW
CharUpperW
PostThreadMessageW
DispatchMessageW
TranslateMessage
GetMessageW

advapi32

OpenProcessToken
ImpersonateLoggedOnUser
SetThreadToken
RevertToSelf
DuplicateToken
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueW
CheckTokenMembership
SetEntriesInAclW
GetTokenInformation
SetNamedSecurityInfoW
OpenThreadToken

ole32

StringFromGUID2
CoUninitialize
CoRevertToSelf
CoImpersonateClient
CoCreateGuid
StringFromCLSID
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoInitializeSecurity
CoReleaseServerProcess
CoAddRefServerProcess
CoResumeClassObjects
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx

oleaut32

RegisterTypeLi
SysAllocStringLen
VarBstrCmp
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysAllocStringByteLen
UnRegisterTypeLi
SysStringByteLen

ws2_32

WSASetEvent
WSASend
WSASocketW
WSAWaitForMultipleEvents
WSACloseEvent
WSAResetEvent
WSARecv
WSAHtons
WSAHtonl
WSAGetOverlappedResult
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSAConnect
FreeAddrInfoW
WSAGetLastError
shutdown
setsockopt
ntohl
WSAStartup
WSACleanup
GetAddrInfoW
closesocket

imgengine

ord5
ord2
ord8
ord9
ord3
ord7
ord10

sptdintf

ord6

shlwapi

PathFileExistsW

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW
ord680

winmm

timeEndPeriod
timeBeginPeriod

setupapi

CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_IDW
CM_Get_Child
SetupDiSetSelectedDevice
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
CM_Get_DevNode_Status
CM_Get_Sibling
CM_Query_And_Remove_SubTreeW
CMP_WaitNoPendingInstallEvents
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiCreateDeviceInfoW
SetupDiGetINFClassW
CM_Request_Device_EjectW
SetupDiCreateDeviceInfoList
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetClassDevsW
SetupDiDestroyDriverInfoList
SetupDiSetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

rpcrt4

UuidCreate

Exports

Exports

??0CSPTDDeviceInfo@@IAE@XZ
??0CSPTDDeviceInfo@@QAE@ABV0@@Z
??0CSPTDDevices@@QAE@ABV0@@Z
??4CSPTDDeviceInfo@@QAEAAV0@ABV0@@Z
??4CSPTDDevices@@QAEAAV0@ABV0@@Z
??4VDriveEngine@@QAEAAV0@ABV0@@Z
??_7CSPTDDeviceInfo@@6B@
??_7CSPTDDevices@@6B@
?GetATAPIDevicesCount@CSPTDDevices@@QAEHXZ
?GetDevNotify@CSPTDDeviceInfo@@QAEPAXXZ
?GetDevicesCount@CSPTDDevices@@QAEHXZ
?OnDeviceChanged@CSPTDDevices@@UAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z

Sections

.text
Size: 727KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Engine.dll
.dll regsvr32 windows:5 windows x86 arch:x86

338a8444058b4187dcef15eeba80c86d

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:7a:29:ff:33:1d:3f:74:27:0e:64:95:8d:f6:b7:4b:ab:ff:a9:6d
Signer

Actual PE Digest

64:7a:29:ff:33:1d:3f:74:27:0e:64:95:8d:f6:b7:4b:ab:ff:a9:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Projects\dtlite5\service\engine\Win32\Release\Engine.pdb

Imports

advapi32

TraceMessage
RegCloseKey
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
LookupAccountNameW
ConvertSidToStringSidW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumKeyExW
RegQueryInfoKeyW
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
AllocateAndInitializeSid
SetEntriesInAclW
SetNamedSecurityInfoW

user32

CharNextW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DefWindowProcW
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
PostMessageW
RegisterWindowMessageW
LoadImageW
DestroyIcon
CharLowerBuffW
GetWindowDC
ReleaseDC
GetDesktopWindow
CreateIconFromResourceEx
wsprintfW
CharUpperBuffW
MessageBoxW
GetIconInfo
IsCharAlphaNumericW
GetSystemMetrics
LoadStringW

shell32

SHGetFolderPathW
ord165
ExtractIconExW
SHGetFileInfoW
ord75

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

gdi32

GetObjectW
GetBitmapBits
DeleteObject
GetDeviceCaps

rpcrt4

UuidCreate

kernel32

OutputDebugStringW
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
SetStdHandle
GetEnvironmentStringsW
GetModuleFileNameA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStartupInfoW
GetStringTypeW
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleExW
ExitProcess
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
GetFullPathNameW
ExitThread
GetCurrentThreadId
GetCPInfo
RtlUnwind
SetEndOfFile
GetDiskFreeSpaceW
GetModuleHandleA
GetFileSizeEx
SetLastError
GetThreadTimes
DosDateTimeToFileTime
DuplicateHandle
GetFileType
WriteConsoleW
SetEnvironmentVariableA
LoadLibraryExA
OpenEventA
ReleaseSemaphore
ResetEvent
ResumeThread
FormatMessageA
FreeEnvironmentStringsW
lstrlenA
LockResource
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
CreateThread
LoadResource
SizeofResource
CloseHandle
FindResourceW
FindResourceExW
MultiByteToWideChar
WaitForSingleObject
GetTickCount
CreateEventW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetFileSize
ReadFile
CreateFileW
CreateEventA
DecodePointer
GetProcAddress
RaiseException
Sleep
WriteFile
DeviceIoControl
lstrcmpW
LoadLibraryW
GetModuleHandleW
GetDriveTypeW
CreateDirectoryW
CreateFileA
CopyFileW
SetFilePointerEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileTime
SetFileTime
FreeLibrary
LocalAlloc
LocalFree
GetSystemDirectoryA
GetSystemDirectoryW
GetVolumeInformationW
GetComputerNameExW
GetVersionExW
GetSystemTimeAsFileTime
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetSystemDefaultLangID
GetUserDefaultLCID
GetCurrentProcessId
SetEvent
ReleaseMutex
FindClose
CreateMutexW
OpenEventW
DeleteFileW
FindFirstFileW
FindNextFileW
SetFilePointer
GetTempPathW
GetTempFileNameW
LoadLibraryExW
GetPrivateProfileStringW
VirtualAlloc
VirtualFree
CreatePipe
SetThreadExecutionState
OpenMutexW
GetModuleFileNameW
SystemTimeToFileTime
FileTimeToSystemTime
GetFileAttributesExW
GetSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThread
SetThreadPriority
SetCurrentDirectoryW
GetCurrentDirectoryW
InterlockedCompareExchange
WaitForMultipleObjects
EncodePointer
lstrcmpiW
GetThreadLocale
SetThreadLocale
VerSetConditionMask
GlobalAlloc
GlobalFree
GetCurrentProcess
GetSystemInfo
RemoveDirectoryW
MoveFileW
VerifyVersionInfoW
GetLocaleInfoA
WritePrivateProfileStringW

ole32

CoTaskMemRealloc
CoFileTimeNow
CoTaskMemAlloc
CoInitialize
CoUninitialize
IIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateGuid
StringFromGUID2
CoCreateInstance

oleaut32

SysAllocStringLen
LoadRegTypeLi
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
VarBstrCat
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SysAllocStringByteLen
SysStringByteLen
VarBstrCmp
SysStringLen
SysFreeString
SysAllocString

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
StrToIntW

sptdintf

ord4
ord5
ord6
ord2
ord3

Exports

Exports

??4VDriveEngine@@QAEAAV0@ABV0@@Z
??_B?1??get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@51
?get_const_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@A
?is_destroyed@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?t@?1??get_instance@?$singleton@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vbinary_iarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vbinary_oarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@detail@34@A
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetDTEngine
_GetOSDisplayString@0

Sections

.text
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 314KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/KOR.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SPTD2inst-x86.exe
.exe windows:6 windows x86 arch:x86

a6f99c0acd8b3748d620a67a46984917

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:72:e6:b0:42:66:bb:40:59:bf:ef:63:6c:f8:f4:52:a0
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

12-03-2015 18:16

Not After

12-06-2016 18:16

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,L=Belize city,ST=Belize,C=BZ,1.2.840.113549.1.9.1=#0c1366696e707240646973632d736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cb:b0:d2:56:ca:86:57:ee:d9:38:82:5c:cb:fd:69:f6:a4:b1:02:49
Signer

Actual PE Digest

cb:b0:d2:56:ca:86:57:ee:d9:38:82:5c:cb:fd:69:f6:a4:b1:02:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SPTD2inst.pdb

Imports

setupapi

SetupDiOpenClassRegKey

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetModuleHandleW
VerifyVersionInfoW
GetSystemWindowsDirectoryW
IsWow64Process
SetEndOfFile
VerSetConditionMask
HeapSize
WriteConsoleW
SetFilePointerEx
FlushFileBuffers
LocalFree
GetProcAddress
FindResourceW
LoadResource
CreateThread
LoadLibraryW
CloseHandle
LockResource
GetLastError
Sleep
ReleaseMutex
CreateFileW
LocalAlloc
WaitForSingleObject
CreateMutexW
DeviceIoControl
GetCurrentProcess
GetCommandLineW
SizeofResource
ReadFile
ReadConsoleW
DecodePointer
RaiseException
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MoveFileExW
DeleteFileW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetFileAttributesExW
GetConsoleCP
GetConsoleMode
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CompareStringW
LCMapStringW
SetStdHandle
GetStringTypeW
GetProcessHeap

user32

EndDialog
MessageBoxW
GetDlgItem
DialogBoxParamW
EnableWindow
SendDlgItemMessageW
SendMessageW

advapi32

SystemFunction036
SetSecurityDescriptorDacl
CreateServiceW
RegGetKeySecurity
RegCloseKey
CloseServiceHandle
OpenSCManagerW
RegDeleteKeyW
AllocateAndInitializeSid
ChangeServiceConfig2W
SetEntriesInAclW
RegCreateKeyExW
RegSetKeySecurity
RegSetValueExW
FreeSid
CheckTokenMembership
InitializeSecurityDescriptor
RegOpenKeyExW
RegGetValueW
QueryServiceConfigW
ChangeServiceConfigW
QueryServiceConfig2W
OpenServiceW
BuildSecurityDescriptorW
QueryServiceStatusEx

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SPTDinst-x86.exe
.exe windows:6 windows x86 arch:x86

eac80491b8034417923fbf2bf773701a

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23-08-2013 00:00

Not After

23-09-2024 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:35:2e:0b:20:23:d1:a7:51:88:6d:cb:e9:7d:37:79:5e
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

21-02-2014 16:58

Not After

30-05-2015 17:52

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,L=Belize city,ST=Belize,C=BZ,1.2.840.113549.1.9.1=#0c1366696e707240646973632d736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:89:5c:0b:84:f6:3a:52:79:92:e8:30:7f:66:e4:b2:ba:e8:6a:7f
Signer

Actual PE Digest

17:89:5c:0b:84:f6:3a:52:79:92:e8:30:7f:66:e4:b2:ba:e8:6a:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\svn\sptd\setup\objfre_wxp_x86\i386\SPTDinst.pdb

Imports

advapi32

FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegSetKeySecurity
RegGetKeySecurity
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegDeleteKeyA

kernel32

GetCurrentProcess
GetLastError
GetCurrentThread
LoadLibraryA
GetSystemDirectoryA
VerSetConditionMask
GetProcAddress
GetModuleHandleA
LocalFree
CreateMutexA
LocalAlloc
HeapFree
HeapAlloc
HeapReAlloc
CloseHandle
CreateThread
ReleaseMutex
GetTickCount
WaitForSingleObject
GetCommandLineA
VirtualFree
VirtualAlloc
GetProcessHeap
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange

user32

MessageBoxA
EnableWindow
GetDlgItem
SendDlgItemMessageA
SendMessageA
DialogBoxParamA
EndDialog

msvcrt

rand
memmove
srand
_except_handler3
memset
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
_fsopen
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbsnbicmp
_mbsicmp
_tempnam
rename
_errno
free
_unlink
fwrite
fclose

Exports

Exports

A0DB34FC6FE35D429A28ADDE5467D4D7

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 323KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sptd0
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODEINIT
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODESIGN
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VDriveLib.dll
.dll windows:5 windows x86 arch:x86

9ad33ded8e8fa8cef97e3002aeae8832

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f0:57:26:31:55:68:9a:29:a4:a3:70:f6:49:28:a4:b8:39:74:bb:0b
Signer

Actual PE Digest

f0:57:26:31:55:68:9a:29:a4:a3:70:f6:49:28:a4:b8:39:74:bb:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

VDriveLib.pdb”

Imports

advapi32

TraceMessage
RegOpenKeyExW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
AllocateAndInitializeSid
SetEntriesInAclW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegEnumKeyExW
RegOpenKeyExA
RegSetValueExA
RegSetValueExW

user32

RegisterDeviceNotificationW
UnregisterDeviceNotification
RegisterWindowMessageW

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
SetupDiDeleteDevRegKey
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInfoW
CM_Get_Device_IDW
SetupDiCreateDeviceInfoList
CM_Get_Sibling
CM_Get_Child
SetupDiSetSelectedDevice
CM_Get_DevNode_Status
CM_Locate_DevNodeW
SetupDiRemoveDevice
SetupDiSetClassInstallParamsW

imgengine

ord8
ord3

kernel32

SetEnvironmentVariableW
ReadConsoleW
ReadFile
SetEndOfFile
OutputDebugStringW
GetCurrentDirectoryW
GetDriveTypeW
FreeLibrary
CreateFileW
LocalAlloc
DeviceIoControl
GetLastError
LocalFree
CloseHandle
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
GetVolumeInformationW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
DeleteVolumeMountPointW
SetVolumeMountPointW
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
GetModuleHandleA
GetSystemDirectoryW
GetProcAddress
ReleaseMutex
CreateMutexW
GetModuleFileNameW
GetCurrentProcess
WriteFile
FindClose
GetSystemTimeAsFileTime
FormatMessageW
GetModuleHandleW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetFullPathNameW
GetCommandLineA
RtlUnwind
ExitProcess
GetModuleHandleExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileAttributesExW
GetConsoleCP
GetConsoleMode
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
CompareStringW
LCMapStringW
SetFilePointerEx
SetStdHandle
WriteConsoleW
FlushFileBuffers

shlwapi

wnsprintfW

Exports

Exports

??0CSPTDDeviceInfo@@IAE@XZ
??0CSPTDDeviceInfo@@QAE@ABV0@@Z
??0CSPTDDeviceInfo@@QAE@PAUDEVICE_INFO_POINTER@DeviceEnumerator@@PAVCSPTDDeviceInfoEvents@@@Z
??0CSPTDDevices@@QAE@ABV0@@Z
??0CSPTDDevices@@QAE@PAUHWND__@@@Z
??0VDriveEngine@@AAE@XZ
??1CSPTDDeviceInfo@@UAE@XZ
??1CSPTDDevices@@QAE@XZ
??1VDriveEngine@@QAE@XZ
??4CSPTDDeviceInfo@@QAEAAV0@ABV0@@Z
??4CSPTDDevices@@QAEAAV0@ABV0@@Z
??4VDriveEngine@@QAEAAV0@ABV0@@Z
??_7CSPTDDeviceInfo@@6B@
??_7CSPTDDevices@@6B@
?AddDevice@CSPTDDevices@@QAE_NHAAVTSPTDDeviceInfo@@@Z
?AddHandler@CSPTDDevices@@QAEXPAX0@Z
?ClearDevices@CSPTDDevices@@AAEXXZ
?CloseVolumeHandle@CSPTDDeviceInfo@@IAEXXZ
?DaemonAdapterDeviceControl@VDriveEngine@@SAKKKKPA_WPAK@Z
?DaemonAdapterDeviceInfo@VDriveEngine@@SAKKKPAKPA_W@Z
?DaemonAdapterGetDeviceMap@VDriveEngine@@QAEKKPAU_DAEMON_DEVICE_MAP@1@@Z
?DaemonAdapterGetDeviceParams@VDriveEngine@@QAEKKPAU_DAEMON_DEVICE_PARAMS@@K@Z
?DaemonAdapterMount@VDriveEngine@@QAEKKKPA_W00PAK@Z
?DaemonAdapterSetDeviceMap@VDriveEngine@@QAEKKKPAU_DAEMON_DEVICE_MAP@1@PA_WPAK@Z
?DaemonAdapterSetDeviceParams@VDriveEngine@@QAEKKKPAU_DAEMON_DEVICE_PARAMS@@PA_WPAK@Z
?DaemonAdapterUninstall@VDriveEngine@@QAEKKKPA_WPAK@Z
?DaemonGetMask@VDriveEngine@@QAEKPAK@Z
?DaemonSetMask@VDriveEngine@@QAEKPAK@Z
?DeleteDriverService@VDriveEngine@@SAXXZ
?DeleteMountPointsForAdapter@CSPTDDevices@@AAEXH@Z
?DeleteVDriveEngine@VDriveEngine@@SAXXZ
?DoEvent@CSPTDDeviceInfo@@QAEX_N@Z
?GetATAPIDeviceInfo@CSPTDDevices@@QAE_NHAAVTSPTDDeviceInfo@@@Z
?GetATAPIDeviceInfoById@CSPTDDevices@@QAE_NAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AAVTSPTDDeviceInfo@@@Z
?GetATAPIDevicesCount@CSPTDDevices@@QAEHXZ
?GetAttachedDevice@CSPTDDevices@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AAVTSPTDDeviceInfo@@@Z
?GetDaemonFlags@VDriveEngine@@QAEKXZ
?GetDevNotify@CSPTDDeviceInfo@@QAEPAXXZ
?GetDeviceInfo@CSPTDDevices@@QAE_NHAAVTSPTDDeviceInfo@@@Z
?GetDeviceInfoById@CSPTDDevices@@QAE_NAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AAVTSPTDDeviceInfo@@@Z
?GetDeviceInfoByIdP@CSPTDDevices@@AAE?AV?$shared_ptr@VCSPTDDeviceInfo@@@std@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetDeviceInfoP@CSPTDDevices@@AAE?AV?$shared_ptr@VCSPTDDeviceInfo@@@std@@H@Z
?GetDevicesCount@CSPTDDevices@@QAEHXZ
?GetEngine@VDriveEngine@@SAPAV1@XZ
?GetSPTDVersion@SPTD@@YA_NPAK0@Z
?GetVirtualAdapterStatus@CSPTDDevices@@AAE?AW4DTProAdapterStatus@@H@Z
?InitExternalInterfaces@VDriveEngine@@SAXP6A?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@ZP6AXXZ@Z
?InitVolumeNameFromSymLinks@CSPTDDeviceInfo@@IAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@AAD@Z
?Initialization@CSPTDDeviceInfo@@QAE_NPAUHWND__@@@Z
?InternalGetString@VDriveEngine@@2P6A?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@ZA
?IsAdapterEnabled@VDriveEngine@@QAEKK@Z
?IsNewDeviceAllowed@CSPTDDevices@@QAE_NH@Z
?IsSPTDExist@SPTD@@YA_NXZ
?Mount@CSPTDDeviceInfo@@QAEIAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0HW4MediaType@@@Z
?Mount@CSPTDDevices@@QAEIAAVTSPTDDeviceInfo@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@1HW4MediaType@@@Z
?OnDeviceChanged@CSPTDDevices@@UAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?OnWMDeviceChangedEvent@CSPTDDevices@@QAEXIPAU_DEV_BROADCAST_HANDLE@@@Z
?OpenVolumeHandle@CSPTDDeviceInfo@@IAE_NXZ
?RaiseEvent@CSPTDDevices@@AAEXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?RefreshDevices@CSPTDDevices@@QAEXXZ
?RefreshInternal@CSPTDDeviceInfo@@IAE_NXZ
?RefreshMediaStateAsync@CSPTDDeviceInfo@@QAEXW4DEVICE_STATE@TSPTDDeviceInfo@@@Z
?RefreshMediaStateInternal@CSPTDDeviceInfo@@QAE_NW4DEVICE_STATE@TSPTDDeviceInfo@@@Z
?RefreshMediaStateInternalBase@CSPTDDeviceInfo@@IAE_NW4DEVICE_STATE@TSPTDDeviceInfo@@@Z
?RefreshMountPointAsync@CSPTDDeviceInfo@@QAEXXZ
?RefreshMountPointInternal@CSPTDDeviceInfo@@IAE_NXZ
?RemoveAllVirtualDevices@CSPTDDevices@@QAEIH@Z
?RemoveDevice@CSPTDDevices@@QAEIAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?RemoveHandler@CSPTDDevices@@QAEXPAX0@Z
?SPTDEnum@SPTD@@YA_NKPAKPAPAX00@Z
?SPTDEnum@VDriveEngine@@2P6A_NKPAKPAPAX00@ZA
?SPTDEnumFree@SPTD@@YAXPAX@Z
?SendGlobalEvent@VDriveEngine@@2P6AXXZA
?SetAdditionalParams@CSPTDDeviceInfo@@QAEIAAUTSPTDSetDeviceParameters@@@Z
?SetDeviceParameters@CSPTDDevices@@QAEIAAVTSPTDDeviceInfo@@AAUTSPTDSetDeviceParameters@@@Z
?StartRefreshingThread@CSPTDDeviceInfo@@IAEXXZ
?SwitchAdapter@CSPTDDevices@@AAEHHHH@Z
?SyncDeviceList@CSPTDDevices@@AAEXAAV?$vector@UDEVICE_INFO_POINTER@DeviceEnumerator@@V?$allocator@UDEVICE_INFO_POINTER@DeviceEnumerator@@@std@@@std@@KAAV?$vector@V?$shared_ptr@VCSPTDDeviceInfo@@@std@@V?$allocator@V?$shared_ptr@VCSPTDDeviceInfo@@@std@@@2@@3@@Z
?ThreadRefreshDeviceInfo@CSPTDDeviceInfo@@KGIPAX@Z
?UninstallAdapters@CSPTDDevices@@QAE_NXZ
?UpdateDevice@CSPTDDeviceInfo@@QAE_NPAUDEVICE_INFO_POINTER@DeviceEnumerator@@@Z
?UpdateMediaLabel@CSPTDDeviceInfo@@IAE_NXZ
?WaitExportVirtualDevice@CSPTDDevices@@AAE?AV?$shared_ptr@VCSPTDDeviceInfo@@@std@@HE@Z
?g_pSPTDExists@VDriveEngine@@2PAHA
A0DB34FC6FE35D429A28ADDE5467D4D7

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdrv0
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dtlitescsibus.cat
dtlitescsibus.inf
dtlitescsibus.sys
.sys windows:6 windows x86 arch:x86

94b3e1cd96ab0222d1934251e1a68f03

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23-08-2013 00:00

Not After

23-09-2024 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:35:2e:0b:20:23:d1:a7:51:88:6d:cb:e9:7d:37:79:5e
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

21-02-2014 16:58

Not After

30-05-2015 17:52

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,L=Belize city,ST=Belize,C=BZ,1.2.840.113549.1.9.1=#0c1366696e707240646973632d736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:8c:cb:92:d7:6e:91:01:53:7d:72:19:24:7c:06:05:83:a3:00:d3
Signer

Actual PE Digest

71:8c:cb:92:d7:6e:91:01:53:7d:72:19:24:7c:06:05:83:a3:00:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

dtlitescsibus.pdb

Imports

ntoskrnl.exe

KeInitializeDpc
ObfReferenceObject
MmFreeMappingAddress
IoAllocateMdl
MmAllocateMappingAddress
IoReleaseRemoveLockEx
KeReleaseMutex
IoDeleteDevice
IoCreateDevice
KeWaitForSingleObject
IofCompleteRequest
IoAcquireRemoveLockEx
memcpy
memset
ObfDereferenceObject
IofCallDriver
IoBuildSynchronousFsdRequest
KeInitializeEvent
MmUserProbeAddress
IoFreeIrp
ExFreePoolWithTag
IoBuildAsynchronousFsdRequest
KeInitializeTimer
MmMapLockedPagesWithReservedMapping
IoBuildPartialMdl
MmUnmapReservedMapping
KeCancelTimer
KeReleaseInStackQueuedSpinLockFromDpcLevel
KeAcquireInStackQueuedSpinLockAtDpcLevel
IoReleaseCancelSpinLock
MmMapLockedPagesSpecifyCache
IoRegisterDeviceInterface
IoDetachDevice
IoAttachDeviceToDeviceStack
PoSetPowerState
IoSetDeviceInterfaceState
KeSetEvent
IoReleaseRemoveLockAndWaitEx
PoCallDriver
PoStartNextPowerIrp
_vsnprintf
IoFreeMdl
KeFlushQueuedDpcs
RtlAnsiStringToUnicodeString
RtlInitAnsiString
PsGetCurrentProcessId
IoInitializeRemoveLockEx
KeInitializeMutex
KeSetTimerEx
ExAllocatePoolWithTag
IoInvalidateDeviceRelations

hal

KfLowerIrql
KeGetCurrentIrql
KeAcquireInStackQueuedSpinLock
KeReleaseInStackQueuedSpinLock
KfRaiseIrql

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 768B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dtsoftbus01.cat
dtsoftbus01.inf
dtsoftbus01.sys
.sys windows:6 windows x86 arch:x86

75fcd38af5b56894d2b21eb425579d2e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:35:64:05:60:9a:b9:5f:8d:db:13:16:4b:82:f9:6d:e5
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

29-05-2012 17:52

Not After

30-05-2015 17:52

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,L=Belize city,ST=Belize,C=BZ,1.2.840.113549.1.9.1=#0c1366696e707240646973632d736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0b:7f:6b:00:00:00:00:00:19
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23-05-2006 17:00

Not After

23-05-2016 17:10

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:51:50:b3:c3:ae:3d:f5:8e:40:49:82:c6:36:17:7f:e8:e3:41:4c
Signer

Actual PE Digest

4f:51:50:b3:c3:ae:3d:f5:8e:40:49:82:c6:36:17:7f:e8:e3:41:4c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\work\projects\working\service\vdrive\dtsoftbus\objfre_win7_x86\i386\dtsoftbus01.pdb

Imports

ntoskrnl.exe

IofCompleteRequest
IofCallDriver
KeClearEvent
KeSetEvent
IoCreateUnprotectedSymbolicLink
IoCreateDevice
RtlCopyUnicodeString
KeInitializeEvent
PoSetPowerState
IoSetDeviceInterfaceState
IoDeleteDevice
ObfDereferenceObject
KeWaitForSingleObject
ObReferenceObjectByPointer
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
IoInvalidateDeviceRelations
IoDetachDevice
IoGetDeviceProperty
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
ObfReferenceObject
IoDeleteSymbolicLink
PoCallDriver
PoStartNextPowerIrp
IoBuildSynchronousFsdRequest
IoGetAttachedDeviceReference
MmMapLockedPagesSpecifyCache
KeInsertQueueDpc
IoFreeWorkItem
IoAllocateWorkItem
KeDelayExecutionThread
KeReleaseMutex
MmIsAddressValid
MmProbeAndLockPages
MmUnlockPages
IoFreeMdl
IoAllocateMdl
MmUserProbeAddress
ExInterlockedPopEntrySList
ExInterlockedPushEntrySList
KeQuerySystemTime
_alldiv
IoWMIRegistrationControl
ExInitializeNPagedLookasideList
ExDeleteNPagedLookasideList
KeQueryInterruptTime
_aulldiv
MmMapLockedPagesWithReservedMapping
IoBuildPartialMdl
MmUnmapReservedMapping
KeFlushQueuedDpcs
MmFreeMappingAddress
IoQueueWorkItem
KeInitializeTimer
KeInitializeDpc
MmAllocateMappingAddress
KeInitializeMutex
ZwOpenKey
IoReleaseCancelSpinLock
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
KeSetTimerEx
PsTerminateSystemThread
ExfInterlockedRemoveHeadList
ZwReadFile
KeSetPriorityThread
KeGetCurrentThread
ZwSetValueKey
ZwCreateKey
ZwQueryValueKey
RtlAnsiStringToUnicodeString
RtlInitAnsiString
ZwQueryVolumeInformationFile
IoCreateFile
RtlAppendUnicodeStringToString
RtlAppendUnicodeToString
ExfInterlockedInsertTailList
KeTickCount
KeBugCheckEx
RtlUnwind
RtlCompareMemory
RtlInitUnicodeString
MmGetSystemRoutineAddress
memset
memcpy
ExAllocatePoolWithTag
IoWMIWriteEvent
KeCancelTimer
ExFreePoolWithTag
ZwSetSecurityObject
ObOpenObjectByPointer
IoDeviceObjectType
RtlGetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlGetOwnerSecurityDescriptor
_snwprintf
RtlLengthSecurityDescriptor
SeCaptureSecurityDescriptor
SeExports
IoIsWdmVersionAvailable
_wcsnicmp
RtlAddAccessAllowedAce
RtlLengthSid
wcschr
RtlAbsoluteToSelfRelativeSD
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlFreeUnicodeString
RtlUnicodeToMultiByteN
RtlAnsiCharToUnicodeChar
_allmul
memmove
_aullrem
_allrem

hal

ExAcquireFastMutex
KeGetCurrentIrql
KfAcquireSpinLock
KfReleaseSpinLock
ExReleaseFastMutex

wmilib.sys

WmiSystemControl
WmiCompleteRequest

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imgengine.dll
.dll windows:5 windows x86 arch:x86

853f0c52a5f84afe1374009eada05d08

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03-02-2015 00:00

Not After

03-03-2026 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26-05-2015 00:00

Not After

09-03-2018 23:59

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,POSTALCODE=BZ,STREET=Belama Phase 1+STREET=16 Albert Hoy Avenue\,,L=Belize City,ST=Belize,C=BZ,2.5.4.18=#130d502e4f2e20426f782032323834

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:97:c4:08:4c:bb:53:a8:d7:ac:c3:98:99:5d:3a:cd:58:4d:92:ac
Signer

Actual PE Digest

06:97:c4:08:4c:bb:53:a8:d7:ac:c3:98:99:5d:3a:cd:58:4d:92:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedCompareExchange
VirtualAlloc
VirtualFree
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
GetFileSize
WriteFile
ReadFile
SetFilePointer
CloseHandle
GetTickCount
CreateEventW
GetDiskFreeSpaceW
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCurrentThreadId
HeapFree
HeapAlloc
GetFullPathNameW
RaiseException
RtlUnwind
SetLastError
GetCurrentThread
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
GetStringTypeW
LCMapStringW
OutputDebugStringW
GetDriveTypeW
GetCurrentDirectoryW
HeapSize
GetConsoleMode
ReadConsoleW
FlushFileBuffers
GetConsoleCP
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetThreadTimes
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Sections

.text
Size: - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.img0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.img1
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sptdintf.dll
.dll windows:5 windows x86 arch:x86

0c0e25218d1b9d2451a916055dd8d7a8

Code Sign

11:21:35:2e:0b:20:23:d1:a7:51:88:6d:cb:e9:7d:37:79:5e
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

21-02-2014 16:58

Not After

30-05-2015 17:52

Subject

CN=Disc Soft Ltd,O=Disc Soft Ltd,L=Belize city,ST=Belize,C=BZ,1.2.840.113549.1.9.1=#0c1366696e707240646973632d736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

13-04-2019 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23-08-2013 00:00

Not After

23-09-2024 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

39:08:f3:af:c5:05:e6:88:2a:6d:e6:9c:62:d7:ad:35:35:c9:bf:61
Signer

Actual PE Digest

39:08:f3:af:c5:05:e6:88:2a:6d:e6:9c:62:d7:ad:35:35:c9:bf:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetProcessHeap
GetLastError
GetProcAddress
GetModuleHandleA
HeapAlloc

Exports

Exports

A0DB34FC6FE35D429A28ADDE5467D4D7

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.stext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

6e:ad:56:fb:10:fc:05:61:5c:a9:54:d7:71:65:99:9fCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

6f:6e:d1:5c:df:4b:c7:3a:6f:e6:cc:35:f3:52:4f:db:02:49:5b:85Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 96KB

.rsrc Size: 22KB - Virtual size: 21KB

2e92645153848ef99816d61ac6e2a921

Headers

File Characteristics

Imports

kernel32

mfc42

msvcrt

user32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.CRT Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 944B

.reloc Size: 4KB - Virtual size: 544B

1b6303fba3c09e3c12e1f0a7f2cc93ca

Headers

File Characteristics

Imports

kernel32

urlmon

wininet

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

1b6303fba3c09e3c12e1f0a7f2cc93ca

Headers

File Characteristics

Imports

kernel32

urlmon

wininet

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

6e:ad:56:fb:10:fc:05:61:5c:a9:54:d7:71:65:99:9f
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

6f:6e:d1:5c:df:4b:c7:3a:6f:e6:cc:35:f3:52:4f:db:02:49:5b:85
Signer

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 96KB

.rsrc
Size: 22KB - Virtual size: 21KB

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.CRT
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 944B

.reloc
Size: 4KB - Virtual size: 544B

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 646B

.data
Size: - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 146B

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

f6:e3:d0:09:8b:f4:e2:4d:22:bb:b9:55:0c:55:34:3e
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4b:1b:f9:09:5b:c7:cf:13:32:f3:64:48:d1:7e:b7:08:51:63:69:06
Signer