5c3000983b4ee91cd868cc6e9ccec171_JaffaCakes118

resource
unpack001/$PLUGINSDIR/nsDialogs.dll

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$PLUGINSDIR/installtools.exe	nsis_installer_1
static1/unpack001/$PLUGINSDIR/installtools.exe	nsis_installer_2

.exe windows:5 windows x86 arch:x86

03e79a94d0dcb51acdcf1e8fbb5bd993

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

c7:d7:fa:4c:cd:1f:38:b6:6d:e2:00:e8:8a:a6:08:43:f5:77:1d:d5
Signer

Actual PE Digest

c7:d7:fa:4c:cd:1f:38:b6:6d:e2:00:e8:8a:a6:08:43:f5:77:1d:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

GetTickCount

CreateFileA

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

GetWindowsDirectoryA

GetTempPathA

SetFileTime

SetErrorMode

lstrcpynA

GetDiskFreeSpaceA

LocalFree

WideCharToMultiByte

OutputDebugStringA

GetCommandLineW

GlobalUnlock

GlobalLock

CreateThread

LoadLibraryA

CreateProcessA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

GetVersion

RemoveDirectoryA

CloseHandle

lstrcmpiA

lstrcmpA

ExpandEnvironmentStringsA

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GlobalFree

GetModuleHandleA

LoadLibraryExA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

MulDiv

ReadFile

SetFilePointer

FindClose

FindNextFileA

FindFirstFileA

DeleteFileA

GetCommandLineA

user32

ScreenToClient

GetMessagePos

CallWindowProcA

IsWindowVisible

LoadBitmapA

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

TrackPopupMenu

GetWindowRect

AppendMenuA

CreatePopupMenu

GetSystemMetrics

EndDialog

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

CheckDlgButton

GetClassInfoA

CreateWindowExA

SystemParametersInfoA

RegisterClassA

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

DispatchMessageA

PeekMessageA

CreateDialogParamA

SetTimer

SetWindowTextA

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfA

SendMessageA

FindWindowExA

LoadCursorA

SetCursor

GetWindowLongA

GetSysColor

CharNextA

ExitWindowsEx

DialogBoxParamA

DestroyWindow

IsWindow

GetDlgItem

SetWindowLongA

LoadImageA

GetDC

EnableWindow

InvalidateRect

PostMessageA

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

SendMessageTimeoutA

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

CommandLineToArgvW

SHBrowseForFolderA

SHGetPathFromIDListA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegEnumKeyA

RegOpenKeyExA

RegCloseKey

RegDeleteKeyA

RegDeleteValueA

RegCreateKeyExA

RegSetValueExA

RegQueryValueExA

RegEnumValueA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/Converter.exe

.exe windows:5 windows x86 arch:x86

10df4cfd6ed8884d4b85e074159c5281

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5
Signer

Actual PE Digest

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release\output\Win32_Release\pdb\PE.pdb

Imports

kernel32

LoadLibraryW

GetModuleFileNameW

OutputDebugStringW

CreateFileW

LockResource

GetCurrentThread

GetCurrentThreadId

LoadResource

SizeofResource

CreateProcessW

GetCommandLineW

FindResourceW

FindResourceExW

OpenProcess

GetCurrentProcess

GetLastError

ReleaseMutex

Sleep

GetTickCount

CreateMutexW

CreateEventW

LoadLibraryExW

GetCommandLineA

GetEnvironmentVariableW

LocalAlloc

LocalFree

GetCurrentProcessId

TerminateProcess

RaiseException

SetLastError

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

WaitForSingleObject

ReadFile

FindClose

GetSystemInfo

LoadLibraryA

GetModuleHandleW

SetEnvironmentVariableW

GetTempPathW

GetFullPathNameW

FindFirstFileW

FindNextFileW

GetVersionExW

QueryPerformanceCounter

IsProcessorFeaturePresent

EncodePointer

LeaveCriticalSection

EnterCriticalSection

IsDebuggerPresent

GetSystemTimeAsFileTime

CloseHandle

GetProcAddress

FreeLibrary

lstrcmpiW

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

WritePrivateProfileStringW

GetPrivateProfileStringW

GetPrivateProfileIntW

DecodePointer

lstrlenW

user32

wsprintfW

MessageBoxW

GetDesktopWindow

GetShellWindow

GetWindowThreadProcessId

FindWindowExW

advapi32

LookupPrivilegeValueW

GetSidSubAuthorityCount

GetSidSubAuthority

AdjustTokenPrivileges

GetTokenInformation

OpenProcessToken

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegDeleteValueW

RegDeleteKeyW

RegCreateKeyExW

RegCloseKey

DuplicateTokenEx

shell32

CommandLineToArgvW

SHGetFolderPathW

ole32

CoUninitialize

CoCreateInstance

StringFromCLSID

CoCreateGuid

CoInitialize

oleaut32

SysFreeString

shlwapi

PathFileExistsW

PathIsRelativeW

StrCpyW

PathStripPathW

PathRemoveFileSpecW

PathAppendW

msvcp120

?_Syserror_map@std@@YAPBDH@Z

??0id@locale@std@@QAE@I@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr120

__crtUnhandledException

_crt_debugger_hook

exit

__set_app_type

__crtTerminateProcess

_fmode

_wcmdln

_initterm

_initterm_e

__setusermatherr

_except_handler4_common

__crtSetUnhandledExceptionFilter

_invoke_watson

_exit

_cexit

_controlfp_s

_commode

??3@YAXPAX@Z

??2@YAPAXI@Z

free

malloc

??_V@YAXPAX@Z

memmove

_wcsdup

_CxxThrowException

__CxxFrameHandler3

memcpy

memset

memcpy_s

memmove_s

wcscpy_s

wcsnlen

wcsstr

_wcsicmp

_wcsupr_s

wmemcpy_s

wcscspn

wcsrchr

__argc

__wargv

__wgetmainargs

_purecall

wcstoul

memchr

wcscat_s

wcschr

vswprintf_s

_vscwprintf

memcmp

??1type_info@@UAE@XZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

_XcptFilter

__crtGetShowWindowMode

_amsg_exit

_configthreadlocale

Exports

?Set_CrashUploadParams@@YAXHPB_W@Z

GetExternElapseTime

GetStartTickCount

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/MngModule.dll

.dll regsvr32 windows:5 windows x86 arch:x86

f10dda8147e9e1ba9670242de0053346

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

38:30:e6:07:00:57:f1:bc:b6:92:30:b3:94:86:ca:f6:8c:32:57:76
Signer

Actual PE Digest

38:30:e6:07:00:57:f1:bc:b6:92:30:b3:94:86:ca:f6:8c:32:57:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release\output\Win32_Release\pdb\MngModule.pdb

Imports

kernel32

WideCharToMultiByte

InterlockedIncrement

InterlockedDecrement

GetCurrentProcess

GetCurrentThreadId

PostQueuedCompletionStatus

Sleep

TlsAlloc

TlsFree

GetTempPathW

CreateEventA

SetEvent

FreeLibrary

GetProcAddress

TerminateProcess

LoadLibraryExW

GetModuleHandleW

CreateProcessW

GlobalAddAtomW

GlobalFindAtomW

MultiByteToWideChar

SetLastError

FindClose

GetFileTime

GetSystemTime

SystemTimeToFileTime

FileTimeToLocalFileTime

FileTimeToSystemTime

GetModuleHandleA

GetFullPathNameW

SetFileAttributesW

GetFileAttributesW

DeleteFileW

FindFirstFileW

FindNextFileW

QueueUserWorkItem

CreateThread

TerminateThread

GetExitCodeThread

WaitForSingleObject

lstrcmpiW

FindResourceExW

LoadLibraryW

CreateDirectoryW

CopyFileW

GetVersionExW

CreateToolhelp32Snapshot

Process32FirstW

Process32NextW

EncodePointer

DisableThreadLibraryCalls

SetProcessWorkingSetSize

ResetEvent

DuplicateHandle

FlushInstructionCache

GetPrivateProfileStringA

WritePrivateProfileStringA

IsBadReadPtr

LocalAlloc

LocalFree

OpenProcess

CreateIoCompletionPort

GetQueuedCompletionStatus

ResumeThread

QueueUserAPC

WaitForMultipleObjects

TlsGetValue

TlsSetValue

SetWaitableTimer

GetFileSize

FormatMessageA

ReleaseSemaphore

OpenEventA

QueryPerformanceCounter

VirtualFree

VirtualAlloc

IsProcessorFeaturePresent

InterlockedPushEntrySList

InterlockedPopEntrySList

InitializeSListHead

OutputDebugStringW

IsDebuggerPresent

CreateWaitableTimerA

GetSystemTimeAsFileTime

SleepEx

FindResourceW

CreateMutexW

SizeofResource

LoadResource

LeaveCriticalSection

EnterCriticalSection

InitializeCriticalSection

GetCurrentProcessId

LockResource

WritePrivateProfileStringW

GetPrivateProfileStringW

lstrlenW

CreateFileW

GetPrivateProfileIntW

GetModuleFileNameW

GetTickCount

GetLocalTime

CloseHandle

SetFilePointer

WriteFile

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

GetLastError

RaiseException

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

CreateEventW

DecodePointer

user32

LoadIconW

SetWindowLongW

GetWindowLongW

GetWindowRect

GetForegroundWindow

CreateWindowExW

DestroyWindow

CallWindowProcW

DefWindowProcW

KillTimer

SetTimer

IsWindow

DispatchMessageW

GetMessageW

wsprintfW

UnregisterClassW

CharNextW

FindWindowW

SendMessageTimeoutW

LoadCursorW

MonitorFromWindow

GetClassInfoExW

RegisterClassExW

SystemParametersInfoW

GetLastInputInfo

PostThreadMessageW

CloseDesktop

OpenInputDesktop

GetMonitorInfoW

FindWindowExW

advapi32

CryptReleaseContext

CryptAcquireContextW

RegQueryInfoKeyW

RegEnumKeyExW

LookupPrivilegeValueW

AdjustTokenPrivileges

OpenProcessToken

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegDeleteValueW

RegDeleteKeyW

RegCreateKeyExW

RegCloseKey

CryptDestroyKey

CryptSetKeyParam

CryptGetKeyParam

CryptGetProvParam

CryptGenRandom

CryptExportKey

CryptImportKey

CryptEncrypt

CryptDecrypt

CryptDestroyHash

SetEntriesInAclW

GetSecurityInfo

SetSecurityInfo

BuildExplicitAccessWithNameW

CryptGenKey

shell32

Shell_NotifyIconW

ord165

SHCreateDirectoryExW

ole32

CoCreateGuid

StringFromGUID2

CoTaskMemRealloc

CoTaskMemAlloc

CoSetProxyBlanket

CoCreateInstance

CoSuspendClassObjects

CoRevokeClassObject

CoRegisterClassObject

CoUninitialize

CoInitialize

CoTaskMemFree

StringFromIID

oleaut32

LoadTypeLi

UnRegisterTypeLi

RegisterTypeLi

LoadRegTypeLi

VariantTimeToSystemTime

SysFreeString

VariantInit

VariantClear

SysAllocString

SysStringLen

SysAllocStringLen

SysStringByteLen

SysAllocStringByteLen

VarUI4FromStr

VarBstrCmp

SystemTimeToVariantTime

shlwapi

PathRemoveFileSpecW

PathAppendW

PathFileExistsW

PathFindFileNameW

PathStripPathW

wininet

DeleteUrlCacheEntryW

msvcp120

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?getloc@ios_base@std@@QBE?AVlocale@2@XZ

??7ios_base@std@@QBE_NXZ

??Bios_base@std@@QBE_NXZ

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?is@?$ctype@D@std@@QBE_NFD@Z

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

?id@?$ctype@D@std@@2V0locale@2@A

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@_JHH@Z

?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z

??0_Container_base12@std@@QAE@XZ

??1_Container_base12@std@@QAE@XZ

?_Orphan_all@_Container_base12@std@@QAEXXZ

?good@ios_base@std@@QBE_NXZ

?flags@ios_base@std@@QBEHXZ

?width@ios_base@std@@QBE_JXZ

?width@ios_base@std@@QAE_J_J@Z

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z

?uncaught_exception@std@@YA_NXZ

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

??0id@locale@std@@QAE@I@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@

??_7ios_base@std@@6B@

?id@?$codecvt@DDH@std@@2V0locale@2@A

?_BADOFF@std@@3_JB

?_Xbad_alloc@std@@YAXXZ

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Syserror_map@std@@YAPBDH@Z

?_Winerror_map@std@@YAPBDH@Z

??0_Lockit@std@@QAE@H@Z

??1_Lockit@std@@QAE@XZ

??Bid@locale@std@@QAEIXZ

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?always_noconv@codecvt_base@std@@QBE_NXZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

uilib

ord392

PP_GetProxyType

PP_HttpDownloadToFile_Sync_Get

PP_GetOSVersion

PP_RunEXE

PP_GetDirectXVerionViaFileVersions

PP_GetPPAPPath

PP_GetCurrentUserAppdata

PP_GetDiskId

ord5

PPTVLogOutW

PP_AddEveryoneAccessToFile

PP_GetPPLivePath

PP_GetCoreVersion

PP_GetPPTVVersion

PP_GetCurrentVersion

PP_CheckPPLiveRunning

?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ

?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ

?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z

?GetText@TiXmlElement@@QBEPBDXZ

??0TiXmlDocument@@QAE@XZ

??1TiXmlDocument@@UAE@XZ

?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z

??0Value@Json@@QAE@W4ValueType@1@@Z

?isInt@Value@Json@@QBE_NXZ

?isInt64@Value@Json@@QBE_NXZ

?isObject@Value@Json@@QBE_NXZ

?clear@Value@Json@@QAEXXZ

?asInt@Value@Json@@QBEHXZ

??0Value@Json@@QAE@ABV01@@Z

?size@Value@Json@@QBEIXZ

??AValue@Json@@QAEAAV01@H@Z

?isMember@Value@Json@@QBE_NPBD@Z

?isNull@Value@Json@@QBE_NXZ

?asInt64@Value@Json@@QBE_JXZ

?asString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

PP_GetPPLiveAppDataPath

sqlite3_reset

sqlite3_column_text

sqlite3_column_int64

sqlite3_step

sqlite3_close

sqlite3_exec

sqlite3_vmprintf

sqlite3_free

sqlite3_open

sqlite3_prepare_v2

sqlite3_finalize

sqlite3_next_stmt

PP_GetPPLiveNetworkPath

sqlite3_column_count

?Calculate@MD5Sum@@QAE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV23@@Z

??0MD5Sum@@QAE@XZ

PP_GetUsableFolder

PP_GetMaxUsableDisk

PP_GetAllUserAppData

??1MD5Sum@@QAE@XZ

?GetHash@MD5Sum@@QBE?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

??0MD5Sum@@QAE@PBEI@Z

PP_DeleteDirectory

PP_GetGlobalConfigLong

PP_ElapsedTickSince

PP_OpenUrlW

PP_ParseOption

??1Reader@Json@@QAE@XZ

?parse@Reader@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVValue@2@_N@Z

??0Reader@Json@@QAE@XZ

??AValue@Json@@QAEAAV01@PBD@Z

?isString@Value@Json@@QBE_NXZ

?asCString@Value@Json@@QBEPBDXZ

??1Value@Json@@QAE@XZ

msvcr120

memmove

__clean_type_info_names_internal

_initterm_e

_initterm

_malloc_crt

_amsg_exit

__CppXcptFilter

_except_handler4_common

__crtTerminateProcess

__crtUnhandledException

_crt_debugger_hook

??1type_info@@UAE@XZ

_onexit

__dllonexit

_calloc_crt

_unlock

_lock

?terminate@@YAXXZ

_beginthreadex

_wassert

??8type_info@@QBE_NABV0@@Z

_snprintf

isdigit

tolower

vsprintf_s

swscanf_s

_atoi64

isalnum

isspace

memchr

swprintf_s

strcpy_s

ceil

wcscat_s

_resetstkoflw

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@ABV01@@Z

??0bad_cast@std@@QAE@PBD@Z

_gmtime64

_unlock_file

_lock_file

ungetc

setvbuf

fsetpos

fputc

fgetpos

fgetc

fflush

_wcslwr_s

wcstok

wcsstr

wcsncpy_s

iswspace

_wtol

_wtoi

srand

rand

atol

atoi

_mktime64

wcsrchr

wcscpy_s

_wtoi64

_i64tow

_wcsicmp

_itow_s

?what@exception@std@@UBEPBDXZ

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABV01@@Z

??0exception@std@@QAE@ABQBDH@Z

??0exception@std@@QAE@ABQBD@Z

fwrite

_ftelli64

_fseeki64

fopen

fclose

memcmp

_time64

_localtime64_s

wmemcpy_s

wcsftime

_vscwprintf

vswprintf_s

wcsnlen

wcschr

memmove_s

memcpy_s

_itow

_recalloc

calloc

fread

memset

_wcsdup

malloc

memcpy

__CxxFrameHandler3

_CxxThrowException

sprintf

_swprintf

strerror

??_V@YAXPAX@Z

free

??2@YAPAXI@Z

_purecall

??3@YAXPAX@Z

psapi

GetProcessMemoryInfo

ws2_32

connect

inet_addr

getaddrinfo

WSARecv

WSASend

select

WSAGetLastError

getsockname

setsockopt

bind

freeaddrinfo

__WSAFDIsSet

WSASetLastError

closesocket

getsockopt

WSASocketA

listen

accept

WSACleanup

WSAStartup

ioctlsocket

Exports

CheckSource

DisableUpload

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

ExecCommand

NotifyJoinLeave

NotifyTastStatusChange

RD_XXXX

SetPushServerCallBack

StartTCPUpnpForUpload

Upload

UploadEx

Sections

.text
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

compid
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/PPAP.exe

.exe windows:5 windows x86 arch:x86

10df4cfd6ed8884d4b85e074159c5281

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5
Signer

Actual PE Digest

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release\output\Win32_Release\pdb\PE.pdb

Imports

kernel32

LoadLibraryW

GetModuleFileNameW

OutputDebugStringW

CreateFileW

LockResource

GetCurrentThread

GetCurrentThreadId

LoadResource

SizeofResource

CreateProcessW

GetCommandLineW

FindResourceW

FindResourceExW

OpenProcess

GetCurrentProcess

GetLastError

ReleaseMutex

Sleep

GetTickCount

CreateMutexW

CreateEventW

LoadLibraryExW

GetCommandLineA

GetEnvironmentVariableW

LocalAlloc

LocalFree

GetCurrentProcessId

TerminateProcess

RaiseException

SetLastError

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

WaitForSingleObject

ReadFile

FindClose

GetSystemInfo

LoadLibraryA

GetModuleHandleW

SetEnvironmentVariableW

GetTempPathW

GetFullPathNameW

FindFirstFileW

FindNextFileW

GetVersionExW

QueryPerformanceCounter

IsProcessorFeaturePresent

EncodePointer

LeaveCriticalSection

EnterCriticalSection

IsDebuggerPresent

GetSystemTimeAsFileTime

CloseHandle

GetProcAddress

FreeLibrary

lstrcmpiW

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

WritePrivateProfileStringW

GetPrivateProfileStringW

GetPrivateProfileIntW

DecodePointer

lstrlenW

user32

wsprintfW

MessageBoxW

GetDesktopWindow

GetShellWindow

GetWindowThreadProcessId

FindWindowExW

advapi32

LookupPrivilegeValueW

GetSidSubAuthorityCount

GetSidSubAuthority

AdjustTokenPrivileges

GetTokenInformation

OpenProcessToken

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegDeleteValueW

RegDeleteKeyW

RegCreateKeyExW

RegCloseKey

DuplicateTokenEx

shell32

CommandLineToArgvW

SHGetFolderPathW

ole32

CoUninitialize

CoCreateInstance

StringFromCLSID

CoCreateGuid

CoInitialize

oleaut32

SysFreeString

shlwapi

PathFileExistsW

PathIsRelativeW

StrCpyW

PathStripPathW

PathRemoveFileSpecW

PathAppendW

msvcp120

?_Syserror_map@std@@YAPBDH@Z

??0id@locale@std@@QAE@I@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr120

__crtUnhandledException

_crt_debugger_hook

exit

__set_app_type

__crtTerminateProcess

_fmode

_wcmdln

_initterm

_initterm_e

__setusermatherr

_except_handler4_common

__crtSetUnhandledExceptionFilter

_invoke_watson

_exit

_cexit

_controlfp_s

_commode

??3@YAXPAX@Z

??2@YAPAXI@Z

free

malloc

??_V@YAXPAX@Z

memmove

_wcsdup

_CxxThrowException

__CxxFrameHandler3

memcpy

memset

memcpy_s

memmove_s

wcscpy_s

wcsnlen

wcsstr

_wcsicmp

_wcsupr_s

wmemcpy_s

wcscspn

wcsrchr

__argc

__wargv

__wgetmainargs

_purecall

wcstoul

memchr

wcscat_s

wcschr

vswprintf_s

_vscwprintf

memcmp

??1type_info@@UAE@XZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

_XcptFilter

__crtGetShowWindowMode

_amsg_exit

_configthreadlocale

Exports

?Set_CrashUploadParams@@YAXHPB_W@Z

GetExternElapseTime

GetStartTickCount

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/PPAP_startup.exe

.exe windows:5 windows x86 arch:x86

10df4cfd6ed8884d4b85e074159c5281

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5
Signer

Actual PE Digest

38:6a:6d:1a:97:0f:25:44:8d:50:0d:88:58:b8:3f:02:5c:8b:ab:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release\output\Win32_Release\pdb\PE.pdb

Imports

kernel32

LoadLibraryW

GetModuleFileNameW

OutputDebugStringW

CreateFileW

LockResource

GetCurrentThread

GetCurrentThreadId

LoadResource

SizeofResource

CreateProcessW

GetCommandLineW

FindResourceW

FindResourceExW

OpenProcess

GetCurrentProcess

GetLastError

ReleaseMutex

Sleep

GetTickCount

CreateMutexW

CreateEventW

LoadLibraryExW

GetCommandLineA

GetEnvironmentVariableW

LocalAlloc

LocalFree

GetCurrentProcessId

TerminateProcess

RaiseException

SetLastError

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

WaitForSingleObject

ReadFile

FindClose

GetSystemInfo

LoadLibraryA

GetModuleHandleW

SetEnvironmentVariableW

GetTempPathW

GetFullPathNameW

FindFirstFileW

FindNextFileW

GetVersionExW

QueryPerformanceCounter

IsProcessorFeaturePresent

EncodePointer

LeaveCriticalSection

EnterCriticalSection

IsDebuggerPresent

GetSystemTimeAsFileTime

CloseHandle

GetProcAddress

FreeLibrary

lstrcmpiW

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

WritePrivateProfileStringW

GetPrivateProfileStringW

GetPrivateProfileIntW

DecodePointer

lstrlenW

user32

wsprintfW

MessageBoxW

GetDesktopWindow

GetShellWindow

GetWindowThreadProcessId

FindWindowExW

advapi32

LookupPrivilegeValueW

GetSidSubAuthorityCount

GetSidSubAuthority

AdjustTokenPrivileges

GetTokenInformation

OpenProcessToken

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegDeleteValueW

RegDeleteKeyW

RegCreateKeyExW

RegCloseKey

DuplicateTokenEx

shell32

CommandLineToArgvW

SHGetFolderPathW

ole32

CoUninitialize

CoCreateInstance

StringFromCLSID

CoCreateGuid

CoInitialize

oleaut32

SysFreeString

shlwapi

PathFileExistsW

PathIsRelativeW

StrCpyW

PathStripPathW

PathRemoveFileSpecW

PathAppendW

msvcp120

?_Syserror_map@std@@YAPBDH@Z

??0id@locale@std@@QAE@I@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr120

__crtUnhandledException

_crt_debugger_hook

exit

__set_app_type

__crtTerminateProcess

_fmode

_wcmdln

_initterm

_initterm_e

__setusermatherr

_except_handler4_common

__crtSetUnhandledExceptionFilter

_invoke_watson

_exit

_cexit

_controlfp_s

_commode

??3@YAXPAX@Z

??2@YAPAXI@Z

free

malloc

??_V@YAXPAX@Z

memmove

_wcsdup

_CxxThrowException

__CxxFrameHandler3

memcpy

memset

memcpy_s

memmove_s

wcscpy_s

wcsnlen

wcsstr

_wcsicmp

_wcsupr_s

wmemcpy_s

wcscspn

wcsrchr

__argc

__wargv

__wgetmainargs

_purecall

wcstoul

memchr

wcscat_s

wcschr

vswprintf_s

_vscwprintf

memcmp

??1type_info@@UAE@XZ

_lock

_unlock

_calloc_crt

__dllonexit

_onexit

?terminate@@YAXXZ

_XcptFilter

__crtGetShowWindowMode

_amsg_exit

_configthreadlocale

Exports

?Set_CrashUploadParams@@YAXHPB_W@Z

GetExternElapseTime

GetStartTickCount

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/3.6.2.0052/$OUTDIR/Converter.dll

.dll regsvr32 windows:5 windows x86 arch:x86

24026ef9608a8754bbfab7d9eaf81d2a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

e4:0c:ce:85:01:c0:fa:15:23:ba:d1:8d:74:2b:f4:0f:1e:f5:8c:35
Signer

Actual PE Digest

e4:0c:ce:85:01:c0:fa:15:23:ba:d1:8d:74:2b:f4:0f:1e:f5:8c:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release\output\Win32_Release\pdb\Converter.pdb

Imports

urlmon

URLDownloadToFileW

kernel32

CloseHandle

GetTickCount

lstrcmpiW

lstrlenA

CreateMutexW

OpenEventW

LoadLibraryExW

GetModuleFileNameW

GetModuleHandleW

GetCommandLineW

FindResourceW

DeleteFileW

MultiByteToWideChar

GetVersion

FlushInstructionCache

GetCurrentProcess

GetCurrentThreadId

LoadLibraryW

GetSystemTime

SystemTimeToFileTime

CreateDirectoryW

WideCharToMultiByte

FreeResource

GlobalAlloc

SizeofResource

GlobalUnlock

LocalFree

WaitForSingleObject

GetEnvironmentVariableW

OutputDebugStringW

GetFileSize

CreateFileW

DeviceIoControl

GetModuleFileNameA

CreateFileA

GetVersionExW

QueryPerformanceCounter

IsDebuggerPresent

VirtualFree

VirtualAlloc

IsProcessorFeaturePresent

InterlockedPushEntrySList

InterlockedPopEntrySList

InitializeSListHead

GetProcessHeap

HeapFree

HeapAlloc

LoadResource

Sleep

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

LeaveCriticalSection

EnterCriticalSection

SetLastError

GetLastError

RaiseException

GetProcAddress

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

FreeLibrary

InterlockedDecrement

InterlockedIncrement

DecodePointer

EncodePointer

WritePrivateProfileStringW

GetPrivateProfileStringW

GetPrivateProfileIntW

lstrlenW

GetCurrentProcessId

GlobalLock

user32

GetLayeredWindowAttributes

SetLayeredWindowAttributes

SetWindowPos

BringWindowToTop

SetTimer

KillTimer

SetActiveWindow

BeginPaint

EndPaint

DestroyWindow

LoadCursorW

SystemParametersInfoW

SendMessageW

ShowWindow

LoadStringW

GetClientRect

PtInRect

WindowFromPoint

GetDesktopWindow

GetShellWindow

CreateWindowExW

GetClassInfoExW

RegisterClassExW

SetWindowRgn

UnregisterClassW

wsprintfW

GetMessageW

TranslateMessage

DispatchMessageW

DefWindowProcW

PostQuitMessage

CallWindowProcW

CharLowerW

CharNextW

GetWindowLongW

SetWindowLongW

InvalidateRect

GetSystemMetrics

GetWindowThreadProcessId

gdi32

SetViewportOrgEx

SelectObject

CreateCompatibleDC

CreateCompatibleBitmap

BitBlt

ExtCreateRegion

DeleteObject

DeleteDC

advapi32

RegDeleteKeyW

RegCreateKeyExW

RegCloseKey

RegQueryInfoKeyW

RegEnumKeyExW

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegDeleteValueW

shell32

CommandLineToArgvW

SHGetFolderPathW

ShellExecuteExW

ole32

CoInitialize

CreateStreamOnHGlobal

CoTaskMemFree

CoTaskMemRealloc

CoTaskMemAlloc

StringFromGUID2

CoCreateInstance

CoUninitialize

oleaut32

SysAllocStringLen

VariantCopy

DispCallFunc

UnRegisterTypeLi

RegisterTypeLi

LoadRegTypeLi

LoadTypeLi

VarUI4FromStr

VariantClear

VariantInit

SysStringLen

SysFreeString

SysAllocString

shlwapi

StrToIntW

PathAppendW

PathRemoveFileSpecW

PathFileExistsW

comctl32

_TrackMouseEvent

gdiplus

GdipDeleteGraphics

GdipGetImageWidth

GdipCreateSolidFill

GdipDeleteBrush

GdipCreateFromHDC

GdipGetImageHeight

GdipFree

GdipDisposeImage

GdipCloneImage

GdipLoadImageFromStreamICM

GdipLoadImageFromStream

GdipDrawString

GdipDeleteFont

GdipCreateFont

GdipGetGenericFontFamilySansSerif

GdipDeleteFontFamily

GdipCreateFontFamilyFromName

GdipDrawImageRectRectI

GdipDrawImageRectI

GdipAlloc

GdiplusShutdown

GdipCloneBrush

GdiplusStartup

wintrust

WinVerifyTrust

WTHelperGetProvCertFromChain

WTHelperProvDataFromStateData

WTHelperGetProvSignerFromChain

crypt32

CertGetNameStringW

msvcp120

?_Syserror_map@std@@YAPBDH@Z

??0id@locale@std@@QAE@I@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Xbad_alloc@std@@YAXXZ

?_Winerror_map@std@@YAPBDH@Z

msvcr120

sprintf

strncpy

strrchr

??1type_info@@UAE@XZ

?terminate@@YAXXZ

_lock

_unlock

_calloc_crt

__dllonexit

_crt_debugger_hook

__crtUnhandledException

__crtTerminateProcess

__CppXcptFilter

_amsg_exit

_wcsicmp

_initterm

_initterm_e

wcsstr

wcsncpy_s

wcscpy_s

wcscat_s

memcpy_s

iswdigit

_wtoi

_recalloc

_purecall

memset

memcpy

__CxxFrameHandler3

_CxxThrowException

__clean_type_info_names_internal

vswprintf_s

memcmp

swprintf_s

atol

_malloc_crt

memchr

??3@YAXPAX@Z

??2@YAPAXI@Z

_except_handler4_common

free

malloc

_wcsdup

memmove

??_V@YAXPAX@Z

_onexit

uilib

PPTVLogOutW

PP_GetComManager

??0TiXmlDocument@@QAE@XZ

ord392

?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ

?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z

?Attribute@TiXmlElement@@QBEPBDPBD@Z

?LoadFile@TiXmlDocument@@QAE_NPBDW4TiXmlEncoding@@@Z

??1TiXmlDocument@@UAE@XZ

PP_GetProxyType

wininet

InternetOpenW

InternetOpenUrlW

HttpQueryInfoW

InternetCloseHandle

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

RD_XXXX

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/3.6.2.0052/$OUTDIR/MngModule.dll