ef617106fba6a33d1aaa2f27cc8a9740edce262d2c0da82241fe423e2dd43708

Sharing

Copy URL Twitter E-mail

General

Target

ef617106fba6a33d1aaa2f27cc8a9740edce262d2c0da82241fe423e2dd43708
Size

4.2MB
MD5

0932018a0b8cbd5aabc20d8f65aaad1b
SHA1

308f90234cb0a32b4dc2b250b68b6755d8012043
SHA256

ef617106fba6a33d1aaa2f27cc8a9740edce262d2c0da82241fe423e2dd43708
SHA512

67abdfe803a039fd06a2d881e707a4de3cd92dcd1d39e7fe8c53541826501f73b0e00d056230de514e795c0f8bbf98e701af75dfe7b5369e43da9d6aee93bd11
SSDEEP

98304:248EIFioj8+ee8NsRUnj8fo7AmHJdr+APB:/gFJYsRUjSmHJVPp

Score

3^/10

Malware Config

Signatures

Unsigned PE 33 IoCs

Checks for missing Authenticode signature.

resource
ef617106fba6a33d1aaa2f27cc8a9740edce262d2c0da82241fe423e2dd43708
unpack001/$PLUGINSDIR/OcsSetup.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll
unpack002/$PLUGINSDIR/SimpleFC.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$PLUGINSDIR/advsplash.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/services.dll
unpack002/ComHTTP.dll
unpack002/Download.exe
unpack002/OCSInventory Front.dll
unpack002/OCSInventory.exe
unpack002/OcsNotifyUser.exe
unpack002/OcsService.exe
unpack002/OcsSystray.exe
unpack002/OcsWmi.dll
unpack002/SysInfo.dll
unpack002/ZipArchive.dll
unpack002/libcurl.dll
unpack002/libeay32.dll
unpack002/ssleay32.dll
unpack002/uninst.exe
unpack003/$PLUGINSDIR/KillProcDLL.dll
unpack003/$PLUGINSDIR/nsExec.dll
unpack003/$PLUGINSDIR/services.dll
unpack002/zlib1.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/instOCS.exe
unpack004/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsExec.dll

NSIS installer 8 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$PLUGINSDIR/OcsSetup.exe	nsis_installer_1
static1/unpack001/$PLUGINSDIR/OcsSetup.exe	nsis_installer_2
static1/unpack002/uninst.exe	nsis_installer_1
static1/unpack002/uninst.exe	nsis_installer_2
static1/unpack001/$PLUGINSDIR/instOCS.exe	nsis_installer_1
static1/unpack001/$PLUGINSDIR/instOCS.exe	nsis_installer_2

Files

ef617106fba6a33d1aaa2f27cc8a9740edce262d2c0da82241fe423e2dd43708
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/OcsSetup.exe
.exe windows:4 windows x86 arch:x86

59a4a44a250c4cf4f2d9de2b3fe5d95f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
SearchPathA
GetShortPathNameA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
CloseHandle
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrlenA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetVersion
GetProcAddress
GlobalAlloc
CompareFileTime
SetFileTime
ExpandEnvironmentStringsA
lstrcmpiA
lstrcmpA
WaitForSingleObject
GlobalFree
GetExitCodeProcess
GetModuleHandleA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryExA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
WriteFile
FindClose
WritePrivateProfileStringA
MultiByteToWideChar
MulDiv
GetPrivateProfileStringA
FreeLibrary

user32

CreateWindowExA
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
GetDC
SystemParametersInfoA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
GetDlgItem
wsprintfA
SetForegroundWindow
ShowWindow
IsWindow
LoadImageA
SetWindowLongA
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
PostQuitMessage
FindWindowExA
SendMessageTimeoutA
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileStringA
SetCurrentDirectoryA
GetModuleHandleA
lstrcmpiA
WritePrivateProfileStringA
lstrcatA
lstrcpynA
GlobalFree
lstrlenA
lstrcpyA
GlobalUnlock
GlobalAlloc
GlobalLock

user32

MapWindowPoints
PtInRect
CloseClipboard
LoadCursorA
GetDlgCtrlID
OpenClipboard
GetClientRect
SetWindowRgn
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
DrawTextA
SetCursor
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
GetSysColor
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetWindowLongA
EnableMenuItem
GetSystemMenu
GetClipboardData
LoadIconA

gdi32

DeleteObject
CombineRgn
SetTextColor
GetDIBits
SelectObject
CreateRectRgn
GetObjectA
CreateCompatibleDC

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetDesktopFolder

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SetACL.exe
.exe windows:5 windows x86 arch:x86

b8086f6290816fb617f882601f009ecd

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:a9:04:54:92:bc:c8:64:10:a5:a3:0b:f5:34:1a:e8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

08/03/2012, 00:00

Not After

08/03/2013, 23:59

Subject

CN=Helge Klein GmbH,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Helge Klein GmbH,L=Köln,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:32:ce:44:24:f1:24:42:14:46:e6:3d:4d:bd:07:f9:13:85:74:25
Signer

Actual PE Digest

3a:32:ce:44:24:f1:24:42:14:46:e6:3d:4d:bd:07:f9:13:85:74:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Daten\Helge\Programmierung\SetACL3\Source\SetACL.exe\Win32\Release\SetACL.pdb

Imports

secur32

GetUserNameExW

version

VerQueryValueW

activeds

ord13

kernel32

FindClose
CreateFileW
InterlockedIncrement
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
Sleep
GetCommandLineW
HeapSetInformation
RtlUnwind
RaiseException
GetCPInfo
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
FindFirstFileW
IsProcessorFeaturePresent
HeapCreate
GetStdHandle
GetLocaleInfoW
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapReAlloc
CompareStringW
SetEnvironmentVariableW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleW
SetEndOfFile
ReadFile
SetEvent
ResetEvent
ReleaseMutex
CreateEventW
CreateMutexW
FindNextFileW
MoveFileExW
WriteFile
SetFilePointerEx
GetFileSizeEx
GetCurrentThreadId
GetLocalTime
WaitForSingleObject
CreateThread
CompareFileTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FreeLibrary
LocalFree
FormatMessageW
LoadLibraryExW
InterlockedDecrement
LoadLibraryW
GetModuleFileNameW
GetVersionExW
GetComputerNameW
FreeResource
GetUserDefaultLangID
LockResource
LoadResource
FindResourceW
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
GetCurrentProcess
GetProcAddress
GetLastError
GetModuleHandleW
CreateDirectoryW
GetFileAttributesW
DeleteFileW

user32

LoadStringW

advapi32

LookupAccountNameW
ConvertSidToStringSidW
LookupAccountSidW
MapGenericMask
GetSecurityDescriptorLength
AddAccessAllowedAce
AddAce
InitializeAcl
IsValidAcl
DeleteAce
MakeSelfRelativeSD
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetNamedSecurityInfoW
SetSecurityInfo
IsValidSecurityDescriptor
GetNamedSecurityInfoW
GetKernelObjectSecurity
ConvertStringSidToSidW
EqualSid
GetAce
GetAclInformation
ConvertSecurityDescriptorToStringSecurityDescriptorW
GetSecurityDescriptorControl
SetEntriesInAclW
RegCreateKeyExW
MakeAbsoluteSD
ConvertStringSecurityDescriptorToSecurityDescriptorW
ReportEventW
DeregisterEventSource
RegisterEventSourceW
RegCloseKey
RegOpenKeyExW
RegConnectRegistryW
RegEnumKeyExW
CopySid
GetLengthSid
IsValidSid
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

ole32

CoCreateInstance
CoInitialize
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoQueryProxyBlanket

oleaut32

SysAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
VariantInit
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocString
SysFreeString
SysAllocStringByteLen

netapi32

DsGetDcNameW
NetShareSetInfo
NetApiBufferFree
NetDfsGetClientInfo
NetShareGetInfo

mpr

WNetCloseEnum
WNetEnumResourceW
WNetOpenEnumW

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SimpleFC.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AddApplication
AddPort
AdvAddRule
AdvExistsRule
AdvRemoveRule
AllowDisallowExceptionsNotAllowed
AllowDisallowIcmpInboundEchoRequest
AllowDisallowIcmpInboundMaskRequest
AllowDisallowIcmpInboundRouterRequest
AllowDisallowIcmpInboundTimestampRequest
AllowDisallowIcmpOutboundDestinationUnreachable
AllowDisallowIcmpOutboundPacketTooBig
AllowDisallowIcmpOutboundParameterProblem
AllowDisallowIcmpOutboundSourceQuench
AllowDisallowIcmpOutboundTimeExceeded
AllowDisallowIcmpRedirect
AreExceptionsNotAllowed
AreNotificationsEnabled
EnableDisableApplication
EnableDisableFirewall
EnableDisableNotifications
EnableDisablePort
IsApplicationAdded
IsApplicationEnabled
IsFirewallEnabled
IsFirewallServiceRunning
IsIcmpTypeAllowed
IsPortAdded
IsPortEnabled
RemoveApplication
RemovePort
RestoreDefaults
StartStopFirewallService

Sections

CODE
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

cce05dea98cbac3a9d486b233588f528

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentProcess
GlobalAlloc
GetCurrentThread
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynA

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/advsplash.dll
.dll windows:4 windows x86 arch:x86

2e8d5524d09b794f343fa9e2df0a1d87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetVersion
GetModuleHandleA
lstrcpyA
lstrcatA
GlobalAlloc
GetProcAddress
GlobalFree

user32

EnumDisplaySettingsA
CreateWindowExA
DefWindowProcA
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
BeginPaint
LoadImageA
DestroyWindow
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
LoadCursorA
RegisterClassA
SetWindowPos

gdi32

BitBlt
DeleteObject
CombineRgn
DeleteDC
CreateCompatibleDC
GetObjectA
CreateRectRgn
GetDIBits
SelectObject

winmm

timeSetEvent
PlaySoundA
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/agent.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/local.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

6b7d154c806f1e47db325229c300c6df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
lstrcpynA
ReadFile
PeekNamedPipe
GetTickCount
lstrcpyA
CreateProcessA
GetStartupInfoA
GetProcAddress
GlobalLock
DeleteFileA
lstrcmpiA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
CreatePipe
GetVersionExA
lstrcatA

user32

SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/proxy.ini
$PLUGINSDIR/server.ini
$PLUGINSDIR/services.dll
.dll windows:4 windows x86 arch:x86

caddd9e268e5bc2a8b67248bc1f72836

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
WideCharToMultiByte
FormatMessageA
LocalFree
HeapAlloc
MultiByteToWideChar
GetProcessHeap
GetCurrentThread
HeapReAlloc
HeapFree
GlobalAlloc
GetLastError
GetCurrentProcess
lstrcpyA

advapi32

LsaRemoveAccountRights
LsaAddAccountRights
OpenProcessToken
OpenThreadToken
ControlService
DeleteService
StartServiceA
OpenServiceA
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
LsaEnumerateAccountRights
EnumServicesStatusA
LsaNtStatusToWinError
LsaClose
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
LsaFreeMemory
LsaOpenPolicy
LookupAccountNameW

msvcrt

malloc
wcslen
memset
free
strstr
_except_handler3
_strlwr
_stricmp
_itoa

Exports

Exports

GetServiceNameFromDisplayName
GrantLogonAsAService
HasLogonAsAService
IsProcessUserAdministrator
IsServiceInstalled
IsServiceRunning
RemoveLogonAsAService
SendServiceCommand

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/splash.bmp
ComHTTP.dll
.dll windows:6 windows x86 arch:x86

cc810a68c8692e80a2904044634deda3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\ComHTTP.pdb

Imports

libeay32

ord3067
ord509
ord510
ord2206
ord2894
ord961
ord266
ord2996
ord2927
ord256
ord276
ord2656
ord3212
ord2660

libcurl

curl_slist_free_all
curl_easy_init
curl_easy_reset
curl_easy_cleanup
curl_easy_strerror
curl_easy_perform
curl_slist_append
curl_easy_setopt

ocsinventory front

?base64_decode@@YAPAEPB_WPAI@Z
?base64_encode@@YAHPAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??0CConnexionAbstract@@QAE@XZ
?log@CLog@@QAAXHPB_WZZ
?getRawMessageLength@CRequestAbstract@@QAEHXZ
?GetAnsiFromUnicode@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PB_W@Z
?fileExists@@YAHPB_W@Z
?getVersion@CConfig@@QAEPB_WXZ
?isRequired@@YAHPB_WV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getAgentConfig@@YAPAVCConfig@@XZ
??1CServerConfig@@UAE@XZ
??1CConnexionAbstract@@UAE@XZ
??_7CConnexionAbstract@@6B@
?getConfigFile@CConfig@@QAEPB_WXZ
?getParamValue@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_WV12@@Z
??0CServerConfig@@QAE@XZ
?getDataFolder@@YAPB_WXZ

mfc120u

ord8206
ord4772
ord1520
ord286
ord296
ord12430
ord5019
ord4280
ord2435
ord1139
ord2843
ord1700
ord11837
ord500
ord13113
ord360
ord8639
ord4621
ord1521
ord1043
ord8242
ord1528
ord316
ord7881
ord4546
ord12736
ord12799
ord10314
ord12122
ord1042
ord1467
ord7542
ord8352
ord9090
ord10131
ord8101
ord5314
ord7600
ord7610
ord7609
ord5137
ord5316
ord5160
ord5667
ord5430
ord9231
ord5664
ord5454
ord5157
ord1508
ord1518
ord1506
ord12094
ord12126
ord8099
ord12114
ord5821
ord3809
ord266
ord3806
ord6758
ord992
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord1509
ord325
ord1050
ord2323
ord2204
ord324
ord1049
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord12413
ord12412
ord2444
ord8268
ord5262
ord280

msvcr120

__clean_type_info_names_internal
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?terminate@@YAXXZ
__CxxFrameHandler3
memset
malloc
_wtoi
_wtol
free
memcpy

kernel32

IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer
DeleteCriticalSection
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
EncodePointer
LocalFree
LocalAlloc

Exports

Exports

??0CHTTPConfig@@QAE@ABV0@@Z
??0CHTTPConfig@@QAE@PB_W0@Z
??0CHTTPConnexion@@QAE@ABV0@@Z
??0CHTTPConnexion@@QAE@PAVCHTTPConfig@@@Z
??1CHTTPConfig@@UAE@XZ
??1CHTTPConnexion@@UAE@XZ
??4CHTTPConfig@@QAEAAV0@ABV0@@Z
??4CHTTPConnexion@@QAEAAV0@ABV0@@Z
??_7CHTTPConfig@@6B@
??_7CHTTPConnexion@@6B@
??_FCHTTPConfig@@QAEXXZ
?Clear@CHTTPConfig@@UAEXXZ
?getCaBundle@CHTTPConfig@@QAEPB_WXZ
?getErrorStatus@CHTTPConnexion@@UAEKXZ
?getErrorString@CHTTPConnexion@@UAEPB_WXZ
?getFile@CHTTPConnexion@@UAEHPB_W0@Z
?getHttpCode@CHTTPConnexion@@AAEKAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getHttpPwd@CHTTPConfig@@QAEPB_WXZ
?getHttpUser@CHTTPConfig@@QAEPB_WXZ
?getLabel@CHTTPConnexion@@UAEHPB_W@Z
?getProxy@CHTTPConfig@@QAEPB_WXZ
?getProxyPort@CHTTPConfig@@QAEIXZ
?getProxyPwd@CHTTPConfig@@QAEPB_WXZ
?getProxyType@CHTTPConfig@@QAEIXZ
?getProxyUser@CHTTPConfig@@QAEPB_WXZ
?getServer@CHTTPConfig@@QAEPB_WXZ
?initLibCurl@CHTTPConnexion@@AAEHXZ
?isHttpAuthRequired@CHTTPConfig@@QAEHXZ
?isProxyAuthRequired@CHTTPConfig@@QAEHXZ
?isSslServerValidationRequired@CHTTPConfig@@QAEHXZ
?load@CHTTPConfig@@QAEHPB_W0@Z
?parseCommandLine@CHTTPConfig@@UAEHPB_W@Z
?save@CHTTPConfig@@QAEHPB_W0@Z
?sendRequest@CHTTPConnexion@@UAEPAVCByteArray@@PAVCRequestAbstract@@@Z
?setProxy@CHTTPConfig@@QAEXPB_W@Z
?setProxyAuth@CHTTPConnexion@@AAEHXZ
?setProxyAuthPasswd@CHTTPConfig@@QAEXPB_W@Z
?setProxyAuthUser@CHTTPConfig@@QAEXPB_W@Z
?setProxyPort@CHTTPConfig@@QAEXI@Z
?setProxyType@CHTTPConfig@@QAEXI@Z
?setServer@CHTTPConfig@@QAEXPB_W@Z
?setServerAuthPasswd@CHTTPConfig@@QAEXPB_W@Z
?setServerAuthUser@CHTTPConfig@@QAEXPB_W@Z
?setServerCA@CHTTPConfig@@QAEXPB_W@Z
?setServerSSL@CHTTPConfig@@QAEXI@Z
?simpleGet@CHTTPConnexion@@QAEPAVCByteArray@@PB_W@Z
?simplePost@CHTTPConnexion@@QAEPAVCByteArray@@PB_W0@Z
deleteServerConfig
deleteServerConnexion
newServerConfig
newServerConnexion
saveServerConfig

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Download.exe
.exe windows:6 windows x86 arch:x86

0f910a21cf79b32b9a2f9450bf556211

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\Download.pdb

Imports

ziparchive

??0CZipArchive@@QAE@XZ
??1CZipArchive@@UAE@XZ
?Open@CZipArchive@@QAE_NPB_WHK@Z
?ExtractFile@CZipArchive@@QAE_NGPB_W_N0W4FileOverwriteMode@ZipPlatform@@K@Z
?Close@CZipArchive@@QAE?AVCZipString@@H_N@Z

ocsinventory front

?getErrorString@CResponseAbstract@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?AddPackage@CFilePackageHistory@@SAHPB_W0@Z
?setDebugRequired@CConfig@@QAEXI@Z
?getCommunicationProvider@CConfig@@QAEPB_WXZ
?setPackageResult@CDownloadRequest@@QAEHPB_W00@Z
?setSuccess@CDownloadRequest@@UAEXXZ
?isDebugRequired@CConfig@@QAEIXZ
?load@CConfig@@QAEHPB_W@Z
?setVersion@CConfig@@QAEXPB_W@Z
?lockDownload@@YAHXZ
?unlockDownload@@YAHXZ
?fileExists@@YAHPB_W@Z
?getInstallFolder@@YAPB_WXZ
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?directoryCreate@@YAHPB_W@Z
?GetDiskFree@@YA_JPB_W@Z
??0CExecCommand@@QAE@XZ
??1CExecCommand@@QAE@XZ
?setTimeout@CExecCommand@@QAEXK@Z
?execWait@CExecCommand@@QAEHPB_W0H@Z
?execWaitForAllChilds@CExecCommand@@QAEHPB_W0@Z
?getOutput@CExecCommand@@QAEPBDXZ
?getExitValue@CExecCommand@@QAEHXZ
?GetUnicodeFromAnsi@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBD@Z
?fileDigest@@YAHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0H@Z
?LoadFileToText@@YAHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@Z
?directoryDelete@@YAHPB_W@Z
??0CMarkup@@QAE@XZ
??1CMarkup@@UAE@XZ
?LoadFile@CMarkup@@QAEHPB_W@Z
?FindFirstElem@CMarkup@@QAEPAVTiXmlElement@@PB_WPAV2@@Z
?ResetPos@CMarkup@@QAEPAVTiXmlElement@@PAV2@@Z
?GetAttrib@CMarkup@@QAEPB_WPB_W@Z
?isRequired@@YAHPB_WV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCException@@@Z
??0CDownloadResponse@@QAE@PAVCByteArray@@@Z
??1CDownloadResponse@@UAE@XZ
?isDownloadSuspended@@YAHXZ
?isSuccess@CResponseAbstract@@QAEHXZ
?setErrorStatus@CResponseAbstract@@QAEXK@Z
?setErrorString@CResponseAbstract@@QAEXPB_W@Z
??1CDownloadRequest@@UAE@XZ
?getAgentConfig@@YAPAVCConfig@@XZ
?getOcsLogger@@YAPAVCLog@@XZ
?log@CLog@@QAAXHPB_WZZ
?setLogLevel@CLog@@QAEXK@Z
?setApplication@CLog@@QAEXPB_W@Z
?load@CComProvider@@QAEHPB_W@Z
?getName@CComProvider@@QAEPB_WXZ
?getVersion@CComProvider@@QAEPB_WXZ
?getDownloadFolder@@YAPB_WXZ
?newConfig@CComProvider@@QAEPAVCServerConfig@@PB_W0@Z
?deleteConfig@CComProvider@@QAEXPAVCServerConfig@@@Z
?newConnexion@CComProvider@@QAEPAVCConnexionAbstract@@PAVCServerConfig@@@Z
?deleteConnexion@CComProvider@@QAEXPAVCConnexionAbstract@@@Z
?getPackageHistoryFilename@@YAPB_WXZ
?getComServerProvider@@YAPAVCComProvider@@XZ
?getParamValue@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_WV12@@Z
??0CNotifyUser@@QAE@XZ
??1CNotifyUser@@QAE@XZ
?ShowPreInstall@CNotifyUser@@QAEIPB_WHHI@Z
?ShowPostInstall@CNotifyUser@@QAEIPB_WHHI@Z
??0CDownloadRequest@@QAE@XZ
?getFrameworkVersion@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ

sysinfo

?Close@CFileVersion@@QAEXXZ
?Open@CFileVersion@@QAEHPB_W@Z
??0CFileVersion@@QAE@XZ
?GetProductVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??1CFileVersion@@QAE@XZ

mfc120u

ord8594
ord2954
ord5027
ord500
ord6853
ord11837
ord12222
ord14465
ord1700
ord2843
ord1139
ord6652
ord970
ord14537
ord12300
ord1444
ord11847
ord1706
ord2857
ord5019
ord12430
ord280
ord286
ord1518
ord1520
ord2948
ord12634
ord12455
ord1506
ord2341
ord2347
ord820
ord13822
ord13115
ord1349
ord2204
ord12094
ord12126
ord8099
ord12114
ord5821
ord3809
ord2163
ord3806
ord2343
ord2262
ord6758
ord992
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord10260
ord5262
ord8206
ord7881
ord4546
ord12736
ord12799
ord10314
ord12122
ord8268
ord1467
ord7542
ord8352
ord503
ord1141
ord5488
ord5491
ord8059
ord2844
ord4672
ord4692
ord9090
ord10131
ord8101
ord5314
ord1508
ord2435
ord4772
ord2367
ord7600
ord7610
ord7609
ord5137
ord5316
ord5160
ord5667
ord5430
ord9231
ord5664
ord5454
ord5157
ord4280
ord296
ord1042
ord4621
ord12510

msvcr120

__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_commode
_fmode
_wcmdln
_initterm
__crtTerminateProcess
__setusermatherr
_configthreadlocale
_cexit
_exit
ceil
__CxxFrameHandler3
_CxxThrowException
exit
__set_app_type
__wgetmainargs
?terminate@@YAXXZ
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_initterm_e
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
memset
free
_wtol
_purecall
memmove
_time64
wcsftime
wprintf
_localtime64_s
_wtoi
_wcsicmp
memcpy

kernel32

GetSystemTimeAsFileTime
OutputDebugStringW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
ExpandEnvironmentStringsW
MoveFileW
GetCurrentDirectoryW
GetTempPathW
CopyFileW
GetCurrentProcess
DeleteFileW
ReleaseMutex
GetPrivateProfileIntW
GetModuleFileNameW
Sleep
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer
DeleteCriticalSection

advapi32

RegQueryValueExW
LookupPrivilegeValueW
RegDeleteValueW
RegOpenKeyExW
AdjustTokenPrivileges
InitiateSystemShutdownExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
OpenProcessToken

comctl32

InitCommonControlsEx

ole32

CoInitializeSecurity
CoUninitialize
CoInitializeEx

oleaut32

VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OCS-transform.xsl
.xml
OCSInventory Front.dll
.dll windows:6 windows x86 arch:x86

f62ad479567cd141784d82a7b7ad15f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\OCSInventory Front.pdb

Imports

zlib1

deflate
inflateEnd
deflateInit_
inflate
deflateEnd
inflateInit_

libeay32

ord316
ord270
ord269
ord267
ord260
ord510
ord268

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

msvcr120

__CxxFrameHandler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
__clean_type_info_names_internal
swscanf
_wfopen_s
wprintf
memcpy_s
??_U@YAPAXI@Z
exit
_close
_write
_open_osfhandle
_sopen_s
malloc
_read
_fstat64i32
calloc
_time64
wcsftime
_localtime64_s
??_V@YAXPAX@Z
free
isalpha
tolower
isalnum
strchr
isspace
strncmp
fclose
fseek
ftell
ferror
_purecall
fprintf
fread
fopen_s
_vsnprintf_s
fputc
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
wcstok
_wtoi
_wtol
_wcsicmp
realloc
fwrite
_recalloc
isprint
memset
memcpy

sysinfo

?getSystemSlots@CSysInfo@@QAEHPAVCSystemSlotList@@@Z
?getSystemControllers@CSysInfo@@QAEHPAVCSystemControllerList@@@Z
?getStoragePeripherals@CSysInfo@@QAEHPAVCStoragePeripheralList@@@Z
?getSoundDevices@CSysInfo@@QAEHPAVCSoundDeviceList@@@Z
?getProcessors@CSysInfo@@QAEKAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0PAVCCpuList@@@Z
?getPrinters@CSysInfo@@QAEHPAVCPrinterList@@@Z
?getSystemPorts@CSysInfo@@QAEHPAVCSystemPortList@@@Z
?getMonitors@CSysInfo@@QAEHPAVCMonitorList@@@Z
?getModems@CSysInfo@@QAEHPAVCModemList@@@Z
?getMemorySlots@CSysInfo@@QAEHPAVCMemorySlotList@@@Z
?getLogicalDrives@CSysInfo@@QAEHPAVCLogicalDriveList@@@Z
?getLocalIP@CSysInfo@@QAEPB_WXZ
?getInputDevices@CSysInfo@@QAEHPAVCInputDeviceList@@@Z
?getBiosInfo@CSysInfo@@QAEHPAVCBios@@@Z
?getMemory@CSysInfo@@QAEHPAK0@Z
?getUserDomain@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getDomainOrWorkgroup@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getAddressWidthOS@CSysInfo@@QAEKXZ
?getOS@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0000@Z
?getWindowsProductKey@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetCount@?$CList@VCInputDevice@@AAV1@@@QBEHXZ
?GetHash@CBios@@QAEPB_WXZ
?GetMotherboardSerialNumber@CBios@@QAEPB_WXZ
?GetMotherboardModel@CBios@@QAEPB_WXZ
?GetMotherboardManufacturer@CBios@@QAEPB_WXZ
?GetBiosDate@CBios@@QAEPB_WXZ
?GetBiosVersion@CBios@@QAEPB_WXZ
?GetBiosManufacturer@CBios@@QAEPB_WXZ
?GetSystemSerialNumber@CBios@@QAEPB_WXZ
?GetSystemModel@CBios@@QAEPB_WXZ
?GetSystemManufacturer@CBios@@QAEPB_WXZ
??1CBios@@UAE@XZ
??0CBios@@QAE@XZ
?GetHash@CNetworkAdapterList@@QAEPB_WXZ
?GetCount@?$CList@VCModem@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCLogicalDrive@@AAV1@@@QBEHXZ
?GetHash@CCpuList@@QAEPB_WXZ
??1CCpuList@@UAE@XZ
??0CCpuList@@QAE@XZ
?GetCount@?$CList@VCStoragePeripheral@@AAV1@@@QBEHXZ
?SetChecksum@CDeviceProperties@@QAEXK@Z
?SetVMSystem@CDeviceProperties@@QAEXPB_W@Z
?SetUUID@CDeviceProperties@@QAEXPB_W@Z
?SetWindowsProductKey@CDeviceProperties@@QAEXPB_W@Z
?SetWindowsRegistration@CDeviceProperties@@QAEXPB_W00@Z
?SetUserDomain@CDeviceProperties@@QAEXPB_W@Z
?SetDomainOrWorkgroup@CDeviceProperties@@QAEXPB_W@Z
?SetDescription@CDeviceProperties@@QAEXPB_W@Z
?SetLastLoggedUser@CDeviceProperties@@QAEXPB_W@Z
?SetLoggedOnUser@CDeviceProperties@@QAEXPB_W@Z
?SetIPAddress@CDeviceProperties@@QAEXPB_W@Z
?SetMemory@CDeviceProperties@@QAEXKK@Z
?SetProcessor@CDeviceProperties@@QAEXPB_W0K@Z
?SetAddressWidthOS@CDeviceProperties@@QAEXI@Z
?SetOS@CDeviceProperties@@QAEXPB_W00@Z
?SetDeviceName@CDeviceProperties@@QAEXPB_W@Z
?SetDeviceID@CDeviceProperties@@QAEXPB_W@Z
?GetHash@CDeviceProperties@@QAEPB_WXZ
?GetIPAddress@CDeviceProperties@@QAEPB_WXZ
?GetPageFileSize@CDeviceProperties@@QAEKXZ
?GetPhysicalMemory@CDeviceProperties@@QAEKXZ
??1CDeviceProperties@@UAE@XZ
??0CDeviceProperties@@QAE@XZ
?GetHash@CModemList@@QAEPB_WXZ
??1CModemList@@UAE@XZ
??0CModemList@@QAE@XZ
?SetMemoryAddressWidth@CSoftware@@QAEXK@Z
?SetInstallDate@CSoftware@@QAEXPB_WH@Z
?SetLanguage@CSoftware@@QAEXPB_W@Z
?Set@CSoftware@@QAEXPB_W00000KH@Z
?Clear@CSoftware@@QAEXXZ
??1CSoftware@@UAE@XZ
??0CSoftware@@QAE@XZ
?GetCount@?$CList@VCNetworkAdapter@@AAV1@@@QBEHXZ
?GetHash@CMonitorList@@QAEPB_WXZ
??1CMonitorList@@UAE@XZ
??0CMonitorList@@QAE@XZ
?GetCount@?$CList@VCRegistryValue@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCSystemPort@@AAV1@@@QBEHXZ
?GetHash@CSystemPortList@@QAEPB_WXZ
??1CSystemPortList@@UAE@XZ
??0CSystemPortList@@QAE@XZ
?GetCount@?$CList@VCCpu@@AAV1@@@QBEHXZ
?GetHash@CRegistryValueList@@QAEPB_WXZ
??1CRegistryValueList@@UAE@XZ
??0CRegistryValueList@@QAE@XZ
?GetCount@?$CList@VCMemorySlot@@AAV1@@@QBEHXZ
?DetectVM@CVMSystem@@QAEHPAVCBios@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCSystemControllerList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCStoragePeripheralList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCVideoAdapterList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CVMSystem@@QAE@XZ
??0CVMSystem@@QAE@XZ
?GetCount@?$CList@VCMonitor@@AAV1@@@QBEHXZ
?GetProductName@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetCompanyName@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetInternalName@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetFileVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetProductVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?SetManufacturer@CSoundDevice@@QAEXPB_W@Z
?SetName@CSoundDevice@@QAEXPB_W@Z
?SetDescription@CSoundDevice@@QAEXPB_W@Z
?GetManufacturer@CSoundDevice@@QAEPB_WXZ
?GetName@CSoundDevice@@QAEPB_WXZ
?GetDescription@CSoundDevice@@QAEPB_WXZ
?Clear@CSoundDevice@@QAEXXZ
??1CSoundDevice@@UAE@XZ
??0CSoundDevice@@QAE@XZ
?GetNext@?$CList@VCPrinter@@AAV1@@@QAEAAVCPrinter@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCPrinter@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCPrinter@@AAV1@@@QAEPAU__POSITION@@AAVCPrinter@@@Z
?GetNext@?$CList@VCSoftware@@AAV1@@@QAEAAVCSoftware@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCSoftware@@AAV1@@@QBEPAU__POSITION@@XZ
?GetNext@?$CList@VCSystemController@@AAV1@@@QAEAAVCSystemController@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCSystemController@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCSystemController@@AAV1@@@QAEPAU__POSITION@@AAVCSystemController@@@Z
?SetNetworkPrinter@CPrinter@@QAEXH@Z
?SetShared@CPrinter@@QAEXH@Z
?SetComment@CPrinter@@QAEXPB_W@Z
?SetResolution@CPrinter@@QAEXPB_W@Z
?SetShareName@CPrinter@@QAEXPB_W@Z
?SetServerName@CPrinter@@QAEXPB_W@Z
?SetPort@CPrinter@@QAEXPB_W@Z
?SetDriver@CPrinter@@QAEXPB_W@Z
?SetName@CPrinter@@QAEXPB_W@Z
?IsNetworkPrinter@CPrinter@@QAEHXZ
?IsShared@CPrinter@@QAEHXZ
?GetComment@CPrinter@@QAEPB_WXZ
?GetResolution@CPrinter@@QAEPB_WXZ
?GetShareName@CPrinter@@QAEPB_WXZ
?GetServerName@CPrinter@@QAEPB_WXZ
?GetPort@CPrinter@@QAEPB_WXZ
?GetDriver@CPrinter@@QAEPB_WXZ
?GetName@CPrinter@@QAEPB_WXZ
?Clear@CPrinter@@QAEXXZ
??1CPrinter@@UAE@XZ
??0CPrinter@@QAE@XZ
?GetNext@?$CList@VCVideoAdapter@@AAV1@@@QAEAAVCVideoAdapter@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCVideoAdapter@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCVideoAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCVideoAdapter@@@Z
?GetNext@?$CList@VCSoundDevice@@AAV1@@@QAEAAVCSoundDevice@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCSoundDevice@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCSoundDevice@@AAV1@@@QAEPAU__POSITION@@AAVCSoundDevice@@@Z
?SetDescription@CSystemPort@@QAEXPB_W@Z
?SetCaption@CSystemPort@@QAEXPB_W@Z
?SetName@CSystemPort@@QAEXPB_W@Z
?SetType@CSystemPort@@QAEXPB_W@Z
?GetType@CSystemPort@@QAEPB_WXZ
?GetName@CSystemPort@@QAEPB_WXZ
?GetCaption@CSystemPort@@QAEPB_WXZ
?GetDescription@CSystemPort@@QAEPB_WXZ
?Clear@CSystemPort@@QAEXXZ
??1CSystemPort@@UAE@XZ
??0CSystemPort@@QAE@XZ
?GetNext@?$CList@VCSystemSlot@@AAV1@@@QAEAAVCSystemSlot@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCSystemSlot@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCSystemSlot@@AAV1@@@QAEPAU__POSITION@@AAVCSystemSlot@@@Z
?SetPointingInterface@CInputDevice@@QAEXPB_W@Z
?SetPointingType@CInputDevice@@QAEXPB_W@Z
?SetCaption@CInputDevice@@QAEXPB_W@Z
?SetDescription@CInputDevice@@QAEXPB_W@Z
?SetManufacturer@CInputDevice@@QAEXPB_W@Z
?SetType@CInputDevice@@QAEXPB_W@Z
?GetPointingInterface@CInputDevice@@QAEPB_WXZ
?GetPointingType@CInputDevice@@QAEPB_WXZ
?GetDescription@CInputDevice@@QAEPB_WXZ
?GetCaption@CInputDevice@@QAEPB_WXZ
?GetManufacturer@CInputDevice@@QAEPB_WXZ
?GetType@CInputDevice@@QAEPB_WXZ
?Clear@CInputDevice@@QAEXXZ
??1CInputDevice@@UAE@XZ
??0CInputDevice@@QAE@XZ
?SetScreenResolution@CVideoAdapter@@QAEXPB_W@Z
?SetMemory@CVideoAdapter@@QAEXPB_W@Z
?SetChipset@CVideoAdapter@@QAEXPB_W@Z
?SetName@CVideoAdapter@@QAEXPB_W@Z
?GetScreenResolution@CVideoAdapter@@QAEPB_WXZ
?GetMemory@CVideoAdapter@@QAEPB_WXZ
?GetChipset@CVideoAdapter@@QAEPB_WXZ
?GetName@CVideoAdapter@@QAEPB_WXZ
??0CSoundDeviceList@@QAE@XZ
??1CVideoAdapter@@UAE@XZ
??0CVideoAdapter@@QAE@XZ
?GetNext@?$CList@VCInputDevice@@AAV1@@@QAEAAVCInputDevice@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCInputDevice@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCInputDevice@@AAV1@@@QAEPAU__POSITION@@AAVCInputDevice@@@Z
?SetDhcpServer@CNetworkAdapter@@QAEXPB_W@Z
?SetGateway@CNetworkAdapter@@QAEXPB_W@Z
?SetIPNetMask@CNetworkAdapter@@QAEXPB_W@Z
?SetIPAddress@CNetworkAdapter@@QAEXPB_W@Z
?SetStatus@CNetworkAdapter@@QAEXPB_W@Z
?SetMACAddress@CNetworkAdapter@@QAEXPB_W@Z
?SetSpeed@CNetworkAdapter@@QAEXPB_W@Z
?SetTypeMIB@CNetworkAdapter@@QAEXPB_W@Z
?SetType@CNetworkAdapter@@QAEXPB_W@Z
?SetDescription@CNetworkAdapter@@QAEXPB_W@Z
?SetNetNumber@CNetworkAdapter@@QAEXPB_W@Z
?GetDhcpServer@CNetworkAdapter@@QAEPB_WXZ
?GetGateway@CNetworkAdapter@@QAEPB_WXZ
?GetIPNetMask@CNetworkAdapter@@QAEPB_WXZ
?GetIPAddress@CNetworkAdapter@@QAEPB_WXZ
?GetOperationalStatus@CNetworkAdapter@@QAEPB_WXZ
?GetSpeed@CNetworkAdapter@@QAEPB_WXZ
?GetTypeMIB@CNetworkAdapter@@QAEPB_WXZ
?GetType@CNetworkAdapter@@QAEPB_WXZ
?GetDescription@CNetworkAdapter@@QAEPB_WXZ
?GetNetNumber@CNetworkAdapter@@QAEPB_WXZ
?Clear@CNetworkAdapter@@QAEXXZ
?SetName@CRegistryValue@@QAEXPB_W@Z
?SetValue@CRegistryValue@@QAEXPB_W@Z
?GetValue@CRegistryValue@@QAEPB_WXZ
?GetName@CRegistryValue@@QAEPB_WXZ
?Clear@CRegistryValue@@QAEXXZ
??1CRegistryValue@@UAE@XZ
??0CRegistryValue@@QAE@XZ
?SetFirmware@CStoragePeripheral@@QAEXPB_W@Z
?SetSN@CStoragePeripheral@@QAEXPB_W@Z
?SetManufacturer@CStoragePeripheral@@QAEXPB_W@Z
?SetSize@CStoragePeripheral@@QAEX_K@Z
?SetType@CStoragePeripheral@@QAEXPB_W@Z
?SetName@CStoragePeripheral@@QAEXPB_W@Z
?SetModel@CStoragePeripheral@@QAEXPB_W@Z
?SetDescription@CStoragePeripheral@@QAEXPB_W@Z
?GetFirmware@CStoragePeripheral@@QAEPB_WXZ
?GetSN@CStoragePeripheral@@QAEPB_WXZ
?GetManufacturer@CStoragePeripheral@@QAEPB_WXZ
?GetSizeString@CStoragePeripheral@@QAEPB_WXZ
?GetType@CStoragePeripheral@@QAEPB_WXZ
?GetName@CStoragePeripheral@@QAEPB_WXZ
?GetModel@CStoragePeripheral@@QAEPB_WXZ
?GetDescription@CStoragePeripheral@@QAEPB_WXZ
?Clear@CStoragePeripheral@@QAEXXZ
??1CStoragePeripheral@@UAE@XZ
??0CStoragePeripheral@@QAE@XZ
?SetAssetTag@CBios@@QAEXPB_W@Z
?SetBiosDate@CBios@@QAEXPB_W@Z
?SetBiosVersion@CBios@@QAEXPB_W@Z
?SetBiosManufacturer@CBios@@QAEXPB_W@Z
?SetMachineType@CBios@@QAEXPB_W@Z
?SetMotherboardSerialNumber@CBios@@QAEXPB_W@Z
?SetMotherboardModel@CBios@@QAEXPB_W@Z
?SetMotherboardManufacturer@CBios@@QAEXPB_W@Z
?SetSystemSerialNumber@CBios@@QAEXPB_W@Z
?SetSystemModel@CBios@@QAEXPB_W@Z
?SetSystemManufacturer@CBios@@QAEXPB_W@Z
?GetAssetTag@CBios@@QAEPB_WXZ
?GetMachineType@CBios@@QAEPB_WXZ
?SetManufacturer@CSystemController@@QAEXPB_W@Z
?SetType@CSystemController@@QAEXPB_W@Z
?SetName@CSystemController@@QAEXPB_W@Z
?getVideoAdapters@CSysInfo@@QAEHPAVCVideoAdapterList@@@Z
?SetCaption@CSystemController@@QAEXPB_W@Z
?SetDescription@CSystemController@@QAEXPB_W@Z
?GetManufacturer@CSystemController@@QAEPB_WXZ
?GetType@CSystemController@@QAEPB_WXZ
?GetName@CSystemController@@QAEPB_WXZ
?GetHardwareVersion@CSystemController@@QAEPB_WXZ
?GetCaption@CSystemController@@QAEPB_WXZ
?GetDescription@CSystemController@@QAEPB_WXZ
?Clear@CSystemController@@QAEXXZ
??1CSystemController@@UAE@XZ
??0CSystemController@@QAE@XZ
?SetSerial@CMonitor@@QAEXPB_W@Z
?SetManufacturer@CMonitor@@QAEXPB_W@Z
?SetType@CMonitor@@QAEXPB_W@Z
?SetCaption@CMonitor@@QAEXPB_W@Z
?SetDescription@CMonitor@@QAEXPB_W@Z
?GetSerial@CMonitor@@QAEPB_WXZ
?GetManufacturer@CMonitor@@QAEPB_WXZ
?GetType@CMonitor@@QAEPB_WXZ
?GetCaption@CMonitor@@QAEPB_WXZ
?GetDescription@CMonitor@@QAEPB_WXZ
?Clear@CMonitor@@QAEXXZ
??1CMonitor@@UAE@XZ
??0CMonitor@@QAE@XZ
?GetNext@?$CList@VCModem@@AAV1@@@QAEAAVCModem@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCModem@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCModem@@AAV1@@@QAEPAU__POSITION@@AAVCModem@@@Z
?GetNext@?$CList@VCLogicalDrive@@AAV1@@@QAEAAVCLogicalDrive@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCLogicalDrive@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCLogicalDrive@@AAV1@@@QAEPAU__POSITION@@AAVCLogicalDrive@@@Z
?GetNext@?$CList@VCStoragePeripheral@@AAV1@@@QAEAAVCStoragePeripheral@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCStoragePeripheral@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCStoragePeripheral@@AAV1@@@QAEPAU__POSITION@@AAVCStoragePeripheral@@@Z
?SetShared@CSystemSlot@@QAEXH@Z
?SetStatus@CSystemSlot@@QAEXPB_W@Z
?SetUsage@CSystemSlot@@QAEXPB_W@Z
?SetSlotDesignation@CSystemSlot@@QAEXPB_W@Z
?SetDescription@CSystemSlot@@QAEXPB_W@Z
?SetName@CSystemSlot@@QAEXPB_W@Z
?IsShared@CSystemSlot@@QAEHXZ
?GetStatus@CSystemSlot@@QAEPB_WXZ
?GetUsage@CSystemSlot@@QAEPB_WXZ
?GetSlotDesignation@CSystemSlot@@QAEPB_WXZ
?GetDescription@CSystemSlot@@QAEPB_WXZ
?GetName@CSystemSlot@@QAEPB_WXZ
?Clear@CSystemSlot@@QAEXXZ
??1CSystemSlot@@UAE@XZ
??0CSystemSlot@@QAE@XZ
?GetChecksum@CDeviceProperties@@QAEKXZ
?GetVMSystem@CDeviceProperties@@QAEPB_WXZ
?GetUUID@CDeviceProperties@@QAEPB_WXZ
?GetWindowsProductKey@CDeviceProperties@@QAEPB_WXZ
?GetWindowsProductID@CDeviceProperties@@QAEPB_WXZ
?GetWindowsRegisteredOwner@CDeviceProperties@@QAEPB_WXZ
?GetWindowsRegisteredCompany@CDeviceProperties@@QAEPB_WXZ
?GetUserDomain@CDeviceProperties@@QAEPB_WXZ
?GetDomainOrWorkgroup@CDeviceProperties@@QAEPB_WXZ
?GetDescription@CDeviceProperties@@QAEPB_WXZ
?GetLastLoggedUser@CDeviceProperties@@QAEPB_WXZ
?GetLoggedOnUser@CDeviceProperties@@QAEPB_WXZ
?GetExecutionDuration@CDeviceProperties@@QAEPB_WXZ
?GetLastCheckDate@CDeviceProperties@@QAEPB_WXZ
?GetNumberOfProcessors@CDeviceProperties@@QAEKXZ
?GetProcessorSpeed@CDeviceProperties@@QAEPB_WXZ
?GetProcessorType@CDeviceProperties@@QAEPB_WXZ
?Is64bitsOS@CDeviceProperties@@QAEHXZ
?GetOSComment@CDeviceProperties@@QAEPB_WXZ
?GetOSVersion@CDeviceProperties@@QAEPB_WXZ
?GetOSName@CDeviceProperties@@QAEPB_WXZ
?GetDeviceName@CDeviceProperties@@QAEPB_WXZ
?SetFromRegistry@CSoftware@@QAEXH@Z
?SetFilesize@CSoftware@@QAEXK@Z
?SetFilename@CSoftware@@QAEXPB_W@Z
?SetGUID@CSoftware@@QAEXPB_W@Z
?SetComments@CSoftware@@QAEXPB_W@Z
?SetFolder@CSoftware@@QAEXPB_W@Z
?SetVersion@CSoftware@@QAEXPB_W@Z
?SetName@CSoftware@@QAEXPB_W@Z
?SetPublisher@CSoftware@@QAEXPB_W@Z
?GetMemoryAddressWidth@CSoftware@@QAEKXZ
?GetInstallDate@CSoftware@@QAEPB_WXZ
?IsFromRegistry@CSoftware@@QAEHXZ
?GetFilesize@CSoftware@@QAEKXZ
?GetFilename@CSoftware@@QAEPB_WXZ
?GetLanguage@CSoftware@@QAEPB_WXZ
?GetGUID@CSoftware@@QAEPB_WXZ
?GetComments@CSoftware@@QAEPB_WXZ
?GetFolder@CSoftware@@QAEPB_WXZ
?GetVersion@CSoftware@@QAEPB_WXZ
?GetName@CSoftware@@QAEPB_WXZ
?GetPublisher@CSoftware@@QAEPB_WXZ
?SetStatus@CCpu@@QAEXPB_W@Z
?SetVoltage@CCpu@@QAEXPB_W@Z
?SetDataWidth@CCpu@@QAEXI@Z
?SetAddressWith@CCpu@@QAEXI@Z
?SetL2CacheSize@CCpu@@QAEXI@Z
?SetMaxSpeed@CCpu@@QAEXI@Z
?SetCurrentSpeed@CCpu@@QAEXI@Z
?SetNumberOfLogicalProcessors@CCpu@@QAEXI@Z
?SetNumberOfCores@CCpu@@QAEXI@Z
?SetArchitecture@CCpu@@QAEXPB_W@Z
?SetName@CCpu@@QAEXPB_W@Z
?SetManufacturer@CCpu@@QAEXPB_W@Z
?SetSocket@CCpu@@QAEXPB_W@Z
?GetStatus@CCpu@@QAEPB_WXZ
?GetVoltage@CCpu@@QAEPB_WXZ
?GetDataWidth@CCpu@@QAEIXZ
?GetAddressWidth@CCpu@@QAEIXZ
?GetL2CacheSize@CCpu@@QAEIXZ
?GetMaxClockSpeed@CCpu@@QAEIXZ
?GetCurrentClockSpeed@CCpu@@QAEIXZ
?GetNumberOfLogicalProcessors@CCpu@@QAEIXZ
?GetNumberOfCores@CCpu@@QAEIXZ
?GetArchitecture@CCpu@@QAEPB_WXZ
?GetName@CCpu@@QAEPB_WXZ
?GetManufacturer@CCpu@@QAEPB_WXZ
?GetSocket@CCpu@@QAEPB_WXZ
?Clear@CCpu@@QAEXXZ
??1CCpu@@UAE@XZ
??0CCpu@@QAE@XZ
?SetFilesNumber@CLogicalDrive@@QAEXJ@Z
?SetFreeSpace@CLogicalDrive@@QAEXJ@Z
?SetTotalSize@CLogicalDrive@@QAEXJ@Z
?SetDriveLetter@CLogicalDrive@@QAEXPB_W@Z
?SetFileSystem@CLogicalDrive@@QAEXPB_W@Z
?SetVolumName@CLogicalDrive@@QAEXPB_W@Z
?SetDriveType@CLogicalDrive@@QAEXPB_W@Z
?GetFilesNumber@CLogicalDrive@@QAEJXZ
?GetFileSystem@CLogicalDrive@@QAEPB_WXZ
?GetDriveTypeW@CLogicalDrive@@QAEPB_WXZ
?GetVolumName@CLogicalDrive@@QAEPB_WXZ
?GetDriveLetter@CLogicalDrive@@QAEPB_WXZ
?GetTotalMB@CLogicalDrive@@QAEJXZ
?GetFreeMB@CLogicalDrive@@QAEJXZ
?Clear@CLogicalDrive@@QAEXXZ
??1CLogicalDrive@@UAE@XZ
??0CLogicalDrive@@QAE@XZ
?AddTail@?$CList@VCNetworkAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCNetworkAdapter@@@Z
?GetNext@?$CList@VCRegistryValue@@AAV1@@@QAEAAVCRegistryValue@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCRegistryValue@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCRegistryValue@@AAV1@@@QAEPAU__POSITION@@AAVCRegistryValue@@@Z
?SetType@CModem@@QAEXPB_W@Z
?SetName@CModem@@QAEXPB_W@Z
?SetModel@CModem@@QAEXPB_W@Z
?SetDescription@CModem@@QAEXPB_W@Z
?GetType@CModem@@QAEPB_WXZ
?GetName@CModem@@QAEPB_WXZ
?GetModel@CModem@@QAEPB_WXZ
?GetDescription@CModem@@QAEPB_WXZ
?Clear@CModem@@QAEXXZ
??1CModem@@UAE@XZ
??0CModem@@QAE@XZ
?GetNext@?$CList@VCSystemPort@@AAV1@@@QAEAAVCSystemPort@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCSystemPort@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCSystemPort@@AAV1@@@QAEPAU__POSITION@@AAVCSystemPort@@@Z
?GetNext@?$CList@VCCpu@@AAV1@@@QAEAAVCCpu@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCCpu@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCCpu@@AAV1@@@QAEPAU__POSITION@@AAVCCpu@@@Z
?SetSN@CMemorySlot@@QAEXPB_W@Z
?SetSlotNumber@CMemorySlot@@QAEXI@Z
?SetType@CMemorySlot@@QAEXPB_W@Z
?SetSpeed@CMemorySlot@@QAEXPB_W@Z
?SetUsage@CMemorySlot@@QAEXPB_W@Z
?SetCapacity@CMemorySlot@@QAEXPB_W@Z
?SetDescription@CMemorySlot@@QAEXPB_W@Z
?SetCaption@CMemorySlot@@QAEXPB_W@Z
?GetSN@CMemorySlot@@QAEPB_WXZ
?GetSlotNumber@CMemorySlot@@QAEIXZ
?GetType@CMemorySlot@@QAEPB_WXZ
?GetSpeed@CMemorySlot@@QAEPB_WXZ
?GetUsage@CMemorySlot@@QAEPB_WXZ
?GetCapacity@CMemorySlot@@QAEPB_WXZ
?GetDescription@CMemorySlot@@QAEPB_WXZ
?GetCaption@CMemorySlot@@QAEPB_WXZ
?Clear@CMemorySlot@@QAEXXZ
??1CMemorySlot@@UAE@XZ
??0CMemorySlot@@QAE@XZ
?GetNext@?$CList@VCMemorySlot@@AAV1@@@QAEAAVCMemorySlot@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCMemorySlot@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCMemorySlot@@AAV1@@@QAEPAU__POSITION@@AAVCMemorySlot@@@Z
?GetNext@?$CList@VCMonitor@@AAV1@@@QAEAAVCMonitor@@AAPAU__POSITION@@@Z
?GetHeadPosition@?$CList@VCMonitor@@AAV1@@@QBEPAU__POSITION@@XZ
?AddTail@?$CList@VCMonitor@@AAV1@@@QAEPAU__POSITION@@AAVCMonitor@@@Z
??4CVideoAdapter@@QAEAAV0@ABV0@@Z
??4CSystemSlot@@QAEAAV0@ABV0@@Z
??4CSystemController@@QAEAAV0@ABV0@@Z
??4CStoragePeripheral@@QAEAAV0@ABV0@@Z
??4CSoundDevice@@QAEAAV0@ABV0@@Z
??4CSoftware@@QAEAAV0@ABV0@@Z
??4CRegistryValue@@QAEAAV0@ABV0@@Z
??4CPrinter@@QAEAAV0@ABV0@@Z
??4CSystemPort@@QAEAAV0@ABV0@@Z
??4CMonitor@@QAEAAV0@ABV0@@Z
??4CModem@@QAEAAV0@ABV0@@Z
??4CMemorySlot@@QAEAAV0@ABV0@@Z
??4CInputDevice@@QAEAAV0@ABV0@@Z
??4CLogicalDrive@@QAEAAV0@ABV0@@Z
??4CCpu@@QAEAAV0@ABV0@@Z
?getWindowsRegistration@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@00@Z
?getUserName@CSysInfo@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CSoundDeviceList@@UAE@XZ
?GetHash@CSoundDeviceList@@QAEPB_WXZ
?GetTotalMemory@CMemorySlotList@@QAEKXZ
??0CMemorySlotList@@QAE@XZ
??1CMemorySlotList@@UAE@XZ
?GetHash@CMemorySlotList@@QAEPB_WXZ
??0CLogicalDriveList@@QAE@XZ
??1CLogicalDriveList@@UAE@XZ
?GetHash@CLogicalDriveList@@QAEPB_WXZ
?GetCount@?$CList@VCSystemController@@AAV1@@@QBEHXZ
??0CSystemSlotList@@QAE@XZ
??1CSystemSlotList@@UAE@XZ
?GetHash@CSystemSlotList@@QAEPB_WXZ
?GetCount@?$CList@VCSoftware@@AAV1@@@QBEHXZ
?AddTail@?$CList@VCSoftware@@AAV1@@@QAEPAU__POSITION@@AAVCSoftware@@@Z
??0CStoragePeripheralList@@QAE@XZ
??1CStoragePeripheralList@@UAE@XZ
?GetHash@CStoragePeripheralList@@QAEPB_WXZ
??0CInputDeviceList@@QAE@XZ
??1CInputDeviceList@@UAE@XZ
?GetHash@CInputDeviceList@@QAEPB_WXZ
??0CSystemControllerList@@QAE@XZ
??1CSystemControllerList@@UAE@XZ
?GetHash@CSystemControllerList@@QAEPB_WXZ
??0CPrinterList@@QAE@XZ
??1CPrinterList@@UAE@XZ
?GetHash@CPrinterList@@QAEPB_WXZ
?GetCount@?$CList@VCPrinter@@AAV1@@@QBEHXZ
??0CSoftwareList@@QAE@XZ
??1CSoftwareList@@UAE@XZ
?GetHash@CSoftwareList@@QAEPB_WXZ
??0CVideoAdapterList@@QAE@XZ
??1CVideoAdapterList@@UAE@XZ
?GetHash@CVideoAdapterList@@QAEPB_WXZ
??4CNetworkAdapter@@QAEAAV0@ABV0@@Z
?GetHeadPosition@?$CList@VCNetworkAdapter@@AAV1@@@QBEPAU__POSITION@@XZ
?GetNext@?$CList@VCNetworkAdapter@@AAV1@@@QAEAAVCNetworkAdapter@@AAPAU__POSITION@@@Z
??0CNetworkAdapterList@@QAE@XZ
??1CNetworkAdapterList@@UAE@XZ
??0CNetworkAdapter@@QAE@XZ
??1CNetworkAdapter@@UAE@XZ
?GetMACAddress@CNetworkAdapter@@QAEPB_WXZ
??0CSysInfo@@QAE@HPB_W@Z
??1CSysInfo@@UAE@XZ
?getNetworkAdapters@CSysInfo@@QAEHPAVCNetworkAdapterList@@@Z
?GetFileDescription@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??0CFileVersion@@QAE@XZ
?Open@CFileVersion@@QAEHPB_W@Z
?Close@CFileVersion@@QAEXXZ

mfc120u

ord4692
ord4672
ord8059
ord6362
ord5491
ord5488
ord5790
ord1141
ord503
ord8638
ord14271
ord14277
ord8594
ord12755
ord12634
ord1688
ord4791
ord2336
ord14516
ord12276
ord14463
ord12219
ord2435
ord2857
ord11847
ord12300
ord12457
ord2416
ord5157
ord5454
ord5664
ord9231
ord5430
ord5667
ord5160
ord5316
ord5137
ord7609
ord7610
ord7600
ord5314
ord8101
ord10131
ord9090
ord8352
ord7542
ord1467
ord8268
ord12122
ord10314
ord12799
ord12736
ord4546
ord7881
ord8206
ord5262
ord2444
ord12412
ord12413
ord14448
ord7806
ord14454
ord9279
ord4109
ord4047
ord12818
ord7825
ord1992
ord11857
ord11858
ord14326
ord12402
ord7884
ord14526
ord6251
ord14528
ord6253
ord14527
ord6252
ord992
ord6758
ord3809
ord5821
ord12114
ord8099
ord12126
ord12094
ord2204
ord12455
ord4984
ord2844
ord1706
ord14537
ord13820
ord12222
ord13113
ord360
ord1527
ord4985
ord1654
ord8391
ord555
ord4623
ord7918
ord3804
ord6853
ord1064
ord1693
ord1509
ord325
ord1050
ord2323
ord324
ord1049
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord1444
ord4281
ord316
ord1528
ord5020
ord5410
ord820
ord13822
ord13115
ord12510
ord1349
ord6652
ord4774
ord2437
ord5027
ord286
ord1521
ord1687
ord4620
ord8639
ord12792
ord8242
ord8346
ord2948
ord2341
ord2347
ord971
ord13824
ord13117
ord12514
ord1445
ord2343
ord14465
ord4280
ord5019
ord12430
ord2954
ord498
ord5486
ord1520
ord300
ord310
ord1043
ord1525
ord296
ord280
ord1042
ord1518
ord500
ord1684
ord4621
ord11837
ord2843
ord1139
ord3806
ord4772
ord2967
ord285
ord5824
ord1700
ord970

kernel32

OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
InitializeCriticalSectionAndSpinCount
Sleep
GetLastError
LocalAlloc
RemoveDirectoryW
GetDiskFreeSpaceW
GetModuleHandleW
LocalFree
GetModuleFileNameW
FormatMessageW
GetTempPathW
TerminateProcess
GetVersionExW
MultiByteToWideChar
GetFileAttributesW
CopyFileW
GetCurrentProcessId
CloseHandle
DuplicateHandle
CreateToolhelp32Snapshot
Process32NextW
CreatePipe
Process32FirstW
GetExitCodeProcess
WideCharToMultiByte
WaitForSingleObject
GetCurrentProcess
CreateProcessW
SetPriorityClass
GetComputerNameW
SetFileAttributesW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetProcAddress
LoadLibraryW
FreeLibrary
DeleteFileW
DeleteCriticalSection
DecodePointer

advapi32

CreateProcessAsUserW
DuplicateTokenEx

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

shlwapi

PathFileExistsW

oleaut32

SystemTimeToVariantTime
VarUdateFromDate
VariantTimeToSystemTime

Exports

Exports

??0?$CSingleton@VCConfig@@@@IAE@XZ
??0?$CSingleton@VCDeviceid@@@@IAE@XZ
??0?$CSingleton@VCLog@@@@IAE@XZ
??0CComProvider@@QAE@ABV0@@Z
??0CComProvider@@QAE@XZ
??0CConfig@@QAE@ABV0@@Z
??0CConfig@@QAE@XZ
??0CConnexionAbstract@@QAE@ABV0@@Z
??0CConnexionAbstract@@QAE@XZ
??0CConnexionLocal@@QAE@ABV0@@Z
??0CConnexionLocal@@QAE@PB_W@Z
??0CDeviceid@@AAE@XZ
??0CDeviceid@@QAE@ABV0@@Z
??0CDownloadRequest@@QAE@ABV0@@Z
??0CDownloadRequest@@QAE@XZ
??0CDownloadResponse@@QAE@ABV0@@Z
??0CDownloadResponse@@QAE@PAVCByteArray@@@Z
??0CExecCommand@@QAE@ABV0@@Z
??0CExecCommand@@QAE@XZ
??0CFilePackageHistory@@QAE@XZ
??0CInventoryRequest@@QAE@H@Z
??0CInventoryResponse@@QAE@ABV0@@Z
??0CInventoryResponse@@QAE@PAVCByteArray@@@Z
??0CLog@@AAE@XZ
??0CMapStringToStringArray@@QAE@XZ
??0CMarkup@@QAE@ABV0@@Z
??0CMarkup@@QAE@XZ
??0CNotifyUser@@QAE@XZ
??0COCSInventoryState@@QAE@ABV0@@Z
??0COCSInventoryState@@QAE@XZ
??0CPrologRequest@@QAE@ABV0@@Z
??0CPrologRequest@@QAE@XZ
??0CPrologResponse@@QAE@ABV0@@Z
??0CPrologResponse@@QAE@PAVCByteArray@@@Z
??0CRequest@@QAE@ABV0@@Z
??0CRequest@@QAE@XZ
??0CRequestAbstract@@QAE@ABV0@@Z
??0CRequestAbstract@@QAE@XZ
??0CResponse@@QAE@ABV0@@Z
??0CResponse@@QAE@PAVCByteArray@@@Z
??0CResponse@@QAE@XZ
??0CResponseAbstract@@QAE@ABV0@@Z
??0CResponseAbstract@@QAE@PAVCByteArray@@@Z
??0CResponseAbstract@@QAE@XZ
??0CServerConfig@@QAE@ABV0@@Z
??0CServerConfig@@QAE@XZ
??0CZip@@QAE@ABV0@@Z
??0CZip@@QAE@XZ
??1?$CSingleton@VCConfig@@@@QAE@XZ
??1?$CSingleton@VCDeviceid@@@@QAE@XZ
??1?$CSingleton@VCLog@@@@QAE@XZ
??1CComProvider@@UAE@XZ
??1CConfig@@UAE@XZ
??1CConnexionAbstract@@UAE@XZ
??1CConnexionLocal@@UAE@XZ
??1CDeviceid@@UAE@XZ
??1CDownloadRequest@@UAE@XZ
??1CDownloadResponse@@UAE@XZ
??1CExecCommand@@QAE@XZ
??1CFilePackageHistory@@UAE@XZ
??1CInventoryRequest@@UAE@XZ
??1CInventoryResponse@@UAE@XZ
??1CLog@@QAE@XZ
??1CMapStringToStringArray@@QAE@XZ
??1CMarkup@@UAE@XZ
??1CNotifyUser@@QAE@XZ
??1COCSInventoryState@@UAE@XZ
??1CPrologRequest@@UAE@XZ
??1CPrologResponse@@UAE@XZ
??1CRequest@@UAE@XZ
??1CRequestAbstract@@UAE@XZ
??1CResponse@@UAE@XZ
??1CResponseAbstract@@UAE@XZ
??1CServerConfig@@UAE@XZ
??1CZip@@UAE@XZ
??4?$CSingleton@VCConfig@@@@QAEAAV0@ABV0@@Z
??4?$CSingleton@VCDeviceid@@@@QAEAAV0@ABV0@@Z
??4?$CSingleton@VCLog@@@@QAEAAV0@ABV0@@Z
??4CComProvider@@QAEAAV0@ABV0@@Z
??4CConfig@@QAEAAV0@ABV0@@Z
??4CConnexionAbstract@@QAEAAV0@ABV0@@Z
??4CConnexionLocal@@QAEAAV0@ABV0@@Z
??4CDeviceid@@QAEAAV0@ABV0@@Z
??4CDownloadRequest@@QAEAAV0@ABV0@@Z
??4CDownloadResponse@@QAEAAV0@ABV0@@Z
??4CExecCommand@@QAEAAV0@ABV0@@Z
??4CInventoryResponse@@QAEAAV0@ABV0@@Z
??4CMarkup@@QAEAAV0@ABV0@@Z
??4CNotifyUser@@QAEAAV0@ABV0@@Z
??4COCSInventoryState@@QAEAAV0@ABV0@@Z
??4CPrologRequest@@QAEAAV0@ABV0@@Z
??4CPrologResponse@@QAEAAV0@ABV0@@Z
??4CRequest@@QAEAAV0@ABV0@@Z
??4CRequestAbstract@@QAEAAV0@ABV0@@Z
??4CResponse@@QAEAAV0@ABV0@@Z
??4CResponseAbstract@@QAEAAV0@ABV0@@Z
??4CServerConfig@@QAEAAV0@ABV0@@Z
??4CZip@@QAEAAV0@ABV0@@Z
??ACMapStringToStringArray@@QAEPAVCMapStringToString@@H@Z
??_7CComProvider@@6B@
??_7CConfig@@6B@
??_7CConnexionAbstract@@6B@
??_7CConnexionLocal@@6B@
??_7CDeviceid@@6B@
??_7CDownloadRequest@@6B@
??_7CDownloadResponse@@6B@
??_7CFilePackageHistory@@6B@
??_7CInventoryRequest@@6B@
??_7CInventoryResponse@@6B@
??_7CMarkup@@6B@
??_7COCSInventoryState@@6B@
??_7CPrologRequest@@6B@
??_7CPrologResponse@@6B@
??_7CRequest@@6B@
??_7CRequestAbstract@@6B@
??_7CResponse@@6B@
??_7CResponseAbstract@@6B@
??_7CServerConfig@@6B@
??_7CZip@@6B@
??_FCInventoryRequest@@QAEXXZ
?Abort@CFilePackageHistory@@QAEXXZ
?Add@CMapStringToStringArray@@QAEHPAVCMapStringToString@@@Z
?AddAttrib@CMarkup@@QAEHPB_W0@Z
?AddAttrib@CMarkup@@QAEHPB_WJ@Z
?AddChildElem@CMarkup@@QAEPAVTiXmlElement@@PB_W0@Z
?AddChildElem@CMarkup@@QAEPAVTiXmlElement@@PB_WJ@Z
?AddElem@CMarkup@@QAEPAVTiXmlElement@@PB_W0@Z
?AddElem@CMarkup@@QAEPAVTiXmlElement@@PB_WJ@Z
?AddPackage@CFilePackageHistory@@QAEHPB_W@Z
?AddPackage@CFilePackageHistory@@SAHPB_W0@Z
?AddXml@CMarkup@@QAEHPAV1@@Z
?AskQuestion@CNotifyUser@@QAEIPB_W@Z
?AskTag@CNotifyUser@@QAEIPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?CleanDuplicates@CFilePackageHistory@@SAHPB_WH@Z
?Clear@CConfig@@QAEXXZ
?Clear@COCSInventoryState@@QAEXXZ
?Close@CFilePackageHistory@@QAEXXZ
?CompareMacs@CDeviceid@@AAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?DeleteElem@CMarkup@@QAEXPAVTiXmlNode@@@Z
?FindFirstElem@CMarkup@@QAEPAVTiXmlElement@@PB_WPAV2@@Z
?FindNextElem@CMarkup@@QAEPAVTiXmlElement@@PB_WPAV2@@Z
?FormatXML@COCSInventoryState@@IAEHPAVCMarkup@@PB_W@Z
?GetAnsiFromUnicode@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PB_W@Z
?GetAt@CMapStringToStringArray@@QAEPAVCMapStringToString@@H@Z
?GetAttrib@CMarkup@@QAEPB_WPB_W@Z
?GetBios@COCSInventoryState@@QAEPB_WXZ
?GetCPUs@COCSInventoryState@@QAEPB_WXZ
?GetControllers@COCSInventoryState@@QAEPB_WXZ
?GetCount@CMapStringToStringArray@@QBEHXZ
?GetData@CMarkup@@QAEPB_WPAVTiXmlElement@@@Z
?GetDiskFree@@YA_JPB_W@Z
?GetDoc@CMarkup@@QAEPBDXZ
?GetDrives@COCSInventoryState@@QAEPB_WXZ
?GetHardware@COCSInventoryState@@QAEPB_WXZ
?GetInputs@COCSInventoryState@@QAEPB_WXZ
?GetMemories@COCSInventoryState@@QAEPB_WXZ
?GetModems@COCSInventoryState@@QAEPB_WXZ
?GetMonitors@COCSInventoryState@@QAEPB_WXZ
?GetNetworks@COCSInventoryState@@QAEPB_WXZ
?GetPorts@COCSInventoryState@@QAEPB_WXZ
?GetPrinters@COCSInventoryState@@QAEPB_WXZ
?GetRegistry@COCSInventoryState@@QAEPB_WXZ
?GetSlots@COCSInventoryState@@QAEPB_WXZ
?GetSoftwares@COCSInventoryState@@QAEPB_WXZ
?GetSounds@COCSInventoryState@@QAEPB_WXZ
?GetStorages@COCSInventoryState@@QAEPB_WXZ
?GetTiXmlDocument@CMarkup@@QAEPAVTiXmlDocument@@XZ
?GetUTF8FromUnicode@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PB_W@Z
?GetUnicodeFromAnsi@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBD@Z
?GetUnicodeFromUTF8@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBD@Z
?GetVideos@COCSInventoryState@@QAEPB_WXZ
?GetVirtualMachines@COCSInventoryState@@QAEPB_WXZ
?IntoElem@CMarkup@@QAEPAVTiXmlElement@@XZ
?IsEmpty@CMapStringToStringArray@@QBEHXZ
?IsExcludeFolder@CInventoryRequest@@AAEHPB_W0@Z
?IsExtensionToSearch@CInventoryRequest@@AAEHPB_W0@Z
?LoadFile@CMarkup@@QAEHPB_W@Z
?LoadFileToByteArray@@YAPAVCByteArray@@PB_W@Z
?LoadFileToText@@YAHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@Z
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCException@@@Z
?Open@CFilePackageHistory@@QAEHPB_WHH@Z
?OutOfElem@CMarkup@@QAEPAVTiXmlElement@@XZ
?ParseFromXML@COCSInventoryState@@IAEHPAVCMarkup@@PB_W@Z
?ReadFromFile@COCSInventoryState@@QAEHPB_W0@Z
?ReadPackage@CFilePackageHistory@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?RemoveAll@CMapStringToStringArray@@QAEXXZ
?RemoveChildElem@CMarkup@@QAEHPB_WPAVTiXmlElement@@@Z
?ResetPos@CMarkup@@QAEPAVTiXmlElement@@PAV2@@Z
?SaveFile@CMarkup@@QAEHPB_W@Z
?SearchFilesInDirectory@CInventoryRequest@@AAEJPB_W00@Z
?SeekToBegin@CFilePackageHistory@@QAEXXZ
?SeekToEnd@CFilePackageHistory@@QAEXXZ
?SetAt@CMapStringToStringArray@@QAEXHPAVCMapStringToString@@@Z
?SetAttrib@CMarkup@@QAEHPB_W0@Z
?SetAttrib@CMarkup@@QAEHPB_WJ@Z
?SetBios@COCSInventoryState@@QAEXPB_W@Z
?SetCPUs@COCSInventoryState@@QAEXPB_W@Z
?SetControllers@COCSInventoryState@@QAEXPB_W@Z
?SetData@CMarkup@@QAEHJ@Z
?SetData@CMarkup@@QAEHPB_W@Z
?SetDoc@CMarkup@@QAEHPBD@Z
?SetDoc@CMarkup@@QAEHPB_W@Z
?SetDrives@COCSInventoryState@@QAEXPB_W@Z
?SetHardware@COCSInventoryState@@QAEXPB_W@Z
?SetInputs@COCSInventoryState@@QAEXPB_W@Z
?SetMemories@COCSInventoryState@@QAEXPB_W@Z
?SetModems@COCSInventoryState@@QAEXPB_W@Z
?SetMonitors@COCSInventoryState@@QAEXPB_W@Z
?SetNetworks@COCSInventoryState@@QAEXPB_W@Z
?SetPorts@COCSInventoryState@@QAEXPB_W@Z
?SetPrinters@COCSInventoryState@@QAEXPB_W@Z
?SetRegistry@COCSInventoryState@@QAEXPB_W@Z
?SetSlots@COCSInventoryState@@QAEXPB_W@Z
?SetSoftwares@COCSInventoryState@@QAEXPB_W@Z
?SetSounds@COCSInventoryState@@QAEXPB_W@Z
?SetStorages@COCSInventoryState@@QAEXPB_W@Z
?SetTinyXmlDocument@CMarkup@@QAEHPAVTiXmlDocument@@@Z
?SetVideos@COCSInventoryState@@QAEXPB_W@Z
?SetVirtualMachines@COCSInventoryState@@QAEXPB_W@Z
?ShowInformation@CNotifyUser@@QAEIPB_W@Z
?ShowPostInstall@CNotifyUser@@QAEIPB_WHHI@Z
?ShowPreInstall@CNotifyUser@@QAEIPB_WHHI@Z
?WriteByteArrayToFile@@YAHPAVCByteArray@@PB_W@Z
?WriteTextToFile@@YAHPB_W0@Z
?WriteTextToUTF8File@@YAHPB_W0@Z
?WriteToFile@COCSInventoryState@@QAEHPB_W0@Z
?WriteVoidToFile@@YAHPBXIPB_W@Z
?base64_decode@@YAPAEPB_WPAI@Z
?base64_encode@@YAHPAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?checkDeviceid@CDeviceid@@QAEXXZ
?cleanXml@CRequestAbstract@@IAEXXZ
?closeHandles@CExecCommand@@IAEHXZ
?deflate@CZip@@SAPAVCByteArray@@PAEI@Z
?deflate@CZip@@SAPAVCByteArray@@V?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?deleteConfig@CComProvider@@QAEXPAVCServerConfig@@@Z
?deleteConnexion@CComProvider@@QAEXPAVCConnexionAbstract@@@Z
?directoryCreate@@YAHPB_W@Z
?directoryDelete@@YAHPB_W@Z
?display@CNotifyUser@@AAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?displayAsConnectedUser@CNotifyUser@@AAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?displayAsDefaultUser@CNotifyUser@@AAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?execNoWait@CExecCommand@@QAEHPB_W0@Z
?execWait@CExecCommand@@QAEHPB_W0H@Z
?execWaitForAllChilds@CExecCommand@@QAEHPB_W0@Z
?fileDigest@@YAHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0H@Z
?fileExists@@YAHPB_W@Z
?final@CInventoryRequest@@EAEHXZ
?final@CRequestAbstract@@UAEHXZ
?freeProcessList@CExecCommand@@IAEHPAVCObArray@@@Z
?generate@CDeviceid@@AAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@Z
?getActiveConsoleSessionID@CNotifyUser@@AAEHXZ
?getAgentConfig@@YAPAVCConfig@@XZ
?getComServerProvider@@YAPAVCComProvider@@XZ
?getCommunicationProvider@CConfig@@QAEPB_WXZ
?getComputerName@CDeviceid@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getConfigFile@CConfig@@QAEPB_WXZ
?getDataFolder@@YAPB_WXZ
?getDeviceID@CDeviceid@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getDownloadFolder@@YAPB_WXZ
?getDownloadPackages@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?getDownloadParameters@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?getErrorStatus@CConnexionLocal@@UAEKXZ
?getErrorStatus@CResponseAbstract@@QAEKXZ
?getErrorString@CConnexionLocal@@UAEPB_WXZ
?getErrorString@CResponseAbstract@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getExitValue@CExecCommand@@QAEHXZ
?getFile@CConnexionLocal@@UAEHPB_W0@Z
?getFrameworkVersion@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getInstallFolder@@YAPB_WXZ
?getInstance@?$CSingleton@VCConfig@@@@SAPAVCConfig@@XZ
?getInstance@?$CSingleton@VCDeviceid@@@@SAPAVCDeviceid@@XZ
?getInstance@?$CSingleton@VCLog@@@@SAPAVCLog@@XZ
?getIpDiscoverLatency@CConfig@@QAEPB_WXZ
?getIpDiscoverNetwork@CConfig@@QAEPB_WXZ
?getIpdiscoverLan@CPrologResponse@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getIpdiscoverLatency@CPrologResponse@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getLabel@CConnexionLocal@@UAEHPB_W@Z
?getLocalInventoryFolder@CConfig@@QAEPB_WXZ
?getMacs@CDeviceid@@AAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getMessage@CRequestAbstract@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?getMessageLength@CRequestAbstract@@QAEIXZ
?getName@CComProvider@@QAEPB_WXZ
?getOcsDeviceID@@YAPAVCDeviceid@@XZ
?getOcsLogger@@YAPAVCLog@@XZ
?getOldDeviceID@CDeviceid@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getOptionAttributes@CPrologResponse@@AAAPAVCMapStringToStringArray@@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@ZZ
?getOutput@CExecCommand@@QAEPBDXZ
?getPackageHistoryFilename@@YAPB_WXZ
?getParamValue@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_WV12@@Z
?getPrologFreq@CPrologResponse@@QAEPB_WXZ
?getRawMessage@CRequestAbstract@@QAEPAVCByteArray@@XZ
?getRawMessageLength@CRequestAbstract@@QAEHXZ
?getRegistryParameters@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?getStringContent@CResponseAbstract@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?getSupportLog@CPrologResponse@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getTagText@CConfig@@QAEPB_WXZ
?getVersion@CComProvider@@QAEPB_WXZ
?getVersion@CConfig@@QAEPB_WXZ
?getXmlContent@CResponseAbstract@@QAEPAVCMarkup@@XZ
?getXmlFolder@CConfig@@QAEPB_WXZ
?getXmlPointer@CRequestAbstract@@QAEPAVCMarkup@@XZ
?getXmlPointerContent@CRequestAbstract@@QAEPAVCMarkup@@XZ
?getXmlPointerRequest@CRequestAbstract@@QAEPAVCMarkup@@XZ
?hex_decode@@YAPAEV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAI@Z
?hex_encode@@YAHPAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?inflate@CZip@@SA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVCByteArray@@@Z
?initInventory@CInventoryRequest@@AAEHXZ
?initialize@CExecCommand@@IAEXXZ
?isActivatedOption@CPrologResponse@@AAEHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?isDebugRequired@CConfig@@QAEIXZ
?isDownloadRequired@CPrologResponse@@QAEHXZ
?isDownloadSuspended@@YAHXZ
?isFastIpRequired@CConfig@@QAEHXZ
?isForceInventoryRequired@CConfig@@QAEHXZ
?isHkcuRequired@CConfig@@QAEHXZ
?isInventoryRequired@CPrologResponse@@QAEHXZ
?isIpDiscoverLatencyProvided@CConfig@@QAEHXZ
?isIpDiscoverRequired@CConfig@@QAEHXZ
?isIpdiscoverRequired@CPrologResponse@@QAEHXZ
?isLocalRequired@CConfig@@QAEHXZ
?isNewUidRequired@CConfig@@QAEHXZ
?isNoSoftwareRequired@CConfig@@QAEHXZ
?isNoTagRequired@CConfig@@QAEHXZ
?isNotifyRequired@CConfig@@QAEHXZ
?isOpen@CLog@@AAEHXZ
?isProcessListed@CExecCommand@@IAEHPAVCObArray@@K@Z
?isRegistryRequired@CPrologResponse@@QAEHXZ
?isRequired@@YAHPB_WV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?isStateChanged@CInventoryRequest@@AAEHXZ
?isSuccess@CResponseAbstract@@QAEHXZ
?isTagTextProvided@CConfig@@QAEHXZ
?isValidUTF8@@YAHPBD@Z
?isXmlRequired@CConfig@@QAEHXZ
?is_base64@@YAHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?is_hex@@YAHPB_W@Z
?is_printable@@YAHV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?load@CComProvider@@QAEHPB_W@Z
?load@CConfig@@QAEHPB_W@Z
?loadDeviceid@CDeviceid@@AAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?loadDownloadHistory@CInventoryRequest@@AAEHXZ
?lockDownload@@YAHXZ
?log@CLog@@QAAXHPB_WZZ
?log_debug@CLog@@AAEXPB_WPAD@Z
?log_error@CLog@@AAEXPB_WPAD@Z
?log_notice@CLog@@AAEXPB_WPAD@Z
?log_trace@CLog@@AAEXPB_WPAD@Z
?log_warning@CLog@@AAEXPB_WPAD@Z
?m_singleton@?$CSingleton@VCConfig@@@@0PAVCConfig@@A
?m_singleton@?$CSingleton@VCDeviceid@@@@0PAVCDeviceid@@A
?m_singleton@?$CSingleton@VCLog@@@@0PAVCLog@@A
?newConfig@CComProvider@@QAEPAVCServerConfig@@PB_W0@Z
?newConnexion@CComProvider@@QAEPAVCConnexionAbstract@@PAVCServerConfig@@@Z
?parseMacs@CDeviceid@@AAEIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAVCStringArray@@@Z
?parseRunningProcesses@CExecCommand@@IAEHPAVCObArray@@@Z
?realCreateProcess@CExecCommand@@IAEKPB_W0H@Z
?resumeDownload@@YAHXZ
?runInventory@CInventoryRequest@@AAEHXZ
?save@CConfig@@QAEHPB_W@Z
?saveConfig@CComProvider@@QAEHPAVCServerConfig@@PB_W1@Z
?sendRequest@CConnexionLocal@@UAEPAVCByteArray@@PAVCRequestAbstract@@@Z
?setApplication@CLog@@QAEXPB_W@Z
?setCommunicationProvider@CConfig@@QAEXPB_W@Z
?setConfigFile@CConfig@@AAEXPB_W@Z
?setDataFolder@@YAHPB_W@Z
?setDebugRequired@CConfig@@QAEXI@Z
?setErrorStatus@CResponseAbstract@@QAEXK@Z
?setErrorString@CResponseAbstract@@QAEXPB_W@Z
?setFastIpRequired@CConfig@@QAEXH@Z
?setForceInventoryRequired@CConfig@@QAEXH@Z
?setHkcuRequired@CConfig@@QAEXH@Z
?setIpDiscoverLatency@CConfig@@QAEXPB_W@Z
?setIpDiscoverRequired@CConfig@@QAEXPB_W@Z
?setLocalInventory@CConfig@@QAEXPB_W@Z
?setLogLevel@CLog@@QAEXK@Z
?setNewUID@CConfig@@QAEXH@Z
?setNoSoftwareRequired@CConfig@@QAEXH@Z
?setNoTagRequired@CConfig@@QAEXH@Z
?setNotify@CConfig@@QAEXH@Z
?setOutputFile@CExecCommand@@QAEXPB_W@Z
?setPackageResult@CDownloadRequest@@QAEHPB_W00@Z
?setQuery@CRequestAbstract@@QAEHPB_W0@Z
?setSuccess@CDownloadRequest@@UAEXXZ
?setSuccess@CInventoryRequest@@UAEXXZ
?setSuccess@CPrologRequest@@UAEXXZ
?setSuccess@CRequest@@UAEXXZ
?setTag@CInventoryRequest@@QAEXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?setTagText@CConfig@@QAEXPB_W@Z
?setTimeout@CExecCommand@@QAEXK@Z
?setVersion@CConfig@@QAEXPB_W@Z
?setXmlFolder@CConfig@@QAEXPB_W@Z
?startProcessCapture@CExecCommand@@IAEHPB_W0@Z
?suspendDownload@@YAHXZ
?unload@CComProvider@@QAEHXZ
?unlockDownload@@YAHXZ
?useComspec@CExecCommand@@QAEXH@Z
?wait@CExecCommand@@IAEHH@Z
?writeAccountInfos@CConfig@@QAEHPB_W0@Z
?writeDeviceid@CDeviceid@@QAEHXZ
?writeLastInventoryState@CInventoryRequest@@AAEHXZ

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OCSInventory.exe
.exe windows:6 windows x86 arch:x86

86e969450e61f555285515433e900d82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\Agent.pdb

Imports

ocsinventory front

?getIpDiscoverLatency@CConfig@@QAEPB_WXZ
?isIpDiscoverLatencyProvided@CConfig@@QAEHXZ
?getIpDiscoverNetwork@CConfig@@QAEPB_WXZ
?isIpDiscoverRequired@CConfig@@QAEHXZ
?getLocalInventoryFolder@CConfig@@QAEPB_WXZ
?isLocalRequired@CConfig@@QAEHXZ
?getXmlFolder@CConfig@@QAEPB_WXZ
?isXmlRequired@CConfig@@QAEHXZ
?isDebugRequired@CConfig@@QAEIXZ
?getConfigFile@CConfig@@QAEPB_WXZ
?save@CConfig@@QAEHPB_W@Z
?load@CConfig@@QAEHPB_W@Z
?setVersion@CConfig@@QAEXPB_W@Z
?Clear@CConfig@@QAEXXZ
??1CInventoryResponse@@UAE@XZ
??0CInventoryResponse@@QAE@PAVCByteArray@@@Z
?getFrameworkVersion@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getOcsDeviceID@@YAPAVCDeviceid@@XZ
?final@CRequestAbstract@@UAEHXZ
?AskTag@CNotifyUser@@QAEIPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CNotifyUser@@QAE@XZ
??0CNotifyUser@@QAE@XZ
?getErrorString@CConnexionLocal@@UAEPB_WXZ
?getErrorStatus@CConnexionLocal@@UAEKXZ
?getLabel@CConnexionLocal@@UAEHPB_W@Z
?getFile@CConnexionLocal@@UAEHPB_W0@Z
?sendRequest@CConnexionLocal@@UAEPAVCByteArray@@PAVCRequestAbstract@@@Z
?isNotifyRequired@CConfig@@QAEHXZ
??0CConnexionLocal@@QAE@PB_W@Z
?getParamValue@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_WV12@@Z
?final@CInventoryRequest@@EAEHXZ
?setSuccess@CInventoryRequest@@UAEXXZ
??1CInventoryRequest@@UAE@XZ
??0CInventoryRequest@@QAE@H@Z
?getSupportLog@CPrologResponse@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?isInventoryRequired@CPrologResponse@@QAEHXZ
?isRegistryRequired@CPrologResponse@@QAEHXZ
?getPrologFreq@CPrologResponse@@QAEPB_WXZ
??1CPrologResponse@@UAE@XZ
??0CPrologResponse@@QAE@PAVCByteArray@@@Z
?setDataFolder@@YAHPB_W@Z
?saveConfig@CComProvider@@QAEHPAVCServerConfig@@PB_W1@Z
?getVersion@CComProvider@@QAEPB_WXZ
?getName@CComProvider@@QAEPB_WXZ
?load@CComProvider@@QAEHPB_W@Z
?setApplication@CLog@@QAEXPB_W@Z
?setLogLevel@CLog@@QAEXK@Z
?setSuccess@CPrologRequest@@UAEXXZ
??1CPrologRequest@@UAE@XZ
??0CPrologRequest@@QAE@XZ
?WriteVoidToFile@@YAHPBXIPB_W@Z
?getDeviceID@CDeviceid@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?isRequired@@YAHPB_WV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?getMessage@CRequestAbstract@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?isNoTagRequired@CConfig@@QAEHXZ
?isTagTextProvided@CConfig@@QAEHXZ
?getTagText@CConfig@@QAEPB_WXZ
?isForceInventoryRequired@CConfig@@QAEHXZ
?setDebugRequired@CConfig@@QAEXI@Z
?setXmlFolder@CConfig@@QAEXPB_W@Z
?setLocalInventory@CConfig@@QAEXPB_W@Z
?setNoSoftwareRequired@CConfig@@QAEXH@Z
?setNoTagRequired@CConfig@@QAEXH@Z
?setTagText@CConfig@@QAEXPB_W@Z
?setForceInventoryRequired@CConfig@@QAEXH@Z
?setNewUID@CConfig@@QAEXH@Z
?setNotify@CConfig@@QAEXH@Z
?setIpDiscoverRequired@CConfig@@QAEXPB_W@Z
?setIpDiscoverLatency@CConfig@@QAEXPB_W@Z
?setFastIpRequired@CConfig@@QAEXH@Z
?setHkcuRequired@CConfig@@QAEXH@Z
?writeAccountInfos@CConfig@@QAEHPB_W0@Z
?getRegistryParameters@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?isIpdiscoverRequired@CPrologResponse@@QAEHXZ
?getIpdiscoverLatency@CPrologResponse@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getIpdiscoverLan@CPrologResponse@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetAnsiFromUnicode@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PB_W@Z
?AddElem@CMarkup@@QAEPAVTiXmlElement@@PB_W0@Z
?AddChildElem@CMarkup@@QAEPAVTiXmlElement@@PB_W0@Z
?OutOfElem@CMarkup@@QAEPAVTiXmlElement@@XZ
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCException@@@Z
?WriteTextToUTF8File@@YAHPB_W0@Z
?execWait@CExecCommand@@QAEHPB_W0H@Z
?setOutputFile@CExecCommand@@QAEXPB_W@Z
?getXmlPointerContent@CRequestAbstract@@QAEPAVCMarkup@@XZ
?AddXml@CMarkup@@QAEHPAV1@@Z
?getInstallFolder@@YAPB_WXZ
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
??0CDownloadResponse@@QAE@PAVCByteArray@@@Z
??1CDownloadResponse@@UAE@XZ
?isSuccess@CResponseAbstract@@QAEHXZ
?setErrorStatus@CResponseAbstract@@QAEXK@Z
?setErrorString@CResponseAbstract@@QAEXPB_W@Z
?getErrorString@CResponseAbstract@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?getAgentConfig@@YAPAVCConfig@@XZ
?WriteTextToFile@@YAHPB_W0@Z
?directoryCreate@@YAHPB_W@Z
?getDataFolder@@YAPB_WXZ
??1CMapStringToStringArray@@QAE@XZ
?GetCount@CMapStringToStringArray@@QBEHXZ
?IsEmpty@CMapStringToStringArray@@QBEHXZ
?GetAt@CMapStringToStringArray@@QAEPAVCMapStringToString@@H@Z
?getOcsLogger@@YAPAVCLog@@XZ
??0CExecCommand@@QAE@XZ
??1CExecCommand@@QAE@XZ
?execNoWait@CExecCommand@@QAEHPB_W0@Z
?getOutput@CExecCommand@@QAEPBDXZ
?log@CLog@@QAAXHPB_WZZ
?newConfig@CComProvider@@QAEPAVCServerConfig@@PB_W0@Z
?deleteConfig@CComProvider@@QAEXPAVCServerConfig@@@Z
?newConnexion@CComProvider@@QAEPAVCConnexionAbstract@@PAVCServerConfig@@@Z
?deleteConnexion@CComProvider@@QAEXPAVCConnexionAbstract@@@Z
?getPackageHistoryFilename@@YAPB_WXZ
?getComServerProvider@@YAPAVCComProvider@@XZ
?isDownloadRequired@CPrologResponse@@QAEHXZ
?getDownloadPackages@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?getDownloadParameters@CPrologResponse@@QAEPAVCMapStringToStringArray@@XZ
?fileDigest@@YAHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0H@Z
?LoadFileToText@@YAHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@Z
?directoryDelete@@YAHPB_W@Z
??0CDownloadRequest@@QAE@XZ
??1CDownloadRequest@@UAE@XZ
?setSuccess@CDownloadRequest@@UAEXXZ
?setPackageResult@CDownloadRequest@@QAEHPB_W00@Z
??0CFilePackageHistory@@QAE@XZ
??1CFilePackageHistory@@UAE@XZ
?Open@CFilePackageHistory@@QAEHPB_WHH@Z
?ReadPackage@CFilePackageHistory@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?Close@CFilePackageHistory@@QAEXXZ
?SeekToBegin@CFilePackageHistory@@QAEXXZ
?CleanDuplicates@CFilePackageHistory@@SAHPB_WH@Z
?suspendDownload@@YAHXZ
?getDownloadFolder@@YAPB_WXZ
?fileExists@@YAHPB_W@Z
?unlockDownload@@YAHXZ
?lockDownload@@YAHXZ
?getCommunicationProvider@CConfig@@QAEPB_WXZ
??0CMarkup@@QAE@XZ
??1CMarkup@@UAE@XZ
?LoadFile@CMarkup@@QAEHPB_W@Z
?SaveFile@CMarkup@@QAEHPB_W@Z
?SetAttrib@CMarkup@@QAEHPB_W0@Z
?FindFirstElem@CMarkup@@QAEPAVTiXmlElement@@PB_WPAV2@@Z
?resumeDownload@@YAHXZ
??1CConnexionLocal@@UAE@XZ

sysinfo

?GetProductVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??1CRegistryValue@@UAE@XZ
??0CFileVersion@@QAE@XZ
?GetRegistryMultipleValues@CRegistry@@QAEHPB_WI0PAVCRegistryValueList@@@Z
?GetMaskByNetNumber@CNetworkAdapterList@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@V23@@Z
?GetRegistryValue@CRegistry@@QAEHIPB_W0AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
??1CRegistry@@UAE@XZ
??0CRegistry@@QAE@XZ
?Set@CRegistryValue@@QAEXPB_W0@Z
??0CRegistryValue@@QAE@XZ
?Open@CFileVersion@@QAEHPB_W@Z
?Close@CFileVersion@@QAEXXZ
?AddTail@?$CList@VCRegistryValue@@AAV1@@@QAEPAU__POSITION@@AAVCRegistryValue@@@Z
??1CFileVersion@@QAE@XZ

mfc120u

ord11858
ord14326
ord12402
ord7884
ord14526
ord6251
ord14528
ord6253
ord14527
ord6252
ord992
ord6758
ord2163
ord3809
ord5821
ord12114
ord8099
ord12126
ord12094
ord12455
ord5495
ord1687
ord1467
ord7542
ord8352
ord9090
ord10131
ord8101
ord5314
ord7600
ord7610
ord7609
ord5137
ord5316
ord5160
ord5667
ord5430
ord9231
ord5664
ord5454
ord5157
ord1043
ord5019
ord1518
ord1521
ord973
ord11857
ord6404
ord2130
ord12510
ord266
ord265
ord2347
ord6853
ord2343
ord5491
ord4280
ord5027
ord12430
ord296
ord286
ord1042
ord1520
ord12634
ord4621
ord2948
ord1506
ord2341
ord820
ord13115
ord1349
ord2204
ord5490
ord6652
ord3806
ord970
ord12300
ord1444
ord11847
ord1706
ord2857
ord8391
ord503
ord1141
ord5488
ord8059
ord2844
ord4672
ord4692
ord4772
ord2435
ord1508
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord10260
ord5262
ord8206
ord2367
ord7881
ord4546
ord12736
ord12799
ord10314
ord12122
ord1447
ord8268
ord280

msvcr120

_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
memset
wcsftime
wprintf
_localtime64_s
sprintf
_recalloc
calloc
_time64
_ltow
_wtol
_wtoi
__CxxFrameHandler3
free

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
ReleaseMutex
GetModuleFileNameW
CreateMutexW
ResumeThread
SuspendThread
GetExitCodeThread
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
Sleep
LoadLibraryW
FreeLibrary
MultiByteToWideChar
DeleteFileW
GetTempPathW
WritePrivateProfileStringW
CopyFileW
DeleteCriticalSection
DecodePointer
GetLastError
OutputDebugStringW
InitializeCriticalSectionAndSpinCount

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW

ole32

CoInitializeSecurity
CoUninitialize
CoInitializeEx

ws2_32

getnameinfo
inet_addr
WSAGetLastError

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
OcsNotifyUser.exe
.exe windows:6 windows x86 arch:x86

4f45f68fb7c2e7fd31d429b5341ef5c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\OcsNotifyUser.pdb

Imports

ocsinventory front

?getParamValue@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_WV12@@Z
?setLogLevel@CLog@@QAEXK@Z
?isRequired@@YAHPB_WV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAVCException@@@Z
?getFrameworkVersion@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?log@CLog@@QAAXHPB_WZZ
?setApplication@CLog@@QAEXPB_W@Z
?getOcsLogger@@YAPAVCLog@@XZ

sysinfo

??0CFileVersion@@QAE@XZ
?Open@CFileVersion@@QAEHPB_W@Z
?Close@CFileVersion@@QAEXXZ
?GetProductVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??1CFileVersion@@QAE@XZ

mfc120u

ord13612
ord6121
ord3122
ord3361
ord3362
ord4049
ord11271
ord12006
ord7916
ord2347
ord2343
ord5019
ord1518
ord3806
ord286
ord10260
ord7542
ord993
ord1468
ord7881
ord2948
ord2163
ord4546
ord12430
ord280
ord2262
ord970
ord1444
ord11847
ord14537
ord2857
ord1130
ord6759
ord10131
ord5667
ord12799
ord12094
ord12126
ord10314
ord8099
ord12122
ord12114
ord5821
ord3809
ord6252
ord14527
ord7609
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord5262
ord8206
ord12736
ord8268
ord8352
ord8343
ord2759
ord12878
ord11768
ord14076
ord8855
ord9089
ord8361
ord14168
ord12454
ord12455
ord12634
ord2308
ord3254
ord5194
ord5327
ord12899
ord2416
ord7543
ord8699
ord10353
ord265
ord266
ord4843
ord2718
ord887
ord6763
ord2397
ord6452
ord3773
ord6032
ord5137
ord5316
ord5160
ord5693
ord5430
ord9231
ord5664
ord5454
ord5157
ord12043
ord3223
ord3329
ord3330
ord3898
ord11999
ord2640
ord5838
ord13563
ord11592
ord6774
ord14455
ord7807
ord14449
ord3013
ord4451
ord9574
ord4459
ord4909
ord4874
ord4867
ord4905
ord4932
ord4883
ord4916
ord4928
ord4891
ord4895
ord4899
ord4887
ord4920
ord4879
ord1736
ord1727
ord1731
ord1723
ord1711
ord12132
ord12134
ord13738
ord3224
ord9137
ord10883
ord6875
ord12095
ord8846
ord14447
ord11811
ord3795
ord11964
ord9007
ord11601
ord11600
ord5557
ord10169
ord10165
ord10167
ord10168
ord10166
ord2719
ord8092
ord3260
ord3263
ord13616
ord9020
ord12047
ord9091
ord6434
ord1520
ord8921
ord14459
ord10896
ord10919
ord14458
ord13991
ord14094
ord13404
ord6123
ord3103
ord4176
ord1042
ord7382
ord3790
ord3654
ord4280
ord2204
ord2173
ord1063
ord999
ord1471
ord6393
ord9090
ord10136
ord8101
ord5324
ord1386
ord296
ord1108
ord458
ord1508
ord13997
ord4771
ord4772
ord13333
ord5314
ord7600
ord7340
ord7610
ord2367
ord6253

msvcr120

malloc
__CxxFrameHandler3
memcpy
_CxxThrowException
_XcptFilter
memset
free
_wtol
_localtime64_s
wcsftime
_time64
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_itow_s

kernel32

GetModuleFileNameW
LocalFree
ReleaseMutex
lstrlenA
OutputDebugStringW
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
GetLastError
CreateMutexW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DeleteCriticalSection
DecodePointer
GetVersionExW

user32

GetSystemMetrics
GetParent
GetWindowRect
DrawIcon
GetClientRect
EnableWindow
IsIconic
BringWindowToTop
SetTimer
SendMessageW
LoadIconW

comctl32

InitCommonControlsEx

oleaut32

SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SysFreeString
SafeArrayDestroy
SysAllocString
VariantClear

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OcsService.exe
.exe windows:6 windows x86 arch:x86

08276e2856f4d6d3f5d945b44a0c6496

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\Service.pdb

Imports

libeay32

ord470

ocsinventory front

?fileExists@@YAHPB_W@Z
?GetAnsiFromUnicode@@YA?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PB_W@Z
?final@CInventoryRequest@@EAEHXZ
?setSuccess@CInventoryRequest@@UAEXXZ
??1CInventoryRequest@@UAE@XZ
??0CInventoryRequest@@QAE@H@Z
?WriteVoidToFile@@YAHPBXIPB_W@Z
?getExitValue@CExecCommand@@QAEHXZ
?getOutput@CExecCommand@@QAEPBDXZ
?execWait@CExecCommand@@QAEHPB_W0H@Z
??1CExecCommand@@QAE@XZ
??0CExecCommand@@QAE@XZ
?ReadFromFile@COCSInventoryState@@QAEHPB_W0@Z
?getMessage@CRequestAbstract@@QAE?AV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@XZ
?getInstallFolder@@YAPB_WXZ
?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?getDataFolder@@YAPB_WXZ
??0COCSInventoryState@@QAE@XZ
?GetNetworks@COCSInventoryState@@QAEPB_WXZ
??1COCSInventoryState@@UAE@XZ

sysinfo

??1CSysInfo@@UAE@XZ
??0CSysInfo@@QAE@HPB_W@Z
?GetHash@CNetworkAdapterList@@QAEPB_WXZ
??1CNetworkAdapterList@@UAE@XZ
??0CNetworkAdapterList@@QAE@XZ
?getNetworkAdapters@CSysInfo@@QAEHPAVCNetworkAdapterList@@@Z

mfc120u

ord4774
ord6458
ord5419
ord296
ord1042
ord1520
ord265
ord7744
ord2954
ord1506
ord4772
ord1508
ord4692
ord4672
ord5491
ord1141
ord503
ord2343
ord12655
ord5417
ord3806
ord494
ord266
ord1139
ord2843
ord12222
ord11837
ord2366
ord992
ord1467
ord500
ord1349
ord13115
ord13822
ord820
ord2347
ord2341
ord4623
ord7918
ord1525
ord1043
ord316

msvcr120

__CxxFrameHandler3
ceil
_CxxThrowException
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
_commode
_fmode
memmove
free
wprintf
_purecall
_localtime64_s
rand
srand
_time64
memset
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_XcptFilter
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__winitenv
memcpy

kernel32

DecodePointer
GetLastError
GetModuleFileNameW
Sleep
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GetModuleHandleW
GetCommandLineW
DeleteFileW
GetPrivateProfileIntW
WritePrivateProfileStringW
CopyFileW
CreateMutexW
ExitProcess
GetCurrentThreadId
DeleteCriticalSection

advapi32

RegSetValueExW
RegisterEventSourceW
CloseServiceHandle
DeleteService
OpenSCManagerW
StartServiceCtrlDispatcherW
OpenServiceW
RegCreateKeyW
DeregisterEventSource
RegDeleteKeyW
ChangeServiceConfig2W
SetServiceStatus
RegOpenKeyExW
RegisterServiceCtrlHandlerW
ReportEventW
RegEnumValueW
CreateServiceW
RegCloseKey
ControlService

ole32

CoInitializeSecurity
CoUninitialize
CoInitializeEx

oleaut32

VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime

msvcp120

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OcsSystray.exe
.exe windows:6 windows x86 arch:x86

0e64485e6315f4f7730b84ecc1b00e40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\OcsSystray.pdb

Imports

ocsinventory front

?LookupError@@YA?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?getDataFolder@@YAPB_WXZ
?getInstallFolder@@YAPB_WXZ
?fileExists@@YAHPB_W@Z

sysinfo

?GetFileDescription@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
??0CFileVersion@@QAE@XZ
?Open@CFileVersion@@QAEHPB_W@Z
?Close@CFileVersion@@QAEXXZ
??1CFileVersion@@QAE@XZ
?GetFixedFileVersion@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ

mfc120u

ord12094
ord1108
ord4049
ord4771
ord4456
ord2520
ord3654
ord2261
ord1386
ord887
ord7382
ord10919
ord12006
ord6121
ord13612
ord2718
ord9091
ord12047
ord10896
ord11271
ord10353
ord3362
ord3361
ord3122
ord458
ord6434
ord2204
ord2173
ord9020
ord13333
ord8346
ord1520
ord286
ord14094
ord7002
ord4280
ord2308
ord7340
ord265
ord266
ord12899
ord8699
ord5327
ord5194
ord3254
ord6763
ord2341
ord2397
ord2336
ord2343
ord6652
ord2214
ord2347
ord8628
ord4184
ord2484
ord4842
ord3889
ord6510
ord11338
ord8655
ord7331
ord14516
ord12276
ord14463
ord12126
ord11592
ord6774
ord14455
ord7807
ord14449
ord3013
ord4451
ord9574
ord8268
ord4459
ord4909
ord4874
ord4867
ord4905
ord4932
ord4883
ord4916
ord4928
ord4891
ord4895
ord4899
ord4887
ord4920
ord4879
ord1736
ord1727
ord1731
ord1723
ord1711
ord12132
ord12134
ord13738
ord3224
ord9137
ord10883
ord6875
ord12095
ord8846
ord14447
ord11811
ord3790
ord3795
ord11964
ord11601
ord11600
ord5557
ord10169
ord10165
ord10167
ord10168
ord10166
ord1471
ord2719
ord8092
ord10136
ord3260
ord3263
ord13616
ord6123
ord7543
ord6469
ord4839
ord2480
ord3839
ord6462
ord6735
ord3215
ord4193
ord1441
ord9016
ord13153
ord2262
ord982
ord8099
ord12114
ord5821
ord3809
ord2163
ord6758
ord992
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord10260
ord5262
ord8206
ord7881
ord4546
ord12736
ord12799
ord10314
ord12219
ord12122
ord1987
ord1457
ord9090
ord8101
ord5314
ord7600
ord7610
ord7609
ord5137
ord1467
ord7542
ord8352
ord10131
ord5316
ord5160
ord5667
ord296
ord280
ord1042
ord1518
ord6870
ord999
ord4843
ord12043
ord3223
ord5430
ord9231
ord5664
ord5454
ord5157
ord4772
ord1508
ord3329
ord3330
ord3898
ord11999
ord2640
ord5324
ord7703
ord5838
ord2367
ord5693
ord13563
ord8921

msvcr120

malloc
__CxxFrameHandler3
_CxxThrowException
ceil
memcpy
wcsncpy
_localtime64_s
wcscat_s
_except1
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
memset
_time64
memcpy_s
free

kernel32

OutputDebugStringW
GetLastError
DecodePointer
lstrlenA
LocalFree
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
DeleteFileW
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
GetVersion
GetVersionExW
MultiByteToWideChar
DeleteCriticalSection
GetWindowsDirectoryW

user32

SetActiveWindow
TrackPopupMenu
RegisterWindowMessageW
GetMenuItemID
PostMessageW
KillTimer
GetSubMenu
SetForegroundWindow
SetParent
FindWindowW
LoadMenuW
SystemParametersInfoW
GetClassNameW
GetCursorPos
EnumChildWindows
IsWindow
SetMenuDefaultItem
GetWindowRect
SetTimer
IsIconic
DrawIcon
LoadIconW
GetSystemMetrics
SetCursor
SetCapture
GetParent
LoadCursorW
GetClientRect
PtInRect
InvalidateRect
SetWindowLongW
RedrawWindow
ReleaseCapture
SendMessageW
EnableWindow
DrawAnimatedRects

gdi32

CreateFontIndirectW
GetStockObject
GetObjectW

advapi32

ControlService
CloseServiceHandle
OpenSCManagerW
QueryServiceStatus
OpenServiceW

shell32

Shell_NotifyIconW
SHAppBarMessage
ShellExecuteW

comctl32

InitCommonControlsEx

oleaut32

SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
SysAllocString
SafeArrayGetLBound
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayGetUBound
SafeArrayUnaccessData
VariantClear

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OcsWmi.dll
.dll windows:6 windows x86 arch:x86

15a4604431121c52a4138619ae91a715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\OcsWmi.pdb

Imports

mfc120u

ord1042
ord286
ord280
ord296
ord4280
ord1687
ord8346
ord1506
ord360
ord1064
ord1531
ord4776
ord12094
ord12126
ord8099
ord12114
ord5821
ord3809
ord266
ord3806
ord2363
ord2490
ord5048
ord6758
ord1518
ord6252
ord14527
ord6253
ord14528
ord6251
ord14526
ord7884
ord12402
ord14326
ord11858
ord11857
ord1992
ord7825
ord12818
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord5262
ord8206
ord7881
ord4546
ord12736
ord12799
ord992
ord1520
ord4772
ord5157
ord5454
ord10314
ord12122
ord8268
ord1467
ord7542
ord8352
ord9090
ord10131
ord8101
ord5314
ord1509
ord325
ord1050
ord2323
ord2204
ord324
ord1049
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord7600
ord7610
ord7609
ord5137
ord5316
ord5160
ord5667
ord5430
ord9231
ord5664
ord1508

msvcr120

_amsg_exit
__CppXcptFilter
_unlock
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_lock
?terminate@@YAXXZ
__CxxFrameHandler3
malloc
_CxxThrowException
memset
_wtoi64
_malloc_crt
__clean_type_info_names_internal
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
_initterm_e
_initterm
free

kernel32

MultiByteToWideChar
lstrlenA
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
LocalFree
LocalAlloc

ole32

CoCreateInstance
CoSetProxyBlanket

oleaut32

SafeArrayGetLBound
VariantClear
VariantInit
VariantChangeType
SafeArrayGetElement
VarBstrFromDate
SysFreeString
SafeArrayGetUBound
SysAllocString

Exports

Exports

??0COcsWmi@@QAE@ABV0@@Z
??0COcsWmi@@QAE@XZ
??1COcsWmi@@UAE@XZ
??4COcsWmi@@QAEAAV0@ABV0@@Z
??_7COcsWmi@@6B@
?BeginEnumClassObject@COcsWmi@@QAEHPB_W0@Z
?CloseEnumClassObject@COcsWmi@@QAEHXZ
?ConnectWMI@COcsWmi@@QAEHPB_W@Z
?DisconnectWMI@COcsWmi@@QAEHXZ
?GetClassObjectDwordValue@COcsWmi@@QAEKPB_W@Z
?GetClassObjectI64Value@COcsWmi@@QAE_JPB_W@Z
?GetClassObjectLength@COcsWmi@@QAEHPB_W@Z
?GetClassObjectStringValue@COcsWmi@@QAEPB_WPB_W@Z
?GetClassObjectU64Value@COcsWmi@@QAE_KPB_W@Z
?GetClassObjectVariantValue@COcsWmi@@QAEHPB_WAAUtagVARIANT@@@Z
?GetLastErrorWMI@COcsWmi@@QAEJXZ
?GetRefElementClassObjectDwordValue@COcsWmi@@QAEKPB_W0@Z
?GetRefElementClassObjectI64Value@COcsWmi@@QAE_JPB_W0@Z
?GetRefElementClassObjectLength@COcsWmi@@QAEHPB_W0@Z
?GetRefElementClassObjectStringValue@COcsWmi@@QAEPB_WPB_W0@Z
?GetRefElementClassObjectU64Value@COcsWmi@@QAE_KPB_W0@Z
?GetRefElementClassObjectVariantValue@COcsWmi@@QAEHPB_W0AAUtagVARIANT@@@Z
?MoveNextEnumClassObject@COcsWmi@@QAEHXZ
?dwCimValue@COcsWmi@@IAEKAAUtagVARIANT@@AAJ@Z
?i64CimValue@COcsWmi@@IAE_JAAUtagVARIANT@@AAJ@Z
?strCimArrayValue@COcsWmi@@IAEPB_WAAUtagVARIANT@@AAJ@Z
?strCimValue@COcsWmi@@IAEPB_WAAUtagVARIANT@@AAJ@Z
?strVariant@COcsWmi@@IAEPB_WUtagVARIANT@@@Z
?strVariantArray@COcsWmi@@IAEPB_WUtagVARIANT@@@Z
?u64CimValue@COcsWmi@@IAE_KAAUtagVARIANT@@AAJ@Z

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SysInfo.dll
.dll windows:6 windows x86 arch:x86

44c912af6c6729db6a95c8003a22a329

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\Release\SysInfo.pdb

Imports

libeay32

ord502
ord503
ord504

ocswmi

?BeginEnumClassObject@COcsWmi@@QAEHPB_W0@Z
?MoveNextEnumClassObject@COcsWmi@@QAEHXZ
?GetClassObjectDwordValue@COcsWmi@@QAEKPB_W@Z
?GetClassObjectVariantValue@COcsWmi@@QAEHPB_WAAUtagVARIANT@@@Z
?GetLastErrorWMI@COcsWmi@@QAEJXZ
??0COcsWmi@@QAE@ABV0@@Z
?ConnectWMI@COcsWmi@@QAEHPB_W@Z
?DisconnectWMI@COcsWmi@@QAEHXZ
??1COcsWmi@@UAE@XZ
??0COcsWmi@@QAE@XZ
?GetClassObjectU64Value@COcsWmi@@QAE_KPB_W@Z
?GetRefElementClassObjectDwordValue@COcsWmi@@QAEKPB_W0@Z
?GetRefElementClassObjectStringValue@COcsWmi@@QAEPB_WPB_W0@Z
?GetClassObjectStringValue@COcsWmi@@QAEPB_WPB_W@Z
?CloseEnumClassObject@COcsWmi@@QAEHXZ
??4COcsWmi@@QAEAAV0@ABV0@@Z

mfc120u

ord6252
ord992
ord6758
ord3809
ord5314
ord12114
ord8099
ord12126
ord12094
ord12792
ord7600
ord7610
ord7609
ord5137
ord5316
ord5160
ord5667
ord5430
ord9231
ord5664
ord5454
ord5157
ord4985
ord1527
ord13111
ord7915
ord5020
ord2435
ord2954
ord8594
ord14276
ord12455
ord2955
ord14281
ord1687
ord1688
ord5019
ord4281
ord316
ord1528
ord4774
ord1521
ord1506
ord265
ord300
ord1043
ord1525
ord4791
ord3806
ord970
ord14537
ord1444
ord11847
ord1706
ord4763
ord12818
ord12219
ord14527
ord12276
ord14516
ord2341
ord3194
ord4813
ord6652
ord2336
ord1648
ord4280
ord4984
ord1682
ord4772
ord5027
ord12430
ord296
ord280
ord286
ord1042
ord1518
ord1520
ord1684
ord12634
ord4621
ord14277
ord14271
ord8638
ord8242
ord8346
ord2967
ord285
ord5824
ord2948
ord2347
ord266
ord2343
ord6253
ord14528
ord6251
ord1508
ord4047
ord4109
ord9279
ord14454
ord7806
ord14448
ord12413
ord12412
ord2444
ord5262
ord8206
ord7881
ord4546
ord12736
ord12799
ord10314
ord12122
ord8268
ord1467
ord14526
ord7884
ord12402
ord14326
ord7542
ord8352
ord11858
ord11857
ord1992
ord14463
ord7825
ord1509
ord325
ord1050
ord2323
ord2204
ord324
ord1049
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord9090
ord10131
ord2857
ord8101
ord5821

msvcr120

__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?terminate@@YAXXZ
__CxxFrameHandler3
memset
memcpy_s
isprint
wcstol
swscanf
strcpy_s
wcstoul
_wtol
_recalloc
calloc
_strnicmp
sprintf
iswdigit
_wtoi
_wcsicmp
malloc
strncpy
_vswprintf
memmove
_time64
wcsftime
_localtime64_s
free
memcpy

kernel32

InitializeCriticalSectionAndSpinCount
DecodePointer
DeleteCriticalSection
OutputDebugStringW
GetLastError
GetLogicalDrives
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
LocalFree
LocalAlloc
GlobalFree
SetLastError
GlobalAlloc
GetTickCount
OpenProcess
WideCharToMultiByte
GlobalMemoryStatus
GetVolumeInformationW
GetDiskFreeSpaceW
GetDriveTypeW
VerLanguageNameW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetVersion
GetSystemInfo
GetProcAddress
lstrlenW
GetModuleHandleW
CloseHandle
DeviceIoControl
CreateFileW
GetVersionExW

user32

GetSystemMetrics

advapi32

RegQueryValueExW
RegCloseKey
RegConnectRegistryW
RegEnumValueW
RegEnumKeyExW
GetUserNameW
RegOpenKeyExW

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
SafeArrayDestroy
VariantInit
VarUdateFromDate

msvcp120

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

mpr

WNetGetConnectionW

ws2_32

inet_addr
ntohl
htonl
inet_ntoa

Exports

Exports

??0?$CList@VCCpu@@AAV1@@@QAE@H@Z
??0?$CList@VCInputDevice@@AAV1@@@QAE@H@Z
??0?$CList@VCLogicalDrive@@AAV1@@@QAE@H@Z
??0?$CList@VCMemorySlot@@AAV1@@@QAE@H@Z
??0?$CList@VCModem@@AAV1@@@QAE@H@Z
??0?$CList@VCMonitor@@AAV1@@@QAE@H@Z
??0?$CList@VCNetworkAdapter@@AAV1@@@QAE@H@Z
??0?$CList@VCPrinter@@AAV1@@@QAE@H@Z
??0?$CList@VCRegistryValue@@AAV1@@@QAE@H@Z
??0?$CList@VCSoftware@@AAV1@@@QAE@H@Z
??0?$CList@VCSoundDevice@@AAV1@@@QAE@H@Z
??0?$CList@VCStoragePeripheral@@AAV1@@@QAE@H@Z
??0?$CList@VCSystemController@@AAV1@@@QAE@H@Z
??0?$CList@VCSystemPort@@AAV1@@@QAE@H@Z
??0?$CList@VCSystemSlot@@AAV1@@@QAE@H@Z
??0?$CList@VCVideoAdapter@@AAV1@@@QAE@H@Z
??0CAccessLog@@QAE@ABV0@@Z
??0CAccessLog@@QAE@XZ
??0CBios@@QAE@ABV0@@Z
??0CBios@@QAE@XZ
??0CCpu@@QAE@ABV0@@Z
??0CCpu@@QAE@XZ
??0CCpuList@@QAE@XZ
??0CDMI@@QAE@XZ
??0CDeviceProperties@@QAE@ABV0@@Z
??0CDeviceProperties@@QAE@XZ
??0CEdid@@QAE@ABV0@@Z
??0CEdid@@QAE@XZ
??0CFileVersion@@QAE@XZ
??0CIPHelper@@QAE@ABV0@@Z
??0CIPHelper@@QAE@XZ
??0CInputDevice@@QAE@ABV0@@Z
??0CInputDevice@@QAE@XZ
??0CInputDeviceList@@QAE@XZ
??0CLogicalDrive@@QAE@ABV0@@Z
??0CLogicalDrive@@QAE@XZ
??0CLogicalDriveList@@QAE@XZ
??0CMemory@@QAE@ABV0@@Z
??0CMemory@@QAE@XZ
??0CMemorySlot@@QAE@ABV0@@Z
??0CMemorySlot@@QAE@XZ
??0CMemorySlotList@@QAE@XZ
??0CModem@@QAE@ABV0@@Z
??0CModem@@QAE@XZ
??0CModemList@@QAE@XZ
??0CMonitor@@QAE@ABV0@@Z
??0CMonitor@@QAE@XZ
??0CMonitorList@@QAE@XZ
??0CNetworkAdapter@@QAE@ABV0@@Z
??0CNetworkAdapter@@QAE@XZ
??0CNetworkAdapterList@@QAE@XZ
??0CPrinter@@QAE@ABV0@@Z
??0CPrinter@@QAE@XZ
??0CPrinterList@@QAE@XZ
??0CRegistry@@QAE@ABV0@@Z
??0CRegistry@@QAE@XZ
??0CRegistryValue@@QAE@ABV0@@Z
??0CRegistryValue@@QAE@XZ
??0CRegistryValueList@@QAE@XZ
??0CSNMP@@QAE@ABV0@@Z
??0CSNMP@@QAE@XZ
??0CSoftware@@QAE@ABV0@@Z
??0CSoftware@@QAE@XZ
??0CSoftwareList@@QAE@XZ
??0CSoundDevice@@QAE@ABV0@@Z
??0CSoundDevice@@QAE@XZ
??0CSoundDeviceList@@QAE@XZ
??0CStoragePeripheral@@QAE@ABV0@@Z
??0CStoragePeripheral@@QAE@XZ
??0CStoragePeripheralList@@QAE@XZ
??0CSysInfo@@QAE@ABV0@@Z
??0CSysInfo@@QAE@HPB_W@Z
??0CSystemController@@QAE@ABV0@@Z
??0CSystemController@@QAE@XZ
??0CSystemControllerList@@QAE@XZ
??0CSystemPort@@QAE@ABV0@@Z
??0CSystemPort@@QAE@XZ
??0CSystemPortList@@QAE@XZ
??0CSystemSlot@@QAE@ABV0@@Z
??0CSystemSlot@@QAE@XZ
??0CSystemSlotList@@QAE@XZ
??0CVMSystem@@QAE@XZ
??0CVideoAdapter@@QAE@ABV0@@Z
??0CVideoAdapter@@QAE@XZ
??0CVideoAdapterList@@QAE@XZ
??0CWindowsSocket@@QAE@ABV0@@Z
??0CWindowsSocket@@QAE@XZ
??0CWmi@@QAE@ABV0@@Z
??0CWmi@@QAE@XZ
??1?$CList@VCCpu@@AAV1@@@UAE@XZ
??1?$CList@VCInputDevice@@AAV1@@@UAE@XZ
??1?$CList@VCLogicalDrive@@AAV1@@@UAE@XZ
??1?$CList@VCMemorySlot@@AAV1@@@UAE@XZ
??1?$CList@VCModem@@AAV1@@@UAE@XZ
??1?$CList@VCMonitor@@AAV1@@@UAE@XZ
??1?$CList@VCNetworkAdapter@@AAV1@@@UAE@XZ
??1?$CList@VCPrinter@@AAV1@@@UAE@XZ
??1?$CList@VCRegistryValue@@AAV1@@@UAE@XZ
??1?$CList@VCSoftware@@AAV1@@@UAE@XZ
??1?$CList@VCSoundDevice@@AAV1@@@UAE@XZ
??1?$CList@VCStoragePeripheral@@AAV1@@@UAE@XZ
??1?$CList@VCSystemController@@AAV1@@@UAE@XZ
??1?$CList@VCSystemPort@@AAV1@@@UAE@XZ
??1?$CList@VCSystemSlot@@AAV1@@@UAE@XZ
??1?$CList@VCVideoAdapter@@AAV1@@@UAE@XZ
??1CAccessLog@@UAE@XZ
??1CBios@@UAE@XZ
??1CCpu@@UAE@XZ
??1CCpuList@@UAE@XZ
??1CDMI@@QAE@XZ
??1CDeviceProperties@@UAE@XZ
??1CEdid@@UAE@XZ
??1CFileVersion@@QAE@XZ
??1CIPHelper@@UAE@XZ
??1CInputDevice@@UAE@XZ
??1CInputDeviceList@@UAE@XZ
??1CLogicalDrive@@UAE@XZ
??1CLogicalDriveList@@UAE@XZ
??1CMemory@@UAE@XZ
??1CMemorySlot@@UAE@XZ
??1CMemorySlotList@@UAE@XZ
??1CModem@@UAE@XZ
??1CModemList@@UAE@XZ
??1CMonitor@@UAE@XZ
??1CMonitorList@@UAE@XZ
??1CNetworkAdapter@@UAE@XZ
??1CNetworkAdapterList@@UAE@XZ
??1CPrinter@@UAE@XZ
??1CPrinterList@@UAE@XZ
??1CRegistry@@UAE@XZ
??1CRegistryValue@@UAE@XZ
??1CRegistryValueList@@UAE@XZ
??1CSNMP@@UAE@XZ
??1CSoftware@@UAE@XZ
??1CSoftwareList@@UAE@XZ
??1CSoundDevice@@UAE@XZ
??1CSoundDeviceList@@UAE@XZ
??1CStoragePeripheral@@UAE@XZ
??1CStoragePeripheralList@@UAE@XZ
??1CSysInfo@@UAE@XZ
??1CSystemController@@UAE@XZ
??1CSystemControllerList@@UAE@XZ
??1CSystemPort@@UAE@XZ
??1CSystemPortList@@UAE@XZ
??1CSystemSlot@@UAE@XZ
??1CSystemSlotList@@UAE@XZ
??1CVMSystem@@QAE@XZ
??1CVideoAdapter@@UAE@XZ
??1CVideoAdapterList@@UAE@XZ
??1CWindowsSocket@@UAE@XZ
??1CWmi@@UAE@XZ
??4CAccessLog@@QAEAAV0@ABV0@@Z
??4CBios@@QAEAAV0@ABV0@@Z
??4CCpu@@QAEAAV0@ABV0@@Z
??4CDMI@@QAEAAV0@ABV0@@Z
??4CDeviceProperties@@QAEAAV0@ABV0@@Z
??4CEdid@@QAEAAV0@ABV0@@Z
??4CFileVersion@@QAEAAV0@ABV0@@Z
??4CIPHelper@@QAEAAV0@ABV0@@Z
??4CInputDevice@@QAEAAV0@ABV0@@Z
??4CLogicalDrive@@QAEAAV0@ABV0@@Z
??4CMemory@@QAEAAV0@ABV0@@Z
??4CMemorySlot@@QAEAAV0@ABV0@@Z
??4CModem@@QAEAAV0@ABV0@@Z
??4CMonitor@@QAEAAV0@ABV0@@Z
??4CNetworkAdapter@@QAEAAV0@ABV0@@Z
??4CPrinter@@QAEAAV0@ABV0@@Z
??4CRegistry@@QAEAAV0@ABV0@@Z
??4CRegistryValue@@QAEAAV0@ABV0@@Z
??4CSNMP@@QAEAAV0@ABV0@@Z
??4CSoftware@@QAEAAV0@ABV0@@Z
??4CSoundDevice@@QAEAAV0@ABV0@@Z
??4CStoragePeripheral@@QAEAAV0@ABV0@@Z
??4CSysInfo@@QAEAAV0@ABV0@@Z
??4CSystemController@@QAEAAV0@ABV0@@Z
??4CSystemPort@@QAEAAV0@ABV0@@Z
??4CSystemSlot@@QAEAAV0@ABV0@@Z
??4CVMSystem@@QAEAAV0@ABV0@@Z
??4CVideoAdapter@@QAEAAV0@ABV0@@Z
??4CWindowsSocket@@QAEAAV0@ABV0@@Z
??4CWmi@@QAEAAV0@ABV0@@Z
??8CAccessLog@@QBEHV0@@Z
??8CBios@@QBEHV0@@Z
??8CCpu@@QBEHV0@@Z
??8CInputDevice@@QBEHV0@@Z
??8CLogicalDrive@@QBEHV0@@Z
??8CMemorySlot@@QBEHV0@@Z
??8CModem@@QBEHV0@@Z
??8CMonitor@@QBEHV0@@Z
??8CNetworkAdapter@@QBEHV0@@Z
??8CPrinter@@QBEHV0@@Z
??8CRegistryValue@@QBEHV0@@Z
??8CSoftware@@QBEHV0@@Z
??8CSoundDevice@@QBEHV0@@Z
??8CStoragePeripheral@@QBEHV0@@Z
??8CSystemController@@QBEHV0@@Z
??8CSystemPort@@QBEHV0@@Z
??8CSystemSlot@@QBEHV0@@Z
??8CVideoAdapter@@QBEHV0@@Z
??_7?$CList@VCCpu@@AAV1@@@6B@
??_7?$CList@VCInputDevice@@AAV1@@@6B@
??_7?$CList@VCLogicalDrive@@AAV1@@@6B@
??_7?$CList@VCMemorySlot@@AAV1@@@6B@
??_7?$CList@VCModem@@AAV1@@@6B@
??_7?$CList@VCMonitor@@AAV1@@@6B@
??_7?$CList@VCNetworkAdapter@@AAV1@@@6B@
??_7?$CList@VCPrinter@@AAV1@@@6B@
??_7?$CList@VCRegistryValue@@AAV1@@@6B@
??_7?$CList@VCSoftware@@AAV1@@@6B@
??_7?$CList@VCSoundDevice@@AAV1@@@6B@
??_7?$CList@VCStoragePeripheral@@AAV1@@@6B@
??_7?$CList@VCSystemController@@AAV1@@@6B@
??_7?$CList@VCSystemPort@@AAV1@@@6B@
??_7?$CList@VCSystemSlot@@AAV1@@@6B@
??_7?$CList@VCVideoAdapter@@AAV1@@@6B@
??_7CAccessLog@@6B@
??_7CBios@@6B@
??_7CCpu@@6B@
??_7CCpuList@@6B@
??_7CDeviceProperties@@6B@
??_7CEdid@@6B@
??_7CIPHelper@@6B@
??_7CInputDevice@@6B@
??_7CInputDeviceList@@6B@
??_7CLogicalDrive@@6B@
??_7CLogicalDriveList@@6B@
??_7CMemory@@6B@
??_7CMemorySlot@@6B@
??_7CMemorySlotList@@6B@
??_7CModem@@6B@
??_7CModemList@@6B@
??_7CMonitor@@6B@
??_7CMonitorList@@6B@
??_7CNetworkAdapter@@6B@
??_7CNetworkAdapterList@@6B@
??_7CPrinter@@6B@
??_7CPrinterList@@6B@
??_7CRegistry@@6B@
??_7CRegistryValue@@6B@
??_7CRegistryValueList@@6B@
??_7CSNMP@@6B@
??_7CSoftware@@6B@
??_7CSoftwareList@@6B@
??_7CSoundDevice@@6B@
??_7CSoundDeviceList@@6B@
??_7CStoragePeripheral@@6B@
??_7CStoragePeripheralList@@6B@
??_7CSysInfo@@6B@
??_7CSystemController@@6B@
??_7CSystemControllerList@@6B@
??_7CSystemPort@@6B@
??_7CSystemPortList@@6B@
??_7CSystemSlot@@6B@
??_7CSystemSlotList@@6B@
??_7CVideoAdapter@@6B@
??_7CVideoAdapterList@@6B@
??_7CWindowsSocket@@6B@
??_7CWmi@@6B@
??_F?$CList@VCCpu@@AAV1@@@QAEXXZ
??_F?$CList@VCInputDevice@@AAV1@@@QAEXXZ
??_F?$CList@VCLogicalDrive@@AAV1@@@QAEXXZ
??_F?$CList@VCMemorySlot@@AAV1@@@QAEXXZ
??_F?$CList@VCModem@@AAV1@@@QAEXXZ
??_F?$CList@VCMonitor@@AAV1@@@QAEXXZ
??_F?$CList@VCNetworkAdapter@@AAV1@@@QAEXXZ
??_F?$CList@VCPrinter@@AAV1@@@QAEXXZ
??_F?$CList@VCRegistryValue@@AAV1@@@QAEXXZ
??_F?$CList@VCSoftware@@AAV1@@@QAEXXZ
??_F?$CList@VCSoundDevice@@AAV1@@@QAEXXZ
??_F?$CList@VCStoragePeripheral@@AAV1@@@QAEXXZ
??_F?$CList@VCSystemController@@AAV1@@@QAEXXZ
??_F?$CList@VCSystemPort@@AAV1@@@QAEXXZ
??_F?$CList@VCSystemSlot@@AAV1@@@QAEXXZ
??_F?$CList@VCVideoAdapter@@AAV1@@@QAEXXZ
??_FCSysInfo@@QAEXXZ
?AcerHack@CEdid@@IAEHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAUtag_Standard_EDID@@@Z
?AddHead@?$CList@VCCpu@@AAV1@@@QAEPAU__POSITION@@AAVCCpu@@@Z
?AddHead@?$CList@VCCpu@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCInputDevice@@AAV1@@@QAEPAU__POSITION@@AAVCInputDevice@@@Z
?AddHead@?$CList@VCInputDevice@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCLogicalDrive@@AAV1@@@QAEPAU__POSITION@@AAVCLogicalDrive@@@Z
?AddHead@?$CList@VCLogicalDrive@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCMemorySlot@@AAV1@@@QAEPAU__POSITION@@AAVCMemorySlot@@@Z
?AddHead@?$CList@VCMemorySlot@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCModem@@AAV1@@@QAEPAU__POSITION@@AAVCModem@@@Z
?AddHead@?$CList@VCModem@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCMonitor@@AAV1@@@QAEPAU__POSITION@@AAVCMonitor@@@Z
?AddHead@?$CList@VCMonitor@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCNetworkAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCNetworkAdapter@@@Z
?AddHead@?$CList@VCNetworkAdapter@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCPrinter@@AAV1@@@QAEPAU__POSITION@@AAVCPrinter@@@Z
?AddHead@?$CList@VCPrinter@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCRegistryValue@@AAV1@@@QAEPAU__POSITION@@AAVCRegistryValue@@@Z
?AddHead@?$CList@VCRegistryValue@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCSoftware@@AAV1@@@QAEPAU__POSITION@@AAVCSoftware@@@Z
?AddHead@?$CList@VCSoftware@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCSoundDevice@@AAV1@@@QAEPAU__POSITION@@AAVCSoundDevice@@@Z
?AddHead@?$CList@VCSoundDevice@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCStoragePeripheral@@AAV1@@@QAEPAU__POSITION@@AAVCStoragePeripheral@@@Z
?AddHead@?$CList@VCStoragePeripheral@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCSystemController@@AAV1@@@QAEPAU__POSITION@@AAVCSystemController@@@Z
?AddHead@?$CList@VCSystemController@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCSystemPort@@AAV1@@@QAEPAU__POSITION@@AAVCSystemPort@@@Z
?AddHead@?$CList@VCSystemPort@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCSystemSlot@@AAV1@@@QAEPAU__POSITION@@AAVCSystemSlot@@@Z
?AddHead@?$CList@VCSystemSlot@@AAV1@@@QAEXPAV1@@Z
?AddHead@?$CList@VCVideoAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCVideoAdapter@@@Z
?AddHead@?$CList@VCVideoAdapter@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCCpu@@AAV1@@@QAEPAU__POSITION@@AAVCCpu@@@Z
?AddTail@?$CList@VCCpu@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCInputDevice@@AAV1@@@QAEPAU__POSITION@@AAVCInputDevice@@@Z
?AddTail@?$CList@VCInputDevice@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCLogicalDrive@@AAV1@@@QAEPAU__POSITION@@AAVCLogicalDrive@@@Z
?AddTail@?$CList@VCLogicalDrive@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCMemorySlot@@AAV1@@@QAEPAU__POSITION@@AAVCMemorySlot@@@Z
?AddTail@?$CList@VCMemorySlot@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCModem@@AAV1@@@QAEPAU__POSITION@@AAVCModem@@@Z
?AddTail@?$CList@VCModem@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCMonitor@@AAV1@@@QAEPAU__POSITION@@AAVCMonitor@@@Z
?AddTail@?$CList@VCMonitor@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCNetworkAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCNetworkAdapter@@@Z
?AddTail@?$CList@VCNetworkAdapter@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCPrinter@@AAV1@@@QAEPAU__POSITION@@AAVCPrinter@@@Z
?AddTail@?$CList@VCPrinter@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCRegistryValue@@AAV1@@@QAEPAU__POSITION@@AAVCRegistryValue@@@Z
?AddTail@?$CList@VCRegistryValue@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCSoftware@@AAV1@@@QAEPAU__POSITION@@AAVCSoftware@@@Z
?AddTail@?$CList@VCSoftware@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCSoundDevice@@AAV1@@@QAEPAU__POSITION@@AAVCSoundDevice@@@Z
?AddTail@?$CList@VCSoundDevice@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCStoragePeripheral@@AAV1@@@QAEPAU__POSITION@@AAVCStoragePeripheral@@@Z
?AddTail@?$CList@VCStoragePeripheral@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCSystemController@@AAV1@@@QAEPAU__POSITION@@AAVCSystemController@@@Z
?AddTail@?$CList@VCSystemController@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCSystemPort@@AAV1@@@QAEPAU__POSITION@@AAVCSystemPort@@@Z
?AddTail@?$CList@VCSystemPort@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCSystemSlot@@AAV1@@@QAEPAU__POSITION@@AAVCSystemSlot@@@Z
?AddTail@?$CList@VCSystemSlot@@AAV1@@@QAEXPAV1@@Z
?AddTail@?$CList@VCVideoAdapter@@AAV1@@@QAEPAU__POSITION@@AAVCVideoAdapter@@@Z
?AddTail@?$CList@VCVideoAdapter@@AAV1@@@QAEXPAV1@@Z
?AddUniqueSerial@CMonitorList@@QAEHAAVCMonitor@@@Z
?CheckRunningProcesses@CAccessLog@@IAEHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?CheckSum@CDMI@@IAEHPBEH@Z
?Clear@CBios@@QAEXXZ
?Clear@CCpu@@QAEXXZ
?Clear@CDeviceProperties@@QAEXXZ
?Clear@CInputDevice@@QAEXXZ
?Clear@CLogicalDrive@@QAEXXZ
?Clear@CMemorySlot@@QAEXXZ
?Clear@CModem@@QAEXXZ
?Clear@CMonitor@@QAEXXZ
?Clear@CNetworkAdapter@@QAEXXZ
?Clear@CPrinter@@QAEXXZ
?Clear@CRegistryValue@@QAEXXZ
?Clear@CSoftware@@QAEXXZ
?Clear@CSoundDevice@@QAEXXZ
?Clear@CStoragePeripheral@@QAEXXZ
?Clear@CSystemController@@QAEXXZ
?Clear@CSystemPort@@QAEXXZ
?Clear@CSystemSlot@@QAEXXZ
?Clear@CVideoAdapter@@QAEXXZ
?Close@CFileVersion@@QAEXXZ
?Connect@CDMI@@QAEHPB_W@Z
?Connect@CEdid@@QAEHPB_W@Z
?Connect@CRegistry@@QAEHPB_W@Z
?Connect@CWmi@@QAEHPB_W@Z
?DecodeDPMSFlag@CEdid@@IAEPBDE@Z
?DetectVM@CVMSystem@@QAEHPAVCBios@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCStoragePeripheralList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCSystemControllerList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?DetectVM@CVMSystem@@QAEHPAVCVideoAdapterList@@AAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?Disconnect@CDMI@@QAEHXZ
?Disconnect@CEdid@@QAEHXZ
?Disconnect@CRegistry@@QAEHXZ
?Disconnect@CWmi@@QAEHXZ
?DmiString@CDMI@@IAEPB_WPAU_DmiHeader@@E@Z
?DmiStringB@CDMI@@IAEPB_WE@Z
?DmiStringBX@CDMI@@IAEPB_WEK@Z
?DmiStringD@CDMI@@IAEPB_WK@Z
?DmiStringDX@CDMI@@IAEPB_WKK@Z
?DmiStringW@CDMI@@IAEPB_WG@Z
?DmiStringWX@CDMI@@IAEPB_WGK@Z
?Find@?$CList@VCCpu@@AAV1@@@QBEPAU__POSITION@@AAVCCpu@@PAU2@@Z
?Find@?$CList@VCInputDevice@@AAV1@@@QBEPAU__POSITION@@AAVCInputDevice@@PAU2@@Z
?Find@?$CList@VCLogicalDrive@@AAV1@@@QBEPAU__POSITION@@AAVCLogicalDrive@@PAU2@@Z
?Find@?$CList@VCMemorySlot@@AAV1@@@QBEPAU__POSITION@@AAVCMemorySlot@@PAU2@@Z
?Find@?$CList@VCModem@@AAV1@@@QBEPAU__POSITION@@AAVCModem@@PAU2@@Z
?Find@?$CList@VCMonitor@@AAV1@@@QBEPAU__POSITION@@AAVCMonitor@@PAU2@@Z
?Find@?$CList@VCNetworkAdapter@@AAV1@@@QBEPAU__POSITION@@AAVCNetworkAdapter@@PAU2@@Z
?Find@?$CList@VCPrinter@@AAV1@@@QBEPAU__POSITION@@AAVCPrinter@@PAU2@@Z
?Find@?$CList@VCRegistryValue@@AAV1@@@QBEPAU__POSITION@@AAVCRegistryValue@@PAU2@@Z
?Find@?$CList@VCSoftware@@AAV1@@@QBEPAU__POSITION@@AAVCSoftware@@PAU2@@Z
?Find@?$CList@VCSoundDevice@@AAV1@@@QBEPAU__POSITION@@AAVCSoundDevice@@PAU2@@Z
?Find@?$CList@VCStoragePeripheral@@AAV1@@@QBEPAU__POSITION@@AAVCStoragePeripheral@@PAU2@@Z
?Find@?$CList@VCSystemController@@AAV1@@@QBEPAU__POSITION@@AAVCSystemController@@PAU2@@Z
?Find@?$CList@VCSystemPort@@AAV1@@@QBEPAU__POSITION@@AAVCSystemPort@@PAU2@@Z
?Find@?$CList@VCSystemSlot@@AAV1@@@QBEPAU__POSITION@@AAVCSystemSlot@@PAU2@@Z
?Find@?$CList@VCVideoAdapter@@AAV1@@@QBEPAU__POSITION@@AAVCVideoAdapter@@PAU2@@Z
?FindHypervisor@CVMSystem@@IAEHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?FindIndex@?$CList@VCCpu@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCInputDevice@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCLogicalDrive@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCMemorySlot@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCModem@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCMonitor@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCNetworkAdapter@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCPrinter@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCRegistryValue@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCSoftware@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCSoundDevice@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCStoragePeripheral@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCSystemController@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCSystemPort@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCSystemSlot@@AAV1@@@QBEPAU__POSITION@@H@Z
?FindIndex@?$CList@VCVideoAdapter@@AAV1@@@QBEPAU__POSITION@@H@Z
?FreeNode@?$CList@VCCpu@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCInputDevice@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCLogicalDrive@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCMemorySlot@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCModem@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCMonitor@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCNetworkAdapter@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCPrinter@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCRegistryValue@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCSoftware@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCSoundDevice@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCStoragePeripheral@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCSystemController@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCSystemPort@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCSystemSlot@@AAV1@@@IAEXPAUCNode@1@@Z
?FreeNode@?$CList@VCVideoAdapter@@AAV1@@@IAEXPAUCNode@1@@Z
?GetAddressWidth@CCpu@@QAEIXZ
?GetAddressWidthOS@CWmi@@QAEKXZ
?GetArchitecture@CCpu@@QAEPB_WXZ
?GetArchitecture@CWmi@@IAEPB_WK@Z
?GetAssetTag@CBios@@QAEPB_WXZ
?GetAt@?$CList@VCCpu@@AAV1@@@QAEAAVCCpu@@PAU__POSITION@@@Z
?GetAt@?$CList@VCCpu@@AAV1@@@QBEABVCCpu@@PAU__POSITION@@@Z
?GetAt@?$CList@VCInputDevice@@AAV1@@@QAEAAVCInputDevice@@PAU__POSITION@@@Z
?GetAt@?$CList@VCInputDevice@@AAV1@@@QBEABVCInputDevice@@PAU__POSITION@@@Z
?GetAt@?$CList@VCLogicalDrive@@AAV1@@@QAEAAVCLogicalDrive@@PAU__POSITION@@@Z
?GetAt@?$CList@VCLogicalDrive@@AAV1@@@QBEABVCLogicalDrive@@PAU__POSITION@@@Z
?GetAt@?$CList@VCMemorySlot@@AAV1@@@QAEAAVCMemorySlot@@PAU__POSITION@@@Z
?GetAt@?$CList@VCMemorySlot@@AAV1@@@QBEABVCMemorySlot@@PAU__POSITION@@@Z
?GetAt@?$CList@VCModem@@AAV1@@@QAEAAVCModem@@PAU__POSITION@@@Z
?GetAt@?$CList@VCModem@@AAV1@@@QBEABVCModem@@PAU__POSITION@@@Z
?GetAt@?$CList@VCMonitor@@AAV1@@@QAEAAVCMonitor@@PAU__POSITION@@@Z
?GetAt@?$CList@VCMonitor@@AAV1@@@QBEABVCMonitor@@PAU__POSITION@@@Z
?GetAt@?$CList@VCNetworkAdapter@@AAV1@@@QAEAAVCNetworkAdapter@@PAU__POSITION@@@Z
?GetAt@?$CList@VCNetworkAdapter@@AAV1@@@QBEABVCNetworkAdapter@@PAU__POSITION@@@Z
?GetAt@?$CList@VCPrinter@@AAV1@@@QAEAAVCPrinter@@PAU__POSITION@@@Z
?GetAt@?$CList@VCPrinter@@AAV1@@@QBEABVCPrinter@@PAU__POSITION@@@Z
?GetAt@?$CList@VCRegistryValue@@AAV1@@@QAEAAVCRegistryValue@@PAU__POSITION@@@Z
?GetAt@?$CList@VCRegistryValue@@AAV1@@@QBEABVCRegistryValue@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSoftware@@AAV1@@@QAEAAVCSoftware@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSoftware@@AAV1@@@QBEABVCSoftware@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSoundDevice@@AAV1@@@QAEAAVCSoundDevice@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSoundDevice@@AAV1@@@QBEABVCSoundDevice@@PAU__POSITION@@@Z
?GetAt@?$CList@VCStoragePeripheral@@AAV1@@@QAEAAVCStoragePeripheral@@PAU__POSITION@@@Z
?GetAt@?$CList@VCStoragePeripheral@@AAV1@@@QBEABVCStoragePeripheral@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemController@@AAV1@@@QAEAAVCSystemController@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemController@@AAV1@@@QBEABVCSystemController@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemPort@@AAV1@@@QAEAAVCSystemPort@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemPort@@AAV1@@@QBEABVCSystemPort@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemSlot@@AAV1@@@QAEAAVCSystemSlot@@PAU__POSITION@@@Z
?GetAt@?$CList@VCSystemSlot@@AAV1@@@QBEABVCSystemSlot@@PAU__POSITION@@@Z
?GetAt@?$CList@VCVideoAdapter@@AAV1@@@QAEAAVCVideoAdapter@@PAU__POSITION@@@Z
?GetAt@?$CList@VCVideoAdapter@@AAV1@@@QBEABVCVideoAdapter@@PAU__POSITION@@@Z
?GetBaseBoard@CDMI@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0000@Z
?GetBaseBoard@CWmi@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@00@Z
?GetBios@CDMI@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@00@Z
?GetBios@CWmi@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@000@Z
?GetBiosDate@CBios@@QAEPB_WXZ
?GetBiosInfo@CDMI@@QAEHPAVCBios@@@Z
?GetBiosInfo@CRegistry@@QAEHPAVCBios@@@Z
?GetBiosInfo@CWmi@@QAEHPAVCBios@@@Z
?GetBiosInfoNT@CRegistry@@IAEHPAVCBios@@@Z
?GetBiosInfoVista@CRegistry@@IAEHPAVCBios@@@Z
?GetBiosManufacturer@CBios@@QAEPB_WXZ
?GetBiosVersion@CBios@@QAEPB_WXZ
?GetByteSpeed@CNetworkAdapter@@QAEKXZ
?GetCPU@CRegistry@@QAEKPAVCCpuList@@@Z
?GetCPU@CWmi@@QAEKPAVCCpuList@@PAVCRegistry@@@Z
?GetCPUName@CRegistry@@QAEHIAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetCapacity@CMemorySlot@@QAEPB_WXZ
?GetCaption@CInputDevice@@QAEPB_WXZ
?GetCaption@CMemorySlot@@QAEPB_WXZ
?GetCaption@CMonitor@@QAEPB_WXZ
?GetCaption@CSystemController@@QAEPB_WXZ
?GetCaption@CSystemPort@@QAEPB_WXZ
?GetChecksum@CDeviceProperties@@QAEKXZ
?GetChipset@CVideoAdapter@@QAEPB_WXZ
?GetComment@CPrinter@@QAEPB_WXZ
?GetComments@CSoftware@@QAEPB_WXZ
?GetCompanyName@CFileVersion@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetCount@?$CList@VCCpu@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCInputDevice@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCLogicalDrive@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCMemorySlot@@AAV1@@@QBEHXZ
?GetCount@?$CList@VCModem@@AAV1@@@QBEHXZ

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZipArchive.dll
.dll windows:6 windows x86 arch:x86

0d289d87fca88177b4919622b9367ee5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetLastError
FormatMessageW
LocalFree
GetDiskFreeSpaceExW
GetTempPathW
GetTempFileNameW
GetCurrentDirectoryW
SetFileAttributesW
GetFileAttributesW
FindFirstFileW
FindClose
CreateFileW
GetFileTime
SetFileTime
GetDriveTypeW
SetVolumeLabelW
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
GetShortPathNameW
MoveFileW
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
DisableThreadLibraryCalls

shell32

SHFileOperationW

msvcr120

??_U@YAPAXI@Z
_localtime64_s
_mktime64
malloc
_wsplitpath_s
_wchdir
_chsize_s
_wsopen_s
_commit
_get_osfhandle
iswascii
??1type_info@@UAE@XZ
_lock
_write
_calloc_crt
__dllonexit
_onexit
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
__clean_type_info_names_internal
_close
_telli64
_lseeki64
wcsncpy_s
_errno
srand
rand
_time64
_wfindnext64
_wfindfirst64
_findclose
_purecall
?what@exception@std@@UBEPBDXZ
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
?terminate@@YAXXZ
??4exception@std@@QAEAAV01@ABV01@@Z
??0exception@std@@QAE@XZ
_wtoi64
_wcsicmp
_wcsicoll
wcscoll
_vsnwprintf_s
realloc
??_V@YAXPAX@Z
_unlock
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove
??1exception@std@@UAE@XZ
free
??3@YAXPAX@Z
__CxxFrameHandler3
memcpy
_read
_CxxThrowException
memset

msvcp120

??1_Locinfo@std@@QAE@XZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@_N@Z
?_Xruntime_error@std@@YAXPBD@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??Bid@locale@std@@QAEIXZ
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?toupper@?$ctype@_W@std@@QBE_W_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Xbad_alloc@std@@YAXXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
??0_Locinfo@std@@QAE@HPBD@Z

Exports

Exports

??0?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@ABV0@@Z
??0?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@XZ
??0?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@ABV0@@Z
??0?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@XZ
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@$$QAV01@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@$$QAV01@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABV01@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@PBU?$pair@$$CBHPAUCOptions@CZipCompressor@@@1@0ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@$$QAV01@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@$$QAV01@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABV01@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@PBU?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@1@0ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@@std@@QAE@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@@std@@QAE@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_buy@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@QAE@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_buy@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@QAE@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_comp@$0A@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$_Tree_comp@$0A@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@QAE@XZ
??0?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@QAE@XZ
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@$$QAV01@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@$$QAV01@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABU?$less@H@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABV01@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABV01@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@ABU?$less@H@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@ABU?$less@H@1@ABV?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??0?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@XZ
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@$$QAV01@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@$$QAV01@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABV01@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABV01@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@ABU?$less@W4CallbackType@CZipActionCallback@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@V?$initializer_list@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@ABU?$less@W4CallbackType@CZipActionCallback@@@1@ABV?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??0?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@XZ
??0CBaseLibCompressor@ZipArchiveLib@@QAE@ABV01@@Z
??0CBaseLibCompressor@ZipArchiveLib@@QAE@PAVCZipStorage@@@Z
??0CBitFlag@ZipArchiveLib@@QAE@H@Z
??0CBitFlag@ZipArchiveLib@@QAE@XZ
??0CDeflateCompressor@ZipArchiveLib@@QAE@ABV01@@Z
??0CDeflateCompressor@ZipArchiveLib@@QAE@PAVCZipStorage@@@Z
??0CDirEnumerator@ZipArchiveLib@@IAE@PB_W_N@Z
??0CDirEnumerator@ZipArchiveLib@@QAE@ABV01@@Z
??0CFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CFileFilter@ZipArchiveLib@@QAE@_N@Z
??0CFileInfo@ZipArchiveLib@@QAE@XZ
??0CGroupFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CGroupFileFilter@ZipArchiveLib@@QAE@W4GroupType@01@_N1@Z
??0CInfo@CZipCentralDir@@QAE@ABU01@@Z
??0CInfo@CZipCentralDir@@QAE@XZ
??0CNameFileFilter@ZipArchiveLib@@QAE@ABV01@@Z
??0CNameFileFilter@ZipArchiveLib@@QAE@PB_W_NH1@Z
??0COptions@CBaseLibCompressor@ZipArchiveLib@@QAE@ABU012@@Z
??0COptions@CBaseLibCompressor@ZipArchiveLib@@QAE@XZ
??0COptions@CDeflateCompressor@ZipArchiveLib@@QAE@ABU012@@Z
??0COptions@CDeflateCompressor@ZipArchiveLib@@QAE@XZ
??0COptions@CZipCompressor@@QAE@ABU01@@Z
??0COptions@CZipCompressor@@QAE@XZ
??0COptionsMap@CZipCompressor@@QAE@ABV01@@Z
??0COptionsMap@CZipCompressor@@QAE@XZ
??0CReplacingAddFilesEnumerator@@QAE@ABV0@@Z
??0CReplacingAddFilesEnumerator@@QAE@PB_W_NHHK@Z
??0CWildcard@ZipArchiveLib@@QAE@ABV01@@Z
??0CWildcard@ZipArchiveLib@@QAE@PB_W_N@Z
??0CWildcard@ZipArchiveLib@@QAE@XZ
??0CZipAbstractFile@@QAE@ABV0@@Z
??0CZipAbstractFile@@QAE@XZ
??0CZipActionCallback@@QAE@ABU0@@Z
??0CZipActionCallback@@QAE@XZ
??0CZipAddFilesEnumerator@@QAE@ABV0@@Z
??0CZipAddFilesEnumerator@@QAE@PB_W_NHHK@Z
??0CZipAddNewFileInfo@@QAE@ABU0@@Z
??0CZipAddNewFileInfo@@QAE@PAVCZipAbstractFile@@PB_W@Z
??0CZipAddNewFileInfo@@QAE@PB_W0@Z
??0CZipAddNewFileInfo@@QAE@PB_W_N@Z
??0CZipArchive@@QAE@ABV0@@Z
??0CZipArchive@@QAE@XZ
??0CZipAutoBuffer@@QAE@ABV0@@Z
??0CZipAutoBuffer@@QAE@K_N@Z
??0CZipAutoBuffer@@QAE@XZ
??0CZipBinSplitNamesHandler@@QAE@ABV0@@Z
??0CZipBinSplitNamesHandler@@QAE@XZ
??0CZipCallback@@QAE@ABU0@@Z
??0CZipCallback@@QAE@XZ
??0CZipCallbackProvider@ZipArchiveLib@@QAE@ABV01@@Z
??0CZipCallbackProvider@ZipArchiveLib@@QAE@XZ
??0CZipCentralDir@@QAE@ABV0@@Z
??0CZipCentralDir@@QAE@XZ
??0CZipCompressor@@IAE@PAVCZipStorage@@@Z
??0CZipCompressor@@QAE@ABV0@@Z
??0CZipCrc32Cryptograph@@QAE@ABV0@@Z
??0CZipCrc32Cryptograph@@QAE@XZ
??0CZipCryptograph@@QAE@ABV0@@Z
??0CZipCryptograph@@QAE@XZ
??0CZipException@@QAE@AAV0@@Z
??0CZipException@@QAE@HPB_W@Z
??0CZipExtraData@@QAE@ABV0@@Z
??0CZipExtraData@@QAE@G@Z
??0CZipExtraData@@QAE@XZ
??0CZipExtraField@@QAE@ABV0@@Z
??0CZipExtraField@@QAE@XZ
??0CZipFile@@QAE@ABV0@@Z
??0CZipFile@@QAE@PB_WI@Z
??0CZipFile@@QAE@XZ
??0CZipFileHeader@@IAE@PAVCZipCentralDir@@@Z
??0CZipFileHeader@@QAE@ABV0@@Z
??0CZipFileHeader@@QAE@XZ
??0CZipFindFast@CZipCentralDir@@QAE@PAVCZipFileHeader@@G@Z
??0CZipFindFast@CZipCentralDir@@QAE@XZ
??0CZipMemFile@@QAE@AAV0@@Z
??0CZipMemFile@@QAE@J@Z
??0CZipMemFile@@QAE@PAEIJ@Z
??0CZipPathComponent@@QAE@ABV0@@Z
??0CZipPathComponent@@QAE@PB_W@Z
??0CZipPathComponent@@QAE@XZ
??0CZipRegularSplitNamesHandler@@QAE@ABV0@@Z
??0CZipRegularSplitNamesHandler@@QAE@XZ
??0CZipSegmCallback@@QAE@ABU0@@Z
??0CZipSegmCallback@@QAE@XZ
??0CZipSplitNamesHandler@@QAE@ABV0@@Z
??0CZipSplitNamesHandler@@QAE@XZ
??0CZipStorage@@QAE@ABV0@@Z
??0CZipStorage@@QAE@XZ
??0CZipString@@QAE@ABV0@@Z
??0CZipString@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0CZipString@@QAE@PB_W@Z
??0CZipString@@QAE@XZ
??0CZipString@@QAE@_WH@Z
??1?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAE@XZ
??1?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAE@XZ
??1?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@@std@@QAE@XZ
??1?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@@std@@QAE@XZ
??1?$_Tree_buy@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@QAE@XZ
??1?$_Tree_buy@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@QAE@XZ
??1?$_Tree_comp@$0A@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$_Tree_comp@$0A@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAE@XZ
??1?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAE@XZ
??1?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAE@XZ
??1CBaseLibCompressor@ZipArchiveLib@@UAE@XZ
??1CDeflateCompressor@ZipArchiveLib@@UAE@XZ
??1CDirEnumerator@ZipArchiveLib@@UAE@XZ
??1CFileFilter@ZipArchiveLib@@UAE@XZ
??1CGroupFileFilter@ZipArchiveLib@@UAE@XZ
??1CInfo@CZipCentralDir@@QAE@XZ
??1CNameFileFilter@ZipArchiveLib@@UAE@XZ
??1COptions@CBaseLibCompressor@ZipArchiveLib@@UAE@XZ
??1COptions@CDeflateCompressor@ZipArchiveLib@@UAE@XZ
??1COptions@CZipCompressor@@UAE@XZ
??1COptionsMap@CZipCompressor@@QAE@XZ
??1CReplacingAddFilesEnumerator@@UAE@XZ
??1CWildcard@ZipArchiveLib@@UAE@XZ
??1CZipAbstractFile@@UAE@XZ
??1CZipActionCallback@@UAE@XZ
??1CZipAddFilesEnumerator@@UAE@XZ
??1CZipAddNewFileInfo@@QAE@XZ
??1CZipArchive@@UAE@XZ
??1CZipAutoBuffer@@UAE@XZ
??1CZipBinSplitNamesHandler@@UAE@XZ
??1CZipCallback@@UAE@XZ
??1CZipCallbackProvider@ZipArchiveLib@@QAE@XZ
??1CZipCentralDir@@UAE@XZ
??1CZipCompressor@@UAE@XZ
??1CZipCrc32Cryptograph@@UAE@XZ
??1CZipCryptograph@@UAE@XZ
??1CZipException@@UAE@XZ
??1CZipExtraData@@QAE@XZ
??1CZipExtraField@@QAE@XZ
??1CZipFile@@UAE@XZ
??1CZipFileHeader@@UAE@XZ
??1CZipMemFile@@UAE@XZ
??1CZipPathComponent@@UAE@XZ
??1CZipRegularSplitNamesHandler@@UAE@XZ
??1CZipSegmCallback@@UAE@XZ
??1CZipSplitNamesHandler@@UAE@XZ
??1CZipStorage@@UAE@XZ
??1CZipString@@QAE@XZ
??4?$CZipMap@HPAUCOptions@CZipCompressor@@@@QAEAAV0@ABV0@@Z
??4?$CZipMap@W4CallbackType@CZipActionCallback@@PAU2@@@QAEAAV0@ABV0@@Z
??4?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$_Tree@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@$$QAV01@@Z
??4?$_Tree@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_buy@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_buy@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_comp@$0A@V?$_Tmap_traits@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_comp@$0A@V?$_Tmap_traits@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@$0A@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@std@@@std@@QAEAAV01@ABV01@@Z
??4?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAV01@$$QAV01@@Z
??4?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAV01@ABV01@@Z
??4?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAV01@V?$initializer_list@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@1@@Z
??4?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAV01@$$QAV01@@Z
??4?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAV01@ABV01@@Z
??4?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAV01@V?$initializer_list@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@1@@Z
??4CBaseLibCompressor@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CBitFlag@ZipArchiveLib@@QAEAAU01@ABU01@@Z
??4CBytesWriter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CDeflateCompressor@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CDirEnumerator@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CFileInfo@ZipArchiveLib@@QAEAAU01@ABU01@@Z
??4CGroupFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CInfo@CZipCentralDir@@QAEAAU01@ABU01@@Z
??4CMultiActionsInfo@CZipActionCallback@@QAEAAU01@ABU01@@Z
??4CNameFileFilter@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4COptions@CBaseLibCompressor@ZipArchiveLib@@QAEAAU012@ABU012@@Z
??4COptions@CDeflateCompressor@ZipArchiveLib@@QAEAAU012@ABU012@@Z
??4COptions@CZipCompressor@@QAEAAU01@ABU01@@Z
??4COptionsMap@CZipCompressor@@QAEAAV01@ABV01@@Z
??4CReplacingAddFilesEnumerator@@QAEAAV0@ABV0@@Z
??4CWildcard@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CZipAbstractFile@@QAEAAV0@ABV0@@Z
??4CZipActionCallback@@QAEAAU0@ABU0@@Z
??4CZipAddFilesEnumerator@@QAEAAV0@ABV0@@Z
??4CZipAddNewFileInfo@@QAEAAU0@ABU0@@Z
??4CZipArchive@@QAEAAV0@ABV0@@Z
??4CZipAutoBuffer@@QAEAAV0@ABV0@@Z
??4CZipBinSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipCallback@@QAEAAU0@ABU0@@Z
??4CZipCallbackProvider@ZipArchiveLib@@QAEAAV01@ABV01@@Z
??4CZipCentralDir@@QAEAAV0@ABV0@@Z
??4CZipCompressor@@QAEAAV0@ABV0@@Z
??4CZipCrc32Cryptograph@@QAEAAV0@ABV0@@Z
??4CZipCryptograph@@QAEAAV0@ABV0@@Z
??4CZipException@@QAEAAV0@ABV0@@Z
??4CZipExtraData@@QAEAAV0@ABV0@@Z
??4CZipExtraField@@QAEAAV0@ABV0@@Z
??4CZipFile@@QAEAAV0@ABV0@@Z
??4CZipFileHeader@@QAEAAV0@ABV0@@Z
??4CZipFindFast@CZipCentralDir@@QAEAAU01@ABU01@@Z
??4CZipMemFile@@QAEAAV0@ABV0@@Z
??4CZipPathComponent@@QAEAAV0@ABV0@@Z
??4CZipRegularSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipSegmCallback@@QAEAAU0@ABU0@@Z
??4CZipSplitNamesHandler@@QAEAAV0@ABV0@@Z
??4CZipStorage@@QAEAAV0@ABV0@@Z
??4CZipString@@QAEAAV0@ABV0@@Z
??8CBitFlag@ZipArchiveLib@@QAE_NABU01@@Z
??8CBitFlag@ZipArchiveLib@@QAE_NH@Z
??8CZipExtraData@@QAE_NABV0@@Z
??8CZipString@@QAE_NPB_W@Z
??9CZipExtraData@@QAE_NABV0@@Z
??9CZipString@@QAE_NPB_W@Z
??A?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAPAUCOptions@CZipCompressor@@$$QAH@Z
??A?$map@HPAUCOptions@CZipCompressor@@U?$less@H@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@4@@std@@QAEAAPAUCOptions@CZipCompressor@@ABH@Z
??A?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAPAUCZipActionCallback@@$$QAW4CallbackType@2@@Z
??A?$map@W4CallbackType@CZipActionCallback@@PAU2@U?$less@W4CallbackType@CZipActionCallback@@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@4@@std@@QAEAAPAUCZipActionCallback@@ABW4CallbackType@2@@Z
??ACGroupFileFilter@ZipArchiveLib@@QAEPAVCFileFilter@1@I@Z
??ACGroupFileFilter@ZipArchiveLib@@QBEPBVCFileFilter@1@I@Z
??ACZipArchive@@QAEPAVCZipFileHeader@@G@Z
??ACZipArchive@@QBEPBVCZipFileHeader@@G@Z
??ACZipCentralDir@@QAEPAVCZipFileHeader@@G@Z
??ACZipCentralDir@@QBEPBVCZipFileHeader@@G@Z
??ACZipString@@QBE_WH@Z
??BCBitFlag@ZipArchiveLib@@QBEHXZ
??BCWildcard@ZipArchiveLib@@QAEPB_WXZ
??BCZipAutoBuffer@@QAEPADXZ
??BCZipAutoBuffer@@QBEPBDXZ
??BCZipFile@@QAEPAXXZ
??BCZipString@@QAEAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
??BCZipString@@QBEABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
??BCZipString@@QBEPB_WXZ
??HCZipString@@QBE?AV0@ABV0@@Z
??HCZipString@@QBE?AV0@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??HCZipString@@QBE?AV0@PB_W@Z
??HCZipString@@QBE?AV0@_W@Z
??MCZipExtraData@@QAE_NABV0@@Z
??NCZipExtraData@@QAE_NABV0@@Z
??OCZipExtraData@@QAE_NABV0@@Z
??PCZipExtraData@@QAE_NABV0@@Z
??YCZipString@@QAEAAV0@ABV0@@Z
??YCZipString@@QAEAAV0@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??YCZipString@@QAEAAV0@PB_W@Z
??YCZipString@@QAEAAV0@_W@Z
??_7CBaseLibCompressor@ZipArchiveLib@@6B@
??_7CDeflateCompressor@ZipArchiveLib@@6B@
??_7CDirEnumerator@ZipArchiveLib@@6B@
??_7CFileFilter@ZipArchiveLib@@6B@
??_7CGroupFileFilter@ZipArchiveLib@@6B@
??_7CNameFileFilter@ZipArchiveLib@@6B@
??_7COptions@CBaseLibCompressor@ZipArchiveLib@@6B@
??_7COptions@CDeflateCompressor@ZipArchiveLib@@6B@
??_7COptions@CZipCompressor@@6B@
??_7CReplacingAddFilesEnumerator@@6B@
??_7CWildcard@ZipArchiveLib@@6B@
??_7CZipAbstractFile@@6B@
??_7CZipActionCallback@@6B@
??_7CZipAddFilesEnumerator@@6B@
??_7CZipArchive@@6B@
??_7CZipAutoBuffer@@6B@
??_7CZipBinSplitNamesHandler@@6B@
??_7CZipCallback@@6B@
??_7CZipCentralDir@@6B@
??_7CZipCompressor@@6B@
??_7CZipCrc32Cryptograph@@6B@
??_7CZipCryptograph@@6B@
??_7CZipException@@6B@
??_7CZipFile@@6B@
??_7CZipFileHeader@@6B@
??_7CZipMemFile@@6B@
??_7CZipPathComponent@@6B@
??_7CZipRegularSplitNamesHandler@@6B@
??_7CZipSegmCallback@@6B@
??_7CZipSplitNamesHandler@@6B@
??_7CZipStorage@@6B@
??_F?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@@std@@QAEXXZ
??_F?$_Tree_alloc@$0A@U?$_Tree_base_types@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@@std@@QAEXXZ
??_F?$_Tree_buy@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@V?$allocator@U?$pair@$$CBHPAUCOptions@CZipCompressor@@@std@@@2@@std@@QAEXXZ
??_F?$_Tree_buy@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@V?$allocator@U?$pair@$$CBW4CallbackType@CZipActionCallback@@PAU2@@std@@@2@@std@@QAEXXZ
??_FCFileFilter@ZipArchiveLib@@QAEXXZ
??_FCGroupFileFilter@ZipArchiveLib@@QAEXXZ
??_FCNameFileFilter@ZipArchiveLib@@QAEXXZ
??_FCZipException@@QAEXXZ
??_FCZipMemFile@@QAEXXZ
?Accept@CFileFilter@ZipArchiveLib@@MAE_NPB_W0ABUCFileInfo@2@@Z
?Accept@CGroupFileFilter@ZipArchiveLib@@MAE_NPB_W0ABUCFileInfo@2@@Z
?Accept@CNameFileFilter@ZipArchiveLib@@MAE_NPB_W0ABUCFileInfo@2@@Z
?Add@CGroupFileFilter@ZipArchiveLib@@QAEXPAVCFileFilter@2@@Z
?Add@CZipExtraField@@QAEHPAVCZipExtraData@@@Z
?AddNewFile@CZipArchive@@QAE_NAAUCZipAddNewFileInfo@@@Z
?AddNewFile@CZipArchive@@QAE_NAAVCZipAbstractFile@@PB_WHHK@Z
?AddNewFile@CZipArchive@@QAE_NPB_W0HHK@Z
?AddNewFile@CZipArchive@@QAE_NPB_WH_NHK@Z
?AddNewFile@CZipCentralDir@@QAEPAVCZipFileHeader@@ABV2@GH_N@Z
?AddNewFiles@CZipArchive@@QAE_NAAVCZipAddFilesEnumerator@@AAVCFileFilter@ZipArchiveLib@@_N@Z
?AddNewFiles@CZipArchive@@QAE_NPB_W0_NH1HK@Z
?AddNewFiles@CZipArchive@@QAE_NPB_WAAVCFileFilter@ZipArchiveLib@@_NH2HK@Z
?AddPrefix@CZipPathComponent@@SA?AVCZipString@@PB_W_N@Z
?AddPrefix@CZipPathComponent@@SAXAAVCZipString@@_N@Z
?AdjustLocalComprSize@CZipFileHeader@@IAEXAAK@Z
?AdjustLocalComprSize@CZipFileHeader@@IAEXXZ
?Allocate@CZipAutoBuffer@@QAEPADK_N@Z
?AnsiOem@ZipPlatform@@YAXAAVCZipAutoBuffer@@_N@Z
?AppendSeparator@CZipPathComponent@@SAXAAVCZipString@@@Z
?AppliesToType@CNameFileFilter@ZipArchiveLib@@QAE_NH@Z
?AssureFree@CZipStorage@@QAEKK@Z
?Attach@CZipMemFile@@QAEXPAEIJ@Z
?BuildFindFastArray@CZipCentralDir@@IAEX_N@Z
?CacheSizes@CZipStorage@@AAEXXZ
?CacheStepSize@CZipActionCallback@@IAEXXZ
?CalculateBytesBeforeZip@CInfo@CZipCentralDir@@AAEKXZ
?CallCallback@CZipActionCallback@@MAE_NK@Z
?CallCallback@CZipStorage@@IAEXKHVCZipString@@@Z
?CallbackEnd@CZipActionCallback@@UAEXXZ
?CanHandle@CZipCrc32Cryptograph@@UAE_NH@Z
?CanHandle@CZipCryptograph@@UAE_NH@Z
?CanModify@CZipArchive@@QAE_N_N0@Z
?CanProcess@CDeflateCompressor@ZipArchiveLib@@UAE_NG@Z
?Change@CBitFlag@ZipArchiveLib@@QAEXH_N@Z
?ChangeDirectory@ZipPlatform@@YA_NPB_W@Z
?ChangeSpannedRead@CZipStorage@@IAE?AVCZipString@@XZ
?ChangeSplitRead@CZipStorage@@IAE?AVCZipString@@XZ
?ChangeVolume@CZipStorage@@QAEXG@Z
?ChangeVolume@CZipStorage@@QAEXXZ
?ChangeVolumeDec@CZipStorage@@QAEXXZ
?ChangeWithCheck@CBitFlag@ZipArchiveLib@@QAE_NH_N@Z
?CheckDataDescriptor@CZipFileHeader@@IBE_NPAVCZipStorage@@@Z
?CheckForError@CBaseLibCompressor@ZipArchiveLib@@IAEXH@Z
?CheckIfOK_1@CInfo@CZipCentralDir@@AAE_NXZ
?CheckIfOK_2@CInfo@CZipCentralDir@@AAE_NXZ
?CheckLengths@CZipFileHeader@@IBE_N_N@Z
?Clear@CBitFlag@ZipArchiveLib@@QAEXH@Z
?Clear@CGroupFileFilter@ZipArchiveLib@@QAEXXZ
?Clear@CZipExtraField@@IAEXXZ
?ClearCachedSizes@CZipStorage@@AAEXXZ
?ClearCompressor@CZipArchive@@IAEXXZ
?ClearCryptograph@CZipArchive@@IAEXXZ
?ClearFileName@CZipFileHeader@@AAEXXZ
?ClearFindFastArray@CZipCentralDir@@IAEXXZ
?ClearSplitNames@CZipStorage@@AAEXXZ
?ClearWithCheck@CBitFlag@ZipArchiveLib@@QAE_NH@Z
?Clone@COptions@CDeflateCompressor@ZipArchiveLib@@UBEPAU1CZipCompressor@@XZ
?Close@CZipArchive@@QAE?AVCZipString@@H_N@Z
?Close@CZipCentralDir@@QAEXXZ
?Close@CZipFile@@UAEXXZ
?Close@CZipMemFile@@UAEXXZ
?Close@CZipStorage@@QAE?AVCZipString@@_N0@Z
?CloseFile@CZipArchive@@QAEHAAVCZipFile@@@Z
?CloseFile@CZipArchive@@QAEHPB_W_N@Z
?CloseFile@CZipCentralDir@@QAEX_N@Z
?CloseNewFile@CZipArchive@@QAE_N_N@Z
?CloseNewFile@CZipCentralDir@@QAEXXZ
?Collate@CZipString@@QBEHPB_W@Z
?CollateNoCase@CZipString@@QBEHPB_W@Z
?Combine@CZipPathComponent@@SAXAAVCZipString@@PB_W@Z
?CommitChanges@CZipArchive@@QAE_NXZ
?Compare@CZipString@@QBEHPB_W@Z
?CompareElement@CZipCentralDir@@IBEHPB_WG@Z
?CompareFindFastCollate@CZipCentralDir@@KAHPBX0@Z
?CompareFindFastCollateNoCase@CZipCentralDir@@KAHPBX0@Z
?CompareHeaders@CZipCentralDir@@KAHPBX0@Z
?CompareNoCase@CZipString@@QBEHPB_W@Z
?Compress@CDeflateCompressor@ZipArchiveLib@@UAEXPBXK@Z
?CompressionEfficient@CZipFileHeader@@QAE_NXZ
?ConvertBufferToString@ZipCompatibility@@YAXAAVCZipString@@ABVCZipAutoBuffer@@I@Z
?ConvertComment@CZipFileHeader@@ABEXAAVCZipAutoBuffer@@@Z
?ConvertComment@CZipFileHeader@@ABEXAAVCZipString@@@Z
?ConvertFileName@CZipFileHeader@@ABEXAAVCZipAutoBuffer@@@Z
?ConvertFileName@CZipFileHeader@@ABEXAAVCZipString@@@Z
?ConvertInternalError@CDeflateCompressor@ZipArchiveLib@@MBEHH@Z
?ConvertInternalError@CZipCompressor@@MBEHH@Z
?ConvertStringToBuffer@ZipCompatibility@@YAXPB_WAAVCZipAutoBuffer@@I@Z
?ConvertToSystem@ZipCompatibility@@YAKKHH@Z
?Copy@CZipMemFile@@QAEXAAV1@@Z
?CreateCompressor@CZipArchive@@MAEXG@Z
?CreateCompressor@CZipCompressor@@SAPAV1@GPAVCZipStorage@@@Z
?CreateCryptograph@CZipArchive@@MAEXH@Z
?CreateCryptograph@CZipCryptograph@@SAPAV1@H@Z
?CreateNew@CZipExtraField@@QAEPAVCZipExtraData@@GAAH_N@Z
?CreateNew@CZipExtraField@@QAEPAVCZipExtraData@@G_N@Z
?CreateNewDirectory@ZipPlatform@@YA_NPB_W@Z
?CreateSharedData@CZipCentralDir@@IAEXXZ
?CryptCRC32@CZipCrc32Cryptograph@@AAEKKD@Z
?CryptDecode@CZipCrc32Cryptograph@@AAEXAAD@Z
?CryptDecryptByte@CZipCrc32Cryptograph@@AAEDXZ
?CryptEncode@CZipCrc32Cryptograph@@AAEXAAD@Z
?CryptInitKeys@CZipCrc32Cryptograph@@AAEXAAVCZipAutoBuffer@@@Z
?CryptUpdateKeys@CZipCrc32Cryptograph@@AAEXD@Z
?CurrentFile@CZipArchive@@IAEPAVCZipFileHeader@@XZ
?Decode@CZipCrc32Cryptograph@@UAEXPADK@Z
?Decompress@CDeflateCompressor@ZipArchiveLib@@UAEKPAXK@Z
?Defaults@CZipAddNewFileInfo@@QAEXXZ
?Delete@CZipString@@QAEHHH@Z
?DestroySharedData@CZipCentralDir@@IAEXXZ
?Detach@CZipMemFile@@QAEPAEXZ
?Empty@CZipString@@QAEXXZ
?EmptyPtrList@CBaseLibCompressor@ZipArchiveLib@@IAEXXZ
?EmptyWriteBuffer@CZipStorage@@IAEXXZ
?EnableFindFast@CZipArchive@@QAEX_N@Z
?EnableFindFast@CZipCentralDir@@QAEX_N0@Z
?Encode@CZipCrc32Cryptograph@@UAEXPADK@Z
?EncryptAllFiles@CZipArchive@@QAE_NXZ
?EncryptFileW@CZipArchive@@QAE_NG@Z
?EncryptFiles@CZipArchive@@QAE_NAAV?$CZipArray@G@@@Z
?EncryptFilesInternal@CZipArchive@@IAE_NPAV?$CZipArray@G@@@Z
?EnsureSplitNames@CZipStorage@@AAEXXZ
?EnterDirectory@CDirEnumerator@ZipArchiveLib@@MAEXXZ
?Evaluate@CFileFilter@ZipArchiveLib@@QAE_NPB_W0ABUCFileInfo@2@@Z
?ExitDirectory@CDirEnumerator@ZipArchiveLib@@MAEXXZ
?ExtractFile@CZipArchive@@QAE_NGAAVCZipAbstractFile@@_NK@Z
?ExtractFile@CZipArchive@@QAE_NGPB_W_N0W4FileOverwriteMode@ZipPlatform@@K@Z
?FileExists@ZipPlatform@@YAHPB_W@Z
?FillBuffer@CZipCompressor@@IAEKXZ
?Finalize@CZipArchive@@QAE_N_N@Z
?FinalizeSegm@CZipStorage@@QAEXXZ
?Find@CZipString@@QBEHPB_WH@Z
?Find@CZipString@@QBEH_WH@Z
?FindFile@CZipArchive@@QAEGPB_WH_N@Z
?FindFile@CZipCentralDir@@QAEGPB_W_N11@Z
?FindFileNameIndex@CZipCentralDir@@QBEGPB_W@Z
?FindMatches@CZipArchive@@QAEXPB_WAAV?$CZipArray@G@@_N@Z
?FinishCompression@CDeflateCompressor@ZipArchiveLib@@UAEX_N@Z
?FinishCompression@CZipCompressor@@UAEX_N@Z
?FinishDecode@CZipCryptograph@@UAEXAAVCZipFileHeader@@AAVCZipStorage@@@Z
?FinishDecompression@CDeflateCompressor@ZipArchiveLib@@UAEX_N@Z
?FinishDecompression@CZipCompressor@@UAEX_N@Z
?FinishEncode@CZipCryptograph@@UAEXAAVCZipFileHeader@@AAVCZipStorage@@@Z
?Flush@CZipFile@@UAEXXZ
?Flush@CZipMemFile@@UAEXXZ
?Flush@CZipStorage@@QAEXXZ
?FlushBuffers@CZipArchive@@QAEXXZ
?FlushBuffers@CZipStorage@@QAEXXZ
?FlushFile@CZipStorage@@QAEXXZ
?FlushFile@ZipPlatform@@YA_NH@Z
?FlushWriteBuffer@CZipCompressor@@IAEXXZ
?ForceDirectory@ZipPlatform@@YA_NPB_W@Z
?Format@CZipString@@QAAXPB_WZZ
?Free@CZipMemFile@@IAEXXZ
?Get@COptionsMap@CZipCompressor@@QBEPAUCOptions@2@H@Z
?Get@CZipCallbackProvider@ZipArchiveLib@@QAEPAUCZipActionCallback@@W4CallbackType@3@@Z
?GetAdvanced@CZipArchive@@QAEXPAH00@Z
?GetAppliesToTypes@CNameFileFilter@ZipArchiveLib@@QAEHXZ
?GetArchive@CZipCentralDir@@QAEPAVCZipArchive@@XZ
?GetArchivePath@CZipArchive@@QBE?AVCZipString@@XZ
?GetAsInternalAttributes@ZipCompatibility@@YAKKH@Z
?GetAt@CGroupFileFilter@ZipArchiveLib@@QAEPAVCFileFilter@2@I@Z
?GetAt@CGroupFileFilter@ZipArchiveLib@@QBEPBVCFileFilter@2@I@Z
?GetAt@CZipExtraField@@QBEPAVCZipExtraData@@H@Z
?GetAt@CZipString@@QBE_WH@Z
?GetAutoFinalize@CZipArchive@@QBE_NXZ
?GetBuffer@CZipAutoBuffer@@QBEPBDXZ
?GetBuffer@CZipString@@QAEPA_WH@Z
?GetBytesBeforeZip@CZipArchive@@QBEKXZ
?GetCRCTable@CZipCrc32Cryptograph@@SAPBIXZ
?GetCZipStrCompFunc@@YAP8CZipString@@BEHPB_W@Z_N1@Z
?GetCachedSize@CZipStorage@@AAE_KG@Z
?GetCallback@CZipArchive@@QAEPAUCZipActionCallback@@W4CallbackType@2@@Z

Sections

.text
Size: 189KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcurl.dll
.dll windows:6 windows x86 arch:x86

742d7a228e6afe71ade8d5b71cdbf9a9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

getpeername
connect
closesocket
bind
send
getsockname
sendto
recvfrom
WSAGetLastError
select
__WSAFDIsSet
ioctlsocket
listen
accept
WSACleanup
WSAStartup
ntohl
htonl
gethostname
freeaddrinfo
getaddrinfo
WSAIoctl
WSASetLastError
socket
setsockopt
recv
ntohs
htons
getsockopt

wldap32

ord35
ord46
ord211
ord60
ord50
ord41
ord301
ord200
ord30
ord79
ord143
ord33
ord32
ord27
ord26
ord22

libeay32

ord3020
ord2598
ord2647
ord2844
ord3048
ord3164
ord3173
ord2838
ord2600
ord2971
ord2989
ord2593
ord3025
ord2561
ord341
ord342
ord340
ord1654
ord1653
ord1
ord2604
ord188
ord181
ord78
ord66
ord88
ord52
ord95
ord86
ord151
ord154
ord2023
ord1951
ord2075
ord816
ord979
ord7
ord2442
ord1161
ord18
ord3212
ord298
ord281
ord280
ord3479
ord3765
ord3712
ord2596
ord625
ord556
ord958
ord680
ord869
ord641
ord656
ord653
ord657
ord654
ord2431
ord579
ord578
ord566
ord1958
ord544
ord543
ord391
ord421
ord464
ord2201
ord467
ord466
ord2254
ord3182
ord3214
ord1216
ord1180
ord2454
ord227
ord248
ord222
ord223
ord2291
ord224
ord4445

ssleay32

ord157
ord242
ord141
ord164
ord126
ord49
ord183
ord86
ord96
ord110
ord116
ord58
ord6
ord45
ord108
ord76
ord78
ord43
ord48
ord75
ord5
ord235
ord17
ord21
ord60
ord61
ord90
ord31
ord74
ord222
ord30
ord24
ord87
ord77
ord130
ord127
ord180
ord8
ord12
ord15
ord266

zlib1

inflate
inflateEnd
inflateInit_
inflateInit2_
zlibVersion

msvcr120

_write
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_strdup
_close
_open
_stricmp
_strnicmp
_read
_lock
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
strpbrk
atoi
__sys_nerr
strerror
ftell
fseek
fwrite
fflush
_gmtime64
sprintf
fputc
memchr
tolower
getenv
strtol
strstr
_stat64
fread
_fstat64
_lseeki64
strtoul
free
calloc
malloc
realloc
_beginthreadex
strncpy
isgraph
isprint
isalnum
isspace
isxdigit
isdigit
islower
isupper
isalpha
_time64
strtoll
qsort
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_errno
memset
strncmp
memcpy
memmove
strchr
strrchr
__iob_func
fclose
fgets
fopen
fputs
sscanf
_except1

kernel32

GetStdHandle
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
VerSetConditionMask
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetTickCount64
PeekNamedPipe
ReadFile
GetLastError
GetFileType
WaitForMultipleObjects
FormatMessageA
Sleep
ExpandEnvironmentStringsA
WaitForSingleObjectEx
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
VerifyVersionInfoA
SleepEx

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:6 windows x86 arch:x86

a1c8548b3cf067c7a6353d47242e60f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\External_Deps\openssl-1.0.0s\out32dll\libeay32.pdb

Imports

ws2_32

sendto
recvfrom
WSACleanup
WSAStartup
getservbyname
gethostbyname
ntohs
ntohl
listen
getsockopt
ioctlsocket
bind
accept
socket
setsockopt
htons
htonl
connect
WSAGetLastError
WSASetLastError
shutdown
send
recv
closesocket

gdi32

SelectObject
GetDeviceCaps
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

user32

MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

msvcr120

__clean_type_info_names_internal
_onexit
__dllonexit
_snprintf
_exit
getenv
strtoul
wcsstr
__iob_func
vfprintf
_vsnprintf
raise
realloc
malloc
free
memcpy
_localtime64
_time64
memset
_gmtime64
_stricmp
_strnicmp
_errno
strncpy
memmove
_read
_write
isdigit
isxdigit
fprintf
atoi
sprintf
strstr
fputs
fclose
feof
ferror
fflush
fgets
_fileno
fopen
fread
fseek
ftell
fwrite
_wfopen
_setmode
strchr
perror
_ftime64
qsort
strcmp
_fdopen
_chmod
_open
_stat64i32
strerror
isspace
isalnum
tolower
strncmp
isupper
strrchr
sscanf
exit
strtol
memchr
signal
_getch
printf
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt

kernel32

CloseHandle
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
GetLastError
GetFileType
GetStdHandle
GetProcAddress
GetModuleHandleA
LoadLibraryA
SetLastError
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GlobalMemoryStatus
FlushConsoleInputBuffer
IsDebuggerPresent
EncodePointer
IsProcessorFeaturePresent
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
ExitProcess

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_consttime_swap
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_reverse

Sections

.text
Size: 707KB - Virtual size: 706KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 309KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfc120.dll
.dll windows:6 windows x86 arch:x86

adabef3bde0ae35b52efb248bd559e4b

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6d:1c:c4:50:6c:9b:b4:3e:77:68:e9:de:ab:d0:35:40:01:e5:10:b8:c1:a3:1b:95:2f:52:90:3a:ca:aa:9d:9f
Signer

Actual PE Digest

6d:1c:c4:50:6c:9b:b4:3e:77:68:e9:de:ab:d0:35:40:01:e5:10:b8:c1:a3:1b:95:2f:52:90:3a:ca:aa:9d:9f

Digest Algorithm

sha256

PE Digest Matches

true

42:8f:6b:71:31:e8:7a:00:ae:04:1e:47:be:ae:63:7c:1d:65:35:7f
Signer

Actual PE Digest

42:8f:6b:71:31:e8:7a:00:ae:04:1e:47:be:ae:63:7c:1d:65:35:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc120.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumKeyA
RegQueryValueA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExW
IsTextUnicode

kernel32

EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
GetACP
DeleteFileA
GetCPInfo
GetOEMCP
MulDiv
VerSetConditionMask
VerifyVersionInfoA
FreeLibrary
CloseHandle
GetTempPathA
GetTempFileNameA
CreateFileA
SetFilePointer
Sleep
GetCurrentDirectoryA
lstrcmpA
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
FindResourceA
GlobalFree
GetTickCount
GetWindowsDirectoryA
lstrcmpiA
SetThreadPriority
GetModuleFileNameA
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesA
GlobalSize
SearchPathA
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetCurrentThread
GetVersionExA
DeleteCriticalSection
GlobalDeleteAtom
SetErrorMode
GetCurrentProcessId
GlobalAddAtomA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindResourceExW
GetUserDefaultLCID
IsDBCSLeadByte
GetVersion
lstrcmpW
lstrcpyW
RaiseException
VirtualProtect
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
ReplaceFileA
SystemTimeToFileTime
GetProfileIntA
DuplicateHandle
GetCurrentProcess
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
LoadLibraryExA
GetVolumeInformationA
FindFirstFileA
FindClose
GetThreadLocale
GetStringTypeExA
GetShortPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileA
GetFileSizeEx
GetFileAttributesExA
LocalFileTimeToFileTime
SetFileAttributesA
FormatMessageA
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
CopyFileA
SetEvent
ResumeThread
SuspendThread
GetAtomNameA
GlobalGetAtomNameA
LocalLock
LocalUnlock
GetSystemTime
GlobalFindAtomA
GlobalFlags
GetEnvironmentVariableW
GetEnvironmentVariableA
GetLastError
InitializeCriticalSectionAndSpinCount
CompareStringA
ExpandEnvironmentStringsA
OutputDebugStringW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent

msvcr120

_CxxThrowException
__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
iswspace
_wcsrev
wcspbrk
_wcsicoll
wcsstr
_wcsupr_s
_wcslwr_s
vswprintf_s
_mbsrev
wcscoll
memmove
_vscwprintf
wcschr
_expand
_msize
strncpy_s
_beginthreadex
_endthreadex
wcsncpy_s
_ultoa_s
fclose
fflush
ftell
fseek
fgets
fputs
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
_fullpath
_mbsdec
realloc
strtoul
strtol
_snprintf_s
_vsnprintf_s
_snscanf_s
wcscmp
_mktime64
_mbsnbicmp
_ltoa_s
_itoa_s
wcsrchr
sprintf_s
_mbsnbcpy_s
_ismbblead
_strnicmp
__argv
__argc
strcat_s
_snwprintf_s
_recalloc
_resetstkoflw
strtod
_time64
_makepath_s
_strdup
_beginthread
_endthread
_localtime64_s
wcstombs_s
wcsnlen
wcscat_s
sscanf_s
memcmp
atol
_mbctolower
_mbctoupper
_ismbcprint
_ismbcalnum
_ismbcalpha
_ismbcdigit
strcpy_s
wcscpy_s
_mbsnbcmp
_mbsicoll
_mbscoll
_splitpath_s
exp
ceil
fabs
floor
sin
cos
abs
memcpy
clock
_mbsspn
_mbscspn
_mbsrchr
_mbspbrk
_mbsicmp
atan2
sqrt
__CxxFrameHandler3
calloc
_mbsupr_s
atoi
ldiv
labs
malloc
free
_mbsstr
_ismbcspace
_mbsinc
_mbschr
_vscprintf
vsprintf_s
_mbscmp
_wcsicmp
wcsspn
wcscspn
wmemcpy_s
wcslen
_purecall
strnlen
toupper
_mbslwr_s
memset
strlen
memmove_s
memcpy_s
abort
_errno

user32

WinHelpA
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
SendDlgItemMessageA
LoadAcceleratorsA
LoadMenuA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
GetMenuBarInfo
GetWindowDC
BeginPaint
EndPaint
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextA
EnumChildWindows
InvertRect
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
GetMessageA
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoA
SetFocus
CheckMenuItem
GetMenuState
SetWindowTextA
LoadIconW
LoadImageW
CharUpperA
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
CreateAcceleratorTableA
DestroyCursor
IsClipboardFormatAvailable
GetClassLongA
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuA
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuA
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetLayeredWindowAttributes
RegisterClassA
LoadCursorA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcA
GetClassInfoA
PostThreadMessageA
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsW
GetCapture
DrawStateA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconA
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongA
CopyImage
GetIconInfo
FillRect
LoadImageA
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageA
DestroyIcon
GetClassNameA
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageA
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongA
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
MapVirtualKeyExA
GetKeyboardLayout
GetKeyNameTextA
IsCharLowerA
EnableWindow
SetRect
IsWindow
RedrawWindow
InvalidateRect
SendMessageA
GetWindowRect
SetRectEmpty
TrackPopupMenuEx
SetWindowPlacement
CreateWindowExA
GetClassInfoExA
SetMenu
GetMenu
LoadBitmapA
CountClipboardFormats
AdjustWindowRectEx
GetTabbedTextExtentA
SetScrollRange
WindowFromDC
GetMenuStringA
InSendMessage
SendNotifyMessageA
ClipCursor
IsDialogMessageA
SetWindowContextHelpId
CharNextA
MsgWaitForMultipleObjectsEx
RemoveMenu
GetDCEx
GetDialogBaseUnits
GetMessagePos
GetMessageTime
MapDialogRect
SetPropA
RemovePropA
GetPropA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetTabbedTextExtentW
GetWindowTextLengthA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
InvalidateRgn
MoveWindow
CreateMenu
SetActiveWindow
CallWindowProcA
GetMenuCheckMarkDimensions
SetMenuItemInfoA
SetMenuItemBitmaps
SetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
DrawEdge
CharUpperBuffA
GetComboBoxInfo
RegisterClipboardFormatA
InsertMenuA
IsWindowEnabled
ValidateRect
ShowScrollBar
CopyAcceleratorTableA

gdi32

GetTextMetricsA
GetTextExtentPoint32A
GetObjectA
CreateSolidBrush
CreateCompatibleDC
DeleteObject
SelectObject
GetObjectType
GetTextColor
Polygon
Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectA
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesA
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExA
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutA
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
CreateFontA
GetCharWidthA
LPtoDP
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutA
Escape
GetClipBox
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceA
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
GetTextExtentPointA
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCA
SetBrushOrgEx
SetAbortProc
StartDocA
DPtoLP
AbortDoc
CopyMetaFileA
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
DeleteDC

ole32

OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleGetIconOfClass
IsAccelerator
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReleaseStgMedium
CreateDataAdviseHolder
CoTaskMemAlloc
OleTranslateAccelerator
GetRunningObjectTable
OleDraw
OleRegGetMiscStatus
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
GetHGlobalFromILockBytes
CreateDataCache
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
PropVariantClear
CoCreateGuid
CoTaskMemFree
CoCreateInstance
WriteClassStg

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreatePropertyFrame
OleTranslateColor
OleCreateFontIndirect
OleCreatePictureIndirect
OleLoadPicture
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantInit
DispCallFunc
VarBstrCmp
VariantCopy
SafeArrayDestroy
SysAllocStringByteLen
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayRedim
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayCreateVector
VarParseNumFromStr
SysAllocString

shlwapi

SHStrDupW
PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
UrlUnescapeA
StrFormatKBSizeA

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
CloseThemeData
OpenThemeData
GetThemeColor
DrawThemeBackground
DrawThemeParentBackground
IsAppThemed

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfc120u.dll
.dll windows:6 windows x86 arch:x86

bf9bb776792ebfae57684ede20e9eee4

Code Sign

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:12

Not After

04/12/2013, 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:72:6d:3f:5b:e1:9b:ab:56:33:14:95:a8:55:f9:39:db:68:f7:f8:40:96:3c:bc:a7:74:2b:7c:53:71:01:08
Signer

Actual PE Digest

3c:72:6d:3f:5b:e1:9b:ab:56:33:14:95:a8:55:f9:39:db:68:f7:f8:40:96:3c:bc:a7:74:2b:7c:53:71:01:08

Digest Algorithm

sha256

PE Digest Matches

true

00:50:f9:a2:5a:6f:8d:25:82:ab:82:ed:6d:dc:7b:e6:49:dc:0e:ac
Signer

Actual PE Digest

00:50:f9:a2:5a:6f:8d:25:82:ab:82:ed:6d:dc:7b:e6:49:dc:0e:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc120u.i386.pdb

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegOpenKeyExA
RegQueryValueExA

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
GetTempFileNameW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
CompareStringW
GetCurrentThread
GetVersionExW
WideCharToMultiByte
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
GetUserDefaultLCID
IsDBCSLeadByte
GetVersion
lstrcpyA
RaiseException
VirtualProtect
GetDiskFreeSpaceW
GetFullPathNameW
GetFileTime
SetFileTime
ReplaceFileW
SystemTimeToFileTime
GetProfileIntW
DuplicateHandle
GetCurrentProcess
ReadFile
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileW
GetVolumeInformationW
FindFirstFileW
FindClose
GetThreadLocale
GetStringTypeExW
GetShortPathNameW
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileW
GetFileSizeEx
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileAttributesW
FormatMessageW
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
CopyFileW
SetEvent
ResumeThread
SuspendThread
GetAtomNameW
GlobalGetAtomNameW
LocalLock
LocalUnlock
GetSystemTime
GlobalFindAtomW
GlobalFlags
GetEnvironmentVariableW
ExpandEnvironmentStringsA
LoadLibraryExA
OutputDebugStringW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
FormatMessageA
GetLastError
GetEnvironmentVariableA

msvcr120

abort
memcpy_s
toupper
_wcslwr_s
_purecall
memmove_s
wcslen
_CxxThrowException
__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
_mbscspn
_vscprintf
_mbsinc
_mbsupr_s
_wcsrev
_mbsspn
_mbscoll
_mbsrchr
_mbschr
vsprintf_s
_ismbcspace
_mbsstr
_mbsicoll
_mbsrev
memmove
_mbsicmp
_mbslwr_s
_mbspbrk
_expand
_msize
_beginthreadex
_endthreadex
strcpy_s
_ultow_s
fclose
fflush
ftell
fseek
fgetws
fputws
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
_wfullpath
realloc
wcstoul
wcstol
_vsnwprintf_s
_snwscanf_s
_mbscmp
_mktime64
strnlen
_wcsnicmp
memset
_itow_s
swprintf_s
wcsncpy_s
_strnicmp
__wargv
__argc
_snwprintf_s
_errno
_recalloc
_resetstkoflw
wcstod
_time64
_wmakepath_s
strlen
_wcsdup
_beginthread
_endthread
_localtime64_s
wcscat_s
swscanf_s
memcmp
_wtol
towlower
towupper
iswprint
iswalnum
iswalpha
iswdigit
wcscpy_s
wcsncmp
_wcsicoll
wcscoll
_wsplitpath_s
exp
ceil
fabs
floor
sin
__CxxFrameHandler3
cos
abs
memcpy
clock
wcsrchr
wcspbrk
atan2
sqrt
calloc
_wcsupr_s
_wtoi
ldiv
labs
malloc
free
wcsstr
iswspace
wcschr
_vscwprintf
vswprintf_s
wcscmp
_wcsicmp
wcsspn
wcscspn
wcsnlen
wmemcpy_s
_ltow_s

user32

UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
BeginPaint
EndPaint
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
RegisterClipboardFormatW
GetActiveWindow
InsertMenuW
IsWindowEnabled
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextW
EnumChildWindows
InvertRect
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
GetMessageW
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoW
SetFocus
CheckMenuItem
GetMenuState
CharUpperW
MapVirtualKeyW
ToUnicodeEx
GetKeyboardState
CopyAcceleratorTableW
CreateAcceleratorTableW
DestroyCursor
IsClipboardFormatAvailable
GetClassLongW
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuW
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuW
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
SystemParametersInfoW
SendDlgItemMessageA
GetMonitorInfoW
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcW
GetClassInfoW
PostThreadMessageW
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
GetCapture
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
CopyImage
GetIconInfo
FillRect
LoadImageW
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
ScreenToClient
GetCursorPos
MapVirtualKeyExW
GetKeyboardLayout
GetKeyNameTextW
IsCharLowerW
EnableWindow
SetRect
IsWindow
RedrawWindow
InvalidateRect
SendMessageW
GetWindowRect
SetRectEmpty
KillTimer
GetClientRect
IsWindowVisible
MonitorFromWindow
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
WinHelpW
RegisterClassW
TrackPopupMenuEx
CreateWindowExW
SetWindowPlacement
GetClassInfoExW
SetMenu
GetMenu
CountClipboardFormats
AdjustWindowRectEx
SetScrollRange
WindowFromDC
GetMenuStringW
InSendMessage
SendNotifyMessageW
ClipCursor
IsDialogMessageW
SetWindowContextHelpId
CharNextW
MsgWaitForMultipleObjectsEx
RemoveMenu
GetDCEx
GetDialogBaseUnits
GetMessagePos
GetMessageTime
MapDialogRect
SetPropW
RemovePropW
GetPropW
EndDialog
CreateDialogIndirectParamW
GetDlgItem
GetTabbedTextExtentW
GetWindowTextLengthW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
InvalidateRgn
MoveWindow
CreateMenu
SetActiveWindow
CallWindowProcW
GetMenuCheckMarkDimensions
SetMenuItemInfoW
SetMenuItemBitmaps
SetWindowLongW
MessageBoxW
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassW
PostQuitMessage
DrawEdge
CharUpperBuffW
MonitorFromPoint
GetComboBoxInfo
SetWindowTextW

gdi32

GetObjectW
CreateSolidBrush
CreateCompatibleDC
DeleteObject
SelectObject
GetObjectType
GetTextColor
Polygon
Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectW
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesW
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExW
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutW
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
GetTextExtentPoint32W
GetCharWidthW
LPtoDP
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutW
Escape
GetClipBox
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetTextMetricsW
CreateFontW
DeleteDC

ole32

OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
IsAccelerator
GetHGlobalFromILockBytes
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleTranslateAccelerator
GetRunningObjectTable
WriteClassStg
OleDuplicateData
WriteFmtUserTypeStg
OleDraw
OleRegGetMiscStatus
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
OleGetIconOfClass
ReleaseStgMedium
CreateDataAdviseHolder
CoTaskMemAlloc
CreateDataCache
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
PropVariantClear
CoCreateGuid
CoTaskMemFree
CoCreateInstance
SetConvertStg

oleaut32

SysAllocStringLen
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreatePropertyFrame
OleTranslateColor
OleCreateFontIndirect
OleCreatePictureIndirect
OleLoadPicture
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantInit
DispCallFunc
VarBstrCmp
VariantCopy
SafeArrayDestroy
SysStringByteLen
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarDateFromStr
VarDecFromStr
VarBstrFromDec
SafeArrayCreateVector
VarParseNumFromStr
SysAllocString

shlwapi

SHStrDupW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW
StrFormatKBSizeW

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
DrawThemeText
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
CloseThemeData
OpenThemeData
GetThemeColor
DrawThemeBackground
DrawThemeParentBackground
IsAppThemed

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfcm120.dll
.dll windows:6 windows x86 arch:x86

5e8ac8fa449cb9a9b1a873fca7da77c6

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:e2:89:4c:3d:68:ff:aa:2a:6d:a5:cb:1a:4b:16:59:f9:5d:4b:a4:f4:01:2b:a1:73:f1:d3:0b:56:58:9d:66
Signer

Actual PE Digest

58:e2:89:4c:3d:68:ff:aa:2a:6d:a5:cb:1a:4b:16:59:f9:5d:4b:a4:f4:01:2b:a1:73:f1:d3:0b:56:58:9d:66

Digest Algorithm

sha256

PE Digest Matches

true

c0:87:26:89:71:fc:65:81:a2:03:06:58:cc:6d:d9:45:f3:71:e4:35
Signer

Actual PE Digest

c0:87:26:89:71:fc:65:81:a2:03:06:58:cc:6d:d9:45:f3:71:e4:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFCM120.i386.pdb

Imports

kernel32

DecodePointer
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
OutputDebugStringW
Sleep
EncodePointer

msvcr120

_crt_debugger_hook
__crtUnhandledException
_except_handler4_common
__clean_type_info_names_internal
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
free
__CxxFrameHandler3
??1type_info@@UAE@XZ
__FrameUnwindFilter
_cexit
??_V@YAXPAX@Z
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess

user32

SetWindowPos
GetWindow
CopyRect
GetClientRect
SendMessageA
PostMessageA

mfc120

ord7665
ord5302
ord13262
ord8657
ord13907
ord14007
ord8187
ord4424
ord13333
ord13334
ord4340
ord2523
ord2533
ord12157
ord3549
ord7503
ord2199
ord485
ord2221
ord2328
ord13913
ord8616
ord8613
ord5416
ord12745
ord13641
ord7969
ord7972
ord3245
ord3246
ord5136
ord5433
ord5643
ord9186
ord5409
ord5659
ord5139
ord5295
ord5119
ord5840
ord7574
ord7575
ord7565
ord5293
ord8064
ord10083
ord9047
ord6372
ord2339
ord13644
ord3873
ord3925
ord2300
ord4095
ord3252
ord6232
ord6837
ord2500
ord832
ord1358
ord7291
ord12038
ord7538
ord6177
ord11987
ord11941
ord3782
ord372
ord9064
ord3249
ord10339
ord3216
ord11567
ord8761
ord2209
ord2208
ord274
ord1523
ord1039
ord1656
ord1041

mscoree

_CorDllMain

Exports

Exports

AfxmReleaseManagedReferences

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfcm120u.dll
.dll windows:6 windows x86 arch:x86

0b002f7f2606fc506c4285852139b2fe

Code Sign

33:00:00:00:2b:39:32:48:c1:b2:c9:48:f3:00:00:00:00:00:2b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/09/2012, 21:12

Not After

04/12/2013, 21:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:C0F4-3086-DEF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e5:29:4a:48:af:16:1a:53:9a:a1:18:81:b5:51:90:00:3a:e4:f5:8a:a8:11:06:2e:18:e1:21:77:66:b6:97:81
Signer

Actual PE Digest

e5:29:4a:48:af:16:1a:53:9a:a1:18:81:b5:51:90:00:3a:e4:f5:8a:a8:11:06:2e:18:e1:21:77:66:b6:97:81

Digest Algorithm

sha256

PE Digest Matches

true

d9:e0:bc:d7:23:b5:92:a9:27:41:2c:72:8e:59:5e:8c:c4:2e:e3:82
Signer

Actual PE Digest

d9:e0:bc:d7:23:b5:92:a9:27:41:2c:72:8e:59:5e:8c:c4:2e:e3:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFCM120U.i386.pdb

Imports

kernel32

DecodePointer
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
OutputDebugStringW
Sleep
EncodePointer

msvcr120

_crt_debugger_hook
__crtUnhandledException
_except_handler4_common
__clean_type_info_names_internal
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
free
__CxxFrameHandler3
??1type_info@@UAE@XZ
__FrameUnwindFilter
_cexit
??_V@YAXPAX@Z
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtTerminateProcess

user32

SetWindowPos
GetWindow
CopyRect
GetClientRect
SendMessageW
PostMessageW

mfc120u

ord7702
ord5323
ord13328
ord8698
ord13990
ord14092
ord8226
ord4433
ord13402
ord13403
ord4349
ord2525
ord2535
ord12214
ord3557
ord7538
ord2204
ord485
ord2226
ord2332
ord13996
ord8657
ord8654
ord5437
ord12804
ord13721
ord8005
ord8008
ord3252
ord3253
ord5157
ord5454
ord5664
ord9231
ord5430
ord5680
ord5160
ord5316
ord5137
ord5864
ord7609
ord7610
ord7600
ord5314
ord8101
ord10131
ord9090
ord6398
ord2341
ord13724
ord3881
ord3933
ord2306
ord4104
ord3259
ord6258
ord6868
ord2502
ord832
ord1360
ord7325
ord12095
ord7573
ord6203
ord12044
ord11998
ord3790
ord372
ord9107
ord3256
ord10390
ord3223
ord11621
ord8804
ord2214
ord2213
ord269
ord1520
ord1040
ord1658
ord1042

mscoree

_CorDllMain

Exports

Exports

AfxmReleaseManagedReferences

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp120.dll
.dll windows:6 windows x86 arch:x86

6ccda270a497a2c5a36a7f385cc9910d

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13
Signer

Actual PE Digest

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13

Digest Algorithm

sha256

PE Digest Matches

true

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e
Signer

Actual PE Digest

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp120.i386.pdb

Imports

msvcr120

?what@exception@std@@UBEPBDXZ
_CxxThrowException
__CxxFrameHandler3
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
memset
_fsopen
fseek
_wfsopen
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Free@Concurrency@@YAXPAX@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0critical_section@Concurrency@@QAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
?wait@event@Concurrency@@QAEII@Z
?set@event@Concurrency@@QAEXXZ
ldexp
sprintf_s
strcspn
wcslen
_Strftime
_Wcsftime
strcmp
setlocale
_malloc_crt
_realloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fgetwc
fputwc
ungetwc
__uncaught_exception
_errno
memcmp
_wcsdup
___lc_locale_name_func
___lc_collate_cp_func
__crtCompareStringA
__crtLCMapStringA
___lc_codepage_func
_ismbblead
remove
rename
_wremove
strcpy_s
wcscpy_s
_wgetcwd
_wchdir
_wmkdir
_wrmdir
??1bad_cast@std@@UAE@XZ
_getcwd
_chdir
_mkdir
_rmdir
__crtIsPackagedApp
__crtCreateSymbolicLinkW
__crtGetFileInformationByHandleEx
__crtSetFileInformationByHandle
_calloc_crt
??0_Condition_variable@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
__crtSleep
_beginthreadex
_endthreadex
?lock@critical_section@Concurrency@@QAEXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?unlock@critical_section@Concurrency@@QAEXXZ
?terminate@@YAXXZ
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
calloc
??0operation_timed_out@Concurrency@@QAE@XZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0bad_target@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
_lock
_unlock
__pctype_func
isupper
__crtGetLocaleInfoEx
islower
__crtLCMapStringW
isspace
tolower
memchr
sqrt
isdigit
isxdigit
isalnum
__crtCompareStringW
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
??0bad_cast@std@@QAE@ABV01@@Z
_W_Gettnames
_W_Getmonths
_W_Getdays
_Gettnames
_Getmonths
_Getdays
localeconv
??0bad_cast@std@@QAE@PBD@Z
??_V@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
memmove
strlen
memcpy
malloc
free
___mb_cur_max_func
_purecall
rand_s
fputs
fputc
__iob_func
abort
log
__crtInitializeCriticalSectionEx
??3@YAXPAX@Z
??2@YAPAXI@Z
_wrename

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
AreFileApisANSI
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Pad@std@@QAE@ABV01@@Z
??0_Pad@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Pad@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Pad@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7_Pad@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_10@placeholders@std@@3V?$_Ph@$09@2@A
?_11@placeholders@std@@3V?$_Ph@$0L@@2@A
?_12@placeholders@std@@3V?$_Ph@$0M@@2@A
?_13@placeholders@std@@3V?$_Ph@$0N@@2@A
?_14@placeholders@std@@3V?$_Ph@$0O@@2@A
?_15@placeholders@std@@3V?$_Ph@$0P@@2@A
?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A
?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A
?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A
?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_5@placeholders@std@@3V?$_Ph@$04@2@A
?_6@placeholders@std@@3V?$_Ph@$05@2@A
?_7@placeholders@std@@3V?$_Ph@$06@2@A
?_8@placeholders@std@@3V?$_Ph@$07@2@A
?_9@placeholders@std@@3V?$_Ph@$08@2@A
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Copy_file@sys@tr2@std@@YAHPBD0_N@Z
?_Copy_file@sys@tr2@std@@YAHPB_W0_N@Z
?_Current_get@sys@tr2@std@@YAPADAAY0BAE@D@Z
?_Current_get@sys@tr2@std@@YAPA_WAAY0BAE@_W@Z
?_Current_set@sys@tr2@std@@YA_NPBD@Z
?_Current_set@sys@tr2@std@@YA_NPB_W@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Equivalent@sys@tr2@std@@YAHPBD0@Z
?_Equivalent@sys@tr2@std@@YAHPB_W0@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_File_size@sys@tr2@std@@YA_KPBD@Z
?_File_size@sys@tr2@std@@YA_KPB_W@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_Future_error_map@std@@YAPBDH@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr120.dll
.dll windows:6 windows x86 arch:x86

aa8d086deb6960b10f8791df466a5610

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88
Signer

Actual PE Digest

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88

Digest Algorithm

sha256

PE Digest Matches

true

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78
Signer

Actual PE Digest

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr120.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
IsProcessorFeaturePresent
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z
??0_Interruption_exception@details@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@Concurrency@@QAE@PBD@Z
??0task_canceled@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??3@YAXPAXHPBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
??_V@YAXPAXHPBDH@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrSwap@@YAXPAX0@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBE_NABV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FCbuild
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active

Sections

.text
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssleay32.dll
.dll windows:6 windows x86 arch:x86

e83e59e7b16da2757cf2f0cdfc9b013d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\External_Deps\openssl-1.0.0s\out32dll\ssleay32.pdb

Imports

libeay32

ord188
ord181
ord52
ord85
ord490
ord252
ord222
ord3873
ord2630
ord2821
ord3109
ord269
ord290
ord281
ord641
ord754
ord857
ord654
ord2206
ord2201
ord911
ord3906
ord493
ord3836
ord289
ord464
ord3245
ord3244
ord3844
ord2936
ord323
ord3841
ord3874
ord1202
ord2894
ord3067
ord961
ord89
ord109
ord3896
ord3879
ord3239
ord170
ord909
ord912
ord111
ord110
ord151
ord123
ord118
ord120
ord128
ord32
ord2760
ord495
ord498
ord4540
ord202
ord203
ord201
ord219
ord3837
ord3899
ord276
ord274
ord256
ord313
ord3724
ord3315
ord2927
ord285
ord4119
ord4430
ord4233
ord4474
ord4369
ord4245
ord1070
ord4488
ord3695
ord3570
ord2924
ord2929
ord3010
ord3178
ord2578
ord3663
ord3422
ord3729
ord3575
ord3512
ord3608
ord3459
ord3480
ord3550
ord3666
ord3644
ord866
ord635
ord2747
ord2784
ord2572
ord964
ord965
ord3489
ord907
ord87
ord486
ord497
ord484
ord205
ord206
ord216
ord363
ord2712
ord2925
ord3165
ord268
ord333
ord316
ord282
ord4125
ord4262
ord4164
ord1071
ord2877
ord3711
ord3682
ord3719
ord577
ord763
ord572
ord4046
ord66
ord481
ord3528
ord3418
ord1096
ord1097
ord78
ord95
ord3816
ord3888
ord3891
ord2589
ord2915
ord1144
ord1145
ord3823
ord3846
ord2292
ord1081
ord187
ord623
ord622
ord679
ord176
ord503
ord1012
ord3631
ord3479
ord3664
ord3737
ord3633
ord3675
ord341
ord1011
ord266
ord264
ord541
ord3925
ord3922
ord3124
ord2702
ord2898
ord4144
ord4372
ord3782
ord4174
ord3767
ord3758
ord3704
ord3647
ord3857
ord3365
ord3766
ord3460
ord4114
ord3783
ord3454
ord3394
ord3754
ord1655
ord914
ord1041
ord1027
ord1025
ord1004
ord1007
ord1005
ord3866
ord3826
ord53
ord67
ord65
ord74
ord98
ord58
ord892
ord890
ord897
ord2257
ord248
ord364
ord4331
ord4513
ord1010
ord629
ord626
ord628
ord630
ord3437
ord3527
ord3378
ord3610
ord3414
ord3495
ord3399
ord3559
ord575
ord636
ord2051
ord2478
ord246
ord3657
ord3396
ord93
ord1100
ord1023
ord2524
ord3505
ord3595
ord657
ord401
ord891
ord887
ord889
ord4045
ord2475
ord368
ord370
ord367
ord369
ord1671
ord189
ord1147
ord314
ord315
ord4383
ord4320
ord956
ord750
ord3205
ord279
ord283
ord748
ord280
ord774
ord751
ord2181
ord1959
ord400
ord399
ord3513
ord716
ord822
ord718
ord824
ord8
ord7
ord3700
ord3623
ord37
ord35
ord703
ord1091
ord88
ord2426
ord86
ord680
ord1101
ord3314
ord3312
ord3313
ord299
ord304
ord329
ord318
ord325
ord959
ord3155
ord2996
ord3795
ord3807
ord3914
ord292
ord293
ord2252
ord91
ord955
ord225
ord247
ord903
ord910
ord904
ord901
ord905
ord2411
ord1653
ord1654
ord168
ord167
ord267
ord169

msvcr120

free
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
__CppXcptFilter
_errno
_ftime64
strncmp
strncpy
fprintf
__iob_func
memmove
memset
memcpy
_time64
_amsg_exit

kernel32

GetLastError
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

59a4a44a250c4cf4f2d9de2b3fe5d95f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
SearchPathA
GetShortPathNameA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
Sleep
CloseHandle
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrlenA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetVersion
GetProcAddress
GlobalAlloc
CompareFileTime
SetFileTime
ExpandEnvironmentStringsA
lstrcmpiA
lstrcmpA
WaitForSingleObject
GlobalFree
GetExitCodeProcess
GetModuleHandleA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryExA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
WriteFile
FindClose
WritePrivateProfileStringA
MultiByteToWideChar
MulDiv
GetPrivateProfileStringA
FreeLibrary

user32

CreateWindowExA
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
GetDC
SystemParametersInfoA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
GetDlgItem
wsprintfA
SetForegroundWindow
ShowWindow
IsWindow
LoadImageA
SetWindowLongA
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
PostQuitMessage
FindWindowExA
SendMessageTimeoutA
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

6b7d154c806f1e47db325229c300c6df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
lstrcpynA
ReadFile
PeekNamedPipe
GetTickCount
lstrcpyA
CreateProcessA
GetStartupInfoA
GetProcAddress
GlobalLock
DeleteFileA
lstrcmpiA
GetCurrentProcess
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
CreatePipe
GetVersionExA
lstrcatA

user32

SendMessageA
OemToCharBuffA
FindWindowExA
CharNextA
wsprintfA
CharPrevA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/services.dll
.dll windows:4 windows x86 arch:x86

caddd9e268e5bc2a8b67248bc1f72836

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
WideCharToMultiByte
FormatMessageA
LocalFree
HeapAlloc
MultiByteToWideChar
GetProcessHeap
GetCurrentThread
HeapReAlloc
HeapFree
GlobalAlloc
GetLastError
GetCurrentProcess
lstrcpyA

advapi32

LsaRemoveAccountRights
LsaAddAccountRights
OpenProcessToken
OpenThreadToken
ControlService
DeleteService
StartServiceA
OpenServiceA
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
LsaEnumerateAccountRights
EnumServicesStatusA
LsaNtStatusToWinError
LsaClose
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
LsaFreeMemory
LsaOpenPolicy
LookupAccountNameW

msvcrt

malloc
wcslen
memset
free
strstr
_except_handler3
_strlwr
_stricmp
_itoa

Exports

Exports

GetServiceNameFromDisplayName
GrantLogonAsAService
HasLogonAsAService
IsProcessUserAdministrator
IsServiceInstalled
IsServiceRunning
RemoveLogonAsAService
SendServiceCommand

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:6 windows x86 arch:x86

d9b9d7a2f1614a9d320d410ee337092f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Win-Agent\Desktop\WindowsAgent-master\External_Deps\zlib-1.2.8\zlib1.pdb

Imports

msvcr120

strerror
_vsnprintf
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
memchr
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_errno
_wopen
_lseeki64
malloc
free
wcstombs
_snprintf
memset
_initterm
memcpy
_open
_close
_read
_write

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls

Exports

Exports

adler32
adler32_combine
adler32_combine64
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PsExec.exe
.exe windows:5 windows x86 arch:x86

c1e59519b5e5d84af07afa6f5a8625f1

Code Sign

33:00:00:00:98:04:58:cb:7f:23:09:b0:9e:00:00:00:00:00:98
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

30/03/2016, 19:21

Not After

30/06/2017, 19:21

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7AFA-E41C-E142,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/06/2015, 17:42

Not After

04/09/2016, 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4f:c5:97:fa:40:70:59:c9:4b:35:34:f4:9b:c0:90:a1:1c:cb:4e:4e:6d:96:9a:f2:67:e1:4d:69:35:9f:71
Signer

Actual PE Digest

0c:4f:c5:97:fa:40:70:59:c9:4b:35:34:f4:9b:c0:90:a1:1c:cb:4e:4e:6d:96:9a:f2:67:e1:4d:69:35:9f:71

Digest Algorithm

sha256

PE Digest Matches

true

b4:77:bc:a0:7b:c3:2e:88:63:11:99:73:bc:91:f6:a5:5f:10:40:5f
Signer

Actual PE Digest

b4:77:bc:a0:7b:c3:2e:88:63:11:99:73:bc:91:f6:a5:5f:10:40:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

netapi32

NetServerEnum
NetApiBufferFree

ws2_32

gethostname
WSAStartup
inet_ntoa
gethostbyname

mpr

WNetCancelConnection2W
WNetAddConnection2W

kernel32

GetExitCodeProcess
ResumeThread
WaitForMultipleObjects
GetFileTime
DuplicateHandle
DisconnectNamedPipe
SetNamedPipeHandleState
TransactNamedPipe
CreateEventW
GetCurrentProcessId
GetFullPathNameW
SetFileAttributesW
GetFileAttributesW
CopyFileW
WaitNamedPipeW
SetConsoleCtrlHandler
SetConsoleTitleW
ReadConsoleW
GetVersion
SetProcessAffinityMask
ReadFile
GetConsoleScreenBufferInfo
MultiByteToWideChar
GetComputerNameW
DeleteFileW
CreateFileW
GetSystemDirectoryW
FindResourceW
LoadLibraryExW
FormatMessageA
GetTickCount
CloseHandle
WriteFile
SizeofResource
LoadResource
Sleep
WaitForSingleObject
SetEndOfFile
SetEvent
SetLastError
GetLastError
GetCurrentProcess
FreeLibrary
LockResource
SetPriorityClass
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
LoadLibraryW
GetStdHandle
GetFileType
LocalFree
LocalAlloc
GetProcAddress
FreeEnvironmentStringsW
LCMapStringW
OutputDebugStringW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
GetEnvironmentVariableW
RaiseException
LoadLibraryExA
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
HeapFree
HeapAlloc
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
EnterCriticalSection
LeaveCriticalSection
SetStdHandle
CreateThread
GetCurrentThreadId
ExitThread
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetProcessHeap
FlushFileBuffers
GetConsoleCP
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW

comdlg32

PrintDlgW

advapi32

LsaClose
CreateProcessAsUserW
CryptHashData
CryptCreateHash
CryptDecrypt
CryptEncrypt
CryptImportKey
CryptExportKey
CryptDestroyKey
CryptDeriveKey
CryptGenKey
CryptReleaseContext
CryptAcquireContextW
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
OpenProcessToken
LsaEnumerateAccountRights
LsaOpenPolicy
LsaFreeMemory
SetSecurityInfo
GetSecurityInfo
LookupPrivilegeValueW
AddAccessAllowedAce
GetAce
AddAce
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
SetTokenInformation
GetTokenInformation
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCreateKeyW
RegCloseKey

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/instOCS.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 26KB - Virtual size: 25KB

59a4a44a250c4cf4f2d9de2b3fe5d95f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 105KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 22KB - Virtual size: 21KB

610235b90207a63ccf481f0d4375d329

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

b8086f6290816fb617f882601f009ecd

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 26KB - Virtual size: 25KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 105KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 22KB - Virtual size: 21KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

27:a9:04:54:92:bc:c8:64:10:a5:a3:0b:f5:34:1a:e8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

3a:32:ce:44:24:f1:24:42:14:46:e6:3d:4d:bd:07:f9:13:85:74:25
Signer

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 29KB - Virtual size: 29KB

CODE
Size: 148KB - Virtual size: 148KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 610B

.text
Size: 1024B - Virtual size: 692B

.rdata
Size: 1024B - Virtual size: 673B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 512B - Virtual size: 240B