MDE_File_Sample_f8db5b5182ff088eefc645f064fec30cae45b5e8[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

MDE_File_Sample_f8db5b5182ff088eefc645f064fec30cae45b5e8.zip
Size

25.8MB
MD5

56df04b800cf7f85d2e05d4f0c1481b6
SHA1

f490330a3507a7d8d712195dc071e81e9c3476f2
SHA256

a1f3dd2878448c16a43387616c04e684d8bea25e760377d354f430703e52655c
SHA512

3ecf113705684e7325fa31b92aa9275d87b0673e7cdc8025e665a1697a973df606eac0315e953fa0219001cacc11167d3d52d99dd5a0b247d094f07ff3b33aae
SSDEEP

393216:0wxMioo8jPDrLwlm4PrI9861TTzGDS2BEDkCcXeaHEhOOI1ItAlZWfwntOYU6JUI:tGXjbr+lrhYTTL2BsRhryOOtOCGrk

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 2 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack003/FireFoxExt/CCBEdgeNativeHost.exe	vmprotect
static1/unpack003/FireFoxExt/CCBFireFoxNativeHost.exe	vmprotect

Unsigned PE 36 IoCs

Checks for missing Authenticode signature.

resource
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll
unpack002/$PLUGINSDIR/SkinBtn.dll
unpack002/$PLUGINSDIR/SkinProgress.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$PLUGINSDIR/WndProc.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/nsProcess.dll
unpack002/$PLUGINSDIR/nsWindows$_12_.dll
unpack002/$SYSDIR/WDGetDeviceCaps.dll
unpack002/$SYSDIR/libeay32.dll
unpack002/$SYSDIR/mfc42.dll
unpack002/Detector/CCBSignCom.dll
unpack002/Detector/libeay32.dll
unpack002/Detector/mfc42.dll
unpack002/Plugins/CARoot/certutil.exe
unpack002/Plugins/CARoot/freebl3.dll
unpack002/Plugins/CARoot/libnspr4.dll
unpack002/Plugins/CARoot/libplc4.dll
unpack002/Plugins/CARoot/libplds4.dll
unpack002/Plugins/CARoot/modutil.exe
unpack002/Plugins/CARoot/nspr4.dll
unpack002/Plugins/CARoot/nss3.dll
unpack002/Plugins/CARoot/nssckbi.dll
unpack002/Plugins/CARoot/nssdbm3.dll
unpack002/Plugins/CARoot/nssutil3.dll
unpack002/Plugins/CARoot/plc4.dll
unpack002/Plugins/CARoot/plds4.dll
unpack002/Plugins/CARoot/smime3.dll
unpack002/Plugins/CARoot/softokn3.dll
unpack002/Plugins/CARoot/sqlite3.dll
unpack002/Plugins/CARoot/ssl3.dll
unpack002/log/$SYSDIR/FindDLL.dll

NSIS installer 11 IoCs

installer

resource	yara_rule
static1/unpack001/CCB_E_Setup_Total_20240123_x64.exe	nsis_installer_1
static1/unpack001/CCB_E_Setup_Total_20240123_x64.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/CCBExtension_installer.exe	nsis_installer_1
static1/unpack002/$PLUGINSDIR/CCBExtension_installer.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/CCB_DM_LCD_silent_x64.exe	nsis_installer_1
static1/unpack002/$PLUGINSDIR/CCB_DM_LCD_silent_x64.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/CCB_HDZB_USBKEY_1G_Setup_S64.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/CCB_HDZB_USBKEY_2G_Setup_S64.exe	nsis_installer_1
static1/unpack002/$PLUGINSDIR/CCB_HDZB_USBKEY_2G_Setup_S64.exe	nsis_installer_2
static1/unpack002/$PLUGINSDIR/WDCCB_32+64bit.exe	nsis_installer_1
static1/unpack002/$PLUGINSDIR/WDCCB_32+64bit.exe	nsis_installer_2

Files

MDE_File_Sample_f8db5b5182ff088eefc645f064fec30cae45b5e8.zip
.zip

Password: infected
CCB_E_Setup_Total_20240123_x64.exe
.exe windows:4 windows x86 arch:x86

Password: infected

099c0646ea7282d232219f8807883be0

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:65:4c:58:b2:4b:03:71:85:53:04:cb:5c:35:3a:63:1d:6f:dc:f2:83:c2:16:9a:13:53:bf:38:4d:ab:33:55
Signer

Actual PE Digest

71:65:4c:58:b2:4b:03:71:85:53:04:cb:5c:35:3a:63:1d:6f:dc:f2:83:c2:16:9a:13:53:bf:38:4d:ab:33:55

Digest Algorithm

sha256

PE Digest Matches

true

0d:e7:8a:f1:2c:9f:3a:de:a2:47:0d:a4:c6:5b:79:18:31:1d:98:b5
Signer

Actual PE Digest

0d:e7:8a:f1:2c:9f:3a:de:a2:47:0d:a4:c6:5b:79:18:31:1d:98:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CCBExtension_installer.exe
.exe windows:4 windows x86 arch:x86

Password: infected

7fa974366048f9c551ef45714595665e

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fc
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/04/2020, 00:00

Not After

02/04/2023, 23:59

Subject

SERIALNUMBER=91110105769354027J,CN=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,O=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,ST=BEIJING,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13074245494a494e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

34:c9:d2:bf:12:81:f9:b0:fd:4d:2e:12:15:0e:d9:84:11:dc:66:84:f0:ea:4e:11:ab:18:7a:85:99:04:24:d4
Signer

Actual PE Digest

34:c9:d2:bf:12:81:f9:b0:fd:4d:2e:12:15:0e:d9:84:11:dc:66:84:f0:ea:4e:11:ab:18:7a:85:99:04:24:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

Password: infected

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

Password: infected

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FireFoxExt/CCBEdgeNativeHost.exe
.exe windows:5 windows x86 arch:x86

Password: infected

3b99ae0a3faf9f9d1b3d29efecfad1ed

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fc
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/04/2020, 00:00

Not After

02/04/2023, 23:59

Subject

SERIALNUMBER=91110105769354027J,CN=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,O=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,ST=BEIJING,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13074245494a494e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ec:e7:9e:cc:de:f7:47:2c:d8:f9:f3:62:39:7f:a3:b8:da:50:f2:f7:59:4a:af:1d:22:0f:32:38:a1:3f:51:dd
Signer

Actual PE Digest

ec:e7:9e:cc:de:f7:47:2c:d8:f9:f3:62:39:7f:a3:b8:da:50:f2:f7:59:4a:af:1d:22:0f:32:38:a1:3f:51:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

shlwapi

PathFindExtensionA

crypt32

CertCreateCertificateContext

oleacc

LresultFromObject

user32

GetFocus

gdi32

DeleteDC

winspool.drv

OpenPrinterA

oleaut32

VariantInit

Exports

Exports

�j':c��F��|��F�{�҃�㋚?�U{om�z�]��H�@O��݇5�0 $X�P�B,Z�1�%��w ��Zy+-6P�iq񸥿腄��UPT��6[G��8F?��,1m�� !��+ �ΖLui�2��,ݡM�Ë1��WN��O)�0ww55H��]��&Z��U��盰�q]$�$��Q�� ~��̩]A��+[&㐄�%��G��J] �;��Ԯ�؛ ��=#Tf q�m�GGY��E�R �z�,��.ff\�9��`ȫ��U(�̈́��U\O�W�̰�[��9��ӻ �*'��$��RB ��{��M��w�3�|��8?��Y��K�)��.S3��-�Dt��c&��r�Q��t0��EDV*��O��$�Μ�v��z�_��Ӑ.��h�=Z��0�쩇��mbؾ-M�ȷSv{��FD��A|��yp��~?7˔�lX�iy7��x@V�C-��.��z8��G�d��Zm?�$+�w�X084x�6�*[�C�c;��4V/�I%��m4X}Q�5�΅�W� ڎ�"�^<�;qi��q�`Ǵ��^�d�TR�=�}�:�?�@;n=�g�̑B��y�|�}�$~fF��h��}P(m��D-�^�iu�M��&�E��)�vϩ��f,�ñ��jv|�q��[��s��IWt߈� ��y� �&��$��HZv��M�vl�(�5�c��0�?)2�@��Lv�2�!�,&E%YsH�LMr'�0q�5��6ۂA�p �]�t��LFnޖ�^�z�6�gv��D-�#0��9ۄ�vLs��|z)J��(;��-��EwJ �9��e��l訫�_6� <�,JX/)Z]v��ukjSQ��4�=ƃAEd �3��F(g��y��I?f��۳��T�9��pءO�C��GV�Xᦲ��K��z�-�G��)L8'-�CN�,��x(p�?�V��K֦͝?h��h��F��ȁ��|Ǥ��jk%�*7d��1�� UFݓt��s�� +�e0� t(՟|n�i�9b)x�� 3��S<@4Ž�L�H��!��e.��?��y��/��2�h=�̄X)�J�sԅ�m<�x��u�j��;� �{�.��8xr��n�B(�ٸO��wY�� Q�0mM�-.:�̑�xNQ��NG��p�2��x;��$��W�?�Eʧ�f�p#7 Ĺ7�^a��2�Xːi��;��_��p��uA��C^z�R˰�~��LP-_�2��W�=b�#��`��|�ۛ�4�=�^�}��gw�xV��>�$?�K2�n��A��Iֻ�O��`D��_,!�"�s��t��y �,פR��O��ZH c��d"�b�ڿ�a��I��=z~��&�ڈ��oȏwY"��2�Fz�U�ܿ��r��H�J_ ��׉IfF�X��f&UTm��(��C}��.��^��)�w\K$�l��T��!�[�:��se�}c�m?�Cб�� K��[��$�� Y ��߹��?B��Z�p�5�\�n�%ފ��3��{ެy�761u�)�y��T�Ǘnsi�Y|�y~w��|��i%��m��$�n�x=�_�n�H+�C�� jA|�R��J?�]i#o�,y�Ã�v��xD�Xi��~ck��Y.{�L�%2%A��&��#�b��bS1mE�Uᠹ��LYHF�u�ؾRտ�M��t{��dr��ɜ��RLF.�oY�O��y3��.�s��=*��t�u�'��E̼f#�/j��^�oq�ז2�6�O�ٶ| )�v��s�po��:�3��:��Ю��?��0��L�uq��+�+~�Y$�<�A��R�HwL�Hy��1��Gj I��}�� /�þ��M�=�`֥K( 0j�C�r�r��ho�s�/u��n�lHT�y�*��L��QM��&/��6��B*��-4�C Gx��3��0쮼M��i��3| @L8�Nkow54�r��W_ݡ�$��iϢ>F;^��*Ɖ��Q�*`Bc`Z�ͫ��'�,��%x�?(��ٶe-[��9s��dw�S��'R�c[9ƻR�֭��đ9�!~ ��ډ��Q�g!�N�@�2N��5�b��X��nhߓ�ȳ��Ff�'��2`q��Z�X��%��jn��$NH|�Q�?�K��i�y��k��y��v[��n��V��<t��J��&�J�{[��¨t�MCp5��'��E.ы�"HJ�?��`I��_��$Z|ئק*��&;ẃ6L;e=�P�Ɋb�lx�jhԛ*��!Q=�3��U�9�E��+x?��E5k2�Hw�6G��[��eKʴ�a6#e%�۱+�(��$��`O�gx�\��Ř[��W��6ξ�%'��G�,��e��X��*I��@�F鬹�9,e�D�"�SnU>�56�ĩ�Q( ��N|)�Sq��q��ʪ�slr�_n��Zm��(�G=%C��a�h�Ma��rW� ��.p��*ָ�"�Z��Cʗ� �� g��y�+*ѬŇ��L�؄e��M��ۢ�B��NK�.DrB0j&��f(O��p$ّic%8jR.h�-O��w�� }K��g9hܵ�;��\��+�ʲ��g�謏/��3M�E�&��r��Р�4�6��4��=d�0�{KH��*�5κ�'�@,C�)��k !�e�8-�fE��W采4WN�� ƴ�q�dP ��lCɀ2��ENTΖ�C�@">�͢��js�֊l�ُ��DYt�+�l7�tx�: �V-s�

Sections

.text
Size: - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1019KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FireFoxExt/CCBEdgeNativeHost.json
FireFoxExt/CCBFireFoxNativeHost.exe
.exe windows:5 windows x86 arch:x86

Password: infected

3b99ae0a3faf9f9d1b3d29efecfad1ed

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fc
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/04/2020, 00:00

Not After

02/04/2023, 23:59

Subject

SERIALNUMBER=91110105769354027J,CN=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,O=BEIJING HUADA ZHIBAO ELECTRONIC SYSTEM CO.\, LTD.,ST=BEIJING,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13074245494a494e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ec:e7:9e:cc:de:f7:47:2c:d8:f9:f3:62:39:7f:a3:b8:da:50:f2:f7:59:4a:af:1d:22:0f:32:38:a1:3f:51:dd
Signer

Actual PE Digest

ec:e7:9e:cc:de:f7:47:2c:d8:f9:f3:62:39:7f:a3:b8:da:50:f2:f7:59:4a:af:1d:22:0f:32:38:a1:3f:51:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
WideCharToMultiByte
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

shlwapi

PathFindExtensionA

crypt32

CertCreateCertificateContext

oleacc

LresultFromObject

user32

GetFocus

gdi32

DeleteDC

winspool.drv

OpenPrinterA

oleaut32

VariantInit

Exports

Exports

�j':c��F��|��F�{�҃�㋚?�U{om�z�]��H�@O��݇5�0 $X�P�B,Z�1�%��w ��Zy+-6P�iq񸥿腄��UPT��6[G��8F?��,1m�� !��+ �ΖLui�2��,ݡM�Ë1��WN��O)�0ww55H��]��&Z��U��盰�q]$�$��Q�� ~��̩]A��+[&㐄�%��G��J] �;��Ԯ�؛ ��=#Tf q�m�GGY��E�R �z�,��.ff\�9��`ȫ��U(�̈́��U\O�W�̰�[��9��ӻ �*'��$��RB ��{��M��w�3�|��8?��Y��K�)��.S3��-�Dt��c&��r�Q��t0��EDV*��O��$�Μ�v��z�_��Ӑ.��h�=Z��0�쩇��mbؾ-M�ȷSv{��FD��A|��yp��~?7˔�lX�iy7��x@V�C-��.��z8��G�d��Zm?�$+�w�X084x�6�*[�C�c;��4V/�I%��m4X}Q�5�΅�W� ڎ�"�^<�;qi��q�`Ǵ��^�d�TR�=�}�:�?�@;n=�g�̑B��y�|�}�$~fF��h��}P(m��D-�^�iu�M��&�E��)�vϩ��f,�ñ��jv|�q��[��s��IWt߈� ��y� �&��$��HZv��M�vl�(�5�c��0�?)2�@��Lv�2�!�,&E%YsH�LMr'�0q�5��6ۂA�p �]�t��LFnޖ�^�z�6�gv��D-�#0��9ۄ�vLs��|z)J��(;��-��EwJ �9��e��l訫�_6� <�,JX/)Z]v��ukjSQ��4�=ƃAEd �3��F(g��y��I?f��۳��T�9��pءO�C��GV�Xᦲ��K��z�-�G��)L8'-�CN�,��x(p�?�V��K֦͝?h��h��F��ȁ��|Ǥ��jk%�*7d��1�� UFݓt��s�� +�e0� t(՟|n�i�9b)x�� 3��S<@4Ž�L�H��!��e.��?��y��/��2�h=�̄X)�J�sԅ�m<�x��u�j��;� �{�.��8xr��n�B(�ٸO��wY�� Q�0mM�-.:�̑�xNQ��NG��p�2��x;��$��W�?�Eʧ�f�p#7 Ĺ7�^a��2�Xːi��;��_��p��uA��C^z�R˰�~��LP-_�2��W�=b�#��`��|�ۛ�4�=�^�}��gw�xV��>�$?�K2�n��A��Iֻ�O��`D��_,!�"�s��t��y �,פR��O��ZH c��d"�b�ڿ�a��I��=z~��&�ڈ��oȏwY"��2�Fz�U�ܿ��r��H�J_ ��׉IfF�X��f&UTm��(��C}��.��^��)�w\K$�l��T��!�[�:��se�}c�m?�Cб�� K��[��$�� Y ��߹��?B��Z�p�5�\�n�%ފ��3��{ެy�761u�)�y��T�Ǘnsi�Y|�y~w��|��i%��m��$�n�x=�_�n�H+�C�� jA|�R��J?�]i#o�,y�Ã�v��xD�Xi��~ck��Y.{�L�%2%A��&��#�b��bS1mE�Uᠹ��LYHF�u�ؾRտ�M��t{��dr��ɜ��RLF.�oY�O��y3��.�s��=*��t�u�'��E̼f#�/j��^�oq�ז2�6�O�ٶ| )�v��s�po��:�3��:��Ю��?��0��L�uq��+�+~�Y$�<�A��R�HwL�Hy��1��Gj I��}�� /�þ��M�=�`֥K( 0j�C�r�r��ho�s�/u��n�lHT�y�*��L��QM��&/��6��B*��-4�C Gx��3��0쮼M��i��3| @L8�Nkow54�r��W_ݡ�$��iϢ>F;^��*Ɖ��Q�*`Bc`Z�ͫ��'�,��%x�?(��ٶe-[��9s��dw�S��'R�c[9ƻR�֭��đ9�!~ ��ډ��Q�g!�N�@�2N��5�b��X��nhߓ�ȳ��Ff�'��2`q��Z�X��%��jn��$NH|�Q�?�K��i�y��k��y��v[��n��V��<t��J��&�J�{[��¨t�MCp5��'��E.ы�"HJ�?��`I��_��$Z|ئק*��&;ẃ6L;e=�P�Ɋb�lx�jhԛ*��!Q=�3��U�9�E��+x?��E5k2�Hw�6G��[��eKʴ�a6#e%�۱+�(��$��`O�gx�\��Ř[��W��6ξ�%'��G�,��e��X��*I��@�F鬹�9,e�D�"�SnU>�56�ĩ�Q( ��N|)�Sq��q��ʪ�slr�_n��Zm��(�G=%C��a�h�Ma��rW� ��.p��*ָ�"�Z��Cʗ� �� g��y�+*ѬŇ��L�؄e��M��ۢ�B��NK�.DrB0j&��f(O��p$ّic%8jR.h�-O��w�� }K��g9hܵ�;��\��+�ʲ��g�謏/��3M�E�&��r��Р�4�6��4��=d�0�{KH��*�5κ�'�@,C�)��k !�e�8-�fE��W采4WN�� ƴ�q�dP ��lCɀ2��ENTΖ�C�@">�͢��js�֊l�ُ��DYt�+�l7�tx�: �V-s�

Sections

.text
Size: - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1019KB - Virtual size: 1018KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FireFoxExt/CCBFirefoxNativeHost.json
FireFoxExt/ccb_extention_for_usbkey-fx.xpi
.zip

Password: infected
META-INF/cose.manifest
META-INF/cose.sig
META-INF/manifest.mf
META-INF/mozilla.rsa
META-INF/mozilla.sf
background.js
.js
content.js
.js
icon-128.png
.png

Password: infected
manifest.json
FireFoxExt/uninstExtension.exe.nsis
$PLUGINSDIR/CCB_DM_LCD_silent_x64.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:53:18:ce:1f:ad:ce:ac:d3:0d:87:06:05:25:e1:51
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

08/07/2015, 00:00

Not After

06/10/2018, 23:59

Subject

CN=Beijing Daming Wuzhou Science & Technology Co.\,Ltd.,OU=Research and Development Department,O=Beijing Daming Wuzhou Science & Technology Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e3:3c:bf:40:65:8b:32:af:64:4e:04:6c:dc:9c:f0:e9:5a:c1:57:4b:b7:75:37:ea:71:ae:ad:16:a8:23:86:2a
Signer

Actual PE Digest

e3:3c:bf:40:65:8b:32:af:64:4e:04:6c:dc:9c:f0:e9:5a:c1:57:4b:b7:75:37:ea:71:ae:ad:16:a8:23:86:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CCB_HDZB_USBKEY_1G_Setup_S64.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:3b:20:cd:e0:15:a8:db:00:12:01:e3:d0:33:0e:f0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/03/2023, 00:00

Not After

28/03/2026, 23:59

Subject

SERIALNUMBER=91110105769354027J,CN=Beijing Huada Zhibao Electronic System Co.\, Ltd.,O=Beijing Huada Zhibao Electronic System Co.\, Ltd.,ST=北京市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e69c9de998b3e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e58c97e4baace5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

24:18:f4:2b:0c:2f:7a:a9:c1:3b:03:0b:2b:94:80:56:f1:b7:fb:01:94:51:33:26:59:75:5a:3b:41:65:e9:b7
Signer

Actual PE Digest

24:18:f4:2b:0c:2f:7a:a9:c1:3b:03:0b:2b:94:80:56:f1:b7:fb:01:94:51:33:26:59:75:5a:3b:41:65:e9:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/CCB_HDZB_USBKEY_2G_Setup_S64.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:3b:20:cd:e0:15:a8:db:00:12:01:e3:d0:33:0e:f0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/03/2023, 00:00

Not After

28/03/2026, 23:59

Subject

SERIALNUMBER=91110105769354027J,CN=Beijing Huada Zhibao Electronic System Co.\, Ltd.,O=Beijing Huada Zhibao Electronic System Co.\, Ltd.,ST=北京市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e69c9de998b3e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e58c97e4baace5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d6:60:31:9f:80:0b:e7:77:90:85:55:53:ed:09:01:30:d4:34:68:cd:5c:f7:c8:b0:f6:01:08:aa:ef:ec:b8:b4
Signer

Actual PE Digest

d6:60:31:9f:80:0b:e7:77:90:85:55:53:ed:09:01:30:d4:34:68:cd:5c:f7:c8:b0:f6:01:08:aa:ef:ec:b8:b4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InterPass3000_CCB_s.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

40:60:80:81:90:c7:c8:87:13:28:bc:48:53:fb:71:35
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20/09/2019, 00:00

Not After

19/10/2022, 23:59

Subject

CN=Feitian Technologies Co.\, Ltd.,O=Feitian Technologies Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

40:60:80:81:90:c7:c8:87:13:28:bc:48:53:fb:71:35
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

20/09/2019, 00:00

Not After

19/10/2022, 23:59

Subject

CN=Feitian Technologies Co.\, Ltd.,O=Feitian Technologies Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b4:77:4b:42:0e:84:28:5b:71:a8:fe:de:af:de:e1:07:10:60:13:3d:91:b1:e8:21:c2:4e:5d:56:b3:a6:e2:86
Signer

Actual PE Digest

b4:77:4b:42:0e:84:28:5b:71:a8:fe:de:af:de:e1:07:10:60:13:3d:91:b1:e8:21:c2:4e:5d:56:b3:a6:e2:86

Digest Algorithm

sha256

PE Digest Matches

true

8d:f0:6c:e1:84:a5:57:73:64:44:4a:85:c7:1a:2c:1a:a2:f2:9b:d7
Signer

Actual PE Digest

8d:f0:6c:e1:84:a5:57:73:64:44:4a:85:c7:1a:2c:1a:a2:f2:9b:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 644KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/OnKey_Install_Silent.exe
.exe windows:4 windows x86 arch:x86

61259b55b8912888e90f516ca08dc514

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

05:df:08:f7:9d:ab:41:9a:13:3e:d9:d7:f8:49:01:d9
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

23/08/2023, 00:00

Not After

22/08/2024, 23:59

Subject

CN=Tendyron Corporation,O=Tendyron Corporation,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e5:69:be:95:a6:46:b4:55:ee:8d:0d:b7:65:59:f4:dd:e4:23:f3:bb
Signer

Actual PE Digest

e5:69:be:95:a6:46:b4:55:ee:8d:0d:b7:65:59:f4:dd:e4:23:f3:bb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinBtn.dll
.dll windows:4 windows x86 arch:x86

baf2d405231cd43dae48df474a521d01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpynA
GetModuleHandleA
GlobalFree

user32

InvalidateRect
GetParent
SetWindowLongA
CallWindowProcA
GetPropA
SendMessageA
DrawTextA
DrawStateA
LoadImageA
RemovePropA
GetWindowLongA
SetPropA

gdi32

GetObjectA
CreateCompatibleDC
DeleteObject
SelectObject
DeleteDC
SetBkMode

msimg32

TransparentBlt

comctl32

_TrackMouseEvent

Exports

Exports

Init
Set
onClick

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 947B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinProgress.dll
.dll windows:4 windows x86 arch:x86

df38729be926f91d3390389029adf53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalAlloc
GlobalFree
GetModuleHandleA

user32

GetWindowRect
BeginPaint
GetWindowDC
CallWindowProcA
ReleaseDC
EndPaint
GetWindowLongA
GetPropA
SetPropA
SetWindowLongA
RemovePropA
LoadImageA
SendMessageA

gdi32

DeleteDC
BitBlt
CreateCompatibleBitmap
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteObject

Exports

Exports

Set

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 797B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WDCCB_32+64bit.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fa:ec:b7:2b:7c:16:7f:89:f0:b9:95:58:67:02:19:dc:2d:67:2b:86:ef:19:53:2a:da:0f:b4:bb:48:10:fb:31
Signer

Actual PE Digest

fa:ec:b7:2b:7c:16:7f:89:f0:b9:95:58:67:02:19:dc:2d:67:2b:86:ef:19:53:2a:da:0f:b4:bb:48:10:fb:31

Digest Algorithm

sha256

PE Digest Matches

true

4f:c9:d6:7b:b4:a3:a5:c8:ea:c5:85:e9:e9:a7:66:a8:63:53:59:e5
Signer

Actual PE Digest

4f:c9:d6:7b:b4:a3:a5:c8:ea:c5:85:e9:e9:a7:66:a8:63:53:59:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Warning.bmp
$PLUGINSDIR/WndProc.dll
.dll windows:4 windows x86 arch:x86

b3f659d7637a91b4fec12ff9b930080d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
GlobalAlloc

user32

CallWindowProcA
SetWindowLongA
GetPropA
SetPropA
wsprintfA

Exports

Exports

onCallback

Sections

.text
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/bg.bmp
$PLUGINSDIR/bg_check.bmp
$PLUGINSDIR/btn_close.bmp
$PLUGINSDIR/btn_no.bmp
$PLUGINSDIR/btn_ok.bmp
$PLUGINSDIR/check.bmp
$PLUGINSDIR/failed.bmp
$PLUGINSDIR/loading1.bmp
$PLUGINSDIR/loading2.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:4 windows x86 arch:x86

c9fc7f6df8fedf8f8f1f9f820c072664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
lstrcpynA
GlobalAlloc

Exports

Exports

_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsWindows$_12_.dll
.dll windows:4 windows x86 arch:x86

8baa37b4b9803e205026a5e2d38eebac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapAlloc
lstrcpyA
HeapFree
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetCurrentDirectoryA
GetProcessHeap
SetCurrentDirectoryA

user32

IsIconic
GetDlgItem
RemovePropA
DestroyWindow
DrawFocusRect
GetWindowLongA
DrawTextA
ShowWindow
CallWindowProcA
SetCursor
LoadCursorA
SetWindowPos
MapWindowPoints
CreateWindowExA
RegisterClassA
LoadIconA
GetWindowRect
IsWindow
SetWindowLongA
SetPropA
SetTimer
KillTimer
SetLayeredWindowAttributes
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
wsprintfA
SetForegroundWindow
GetPropA
CharPrevA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
GetWindowTextA

gdi32

SetTextColor
GetStockObject

shell32

DragQueryFileA
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetTransparent
SetUserData
Show
onDropFiles

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/title-install.bmp
$PLUGINSDIR/title-welcome.bmp
$PROGRAMFILES64/CCBComponents/Detector/Ccb_Cert_dmwz_GM.dll
.dll windows:5 windows x64 arch:x64

f9c654c3fe05bd778668ef4c2347b15f

Code Sign

b5:a8:73:64:50:8f:2b:ac:38:4a:ee:9a:99:3c:9e:90:54:77:fb:52
Signer

Actual PE Digest

b5:a8:73:64:50:8f:2b:ac:38:4a:ee:9a:99:3c:9e:90:54:77:fb:52

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\DMWZ\建行\00.代码\改造\huanzhengku\Ccb_Cert_dmwz_GM\x64\Release\Ccb_Cert_dmwz_GM.pdb

Imports

kernel32

HeapSize
HeapQueryInformation
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapSetInformation
HeapCreate
HeapDestroy
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
RtlPcToFileHeader
RaiseException
ExitProcess
RtlUnwindEx
GetCommandLineA
FlsSetValue
HeapReAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
lstrlenA
GetCurrentProcessId
GlobalAddAtomW
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GlobalFree
GlobalUnlock
FormatMessageW
lstrlenW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
GlobalLock
lstrcmpW
GlobalAlloc
GetSystemInfo
GetSystemDefaultLCID
GetSystemTime
GetCurrentThreadId
LocalFree
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
LockResource
LocalAlloc
Process32FirstW
GetLocalTime
GetProcAddress
GetLastError
MultiByteToWideChar
FileTimeToSystemTime
GetVersionExW
SizeofResource
Sleep
LoadLibraryW
WideCharToMultiByte
GetSystemDirectoryW
GetModuleHandleW
CompareFileTime
SystemTimeToFileTime
LoadResource
FreeLibrary
FindResourceW
GetTempPathA
GetPrivateProfileStringA
GetExitCodeProcess
GetPrivateProfileIntA
WaitForSingleObject
GetEnvironmentStrings
SetLastError

user32

DestroyMenu
ShowWindow
LoadIconW
WinHelpW
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorW
GetSystemMetrics
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetTopWindow
GetWindow
GetDlgCtrlID
GetWindowRect
GetWindowLongW
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
RegisterWindowMessageW
PostMessageW
SetForegroundWindow
GetActiveWindow

gdi32

TextOutW
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
CryptAcquireContextW
RegCreateKeyExW
CryptReleaseContext
RegQueryValueExW
CryptGetProvParam
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathFileExistsA

oleaut32

VariantClear
VariantChangeType
VariantInit

crypt32

CertNameToStrA
CertDuplicateCertificateContext
CryptMsgGetParam
CryptEncodeObjectEx
CertEnumCertificatesInStore
CryptVerifyCertificateSignature
CertGetCertificateContextProperty
CryptMsgUpdate
CertGetNameStringA
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObjectEx
CertOpenStore
CertAddEncodedCertificateToStore
CertGetNameStringW
CryptMsgOpenToDecode
CertFindRDNAttr
CertSetCertificateContextProperty
CertDeleteCertificateFromStore
CertCreateCertificateContext
CryptMsgClose

ws2_32

htonl

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ccb_Cert
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES64/CCBComponents/Detector/Ccb_Cert_ftsafe_GM.dll
.dll windows:5 windows x64 arch:x64

e110e01f3112da6be3044bb6044aa784

Code Sign

bf:4e:7e:81:83:6a:a6:97:42:e7:27:72:c2:91:2b:e3:56:e0:d5:e9
Signer

Actual PE Digest

bf:4e:7e:81:83:6a:a6:97:42:e7:27:72:c2:91:2b:e3:56:e0:d5:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\svn\es\shuttle\project_branches\InterPass3000_CCB_4BTN_NewGM\source\output\x64\Release\IS3000\Ccb_Cert_ftsafe_GM.pdb

Imports

crypt32

CryptDecodeObjectEx
CertFindRDNAttr
CertRDNValueToStrW
CertEnumCertificatesInStore
CryptMsgOpenToDecode
CryptMsgUpdate
CryptMsgGetParam
CryptMsgClose
CertFindExtension
CryptDecodeObject
CertGetIntendedKeyUsage
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertOpenStore
CertCloseStore
CertCompareCertificate
CertCreateCertificateContext
CryptVerifyCertificateSignature
CertFreeCertificateContext

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetEnvironmentStringsW
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
FlsAlloc
FlsFree
FlsGetValue
DecodePointer
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapSetInformation
GetModuleFileNameA
HeapQueryInformation
HeapSize
ExitProcess
HeapReAlloc
GetCommandLineA
FlsSetValue
ExitThread
GetSystemTimeAsFileTime
RaiseException
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlPcToFileHeader
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
lstrcmpA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateThread
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
GetCurrentProcess
GetCurrentThread
GetModuleFileNameW
GetUserDefaultLangID
GetTickCount
FormatMessageW
GetStdHandle
GetCurrentThreadId
MulDiv
CreateMutexW
InitializeCriticalSection
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
LocalFree
CreateFileW
GetFileSize
ReadFile
CloseHandle
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
Sleep
WideCharToMultiByte
GetSystemDirectoryW
CreateProcessW
SystemTimeToFileTime
LocalAlloc
OutputDebugStringW
FreeLibrary
GetCurrentProcessId
FileTimeToSystemTime
GetUserDefaultUILanguage
GetCPInfo
lstrlenA
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
lstrlenW
lstrcmpiW
GetVersion
GetVersionExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

DeferWindowPos
DefWindowProcW
GetMenu
SetWindowLongW
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
PeekMessageW
EqualRect
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetCursorPos
ValidateRect
GetMenuStringW
DestroyMenu
GetDlgItem
LoadCursorW
IsWindowVisible
SetPropW
SetWindowLongPtrW
GetPropW
CallWindowProcW
SetTimer
SetWindowsHookExW
GetAsyncKeyState
GetKeyboardState
ToAscii
CallNextHookEx
GetWindowLongPtrW
KillTimer
GetClassInfoExW
GetWindowTextLengthW
UnhookWindowsHookEx
IsWindow
GetWindowTextW
SetWindowTextW
GetWindow
GetDlgCtrlID
GetClassNameW
MessageBeep
LoadIconW
MapDialogRect
GetFocus
GetSystemMenu
EnableMenuItem
SetWindowPos
SetForegroundWindow
SetActiveWindow
PtInRect
UpdateWindow
MessageBoxW
CreateWindowExW
SetMenu
TrackPopupMenu
MapWindowPoints
SetRect
CopyRect
LoadBitmapW
FillRect
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuW
GetDC
ReleaseDC
GetDesktopWindow
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetLastActivePopup
RemovePropW
GetClassLongPtrW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
SetRectEmpty
CheckMenuItem
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
MoveWindow
ShowWindow
IsWindowEnabled
EndDialog
CreateDialogIndirectParamW
PostQuitMessage
UnregisterClassW
GetForegroundWindow
GetWindowThreadProcessId
EnableWindow
GetSysColor
SetFocus
RegisterWindowMessageW
DestroyCursor
GetIconInfo
PostMessageW
SetCursor
IsMenu
GetWindowLongW
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageW
DrawFocusRect
FrameRect
OffsetRect
InflateRect
DrawStateW
GetMenuItemInfoW
GetSystemMetrics
SystemParametersInfoW
DrawIconEx
DestroyIcon
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetSysColorBrush

gdi32

IntersectClipRect
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
RoundRect
CreateRectRgnIndirect
GetTextMetricsW
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextExtentPoint32W
SetPixel
GetPixel
BitBlt
PatBlt
Ellipse
GetBkMode
GetDeviceCaps
CreateCompatibleDC
GetObjectW
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreateCompatibleBitmap

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptDestroyHash
CryptSignHashW
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptExportKey
CryptGetDefaultProviderW
RegSetValueExW
RegCreateKeyExW
CryptDestroyKey
CryptSetKeyParam
CryptGetUserKey
CryptGetKeyParam
CryptGenKey
CryptGetProvParam
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
CryptGenRandom
RegEnumKeyW
InitializeSecurityDescriptor

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateGuid
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString

comctl32

_TrackMouseEvent

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
PerformanceCryptSign
Repair
WriteParam

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES64/CCBComponents/Detector/Ccb_Cert_hdzb_GM.dll
.dll windows:5 windows x64 arch:x64

678d72dbd2c1c7670f68f957fb852901

Code Sign

43:f0:31:c7:f6:2b:c7:af:53:86:b7:ef:3f:70:7c:c0:52:c1:c1:8a
Signer

Actual PE Digest

43:f0:31:c7:f6:2b:c7:af:53:86:b7:ef:3f:70:7c:c0:52:c1:c1:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\10.1.10.3\建行中间件\开发库\PC\trunk\srcNewUI\CCB_CERT_HDZB_SHELL\x64\Release_GM\Ccb_Cert_hdzb_GM.pdb

Imports

kernel32

GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
GetLastError
FlsAlloc
HeapFree
Sleep
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES64/CCBComponents/Detector/Ccb_Cert_watchdata2G_GM.dll
.dll windows:5 windows x64 arch:x64

df16f7163c665f140c7398dfe6ecc8eb

Code Sign

f8:27:0f:e3:f9:46:38:9f:69:b0:70:17:12:4a:d5:e2:82:d1:25:74
Signer

Actual PE Digest

f8:27:0f:e3:f9:46:38:9f:69:b0:70:17:12:4a:d5:e2:82:d1:25:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwindEx
Sleep
ExitProcess
RaiseException
RtlPcToFileHeader
HeapSize
HeapQueryInformation
HeapReAlloc
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
RtlLookupFunctionEntry
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
HeapAlloc
GetCommandLineA
FlsSetValue
GetOEMCP
GetCPInfo
GetModuleHandleW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
FormatMessageA
MultiByteToWideChar
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
lstrlenA
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalUnlock
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetModuleFileNameW
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
WideCharToMultiByte
CompareStringA
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeEnvironmentStringsW
FreeLibrary

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuItemID
GetSubMenu
GetWindow
GetDlgCtrlID
GetWindowRect
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
GetMessagePos
GetMenuState
ModifyMenuA
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuItemCount
UnregisterClassA
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
SelectObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
SetViewportOrgEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

CryptSign
Detect
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAMFILES64/CCBComponents/Detector/mfc100.dll
.dll windows:5 windows x64 arch:x64

511e84a713b81c45523831aabd208e9c

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d7:f7:74:2a:18:77:4a:09:51:46:cf:69:d8:1f:3d:db:2c:03:7e:e5
Signer

Actual PE Digest

d7:f7:74:2a:18:77:4a:09:51:46:cf:69:d8:1f:3d:db:2c:03:7e:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

mfc100.amd64.pdb

Imports

kernel32

GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomA
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameA
GetAtomNameA
SuspendThread
ResumeThread
SetEvent
CopyFileA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
FormatMessageA
SetFileAttributesA
LocalFileTimeToFileTime
GetFileAttributesExA
GetFileSizeEx
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetStringTypeExA
GetThreadLocale
FindClose
FindFirstFileA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntA
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
VirtualProtect
RaiseException
lstrcpyW
lstrcmpW
lstrlenW
GetVersion
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
GetCurrentProcessId
SetErrorMode
GlobalDeleteAtom
CompareStringA
GetCurrentThread
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
LoadLibraryExA
SearchPathA
GlobalSize
GetFileAttributesA
SizeofResource
GetFileSize
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GetLocaleInfoA
GetNumberFormatA
lstrcmpiA
GetWindowsDirectoryA
GetTickCount
GlobalFree
FindResourceA
lstrcmpA
GetCurrentDirectoryA
Sleep
SetFilePointer
CreateFileA
GetTempFileNameA
GetTempPathA
CloseHandle
GetModuleHandleW
FreeLibrary
GetVersionExA
GetSystemDirectoryW
MulDiv
GetOEMCP
GetCPInfo
lstrlenA
LoadLibraryW
DeleteFileA
GetACP
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource

msvcr100

_CxxThrowException
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
iswspace
_wcsrev
wcspbrk
_wcsicoll
wcsstr
_wcsupr_s
_wcslwr_s
vswprintf_s
_mbsrev
wcscoll
memmove
_vscwprintf
wcschr
_expand
_msize
strncpy_s
_beginthreadex
_endthreadex
_snwprintf_s
wcsncpy_s
_ultoa_s
fclose
fflush
ftell
fseek
fgets
fputs
fwrite
clearerr_s
ferror
feof
fread
__CxxFrameHandler3
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
_fullpath
_mbsdec
realloc
strtoul
_vsnprintf_s
_snscanf_s
wcscmp
_mktime64
_mbsnbicmp
_ltoa_s
_itoa_s
wcsrchr
sprintf_s
_mbsnbcpy_s
_ismbblead
_strnicmp
__argv
__argc
strcat_s
wcstoul
_snprintf_s
_errno
_recalloc
_resetstkoflw
strtod
_time64
_makepath_s
_strdup
_beginthread
_endthread
_localtime64_s
wcstombs_s
wcsnlen
sscanf_s
memcmp
atol
_mbctolower
_mbctoupper
_ismbcprint
_ismbcalnum
_ismbcalpha
_ismbcdigit
strcpy_s
wcscpy_s
_mbsnbcmp
wcscat_s
_mbsicoll
_mbscoll
_splitpath_s
exp
ceil
fabs
floor
sin
cos
abs
memcpy
clock
_mbsspn
_mbscspn
_mbsrchr
_mbspbrk
_mbsicmp
atan2
sqrt
calloc
_mbsupr_s
atoi
ldiv
labs
malloc
free
_mbsstr
_ismbcspace
_mbsinc
_mbschr
_vscprintf
vsprintf_s
_mbscmp
_wcsicmp
wcsspn
wcscspn
wmemcpy_s
wcslen
_purecall
strnlen
toupper
_mbslwr_s
memset
strlen
memmove_s
memcpy_s
abort
strtol

user32

GetWindowTextLengthA
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
GetPropA
RemovePropA
SetPropA
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextA
SetWindowContextHelpId
IsDialogMessageA
ClipCursor
SendNotifyMessageA
InSendMessage
GetMenuStringA
WindowFromDC
SetScrollRange
AdjustWindowRectEx
GetTabbedTextExtentA
CountClipboardFormats
LoadBitmapA
GetMenu
SetMenu
GetClassLongA
GetClassInfoExA
GetWindowLongPtrA
CreateWindowExA
SetWindowPlacement
TrackPopupMenuEx
RegisterClassA
WinHelpA
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
SendDlgItemMessageA
LoadAcceleratorsA
LoadMenuA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
GetMenuBarInfo
GetWindowDC
BeginPaint
EndPaint
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
SetWindowLongPtrA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
DrawEdge
CharUpperBuffA
RegisterClipboardFormatA
InsertMenuA
IsWindowEnabled
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextA
EnumChildWindows
InvertRect
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
SetFocus
GetMessageA
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoA
CheckMenuItem
GetMenuState
GrayStringA
LoadIconW
LoadImageW
CharUpperA
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyCursor
IsClipboardFormatAvailable
GetClassLongPtrA
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuA
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuA
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
LoadCursorA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcA
GetClassInfoA
PostThreadMessageA
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsW
GetCapture
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconA
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongA
CopyImage
GetIconInfo
FillRect
LoadImageA
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageA
DestroyIcon
GetClassNameA
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageA
DeferWindowPos
EqualRect
DrawTextExA
DrawTextA
TabbedTextOutA
InvalidateRgn
MoveWindow
CreateMenu
SetActiveWindow
SetWindowTextA
CallWindowProcA
GetSysColorBrush
SetClassLongPtrA
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageA
InvalidateRect
RedrawWindow
IsWindow
SetRect
EnableWindow
IsCharLowerA
GetKeyNameTextA
GetKeyboardLayout
MapVirtualKeyExA
DrawStateA

gdi32

GetMapMode
CreateDIBPatternBrushPt
ExtCreatePen
EnumMetaFile
PlayMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
GetClipRgn
SelectClipPath
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
UnrealizeObject
CopyMetaFileA
AbortDoc
DPtoLP
StartDocA
SetAbortProc
SetBrushOrgEx
CreateDCA
IntersectClipRect
SetWindowOrgEx
GetWindowOrgEx
GetTextExtentPointA
GetTextExtentPoint32W
ScaleWindowExtEx
SetWindowExtEx
SetMapMode
SetTextColor
GetViewportExtEx
GetWindowExtEx
GetTextFaceA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetBkMode
GetROP2
RestoreDC
SaveDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
MoveToEx
GetCurrentPositionEx
GetTextAlign
GetClipBox
Escape
TextOutA
RectVisible
PtVisible
GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
GetCharWidthA
CreateFontA
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutA
Polyline
GetDIBits
SelectPalette
SetBkColor
CreateBitmap
SetDIBColorTable
StretchBlt
EnumFontFamiliesExA
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
GetCurrentObject
DeleteDC
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesA
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectA
GetBkColor
Ellipse
SetPixel
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetTextExtentPoint32A
GetObjectA
CreateSolidBrush
CreateCompatibleDC
DeleteObject
SelectObject
GetObjectType
GetTextColor
Polygon
Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
GetTextMetricsA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
SHStrDupW
UrlUnescapeA

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_DrawEx
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize

msimg32

TransparentBlt
AlphaBlend

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCBControl.dll
.dll regsvr32 windows:5 windows x86 arch:x86

5692b6239833473a61b8ffed5c7f4d65

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7d:3d:6f:95:a7:40:55:41:05:32:8c:c4:5d:34:65:d1:11:5b:24:b9:1f:cd:b9:5b:ec:d9:74:00:ff:a2:fc:e2
Signer

Actual PE Digest

7d:3d:6f:95:a7:40:55:41:05:32:8c:c4:5d:34:65:d1:11:5b:24:b9:1f:cd:b9:5b:ec:d9:74:00:ff:a2:fc:e2

Digest Algorithm

sha256

PE Digest Matches

true

dc:77:87:d9:6e:14:7c:88:c4:2b:d6:98:f6:79:d9:b5:c0:e7:48:8b
Signer

Actual PE Digest

dc:77:87:d9:6e:14:7c:88:c4:2b:d6:98:f6:79:d9:b5:c0:e7:48:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
lstrlenA
MoveFileA
InitializeCriticalSection
CreateFileA
CreateDirectoryA
CloseHandle
FlushFileBuffers
WriteFile
GetCurrentThreadId
LocalFree
FormatMessageW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetThreadLocale
SetThreadLocale
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
InterlockedIncrement
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
LoadLibraryW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileW
MultiByteToWideChar
DeleteCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
DeleteFileA
GetLocalTime
GetCommandLineA
ExitProcess
GetStdHandle
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA

user32

LoadStringW
CharNextW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptSignHashW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetFolderPathA

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
ProgIDFromCLSID

oleaut32

LoadRegTypeLi
CreateErrorInfo
SetErrorInfo
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

cryptui

CryptUIDlgSelectCertificateFromStore

crypt32

CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenSystemStoreW
CertCloseStore
CertGetNameStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCBNetSignCom.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8dee353a812b5dff0236bdd313a12919

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:f2:b0:ba:d1:96:12:c5:ee:0e:3c:f6:c2:fb:0d:61:42:05:65:bd
Signer

Actual PE Digest

dd:f2:b0:ba:d1:96:12:c5:ee:0e:3c:f6:c2:fb:0d:61:42:05:65:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

htonl

crypt32

CryptEncodeObjectEx
CertOpenStore
CertEnumCertificateContextProperties
CertOIDToAlgId
CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertNameToStrA
CertFindCertificateInStore

kernel32

FindFirstFileA
TerminateProcess
GetTempPathA
CreateDirectoryA
lstrcmpA
LCMapStringA
GetSystemDefaultLangID
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
CreateFileA
FlushFileBuffers
SetStdHandle
DeleteFileA
GetCPInfo
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
WriteFile
CloseHandle
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
ExitProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetVersion
GetCommandLineA
RaiseException
HeapReAlloc
HeapAlloc
FindClose
LockResource
GlobalHandle
GlobalFree
FreeResource
FileTimeToSystemTime
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
HeapSize
InterlockedDecrement
LoadLibraryA
GetProcAddress
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
LocalFree
RtlUnwind
HeapFree

user32

GetClientRect
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
DestroyWindow
DefWindowProcA
GetDC
ReleaseDC
CharNextA
SetFocus
IsWindow
EndPaint
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetClassNameA
RedrawWindow
FillRect
GetSysColor
GetWindowRect
SystemParametersInfoA
MapWindowPoints
ShowWindow
SendMessageA
EndDialog
MessageBoxA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindow
RegisterWindowMessageA
DialogBoxIndirectParamA
GetActiveWindow
LoadStringA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetKeyState
InvalidateRect
GetParent
BeginPaint

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
CreateMetaFileA
SetWindowExtEx
CloseMetaFile
CreateRectRgnIndirect
Rectangle
SetTextAlign
TextOutA
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
DeleteMetaFile

advapi32

CryptGetProvParam
CryptGetHashParam
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
CryptReleaseContext
CryptDestroyHash
CryptSignHashA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegDeleteKeyA

shell32

ShellExecuteExA

ole32

OleLockRunning
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringByteLen
OleCreateFontIndirect
SysAllocStringLen
SysAllocStringByteLen
OleCreatePropertyFrame
SysFreeString
VariantChangeType
VariantClear
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCBSignCom.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

910fe4adf8cff0c8776fce03e839b689

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:60:a8:52:2a:39:55:0a:ca:ec:46:82:bb:42:98:a2:dd:6a:1e:4e
Signer

Actual PE Digest

7c:60:a8:52:2a:39:55:0a:ca:ec:46:82:bb:42:98:a2:dd:6a:1e:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6354
ord1216
ord1168
ord6467
ord1227
ord6042
ord823
ord1877
ord4249
ord2486
ord2687
ord4006
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord1226
ord1210
ord2727
ord2730
ord2729
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2876
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord2954
ord6055
ord4078
ord1776
ord5199
ord3136
ord2384
ord5163
ord6370
ord2724
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord3946
ord2614
ord540
ord800
ord423
ord2860
ord2541
ord4949
ord641
ord2514
ord324
ord1601
ord2818
ord5572
ord2915
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord5265
ord4376
ord4853
ord4998
ord4713
ord6052
ord1775
ord2385
ord6371
ord5286
ord4438
ord3279
ord4625
ord4425
ord449
ord746
ord2278
ord537
ord860
ord941
ord4710
ord6374
ord5280
ord4627
ord3597
ord4234
ord1768
ord6199
ord3092
ord2379
ord1200
ord4224
ord1132
ord3952
ord825
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord561
ord3670
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord2985
ord4353
ord3262
ord5300
ord1089
ord3922
ord5731
ord3346
ord5241
ord2396
ord2512
ord2554
ord4486
ord6375
ord4407
ord815
ord1131

msvcrt

__CxxFrameHandler
calloc
free
wcslen
_itoa
malloc
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
memmove
printf
fopen
fclose
realloc
toupper
iswdigit
strchr
_CxxThrowException
strstr
sprintf
fwrite

kernel32

LocalFree
GetLastError
FileTimeToSystemTime
CreateDirectoryA
GetTempPathA
TerminateProcess
FindFirstFileA
DeleteFileA
FindClose
GetSystemDefaultLangID
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc

user32

FillRect
SendMessageA
EnableWindow

gdi32

Ellipse
GetStockObject

advapi32

CryptAcquireContextA
CryptHashData
CryptSignHashA
CryptDestroyHash
CryptReleaseContext
CryptGetHashParam
CryptGetProvParam
CryptCreateHash

shell32

ShellExecuteExA

oleaut32

VariantClear
LoadRegTypeLi

crypt32

CertCloseStore
CryptEncodeObjectEx
CertFindCertificateInStore
CertNameToStrA
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertFreeCertificateContext
CertOIDToAlgId
CertEnumCertificateContextProperties
CertOpenStore

ws2_32

htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCB_B2B_NetSign.dll
.dll regsvr32 windows:4 windows x86 arch:x86

aa5531ecbff723b149fb7f029f835b73

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:06:62:fe:6b:a7:6a:3c:5d:c2:04:99:48:9e:2f:21:e4:e2:39:1e
Signer

Actual PE Digest

9d:06:62:fe:6b:a7:6a:3c:5d:c2:04:99:48:9e:2f:21:e4:e2:39:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc
FindResourceA
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
GetCurrentProcess
InterlockedIncrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateFileA
WriteFile
CloseHandle
lstrlenA
GetLastError
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
lstrcmpA
lstrcatA
lstrcpyA
FileTimeToSystemTime
ReadFile
GetFileSize
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
SizeofResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
LCMapStringA
GetSystemDefaultLangID
FlushInstructionCache

user32

CallWindowProcA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DialogBoxIndirectParamA
SetWindowLongA
GetSysColor
MessageBoxA
GetActiveWindow
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
SetWindowPos
IsWindow
RedrawWindow
GetClassNameA
GetParent
SetFocus
LoadStringA
GetDesktopWindow
CreateAcceleratorTableA
DestroyWindow
wsprintfA
CreateWindowExA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
EndDialog
MapWindowPoints
SystemParametersInfoA
GetWindowRect
GetKeyState
PtInRect
UnionRect
ShowWindow
CharNextA
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
IsChild

gdi32

SaveDC
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetTextExtentPointA
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
CreateMetaFileA
SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA
SetTextAlign
Rectangle
SetWindowOrgEx

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptDestroyHash
CryptSignHashA
CryptHashData
CryptCreateHash
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

shell32

SHGetSpecialFolderPathA

ole32

OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemAlloc
WriteClassStm
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleSaveToStream
CreateOleAdviseHolder
StringFromCLSID
CoTaskMemRealloc
OleLockRunning

oleaut32

VarUI4FromStr
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
LoadTypeLi
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen

wsock32

ntohl

crypt32

CertFreeCertificateContext
CryptEncryptMessage
CryptSignMessage
CertFindCertificateInStore
CertCloseStore
CertNameToStrA
CertEnumCertificatesInStore
CertOpenStore
CertVerifySubjectCertificateContext
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CryptVerifyMessageSignature
CryptHashMessage
CryptVerifyDetachedMessageSignature
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CertGetNameStringA
CryptDecodeObject
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CertOpenSystemStoreA
CertCompareIntegerBlob
CryptDecryptMessage
CryptSignAndEncryptMessage
CryptDecryptAndVerifyMessageSignature
CertOIDToAlgId
CertGetCertificateContextProperty
CertEnumCertificateContextProperties

msvcrt

_open
memmove
_strdate
_strtime
fflush
_stat
fread
_filelength
_read
_tzset
_timezone
fopen
fwrite
fclose
??2@YAPAXI@Z
strcmp
strtok
strrchr
strncpy
isprint
abs
strchr
_local_unwind2
_except_handler3
printf
atoi
_CxxThrowException
__CxxFrameHandler
strcpy
strstr
_daylight
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
sprintf
realloc
calloc
strlen
strcat
??3@YAXPAX@Z
free
malloc
memset
mktime
memcmp
memcpy
_purecall
time
_errno

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCB_GMSignCom.dll
.dll regsvr32 windows:5 windows x86 arch:x86

6123eccea34d0a994e60402aec98f73c

Code Sign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:4f:03:aa:4b:18:3e:00:b7:4c:b1:1a:dc:e2:e6:9a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/08/2021, 00:00

Not After

11/08/2022, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:4f:03:aa:4b:18:3e:00:b7:4c:b1:1a:dc:e2:e6:9a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/08/2021, 00:00

Not After

11/08/2022, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:2d:1d:5f:2a:a0:46:6e:bf:51:5f:fd:27:87:61:62:de:90:f8:80:0a:a6:2c:e7:04:52:48:73:32:06:2b:bc
Signer

Actual PE Digest

22:2d:1d:5f:2a:a0:46:6e:bf:51:5f:fd:27:87:61:62:de:90:f8:80:0a:a6:2c:e7:04:52:48:73:32:06:2b:bc

Digest Algorithm

sha256

PE Digest Matches

true

70:cf:a4:ca:71:74:61:17:8b:ec:17:22:27:0c:b4:eb:6d:4d:c8:97
Signer

Actual PE Digest

70:cf:a4:ca:71:74:61:17:8b:ec:17:22:27:0c:b4:eb:6d:4d:c8:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
lstrlenW
IsProcessorFeaturePresent
InterlockedCompareExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetACP
HeapSize
ExitProcess
Sleep
GetCommandLineA
HeapReAlloc
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FlushInstructionCache
GetCurrentProcess
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LockResource
LoadLibraryA
LCMapStringA
GetSystemDefaultLangID
CreateDirectoryA
GetWindowsDirectoryA
GetVersionExA
FindClose
DeleteFileA
FindFirstFileA
TerminateProcess
GetTempPathA
FileTimeToSystemTime
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
CreateFileA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetModuleFileNameW
GlobalFree
EnumResourceLanguagesA
FormatMessageA
LocalFree
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
MultiByteToWideChar

user32

DestroyMenu
GetSysColorBrush
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CharNextA
CharNextW
DestroyWindow
DefWindowProcA
CopyRect
GetDlgCtrlID
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetNextDlgTabItem
EndDialog
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetMenuItemID
PtInRect
UnionRect
SetWindowLongA
GetWindowLongA
ShowWindow
GetClassInfoExA
LoadCursorA
ReleaseDC
GetDC
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
CallWindowProcA
SetFocus
IsChild
GetFocus
GetParent
GetKeyState
IsWindow
InvalidateRect
RegisterClassExA
CreateWindowExA
SendMessageA
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
EnableWindow
GetCapture

gdi32

DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
CreateMetaFileA
SaveDC
TextOutA
SetTextAlign
Rectangle
GetDeviceCaps
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowOrgEx
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

CryptGetProvParam
CryptSignHashA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
CryptReleaseContext
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
CryptHashData
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

ole32

OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateOleAdviseHolder

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
OleCreatePropertyFrame
SysAllocStringLen

crypt32

CertCloseStore
CertGetNameStringA
CertEnumCertificatesInStore
CertOpenStore
CertNameToStrA
CertFindCertificateInStore
CertGetCertificateContextProperty
CryptEncodeObjectEx
CertFreeCertificateContext
CertEnumCertificateContextProperties
CertOIDToAlgId

ws2_32

htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/CCB_SwxCryptSimple.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

5a30ad7fbb51814a3892f0e358c5b09d

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:40:02:24:5f:30:08:7c:f6:b1:dc:07:e4:96:f9:63
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/12/2009, 00:00

Not After

30/12/2012, 23:59

Subject

CN=Beijing Watchdata System Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Watchdata System Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bf:cd:04:a0:6b:54:4e:01:68:55:57:89:6b:b1:89:9c:52:48:46:56
Signer

Actual PE Digest

bf:cd:04:a0:6b:54:4e:01:68:55:57:89:6b:b1:89:9c:52:48:46:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertNameToStrA
CertCloseStore
CertGetCertificateContextProperty

mfc42

ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3639
ord692
ord641
ord567
ord324
ord825
ord2340
ord2302
ord1200
ord4710
ord4234
ord4853
ord858
ord4376
ord860
ord823
ord2915
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord4622
ord3670
ord561
ord3952
ord2724
ord6354
ord1216
ord1168
ord6467
ord1227
ord1131
ord1132
ord1877
ord4249
ord2486
ord2687
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord1226
ord1210
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord6366
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord3749
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord3269
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord2614
ord3946
ord423
ord2860
ord2541
ord4949
ord1601
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord4713
ord6371
ord5286
ord4438
ord3279
ord4625
ord449
ord746
ord2278
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1771
ord3597
ord4425
ord5280
ord4407
ord1775
ord6052
ord2514
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4401
ord1776
ord4078
ord6055
ord2581
ord4219
ord2024
ord2876
ord2413
ord4998
ord5265
ord800
ord540
ord1963

msvcrt

_unlink
free
malloc
__CxxFrameHandler
wcstombs
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
_except_handler3
printf
strchr
strstr
fclose
fwrite
fopen
sprintf
wcsncpy
_EH_prolog
wcslen

kernel32

LocalFree
GetModuleFileNameA
WideCharToMultiByte
lstrcatA
lstrlenA
MultiByteToWideChar
lstrcpyA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
DeleteCriticalSection
HeapDestroy
GetTempPathA
WinExec
GetLastError
LocalAlloc

user32

FillRect
SendMessageA
EnableWindow
CharNextA

gdi32

GetStockObject
Ellipse

advapi32

CryptSignHashA
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/GetLogInfo.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

0149b371879cd843ae6e4579c78512c2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

30:5d:10:85:be:f1:15:86:92:86:2b:9e:73:1f:d5:b7:c1:23:33:a4:c3:7a:84:e0:ab:aa:40:66:01:90:c3:1e
Signer

Actual PE Digest

30:5d:10:85:be:f1:15:86:92:86:2b:9e:73:1f:d5:b7:c1:23:33:a4:c3:7a:84:e0:ab:aa:40:66:01:90:c3:1e

Digest Algorithm

sha256

PE Digest Matches

true

1c:88:33:10:e9:ec:95:19:b8:2d:96:a9:7f:c7:34:13:6f:7d:10:a4
Signer

Actual PE Digest

1c:88:33:10:e9:ec:95:19:b8:2d:96:a9:7f:c7:34:13:6f:7d:10:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\FullVersion\Client\trunk\PCClient\网银获取版本号控件\GetLogInfo\Release\GetLogInfo.pdb

Imports

mfc100

ord10672
ord6128
ord13300
ord7074
ord13302
ord2661
ord3984
ord13980
ord3991
ord4401
ord4368
ord4364
ord4398
ord4419
ord4377
ord4406
ord4415
ord4385
ord4389
ord4393
ord4381
ord4410
ord4373
ord1514
ord1507
ord1509
ord1503
ord1496
ord11188
ord11190
ord12644
ord2847
ord8351
ord9994
ord6217
ord11154
ord8070
ord13289
ord10883
ord3393
ord11025
ord8235
ord13973
ord13972
ord14045
ord14062
ord14058
ord14060
ord14061
ord14059
ord2417
ord7349
ord2878
ord2881
ord12535
ord5534
ord4571
ord8811
ord5446
ord3534
ord10304
ord10336
ord8279
ord10391
ord9174
ord8248
ord9564
ord9567
ord9565
ord8074
ord8086
ord8110
ord9085
ord10609
ord9298
ord9299
ord9323
ord9752
ord8071
ord9312
ord9351
ord10487
ord9423
ord9322
ord9383
ord11103
ord9385
ord10152
ord10153
ord9370
ord10199
ord10194
ord10189
ord10329
ord9100
ord8583
ord9042
ord10145
ord9326
ord9726
ord9375
ord9376
ord7444
ord12482
ord4646
ord4427
ord9472
ord9470
ord10855
ord6958
ord4569
ord10963
ord11060
ord2945
ord12421
ord10177
ord10014
ord2950
ord11714
ord9304
ord9420
ord8022
ord1598
ord11539
ord2253
ord3477
ord6033
ord5279
ord5118
ord11411
ord8450
ord13279
ord5216
ord13278
ord2119
ord2611
ord314
ord4499
ord6547
ord6796
ord1993
ord764
ord1203
ord3223
ord8305
ord9284
ord5119
ord8347
ord11148
ord13290
ord3395
ord2416
ord12531
ord5532
ord2752
ord2973
ord2974
ord3620
ord9499
ord10360
ord10007
ord8137
ord11067
ord10394
ord9998
ord9398
ord9067
ord266
ord4623
ord4904
ord5096
ord8440
ord5108
ord4626
ord4773
ord7358
ord9283
ord12005
ord1316
ord310
ord901
ord316
ord265
ord10219
ord3661
ord4341
ord7133
ord1181
ord731
ord2006
ord1991
ord1941
ord6636
ord6634
ord6790
ord6528
ord1294
ord1313
ord1201
ord761
ord7584
ord7510
ord11726
ord5253
ord11623
ord2338
ord13767
ord4724
ord2163
ord11420
ord11421
ord13301
ord7073
ord13299
ord8486
ord3676
ord3618
ord11806
ord7091
ord1732
ord14075
ord10922
ord13181
ord2504
ord3484
ord11413
ord1885
ord2944
ord2882
ord2846
ord7144
ord13483
ord13480
ord13485
ord13482
ord13484
ord13481
ord3409
ord5238
ord11172
ord11180
ord7355
ord9449
ord11184
ord11153
ord11787
ord4622
ord4903
ord5095
ord8439
ord4881
ord5098
ord4625
ord4774
ord4606
ord5443
ord6897
ord6898
ord6888
ord4772
ord7357
ord9281
ord8304
ord6018
ord2009
ord13246
ord1929
ord1997
ord13518
ord322
ord4077
ord7140
ord1288
ord888
ord9384
ord906
ord2090
ord2052
ord2050
ord2079
ord1979
ord2040
ord3406
ord408
ord1948
ord2089
ord2087
ord1940
ord1867
ord323
ord1297
ord1886
ord1296

msvcr100

memset
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
__CxxFrameHandler3
wcsncpy
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
LocalAlloc
LocalFree
EncodePointer

user32

FillRect
EnableWindow

gdi32

Ellipse
GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi

libeay32

ord272
ord273
ord271
ord961
ord3024
ord2801
ord3171

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ListCert.dll
.dll regsvr32 windows:5 windows x86 arch:x86

362b1c44f1b42d14d1d1f9d1e7c6606a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:f1:0f:ce:68:f0:9b:fa:e5:5b:18:cd:8f:20:01:77
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

26:aa:7d:ee:08:76:b0:21:8f:0f:54:73:7e:01:5b:db:c7:10:73:ed:05:db:59:67:44:16:fa:36:a6:2a:e7:87
Signer

Actual PE Digest

26:aa:7d:ee:08:76:b0:21:8f:0f:54:73:7e:01:5b:db:c7:10:73:ed:05:db:59:67:44:16:fa:36:a6:2a:e7:87

Digest Algorithm

sha256

PE Digest Matches

true

5f:b7:ff:a8:e9:fb:5d:c0:40:42:11:d7:e1:a3:03:99:1c:6a:fd:fa
Signer

Actual PE Digest

5f:b7:ff:a8:e9:fb:5d:c0:40:42:11:d7:e1:a3:03:99:1c:6a:fd:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetACP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
Sleep
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
InterlockedCompareExchange
HeapReAlloc
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleFileNameW
GlobalFree
FormatMessageA
LocalFree
LoadLibraryExA
SetLastError
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
FlushInstructionCache
IsDBCSLeadByte
GetModuleHandleW
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
EnterCriticalSection
LoadLibraryA
FreeLibrary
LeaveCriticalSection
IsProcessorFeaturePresent
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetModuleHandleA
GetSystemTimeAsFileTime
GetProcAddress

user32

GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
GetSystemMetrics
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageTime
TranslateMessage
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateWindowExA
RegisterClassExA
InvalidateRect
GetKeyState
GetParent
GetFocus
IsChild
SetFocus
CallWindowProcA
BeginPaint
MessageBoxA
IsWindow
CharNextA
CharNextW
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC
LoadCursorA
GetClassInfoExA
ShowWindow
GetWindowLongA
SetWindowLongA
UnionRect
GetTopWindow
GetDlgItem
GetForegroundWindow
GetMessageA
DestroyWindow
DefWindowProcA
PtInRect
DestroyMenu
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
DispatchMessageA
RemovePropA

gdi32

SetTextColor
GetClipBox
DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
SetBkColor
CreateBitmap
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
Rectangle
TextOutA
SetTextAlign

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

OleSaveToStream
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
WriteClassStm

oleaut32

OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertNameToStrA
CertOpenStore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/WDGetDeviceCaps.dll
.dll windows:4 windows x86 arch:x86

e0da1190d9fa88306e52d2bb4b4a0151

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord2512
ord6375
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord2554
ord3081
ord4486
ord1255
ord6467
ord2976
ord4274
ord269
ord826
ord600
ord1578
ord1116

msvcrt

__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
??2@YAPAXI@Z

kernel32

LocalFree
LocalAlloc

user32

GetDC

gdi32

GetDeviceCaps

Exports

Exports

WDGetDeviceCaps

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/capicom.dll
.dll regsvr32 windows:6 windows x86 arch:x86

817acf67b593a3bed6b4a50e83400d47

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ae:dc:60:ea:8c:a7:8d:66:7d:61:97:0e:c8:08:83:13:b2:18:c8:4d
Signer

Actual PE Digest

ae:dc:60:ea:8c:a7:8d:66:7d:61:97:0e:c8:08:83:13:b2:18:c8:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ntsrc\lhsecurity.obj.x86fre\ds\security\cryptoapi\pki\activex\capicom\objfre\i386\capicom.pdb

Imports

mssign32

SignerTimeStamp

advapi32

CryptGetKeyParam
CryptContextAddRef
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
CryptReleaseContext
CryptDestroyHash
RegEnumKeyExA
RegQueryValueExA
CryptGetProvParam
CryptAcquireContextA
CryptDestroyKey
CryptSetKeyParam
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptGenRandom
CryptEncrypt
CryptDecrypt
CryptGetHashParam
CryptGetUserKey

crypt32

CertOpenStore
CertDeleteCertificateFromStore
CertFreeCertificateContext
CertFreeCertificateChain
CertCloseStore
CertAddEncodedCertificateToStore
CertFindExtension
CertGetEnhancedKeyUsage
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertDuplicateStore
CertComparePublicKeyInfo
CryptExportPublicKeyInfo
CertGetNameStringW
CertAddCertificateContextToStore
CertGetCertificateContextProperty
PFXImportCertStore
CryptQueryObject
CertSetCertificateContextProperty
CertVerifyTimeValidity
CertFindCertificateInStore
CertGetValidUsages
CertGetIntendedKeyUsage
CryptFindOIDInfo
CertFindChainInStore
CertAddCertificateLinkToStore
CertSaveStore
CertCreateCertificateContext
CryptMsgGetParam
CertDuplicateCertificateChain
CryptEncodeObject
CryptDecodeObject
CryptAcquireCertificatePrivateKey
CryptFormatObject
CryptMsgOpenToEncode
CryptMsgClose
CryptMsgUpdate
CryptMsgOpenToDecode
CryptMsgControl
CertGetSubjectCertificateFromStore
CertEnumCertificateContextProperties
CertCompareIntegerBlob
CertCompareCertificateName
PFXExportCertStoreEx
CertGetPublicKeyLength
CertFindAttribute
CertControlStore

kernel32

lstrcmpA
CreateFileW
GetVersionExA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenA
IsDBCSLeadByte
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DisableThreadLibraryCalls
lstrcatA
lstrcpynA
lstrcpyA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LocalFree
LocalAlloc
FormatMessageA
FileTimeToSystemTime
SetLastError
FileTimeToLocalFileTime
UnmapViewOfFile
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
ExpandEnvironmentStringsW
CloseHandle
GetFileType
MapViewOfFile
CreateFileMappingA
GetFileSize
WriteFile
GetACP
OutputDebugStringA
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
HeapSize
GetModuleHandleW
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

ole32

ProgIDFromCLSID
CoCreateInstance
CoTreatAsClass
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocString
SysFreeString
SysStringLen
VariantClear
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantCopy
SysAllocStringLen
SetErrorInfo
CreateErrorInfo
VariantChangeType
SystemTimeToVariantTime
SysStringByteLen
VariantTimeToSystemTime
SysAllocStringByteLen
VariantInit

rpcrt4

UuidFromStringA

user32

IsDlgButtonChecked
DialogBoxParamA
SetWindowLongA
GetDlgItem
SetFocus
EndDialog
GetWindowLongA
LoadStringA
CharNextA
CharPrevA
SetWindowPos
GetSystemMetrics
GetWindowRect

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/libeay32.dll
.dll windows:4 windows x86 arch:x86

4df87f510b02928c902201c28885ce6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
InitializeCriticalSection
GetEnvironmentStringsW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CompareStringA
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
LCMapStringW
GetSystemTimeAsFileTime
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetLastError
GetVersion
GetFileType
GetStdHandle
GetCurrentThread
GetThreadTimes
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
LoadLibraryA
SetLastError
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
CloseHandle
GetVersionExA
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapReAlloc
HeapAlloc
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetFileAttributesA
GetFileAttributesA
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
GetProcessHeap
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
DeleteCriticalSection
SetHandleCount
GetStartupInfoA
Sleep
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetTimeZoneInformation
SetFilePointer

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
COMP_zlib_cleanup
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number

Sections

.text
Size: 720KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/mfc100.dll
.dll windows:5 windows x86 arch:x86

d981f9b9d6fba82bf0fc343dd10d43cc

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

17:f8:6a:8d:02:33:e2:5d:66:03:97:ba:aa:89:53:e2:6f:0c:e5:fc
Signer

Actual PE Digest

17:f8:6a:8d:02:33:e2:5d:66:03:97:ba:aa:89:53:e2:6f:0c:e5:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomA
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameA
GetAtomNameA
SuspendThread
ResumeThread
SetEvent
CopyFileA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
FormatMessageA
SetFileAttributesA
LocalFileTimeToFileTime
GetFileAttributesExA
GetFileSizeEx
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetStringTypeExA
GetThreadLocale
FindClose
FindFirstFileA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntA
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
VirtualProtect
RaiseException
lstrcpyW
lstrcmpW
lstrlenW
GetVersion
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
GetCurrentProcessId
SetErrorMode
GlobalDeleteAtom
CompareStringA
GetCurrentThread
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
LoadLibraryExA
SearchPathA
GlobalSize
GetFileAttributesA
GetFileSize
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GetLocaleInfoA
GetNumberFormatA
lstrcmpiA
GetWindowsDirectoryA
GetTickCount
FindResourceA
GlobalFree
lstrcmpA
GetCurrentDirectoryA
Sleep
InterlockedDecrement
InterlockedIncrement
SetFilePointer
CreateFileA
GetTempFileNameA
GetTempPathA
CloseHandle
GetModuleHandleW
InterlockedExchange
FreeLibrary
GetVersionExA
GetSystemDirectoryW
MulDiv
GetOEMCP
GetCPInfo
lstrlenA
LoadLibraryW
DeleteFileA
GetACP
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource
SizeofResource
IsProcessorFeaturePresent

msvcr100

memmove_s
strlen
memset
memcpy_s
toupper
strnlen
wcslen
wmemcpy_s
abort
_mbslwr_s
__CxxFrameHandler3
wcscspn
wcsspn
_wcsicmp
_mbscmp
vsprintf_s
_vscprintf
_mbschr
_mbsinc
_ismbcspace
_mbsstr
_purecall
free
malloc
labs
ldiv
atoi
_mbsupr_s
calloc
sqrt
atan2
_mbsicmp
_mbspbrk
_mbsrchr
_mbscspn
_mbsspn
clock
memcpy
abs
cos
sin
floor
fabs
ceil
exp
_splitpath_s
_mbscoll
_mbsicoll
wcscat_s
_mbsnbcmp
wcscpy_s
strcpy_s
_ismbcdigit
_ismbcalpha
_ismbcalnum
_ismbcprint
_mbctoupper
_mbctolower
atol
memcmp
sscanf_s
wcstombs_s
_localtime64_s
_endthread
_beginthread
_strdup
_makepath_s
_time64
strtod
_resetstkoflw
_recalloc
_errno
_snprintf_s
wcstoul
strcat_s
__argc
__argv
_strnicmp
_ismbblead
_mbsnbcpy_s
sprintf_s
wcsnlen
wcsrchr
_itoa_s
_ltoa_s
_mbsnbicmp
_mktime64
wcscmp
_snscanf_s
_vsnprintf_s
strtol
strtoul
realloc
_mbsdec
_fullpath
_get_osfhandle
_fileno
_open_osfhandle
_fdopen
__doserrno
fread
feof
ferror
clearerr_s
fwrite
fputs
fgets
fseek
ftell
fflush
fclose
_ultoa_s
wcsncpy_s
_snwprintf_s
_endthreadex
_beginthreadex
strncpy_s
_msize
_expand
wcschr
_vscwprintf
memmove
wcscoll
_mbsrev
vswprintf_s
_wcslwr_s
_wcsupr_s
wcsstr
_wcsicoll
wcspbrk
_wcsrev
iswspace
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_CxxThrowException

user32

GetWindowTextLengthA
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
GetPropA
RemovePropA
SetPropA
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextA
SetWindowContextHelpId
IsDialogMessageA
ClipCursor
SendNotifyMessageA
InSendMessage
GetMenuStringA
WindowFromDC
SetScrollRange
AdjustWindowRectEx
GetTabbedTextExtentA
CountClipboardFormats
LoadBitmapA
GetMenu
SetMenu
GetClassInfoExA
CreateWindowExA
SetWindowPlacement
TrackPopupMenuEx
RegisterClassA
WinHelpA
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
GetMenuCheckMarkDimensions
LoadAcceleratorsA
LoadMenuA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
GetMenuBarInfo
GetWindowDC
BeginPaint
EndPaint
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
SetRect
PtInRect
InvalidateRect
UpdateWindow
SetTimer
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageA
EnableWindow
IsCharLowerA
GetKeyNameTextA
GetKeyboardLayout
MapVirtualKeyExA
SetMenuItemBitmaps
SetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
DrawEdge
CharUpperBuffA
RegisterClipboardFormatA
InsertMenuA
IsWindowEnabled
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextA
EnumChildWindows
GrayStringA
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
SetFocus
GetMessageA
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoA
CheckMenuItem
GetMenuState
SetWindowTextA
LoadIconW
LoadImageW
CharUpperA
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyCursor
IsClipboardFormatAvailable
GetClassLongA
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuA
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuA
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
LoadCursorA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcA
GetClassInfoA
PostThreadMessageA
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsW
GetCapture
DrawStateA
CloseClipboard
SetClipboardData
EmptyClipboard
OffsetRect
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconA
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongA
CopyImage
GetIconInfo
FillRect
LoadImageA
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
DrawTextExA
DrawTextA
TabbedTextOutA
InvalidateRgn
MoveWindow
CreateMenu
SetActiveWindow
InvertRect
CallWindowProcA
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageA
DestroyIcon
GetClassNameA
SetParent
ShowWindow
GetWindowPlacement
RedrawWindow
IsRectEmpty
GetDlgCtrlID
PostMessageA
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongA
IsWindow
GetParent
DrawIconEx
SendDlgItemMessageA
InflateRect
OpenClipboard

gdi32

Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectA
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesA
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
DeleteDC
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExA
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutA
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
CreateFontA
GetCharWidthA
LPtoDP
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutA
Escape
GetClipBox
Polygon
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceA
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
GetTextExtentPointA
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCA
SetBrushOrgEx
SetAbortProc
StartDocA
DPtoLP
AbortDoc
CopyMetaFileA
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetTextColor
GetObjectType
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush
GetObjectA
GetTextExtentPoint32A
GetTextAlign
GetTextMetricsA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
SHStrDupW
UrlUnescapeA

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/mfc42.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bcd2542f46e742c06cabefff84c7320d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC42.pdb

Imports

msvcrt

memcpy
memmove
malloc
free
abort
_mbsinc
memset
_get_osfhandle
__doserrno
_fdopen
_open_osfhandle
fclose
clearerr
fread
fwrite
fputs
fgets
ftell
fseek
fflush
realloc
_mbscmp
_mbschr
_mbspbrk
_mbsrev
_mbslwr
_mbsupr
wcslen
_mbscspn
_mbsrchr
_mbsspn
_mbsstr
_mbsnbcmp
_mbclen
vsprintf
strlen
sprintf
_ismbcdigit
atoi
_ismbcspace
mktime
gmtime
localtime
strftime
time
_mbctype
_purecall
_msize
calloc
memcmp
abs
strtoul
strtol
strtod
_expand
_mbsdec
_strdup
_endthreadex
_beginthreadex
__p___argv
__p___argc
atol
_fullpath
_splitpath
floor
fabs
_ftol
ceil
modf
_itoa
labs
swprintf
_ultoa
_ltoa
wcscpy
wcsncpy
_mbsnbicmp
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
strcmp
strcpy
_CxxThrowException
__CxxFrameHandler

kernel32

WriteFile
GetProcAddress
LoadLibraryA
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetCurrentProcess
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
InterlockedDecrement
WideCharToMultiByte
InterlockedIncrement
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetVersionExA
GetModuleHandleA
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
LockResource
LoadResource
FindResourceA
MulDiv
GetProfileIntA
VirtualProtect
FindResourceExA
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetTickCount
lstrlenW
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemDirectoryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DuplicateHandle
MultiByteToWideChar
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpA
OutputDebugStringA
lstrlenA
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetLastError
SetLastError
lstrcpynA
RaiseException
InterlockedExchange
CreateFileA

gdi32

ScaleWindowExtEx
GetROP2
EnumFontFamiliesA
GetPixel
GetPaletteEntries
RealizePalette
CreatePalette
OffsetRgn
SetBrushOrgEx
CreateMetaFileA
CopyMetaFileA
LPtoDP
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
ExtCreatePen
CreateDIBPatternBrushPt
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
SelectPalette
StartDocA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExA
CreateDCA
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
GetPolyFillMode
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetCurrentPositionEx
MoveToEx
GetWindowExtEx
GetViewportExtEx
GetTextFaceA
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetBkMode
GetBkColor
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
StretchDIBits
DeleteDC
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetStretchBltMode

user32

GetScrollRange
LoadStringA
FrameRect
InvalidateRgn
EnumChildWindows
DrawEdge
ClipCursor
GetNextDlgGroupItem
CharNextA
SetWindowContextHelpId
CountClipboardFormats
WindowFromDC
CreateMenu
PostThreadMessageA
InSendMessage
CopyAcceleratorTableA
RegisterClipboardFormatA
InsertMenuA
GetMenuStringA
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
ValidateRect
RemoveMenu
MessageBeep
IsClipboardFormatAvailable
FindWindowA
SetCursorPos
DestroyCursor
DestroyIcon
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetWindowTextA
GetClassNameA
GetSysColorBrush
EndPaint
BeginPaint
TabbedTextOutA
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
wvsprintfA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DrawFocusRect
UnionRect
GrayStringA
DrawTextA
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
IsZoomed
GetDC
KillTimer
SetTimer
SetRect
LoadBitmapA
ReleaseDC
GetWindowDC
InvertRect
FillRect
PtInRect
InflateRect
RedrawWindow
TranslateMDISysAccel
wsprintfA
GetSystemMetrics
CharUpperA
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindow
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
RegisterClassA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
GetParent
UpdateWindow
MessageBoxA
IsWindowVisible
SetActiveWindow
SetScrollInfo
GetScrollInfo
ScrollWindow
ShowScrollBar
GetLastActivePopup
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetForegroundWindow
GetForegroundWindow
GetSysColor
MapWindowPoints
EnableWindow
PeekMessageA
LoadIconA
GetScrollPos
SetScrollPos
DrawMenuBar
SetScrollRange
DestroyWindow
GetKeyState
TrackPopupMenu
IsChild
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
IsWindow
GetFocus
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
DispatchMessageA
SendDlgItemMessageA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetCapture
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
InvalidateRect
ReleaseCapture
SetCursor
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
LoadCursorA
ClientToScreen
GetWindowThreadProcessId
SetCapture
WindowFromPoint
GetCursorPos
TranslateMessage
GetMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc
Signer

Actual PE Digest

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCBControl.dll
.dll regsvr32 windows:5 windows x86 arch:x86

5692b6239833473a61b8ffed5c7f4d65

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7d:3d:6f:95:a7:40:55:41:05:32:8c:c4:5d:34:65:d1:11:5b:24:b9:1f:cd:b9:5b:ec:d9:74:00:ff:a2:fc:e2
Signer

Actual PE Digest

7d:3d:6f:95:a7:40:55:41:05:32:8c:c4:5d:34:65:d1:11:5b:24:b9:1f:cd:b9:5b:ec:d9:74:00:ff:a2:fc:e2

Digest Algorithm

sha256

PE Digest Matches

true

dc:77:87:d9:6e:14:7c:88:c4:2b:d6:98:f6:79:d9:b5:c0:e7:48:8b
Signer

Actual PE Digest

dc:77:87:d9:6e:14:7c:88:c4:2b:d6:98:f6:79:d9:b5:c0:e7:48:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
lstrlenA
MoveFileA
InitializeCriticalSection
CreateFileA
CreateDirectoryA
CloseHandle
FlushFileBuffers
WriteFile
GetCurrentThreadId
LocalFree
FormatMessageW
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetThreadLocale
SetThreadLocale
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
InterlockedIncrement
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
LoadLibraryW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateFileW
MultiByteToWideChar
DeleteCriticalSection
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
HeapAlloc
HeapFree
RtlUnwind
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
DeleteFileA
GetLocalTime
GetCommandLineA
ExitProcess
GetStdHandle
HeapCreate
HeapDestroy
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapReAlloc
HeapSize
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA

user32

LoadStringW
CharNextW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptSignHashW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetFolderPathA

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
ProgIDFromCLSID

oleaut32

LoadRegTypeLi
CreateErrorInfo
SetErrorInfo
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString

cryptui

CryptUIDlgSelectCertificateFromStore

crypt32

CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenSystemStoreW
CertCloseStore
CertGetNameStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCBDetector.exe
.exe windows:5 windows x86 arch:x86

8e36ceef82fd99534c4d49731c1a43ed

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:1d:1f:02:1e:f4:79:81:e3:9a:2a:a0:b6:4c:28:30:2a:94:e3:ac:0e:99:e7:93:89:5e:28:32:97:b8:51:22
Signer

Actual PE Digest

a4:1d:1f:02:1e:f4:79:81:e3:9a:2a:a0:b6:4c:28:30:2a:94:e3:ac:0e:99:e7:93:89:5e:28:32:97:b8:51:22

Digest Algorithm

sha256

PE Digest Matches

true

81:fa:a5:0e:83:30:12:5b:c5:76:31:04:32:61:3a:7a:38:75:8e:63
Signer

Actual PE Digest

81:fa:a5:0e:83:30:12:5b:c5:76:31:04:32:61:3a:7a:38:75:8e:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
UnmapViewOfFile
GetVersion
GlobalMemoryStatus
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
HeapReAlloc
HeapSize
HeapAlloc
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueryPerformanceCounter
SetHandleCount
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringW
IsValidCodePage
GetStringTypeW
GetStringTypeA
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
SetStdHandle
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
IsBadReadPtr
HeapValidate
GetStartupInfoA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
RtlUnwind
RaiseException
GetOEMCP
GetCPInfo
GetTickCount
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GlobalFlags
VirtualProtect
GetModuleHandleW
SetErrorMode
GetFileAttributesExA
GetFileTime
GetFileSizeEx
FindNextFileA
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetAtomNameA
GetThreadLocale
GlobalGetAtomNameA
GlobalFindAtomA
ResumeThread
SetThreadPriority
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
CompareStringA
InterlockedExchange
GlobalDeleteAtom
GetCurrentThread
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
FreeResource
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
MulDiv
SetLastError
GetCurrentDirectoryA
DuplicateHandle
GetFileType
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalAlloc
GetCurrentThreadId
GetCurrentProcessId
GetACP
lstrlenW
GetFileAttributesA
TerminateProcess
WaitForSingleObject
CreateDirectoryA
GetModuleHandleA
GetCurrentProcess
ReadFile
WriteFile
SetFilePointer
CreateFileA
GetFileSize
LCMapStringA
GetSystemDirectoryA
GetVersionExA
lstrcmpiA
lstrcatA
GetWindowsDirectoryA
WinExec
CopyFileA
FindFirstFileA
FindClose
FreeLibrary
GetSystemTime
Sleep
EnterCriticalSection
LeaveCriticalSection
lstrcmpA
FileTimeToSystemTime
LoadLibraryA
GetProcAddress
GetPrivateProfileStringA
InitializeCriticalSection
lstrcpyA
GetModuleFileNameA
CreateProcessA
GetLocalTime
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenA
CreateThread
DeleteCriticalSection
GetSystemDefaultLangID
lstrcmpW
GetCommandLineW
GetCommandLineA
CreateMutexA
GetLastError
CreateFileMappingA
MapViewOfFile
CloseHandle
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
SizeofResource
LoadResource
LockResource
OpenEventA

user32

GetForegroundWindow
IsChild
GetTopWindow
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
RedrawWindow
ShowOwnedPopups
InvalidateRgn
InvalidateRect
UpdateWindow
ReleaseDC
GetWindowDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsIconic
GetSystemMenu
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
GrayStringA
WinHelpA
GetClassNameA
DrawTextA
DrawEdge
DrawIcon
FillRect
GetSysColorBrush
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetDC
CopyRect
SetFocus
IsWindowVisible
CopyAcceleratorTableA
GetLastActivePopup
EnableWindow
GetWindowThreadProcessId
SetCursor
CallNextHookEx
PeekMessageA
GetCursorPos
SetWindowsHookExA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostThreadMessageA
LoadCursorA
LoadIconA
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowLongA
GetMessagePos
GetMessageTime
GetMenu
SetMenu
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
EndDeferWindowPos
BeginDeferWindowPos
GetSysColor
SendMessageA
SetForegroundWindow
FindWindowA
GetSystemMetrics
LoadBitmapA
GetProcessWindowStation
GetUserObjectInformationW
InflateRect
SetRect
RegisterDeviceNotificationA
UnregisterDeviceNotification
TrackPopupMenu
SetWindowTextA
MessageBoxA
GetKeyState
GetAsyncKeyState
ReleaseCapture
PtInRect
GetMenuItemID
AppendMenuA
GetMenuState
GetSubMenu
GetMenuItemCount
IsMenu
MapDialogRect
IsWindow
PostMessageA
TabbedTextOutA
GetParent
SetWindowContextHelpId
GetWindow
SetWindowPos
GetWindowLongA
IsWindowEnabled
GetFocus
IsDialogMessageA
MessageBeep
PostQuitMessage
GetClassLongA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
DrawTextExA
DeferWindowPos
EqualRect
AdjustWindowRectEx
SendDlgItemMessageA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
RegisterWindowMessageA
SetDlgItemTextA
MoveWindow
ShowWindow
CharNextA
SetRectEmpty
LoadAcceleratorsA
DestroyMenu
GetClipboardFormatNameA
UnpackDDElParam
CharUpperA
TranslateAcceleratorA
ReuseDDElParam
RegisterClipboardFormatA
UnregisterClassA
IsRectEmpty

gdi32

GetTextColor
GetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
BitBlt
GetPixel
GetTextExtentPoint32A
Escape
GetClipBox
SetBkColor
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetStockObject
DeleteObject
CreateSolidBrush
CreateRoundRectRgn
OffsetRgn
GetBkColor
CreateCompatibleDC
CreateRectRgnIndirect
GetRgnBox
CombineRgn
CreateRectRgn
PtInRegion
FillRgn
SelectClipRgn
TextOutA
SetTextAlign
SetTextColor
GetTextMetricsA
SelectObject
CreateFontIndirectA
SetBkMode
GetDeviceCaps
ExtTextOutA
CreateBitmap
GetObjectA
GetObjectType
CreatePatternBrush
CreateFontA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
CryptDestroyKey
CryptReleaseContext
CryptGenKey
CryptAcquireContextA
RegEnumKeyExA
CryptExportKey
CryptGetUserKey
CryptGetProvParam
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegFlushKey
QueryServiceStatus
QueryServiceConfigA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA
ChangeServiceConfigA
RegEnumKeyA
SetThreadToken
RevertToSelf
OpenThreadToken
DeregisterEventSource
ReportEventA
RegisterEventSourceA
CryptAcquireContextW

shell32

CommandLineToArgvW
DragFinish
DragQueryFileA
ShellExecuteA

shlwapi

StrStrA
StrCmpW
StrStrW
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathFileExistsA
PathStripToRootA

oledlg

ord8

ole32

CLSIDFromString
CoGetClassObject
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorageOnILockBytes

oleaut32

SystemTimeToVariantTime
VariantChangeType
SysAllocString
SafeArrayDestroy
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
VariantClear
VariantInit
SysFreeString
VariantTimeToSystemTime
OleCreateFontIndirect

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

crypt32

CertNameToStrA
CertGetNameStringA
CertCloseStore
CertDeleteCertificateFromStore
CertGetCertificateContextProperty
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenSystemStoreA
CryptSignAndEncodeCertificate
CryptExportPublicKeyInfo
CryptEncodeObject
CryptSignMessage
CertSetCertificateContextProperty
CertOpenStore
CryptMsgClose
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CertAddEncodedCertificateToStore
CertGetCertificateChain
CertCompareCertificate
CertComparePublicKeyInfo
CertAddCertificateContextToStore
CertFreeCertificateContext
CertCreateCertificateContext

imagehlp

ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData

wininet

InternetConnectA
InternetOpenA
InternetReadFile
HttpSendRequestA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetQueryOptionA
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA

Exports

Exports

_cJSON_AddArrayToObject@8
_cJSON_AddBoolToObject@12
_cJSON_AddFalseToObject@8
_cJSON_AddItemReferenceToArray@8
_cJSON_AddItemReferenceToObject@12
_cJSON_AddItemToArray@8
_cJSON_AddItemToObject@12
_cJSON_AddItemToObjectCS@12
_cJSON_AddNullToObject@8
_cJSON_AddNumberToObject@16
_cJSON_AddObjectToObject@8
_cJSON_AddRawToObject@12
_cJSON_AddStringToObject@12
_cJSON_AddTrueToObject@8
_cJSON_Compare@12
_cJSON_CreateArray@0
_cJSON_CreateArrayReference@4
_cJSON_CreateBool@4
_cJSON_CreateDoubleArray@8
_cJSON_CreateFalse@0
_cJSON_CreateFloatArray@8
_cJSON_CreateIntArray@8
_cJSON_CreateNull@0
_cJSON_CreateNumber@8
_cJSON_CreateObject@0
_cJSON_CreateObjectReference@4
_cJSON_CreateRaw@4
_cJSON_CreateString@4
_cJSON_CreateStringArray@8
_cJSON_CreateStringReference@4
_cJSON_CreateTrue@0
_cJSON_Delete@4
_cJSON_DeleteItemFromArray@8
_cJSON_DeleteItemFromObject@8
_cJSON_DeleteItemFromObjectCaseSensitive@8
_cJSON_DetachItemFromArray@8
_cJSON_DetachItemFromObject@8
_cJSON_DetachItemFromObjectCaseSensitive@8
_cJSON_DetachItemViaPointer@8
_cJSON_Duplicate@8
_cJSON_GetArrayItem@8
_cJSON_GetArraySize@4
_cJSON_GetErrorPtr@0
_cJSON_GetObjectItem@8
_cJSON_GetObjectItemCaseSensitive@8
_cJSON_GetStringValue@4
_cJSON_HasObjectItem@8
_cJSON_InitHooks@4
_cJSON_InsertItemInArray@12
_cJSON_IsArray@4
_cJSON_IsBool@4
_cJSON_IsFalse@4
_cJSON_IsInvalid@4
_cJSON_IsNull@4
_cJSON_IsNumber@4
_cJSON_IsObject@4
_cJSON_IsRaw@4
_cJSON_IsString@4
_cJSON_IsTrue@4
_cJSON_Minify@4
_cJSON_Parse@4
_cJSON_ParseWithOpts@12
_cJSON_Print@4
_cJSON_PrintBuffered@12
_cJSON_PrintPreallocated@16
_cJSON_PrintUnformatted@4
_cJSON_ReplaceItemInArray@12
_cJSON_ReplaceItemInObject@12
_cJSON_ReplaceItemInObjectCaseSensitive@12
_cJSON_ReplaceItemViaPointer@12
_cJSON_SetNumberHelper@12
_cJSON_Version@0
_cJSON_free@4
_cJSON_malloc@4

Sections

.text
Size: 1020KB - Virtual size: 1019KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Detector/CCBNetSignCom.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8dee353a812b5dff0236bdd313a12919

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:f2:b0:ba:d1:96:12:c5:ee:0e:3c:f6:c2:fb:0d:61:42:05:65:bd
Signer

Actual PE Digest

dd:f2:b0:ba:d1:96:12:c5:ee:0e:3c:f6:c2:fb:0d:61:42:05:65:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

htonl

crypt32

CryptEncodeObjectEx
CertOpenStore
CertEnumCertificateContextProperties
CertOIDToAlgId
CertFreeCertificateContext
CertCloseStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertNameToStrA
CertFindCertificateInStore

kernel32

FindFirstFileA
TerminateProcess
GetTempPathA
CreateDirectoryA
lstrcmpA
LCMapStringA
GetSystemDefaultLangID
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
CreateFileA
FlushFileBuffers
SetStdHandle
DeleteFileA
GetCPInfo
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
WriteFile
CloseHandle
SetUnhandledExceptionFilter
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
ExitProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetVersion
GetCommandLineA
RaiseException
HeapReAlloc
HeapAlloc
FindClose
LockResource
GlobalHandle
GlobalFree
FreeResource
FileTimeToSystemTime
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedIncrement
HeapSize
InterlockedDecrement
LoadLibraryA
GetProcAddress
lstrcatA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
LocalFree
RtlUnwind
HeapFree

user32

GetClientRect
GetFocus
IsChild
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
DestroyWindow
DefWindowProcA
GetDC
ReleaseDC
CharNextA
SetFocus
IsWindow
EndPaint
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetClassNameA
RedrawWindow
FillRect
GetSysColor
GetWindowRect
SystemParametersInfoA
MapWindowPoints
ShowWindow
SendMessageA
EndDialog
MessageBoxA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindow
RegisterWindowMessageA
DialogBoxIndirectParamA
GetActiveWindow
LoadStringA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
GetKeyState
InvalidateRect
GetParent
BeginPaint

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
CreateMetaFileA
SetWindowExtEx
CloseMetaFile
CreateRectRgnIndirect
Rectangle
SetTextAlign
TextOutA
CreateDCA
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
DeleteMetaFile

advapi32

CryptGetProvParam
CryptGetHashParam
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
CryptReleaseContext
CryptDestroyHash
CryptSignHashA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegDeleteKeyA

shell32

ShellExecuteExA

ole32

OleLockRunning
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysStringByteLen
OleCreateFontIndirect
SysAllocStringLen
SysAllocStringByteLen
OleCreatePropertyFrame
SysFreeString
VariantChangeType
VariantClear
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCBSignCom.dll
.dll regsvr32 windows:5 windows x86 arch:x86

0b141e006602ff7bd14e6b4e71840d76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
WideCharToMultiByte
lstrlenW
GetACP
HeapSize
ExitProcess
Sleep
GetCommandLineA
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetProcAddress
GetModuleHandleW
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
LCMapStringA
GetSystemDefaultLangID
FindClose
DeleteFileA
FindFirstFileA
CreateDirectoryA
TerminateProcess
GetTempPathA
LockResource
FileTimeToSystemTime
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
CompareStringA
LoadLibraryA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
CloseHandle
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
FreeResource
GetModuleFileNameW
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetCurrentProcessId
SetLastError
GlobalAddAtomA
MultiByteToWideChar

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CharNextA
CharNextW
SendMessageA
EnableWindow
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
GetCapture
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
LoadIconA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

CryptGetProvParam
CryptDestroyHash
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
CryptSignHashA
CryptGetHashParam
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptReleaseContext

shell32

ShellExecuteExA

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantClear
VariantChangeType
VariantInit

crypt32

CertNameToStrA
CertFindCertificateInStore
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CryptEncodeObjectEx
CertCloseStore
CertFreeCertificateContext
CertOIDToAlgId
CertEnumCertificateContextProperties
CertOpenStore

ws2_32

htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCBSignCom.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

910fe4adf8cff0c8776fce03e839b689

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:60:a8:52:2a:39:55:0a:ca:ec:46:82:bb:42:98:a2:dd:6a:1e:4e
Signer

Actual PE Digest

7c:60:a8:52:2a:39:55:0a:ca:ec:46:82:bb:42:98:a2:dd:6a:1e:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6354
ord1216
ord1168
ord6467
ord1227
ord6042
ord823
ord1877
ord4249
ord2486
ord2687
ord4006
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord1226
ord1210
ord2727
ord2730
ord2729
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2876
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord2954
ord6055
ord4078
ord1776
ord5199
ord3136
ord2384
ord5163
ord6370
ord2724
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord3946
ord2614
ord540
ord800
ord423
ord2860
ord2541
ord4949
ord641
ord2514
ord324
ord1601
ord2818
ord5572
ord2915
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord5265
ord4376
ord4853
ord4998
ord4713
ord6052
ord1775
ord2385
ord6371
ord5286
ord4438
ord3279
ord4625
ord4425
ord449
ord746
ord2278
ord537
ord860
ord941
ord4710
ord6374
ord5280
ord4627
ord3597
ord4234
ord1768
ord6199
ord3092
ord2379
ord1200
ord4224
ord1132
ord3952
ord825
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord561
ord3670
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord2985
ord4353
ord3262
ord5300
ord1089
ord3922
ord5731
ord3346
ord5241
ord2396
ord2512
ord2554
ord4486
ord6375
ord4407
ord815
ord1131

msvcrt

__CxxFrameHandler
calloc
free
wcslen
_itoa
malloc
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
memmove
printf
fopen
fclose
realloc
toupper
iswdigit
strchr
_CxxThrowException
strstr
sprintf
fwrite

kernel32

LocalFree
GetLastError
FileTimeToSystemTime
CreateDirectoryA
GetTempPathA
TerminateProcess
FindFirstFileA
DeleteFileA
FindClose
GetSystemDefaultLangID
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc

user32

FillRect
SendMessageA
EnableWindow

gdi32

Ellipse
GetStockObject

advapi32

CryptAcquireContextA
CryptHashData
CryptSignHashA
CryptDestroyHash
CryptReleaseContext
CryptGetHashParam
CryptGetProvParam
CryptCreateHash

shell32

ShellExecuteExA

oleaut32

VariantClear
LoadRegTypeLi

crypt32

CertCloseStore
CryptEncodeObjectEx
CertFindCertificateInStore
CertNameToStrA
CertGetCertificateContextProperty
CertEnumCertificatesInStore
CertFreeCertificateContext
CertOIDToAlgId
CertEnumCertificateContextProperties
CertOpenStore

ws2_32

htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCB_B2B_NetSign.dll
.dll regsvr32 windows:4 windows x86 arch:x86

aa5531ecbff723b149fb7f029f835b73

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:27:62:20:e4:52:df:17:67:07:d5:54:be:10:ad:7f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05/12/2012, 00:00

Not After

05/12/2015, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9d:06:62:fe:6b:a7:6a:3c:5d:c2:04:99:48:9e:2f:21:e4:e2:39:1e
Signer

Actual PE Digest

9d:06:62:fe:6b:a7:6a:3c:5d:c2:04:99:48:9e:2f:21:e4:e2:39:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc
FindResourceA
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
GetCurrentProcess
InterlockedIncrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateFileA
WriteFile
CloseHandle
lstrlenA
GetLastError
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
lstrcmpA
lstrcatA
lstrcpyA
FileTimeToSystemTime
ReadFile
GetFileSize
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetShortPathNameA
GetModuleHandleA
SizeofResource
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
LCMapStringA
GetSystemDefaultLangID
FlushInstructionCache

user32

CallWindowProcA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
DialogBoxIndirectParamA
SetWindowLongA
GetSysColor
MessageBoxA
GetActiveWindow
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
SetWindowPos
IsWindow
RedrawWindow
GetClassNameA
GetParent
SetFocus
LoadStringA
GetDesktopWindow
CreateAcceleratorTableA
DestroyWindow
wsprintfA
CreateWindowExA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
EndDialog
MapWindowPoints
SystemParametersInfoA
GetWindowRect
GetKeyState
PtInRect
UnionRect
ShowWindow
CharNextA
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
IsChild

gdi32

SaveDC
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetTextExtentPointA
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
CreateMetaFileA
SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA
SetTextAlign
Rectangle
SetWindowOrgEx

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptDestroyHash
CryptSignHashA
CryptHashData
CryptCreateHash
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA

shell32

SHGetSpecialFolderPathA

ole32

OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemAlloc
WriteClassStm
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleSaveToStream
CreateOleAdviseHolder
StringFromCLSID
CoTaskMemRealloc
OleLockRunning

oleaut32

VarUI4FromStr
OleCreatePropertyFrame
SysFreeString
SysAllocStringLen
SysStringLen
SysAllocString
LoadRegTypeLi
VariantClear
OleCreateFontIndirect
LoadTypeLi
RegisterTypeLi
VariantChangeType
SysAllocStringByteLen
SysStringByteLen

wsock32

ntohl

crypt32

CertFreeCertificateContext
CryptEncryptMessage
CryptSignMessage
CertFindCertificateInStore
CertCloseStore
CertNameToStrA
CertEnumCertificatesInStore
CertOpenStore
CertVerifySubjectCertificateContext
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CryptVerifyMessageSignature
CryptHashMessage
CryptVerifyDetachedMessageSignature
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CertGetNameStringA
CryptDecodeObject
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CertOpenSystemStoreA
CertCompareIntegerBlob
CryptDecryptMessage
CryptSignAndEncryptMessage
CryptDecryptAndVerifyMessageSignature
CertOIDToAlgId
CertGetCertificateContextProperty
CertEnumCertificateContextProperties

msvcrt

_open
memmove
_strdate
_strtime
fflush
_stat
fread
_filelength
_read
_tzset
_timezone
fopen
fwrite
fclose
??2@YAPAXI@Z
strcmp
strtok
strrchr
strncpy
isprint
abs
strchr
_local_unwind2
_except_handler3
printf
atoi
_CxxThrowException
__CxxFrameHandler
strcpy
strstr
_daylight
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
sprintf
realloc
calloc
strlen
strcat
??3@YAXPAX@Z
free
malloc
memset
mktime
memcmp
memcpy
_purecall
time
_errno

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCB_GMSignCom.dll
.dll regsvr32 windows:5 windows x86 arch:x86

6123eccea34d0a994e60402aec98f73c

Code Sign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:4f:03:aa:4b:18:3e:00:b7:4c:b1:1a:dc:e2:e6:9a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/08/2021, 00:00

Not After

11/08/2022, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:4f:03:aa:4b:18:3e:00:b7:4c:b1:1a:dc:e2:e6:9a
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

12/08/2021, 00:00

Not After

11/08/2022, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:2d:1d:5f:2a:a0:46:6e:bf:51:5f:fd:27:87:61:62:de:90:f8:80:0a:a6:2c:e7:04:52:48:73:32:06:2b:bc
Signer

Actual PE Digest

22:2d:1d:5f:2a:a0:46:6e:bf:51:5f:fd:27:87:61:62:de:90:f8:80:0a:a6:2c:e7:04:52:48:73:32:06:2b:bc

Digest Algorithm

sha256

PE Digest Matches

true

70:cf:a4:ca:71:74:61:17:8b:ec:17:22:27:0c:b4:eb:6d:4d:c8:97
Signer

Actual PE Digest

70:cf:a4:ca:71:74:61:17:8b:ec:17:22:27:0c:b4:eb:6d:4d:c8:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
lstrlenW
IsProcessorFeaturePresent
InterlockedCompareExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsValidCodePage
GetACP
HeapSize
ExitProcess
Sleep
GetCommandLineA
HeapReAlloc
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetModuleHandleW
IsDBCSLeadByte
FlushInstructionCache
GetCurrentProcess
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LockResource
LoadLibraryA
LCMapStringA
GetSystemDefaultLangID
CreateDirectoryA
GetWindowsDirectoryA
GetVersionExA
FindClose
DeleteFileA
FindFirstFileA
TerminateProcess
GetTempPathA
FileTimeToSystemTime
lstrcmpA
InterlockedExchange
CompareStringA
GetLocaleInfoA
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetOEMCP
GetCPInfo
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
CreateFileA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetModuleFileNameW
GlobalFree
EnumResourceLanguagesA
FormatMessageA
LocalFree
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
MultiByteToWideChar

user32

DestroyMenu
GetSysColorBrush
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CharNextA
CharNextW
DestroyWindow
DefWindowProcA
CopyRect
GetDlgCtrlID
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetNextDlgTabItem
EndDialog
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetMenuItemID
PtInRect
UnionRect
SetWindowLongA
GetWindowLongA
ShowWindow
GetClassInfoExA
LoadCursorA
ReleaseDC
GetDC
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
CallWindowProcA
SetFocus
IsChild
GetFocus
GetParent
GetKeyState
IsWindow
InvalidateRect
RegisterClassExA
CreateWindowExA
SendMessageA
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
EnableWindow
GetCapture

gdi32

DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
CreateMetaFileA
SaveDC
TextOutA
SetTextAlign
Rectangle
GetDeviceCaps
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowOrgEx
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

CryptGetProvParam
CryptSignHashA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
CryptReleaseContext
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
CryptHashData
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

ole32

OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateOleAdviseHolder

oleaut32

SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
OleCreatePropertyFrame
SysAllocStringLen

crypt32

CertCloseStore
CertGetNameStringA
CertEnumCertificatesInStore
CertOpenStore
CertNameToStrA
CertFindCertificateInStore
CertGetCertificateContextProperty
CryptEncodeObjectEx
CertFreeCertificateContext
CertEnumCertificateContextProperties
CertOIDToAlgId

ws2_32

htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 211KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/CCB_SwxCryptSimple.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

5a30ad7fbb51814a3892f0e358c5b09d

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:40:02:24:5f:30:08:7c:f6:b1:dc:07:e4:96:f9:63
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

15/12/2009, 00:00

Not After

30/12/2012, 23:59

Subject

CN=Beijing Watchdata System Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Watchdata System Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bf:cd:04:a0:6b:54:4e:01:68:55:57:89:6b:b1:89:9c:52:48:46:56
Signer

Actual PE Digest

bf:cd:04:a0:6b:54:4e:01:68:55:57:89:6b:b1:89:9c:52:48:46:56

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CertEnumCertificatesInStore
CertFreeCertificateContext
CertOpenSystemStoreA
CertNameToStrA
CertCloseStore
CertGetCertificateContextProperty

mfc42

ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3639
ord692
ord641
ord567
ord324
ord825
ord2340
ord2302
ord1200
ord4710
ord4234
ord4853
ord858
ord4376
ord860
ord823
ord2915
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord4622
ord3670
ord561
ord3952
ord2724
ord6354
ord1216
ord1168
ord6467
ord1227
ord1131
ord1132
ord1877
ord4249
ord2486
ord2687
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord1226
ord1210
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord6366
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord3749
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord3269
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord2614
ord3946
ord423
ord2860
ord2541
ord4949
ord1601
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord4713
ord6371
ord5286
ord4438
ord3279
ord4625
ord449
ord746
ord2278
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1771
ord3597
ord4425
ord5280
ord4407
ord1775
ord6052
ord2514
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4401
ord1776
ord4078
ord6055
ord2581
ord4219
ord2024
ord2876
ord2413
ord4998
ord5265
ord800
ord540
ord1963

msvcrt

_unlink
free
malloc
__CxxFrameHandler
wcstombs
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit
__dllonexit
_except_handler3
printf
strchr
strstr
fclose
fwrite
fopen
sprintf
wcsncpy
_EH_prolog
wcslen

kernel32

LocalFree
GetModuleFileNameA
WideCharToMultiByte
lstrcatA
lstrlenA
MultiByteToWideChar
lstrcpyA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
DeleteCriticalSection
HeapDestroy
GetTempPathA
WinExec
GetLastError
LocalAlloc

user32

FillRect
SendMessageA
EnableWindow
CharNextA

gdi32

GetStockObject
Ellipse

advapi32

CryptSignHashA
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi
LoadTypeLi
SysAllocString
RegisterTypeLi
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_TDR2G.dll
.dll windows:4 windows x86 arch:x86

886342b0831beb9caa497771557d26c5

Code Sign

73:02:1c:03:ed:35:ea:4e:cc:84:9d:75:6f:23:5c:ca:34:8c:ce:2e
Signer

Actual PE Digest

73:02:1c:03:ed:35:ea:4e:cc:84:9d:75:6f:23:5c:ca:34:8c:ce:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\svn\software\src\Project\建行二代\EventCCBCode\CCBCertTDR\Release\CCB_Cert_TDR2G.pdb

Imports

kernel32

lstrcmpA
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetPrivateProfileStringW
GetSystemDefaultLangID
FreeLibrary
LoadLibraryA
SetLastError
GetModuleFileNameW
CreateEventW
SetEvent
CreateThread
LoadLibraryW
lstrcpyA
lstrlenA
GetLastError
CreateToolhelp32Snapshot
SetEndOfFile
CreateFileA
ReadFile
Process32FirstW
WideCharToMultiByte
Process32NextW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLocalTime
SystemTimeToFileTime
CompareFileTime
MultiByteToWideChar
FileTimeToLocalFileTime
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
lstrcatW
lstrcmpiW
lstrcmpW
lstrlenW
lstrcpyW
GetModuleHandleW
GetProcAddress
InterlockedExchange
GetCurrentProcess
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
FileTimeToSystemTime
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
TerminateProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadCodePtr
SetFilePointer
VirtualProtect
GetSystemInfo

user32

GetDesktopWindow
MessageBoxA
GetProcessWindowStation
GetActiveWindow
GetUserObjectInformationW
wsprintfA
wsprintfW

advapi32

CryptReleaseContext
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
CryptGetProvParam
CryptAcquireContextW
CryptDestroyKey
CryptSignHashW
CryptSetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptSetKeyParam
CryptExportKey
CryptGetUserKey
CryptGenKey
RegSetValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ord680
ShellExecuteExW

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
CoUninitialize

shlwapi

StrStrA
PathFileExistsW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winscard

SCardEstablishContext
SCardReleaseContext

crypt32

CertCompareCertificateName
CertFindCertificateInStore
CertCloseStore
CertOpenStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptMsgClose
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToDecode
CryptExportPublicKeyInfo
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertFreeCertificateChain
CertGetCertificateChain
CertNameToStrA
CertGetNameStringA
CertGetNameStringW
CertGetCertificateContextProperty
CryptSignAndEncodeCertificate
CertAddCertificateContextToStore
CertSetCertificateContextProperty
CertDeleteCertificateFromStore
CryptEncodeObjectEx

ws2_32

htonl

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 340KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_TDR_GM.dll
.dll windows:4 windows x86 arch:x86

b8fc9ba0fee6c13a3bcc80c041750819

Code Sign

ff:d8:2d:b3:2b:09:04:6e:b2:2f:4e:5e:f1:5d:3a:39:1e:b3:06:32
Signer

Actual PE Digest

ff:d8:2d:b3:2b:09:04:6e:b2:2f:4e:5e:f1:5d:3a:39:1e:b3:06:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\svn\software\src\Project\建行二代\建行国密新ui\CCBCertTDR\Release\CCB_Cert_TDR2G.pdb

Imports

kernel32

SetEndOfFile
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetPrivateProfileStringW
GetSystemDefaultLangID
LoadLibraryA
SetLastError
GetModuleFileNameW
GetWindowsDirectoryW
MultiByteToWideChar
FreeLibrary
GetModuleFileNameA
lstrcatA
WinExec
LoadLibraryW
lstrcpyA
lstrlenA
GetLastError
CreateToolhelp32Snapshot
CreateFileA
ReadFile
Process32FirstW
WideCharToMultiByte
Process32NextW
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetLocalTime
SystemTimeToFileTime
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetConsoleCtrlHandler
SetStdHandle
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
lstrcatW
lstrcmpiW
lstrcmpW
lstrlenW
lstrcpyW
InterlockedExchange
GetModuleHandleW
GetProcAddress
GetCurrentProcess
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
lstrcmpA
FlushFileBuffers
GetSystemInfo
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitProcess
RtlUnwind
GetCurrentThreadId
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
VirtualQuery
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetOEMCP
GetCPInfo
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetModuleHandleA
TerminateProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
IsBadReadPtr
IsBadCodePtr
SetFilePointer
VirtualProtect

user32

GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetActiveWindow
wsprintfA
FindWindowW
wsprintfW

advapi32

CryptGetProvParam
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
CryptReleaseContext
CryptAcquireContextW
CryptDestroyKey
CryptSignHashW
CryptSetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptSetKeyParam
CryptExportKey
CryptGetUserKey
CryptGenKey
RegSetValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
ord680
ShellExecuteExW

ole32

CoCreateInstance
CLSIDFromString
CoInitialize
CoCreateGuid
CoUninitialize

shlwapi

PathFindFileNameA
StrStrA
wvnsprintfW
PathFileExistsW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winscard

SCardEstablishContext
SCardReleaseContext

crypt32

CertCompareCertificateName
CertFindCertificateInStore
CertCloseStore
CertOpenStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptMsgClose
CryptMsgGetParam
CryptMsgOpenToDecode
CryptSignAndEncodeCertificate
CryptExportPublicKeyInfo
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertOpenSystemStoreW
CertNameToStrA
CertGetNameStringA
CertGetNameStringW
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CryptMsgUpdate
CertSetCertificateContextProperty
CertDeleteCertificateFromStore
CryptEncodeObjectEx

ws2_32

htonl

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_dmwz.dll
.dll windows:5 windows x86 arch:x86

5ab7645a4f246e0276ea3f46130bbbf0

Code Sign

0a:04:4e:ba:d5:b9:51:81:93:c5:fe:1b:03:3a:0e:b0:ed:b5:5e:78
Signer

Actual PE Digest

0a:04:4e:ba:d5:b9:51:81:93:c5:fe:1b:03:3a:0e:b0:ed:b5:5e:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\DMWZ\建行\00.代码\改造\huanzhengku\Ccb_Cert_dmwz\Win32\Release\Ccb_Cert_dmwz.pdb

Imports

kernel32

RaiseException
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
RtlUnwind
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
lstrlenA
GetCurrentProcessId
GlobalAddAtomW
InterlockedIncrement
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
lstrlenW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetSystemInfo
WideCharToMultiByte
GetSystemDefaultLCID
GetCurrentThreadId
GetLocalTime
GetSystemTime
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
LockResource
LocalAlloc
Process32FirstW
GetProcAddress
SetLastError
GetLastError
MultiByteToWideChar
FileTimeToSystemTime
GetVersionExW
SizeofResource
Sleep
LoadLibraryW
GetSystemDirectoryW
GetModuleHandleW
CompareFileTime
SystemTimeToFileTime
LoadResource
FreeLibrary
FindResourceW
GetTempPathA
GetPrivateProfileStringA
GetExitCodeProcess
GetPrivateProfileIntA
WaitForSingleObject
GetEnvironmentStrings
LocalFree

user32

DestroyMenu
ShowWindow
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorW
GetSystemMetrics
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindow
GetDlgCtrlID
DestroyWindow
GetWindowRect
GetWindowLongW
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
RegisterWindowMessageW
PostMessageW
SetForegroundWindow
GetActiveWindow

gdi32

TextOutW
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyW
CryptAcquireContextW
RegCreateKeyExW
CryptReleaseContext
RegQueryValueExW
CryptGetProvParam
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathFileExistsA

oleaut32

VariantInit
VariantClear
VariantChangeType

crypt32

CryptMsgGetParam
CryptEncodeObjectEx
CertEnumCertificatesInStore
CryptVerifyCertificateSignature
CertGetCertificateContextProperty
CryptMsgUpdate
CertGetNameStringA
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObjectEx
CertOpenStore
CertAddEncodedCertificateToStore
CryptMsgOpenToDecode
CertFindRDNAttr
CertSetCertificateContextProperty
CertGetNameStringW
CertCreateCertificateContext
CryptMsgClose

ws2_32

htonl

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_dmwz2G.dll
.dll windows:5 windows x86 arch:x86

374f880e173a9dbd818bfde84f183f72

Code Sign

99:01:c3:11:ac:9c:6e:45:2c:66:86:3d:24:09:3a:58:f4:be:26:4a
Signer

Actual PE Digest

99:01:c3:11:ac:9c:6e:45:2c:66:86:3d:24:09:3a:58:f4:be:26:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\DMWZ\建行\00.代码\改造\huanzhengku\Ccb_Cert_dmwz2G\Win32\Release\Ccb_Cert_dmwz2G.pdb

Imports

kernel32

RaiseException
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
RtlUnwind
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
lstrlenA
GetCurrentProcessId
GlobalAddAtomW
InterlockedIncrement
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
lstrlenW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetSystemInfo
WideCharToMultiByte
GetSystemDefaultLCID
GetCurrentThreadId
GetLocalTime
GetSystemTime
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
LockResource
LocalAlloc
Process32FirstW
GetProcAddress
GetLastError
MultiByteToWideChar
FileTimeToSystemTime
GetVersionExW
SizeofResource
Sleep
LoadLibraryW
GetSystemDirectoryW
GetModuleHandleW
CompareFileTime
SystemTimeToFileTime
LoadResource
FreeLibrary
FindResourceW
GetTempPathA
GetPrivateProfileStringA
GetExitCodeProcess
GetPrivateProfileIntA
WaitForSingleObject
LocalFree
GetEnvironmentStrings
SetLastError

user32

DestroyMenu
ShowWindow
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorW
GetSystemMetrics
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetWindow
GetDlgCtrlID
DestroyWindow
GetWindowRect
GetWindowLongW
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
RegisterWindowMessageW
PostMessageW
SetForegroundWindow
GetActiveWindow

gdi32

TextOutW
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
ExtTextOutW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyW
CryptAcquireContextW
RegCreateKeyExW
CryptReleaseContext
RegQueryValueExW
CryptGetProvParam
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathFileExistsA

oleaut32

VariantInit
VariantClear
VariantChangeType

crypt32

CryptMsgGetParam
CryptEncodeObjectEx
CertEnumCertificatesInStore
CryptVerifyCertificateSignature
CertGetCertificateContextProperty
CryptMsgUpdate
CertGetNameStringA
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObjectEx
CertOpenStore
CertAddEncodedCertificateToStore
CryptMsgOpenToDecode
CertFindRDNAttr
CertSetCertificateContextProperty
CertGetNameStringW
CertCreateCertificateContext
CryptMsgClose

ws2_32

htonl

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_dmwz_GM.dll
.dll windows:5 windows x86 arch:x86

4aa5e3b5fa518e42504fe9d34002e1e0

Code Sign

69:d8:35:8d:8b:41:12:28:a8:7c:e9:60:d7:f2:d5:18:c6:a9:d2:85
Signer

Actual PE Digest

69:d8:35:8d:8b:41:12:28:a8:7c:e9:60:d7:f2:d5:18:c6:a9:d2:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\DMWZ\建行\00.代码\改造\huanzhengku\Ccb_Cert_dmwz_GM\Win32\Release\Ccb_Cert_dmwz_GM.pdb

Imports

kernel32

HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetProcessHeap
RaiseException
ExitProcess
RtlUnwind
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapFree
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
lstrlenA
GetCurrentProcessId
GlobalAddAtomW
InterlockedIncrement
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
lstrlenW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetSystemInfo
GetSystemDefaultLCID
GetSystemTime
GetCurrentThreadId
LocalFree
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
LockResource
LocalAlloc
Process32FirstW
GetLocalTime
GetProcAddress
GetLastError
MultiByteToWideChar
FileTimeToSystemTime
GetVersionExW
SizeofResource
Sleep
LoadLibraryW
WideCharToMultiByte
GetSystemDirectoryW
GetModuleHandleW
CompareFileTime
SystemTimeToFileTime
LoadResource
FreeLibrary
FindResourceW
GetTempPathA
GetPrivateProfileStringA
GetExitCodeProcess
GetPrivateProfileIntA
WaitForSingleObject
GetEnvironmentStringsW
SetLastError

user32

DestroyMenu
ShowWindow
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
CopyRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
LoadCursorW
GetSystemMetrics
GetSysColorBrush
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
GetDlgItem
GetWindow
GetDlgCtrlID
GetWindowRect
GetWindowLongW
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnregisterClassW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostQuitMessage
RegisterWindowMessageW
PostMessageW
SetForegroundWindow
GetActiveWindow

gdi32

TextOutW
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
ExtTextOutW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
CryptAcquireContextW
RegCreateKeyExW
CryptReleaseContext
RegQueryValueExW
CryptGetProvParam
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyW

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

shlwapi

PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathFileExistsA

oleaut32

VariantClear
VariantChangeType
VariantInit

crypt32

CertNameToStrA
CertDuplicateCertificateContext
CryptMsgGetParam
CryptEncodeObjectEx
CertEnumCertificatesInStore
CryptVerifyCertificateSignature
CertGetCertificateContextProperty
CryptMsgUpdate
CertGetNameStringA
CertCloseStore
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptDecodeObjectEx
CertOpenStore
CertAddEncodedCertificateToStore
CertGetNameStringW
CryptMsgOpenToDecode
CertFindRDNAttr
CertSetCertificateContextProperty
CertDeleteCertificateFromStore
CertCreateCertificateContext
CryptMsgClose

ws2_32

htonl

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ccb_Cert
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_ftsafe_GM.dll
.dll windows:5 windows x86 arch:x86

2b44c596fe29f891ef202f84e161f1b6

Code Sign

3b:89:79:00:61:22:f6:12:c1:bf:b3:14:ef:a1:b8:05:d7:22:dd:83
Signer

Actual PE Digest

3b:89:79:00:61:22:f6:12:c1:bf:b3:14:ef:a1:b8:05:d7:22:dd:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\svn\es\shuttle\project_branches\InterPass3000_CCB_4BTN_NewGM\source\output\Release\IS3000\Ccb_Cert_ftsafe_GM.pdb

Imports

crypt32

CryptDecodeObjectEx
CertFindRDNAttr
CertRDNValueToStrW
CertEnumCertificatesInStore
CryptMsgOpenToDecode
CryptMsgUpdate
CryptMsgGetParam
CryptMsgClose
CertFindExtension
CryptDecodeObject
CertGetIntendedKeyUsage
CertAddCertificateContextToStore
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertOpenStore
CertCloseStore
CertCompareCertificate
CertCreateCertificateContext
CryptVerifyCertificateSignature
CertFreeCertificateContext

shlwapi

PathFindFileNameW
PathFindExtensionW
PathFileExistsW

kernel32

ExitThread
GetCommandLineA
HeapReAlloc
ExitProcess
HeapSize
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemTimeAsFileTime
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
GetVersionExW
GetVersion
lstrcmpiW
lstrlenW
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetLastError
lstrlenA
GetCPInfo
GetUserDefaultUILanguage
FileTimeToSystemTime
GetCurrentProcessId
FreeLibrary
OutputDebugStringW
LocalAlloc
SystemTimeToFileTime
CreateProcessW
GetSystemDirectoryW
WideCharToMultiByte
Sleep
LoadLibraryA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
ReadFile
GetFileSize
CreateFileW
LocalFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
InitializeCriticalSection
CreateMutexW
MulDiv
GetCurrentThreadId
GetStdHandle
FormatMessageW
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedIncrement
GetTickCount
InterlockedDecrement
GetUserDefaultLangID
GetModuleFileNameW
GetCurrentThread
GetCurrentProcess
GetSystemInfo
UnhandledExceptionFilter
RtlUnwind
HeapFree
HeapAlloc
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
VirtualQuery
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
InterlockedExchange
lstrcmpA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
GetVersionExA
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
CreateThread
QueryPerformanceCounter

user32

UnregisterClassW
PostQuitMessage
CreateDialogIndirectParamW
EndDialog
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
SetRectEmpty
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
RemovePropW
GetLastActivePopup
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
DefWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GetMessageW
SetRect
CopyRect
LoadBitmapW
FillRect
TranslateMessage
DispatchMessageW
GetKeyState
GetCursorPos
ValidateRect
GetMenuStringW
DestroyMenu
GetDlgItem
LoadCursorW
IsWindowVisible
SetPropW
SetWindowLongW
GetPropW
CallWindowProcW
SetTimer
SetWindowsHookExW
GetAsyncKeyState
GetKeyboardState
ToAscii
CallNextHookEx
KillTimer
SetFocus
GetWindowTextLengthW
UnhookWindowsHookEx
IsWindow
GetWindowTextW
SetWindowTextW
GetWindow
GetDlgCtrlID
GetClassNameW
MessageBeep
LoadIconW
MapDialogRect
GetFocus
GetSystemMenu
EnableMenuItem
SetWindowPos
SetForegroundWindow
SetActiveWindow
PtInRect
UpdateWindow
MessageBoxW
GetForegroundWindow
GetWindowThreadProcessId
RegisterWindowMessageW
DestroyCursor
GetIconInfo
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuW
GetDC
ReleaseDC
GetDesktopWindow
EnableWindow
GetSysColor
GetSysColorBrush
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
DestroyIcon
DrawIconEx
SystemParametersInfoW
PostMessageW
SetCursor
IsMenu
GetWindowLongW
WindowFromPoint
GetParent
GetNextDlgTabItem
GetActiveWindow
InvalidateRect
ClientToScreen
GetClientRect
GetWindowRect
SendMessageW
DrawFocusRect
FrameRect
OffsetRect
InflateRect
DrawStateW
GetMenuItemInfoW
GetSystemMetrics
PeekMessageW

gdi32

IntersectClipRect
LineTo
MoveToEx
ExcludeClipRect
SelectClipRgn
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCharWidthW
CreateFontW
StretchDIBits
GetBkColor
GetClipBox
SetMapMode
SetBkMode
RestoreDC
SaveDC
RoundRect
CreateRectRgnIndirect
GetTextMetricsW
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
GetTextExtentPoint32W
SetPixel
GetPixel
BitBlt
PatBlt
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
GetDeviceCaps
GetBkMode
Ellipse

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
CryptReleaseContext
CryptDestroyHash
CryptSignHashW
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptExportKey
CryptGetDefaultProviderW
RegSetValueExW
RegCreateKeyExW
CryptDestroyKey
CryptSetKeyParam
CryptGetUserKey
CryptGetKeyParam
CryptGenKey
CryptGetProvParam
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
CryptGenRandom
RegEnumKeyW
InitializeSecurityDescriptor

shell32

ShellExecuteExW
ShellExecuteW

comctl32

_TrackMouseEvent

winmm

PlaySoundW

ole32

CoCreateGuid
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
PerformanceCryptSign
Repair
WriteParam

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_hdzb.dll
.dll windows:5 windows x86 arch:x86

d096e2bb24dfda75bc1b5bfbd783510a

Code Sign

d0:e2:95:14:15:b5:b7:09:41:4d:50:c9:84:41:92:2d:4b:8a:93:c2
Signer

Actual PE Digest

d0:e2:95:14:15:b5:b7:09:41:4d:50:c9:84:41:92:2d:4b:8a:93:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_hdzb2G.dll
.dll windows:5 windows x86 arch:x86

d56e6f932ff369d01ed537207167f433

Code Sign

bd:43:95:bd:a2:55:fb:76:d6:a4:c0:cf:8c:55:3d:71:8e:a3:b7:9b
Signer

Actual PE Digest

bd:43:95:bd:a2:55:fb:76:d6:a4:c0:cf:8c:55:3d:71:8e:a3:b7:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\10.1.10.3\建行中间件\开发库\PC\trunk\srcNewUI\CCB_CERT_HDZB_SHELL\Win32\Release\Ccb_Cert_hdzb2G.pdb

Imports

kernel32

GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_hdzb_GM.dll
.dll windows:5 windows x86 arch:x86

d56e6f932ff369d01ed537207167f433

Code Sign

88:29:bf:09:63:41:64:cd:9d:85:f0:79:b8:a1:c6:a1:e2:0c:c4:75
Signer

Actual PE Digest

88:29:bf:09:63:41:64:cd:9d:85:f0:79:b8:a1:c6:a1:e2:0c:c4:75

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\10.1.10.3\建行中间件\开发库\PC\trunk\srcNewUI\CCB_CERT_HDZB_SHELL\Win32\Release_GM\Ccb_Cert_hdzb_GM.pdb

Imports

kernel32

GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_watchdata.dll
.dll windows:4 windows x86 arch:x86

9801cbe60ec9afc6c0e4b0ebacd89e04

Code Sign

1b:54:1c:1e:ba:fe:80:3b:52:66:bf:4f:78:ba:44:68:75:07:2e:b4
Signer

Actual PE Digest

1b:54:1c:1e:ba:fe:80:3b:52:66:bf:4f:78:ba:44:68:75:07:2e:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CryptMsgClose
CryptMsgUpdate
CryptMsgGetParam
CryptEncodeObjectEx
CertNameToStrA
CryptEncodeObject
CryptExportPublicKeyInfo
CryptSignAndEncodeCertificate
CertGetNameStringA
CertGetCertificateContextProperty
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCompareCertificate
CertGetCertificateChain
CertFreeCertificateChain
CertOpenStore
CertCreateCertificateContext
CertSetCertificateContextProperty
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptMsgOpenToDecode
CertCloseStore

shlwapi

PathFileExistsA
SHSetValueA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ws2_32

htonl

mfc42

ord920
ord5933
ord823
ord1176
ord1575
ord1577
ord1182
ord342
ord6467
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord825
ord2725
ord1168
ord3953
ord815
ord1116
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord1243
ord4274

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
memmove
realloc
toupper
printf
fopen
fread
fclose
_ftol
strrchr
malloc
free
_except_handler3
sprintf
time
mbstowcs
_strupr
strstr
__CxxFrameHandler
strchr

kernel32

GetPrivateProfileStringA
CreateFileA
ReadFile
WriteFile
GetSystemDirectoryA
GetLocalTime
Sleep
FindResourceA
SizeofResource
LoadResource
LockResource
LoadLibraryA
FreeLibrary
GetSystemDefaultLangID
GetModuleHandleA
GetProcAddress
GetLastError
FileTimeToSystemTime
SystemTimeToFileTime
CreateToolhelp32Snapshot
Process32First
Process32Next
GetWindowsDirectoryA
GetVersionExA
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
DeleteFileA
GetExitCodeProcess
CreateProcessA
CreateThread
SetLastError
LocalFree
LocalAlloc
FindFirstFileA

user32

RegisterWindowMessageA

advapi32

CryptSignHashA
CryptHashData
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
CryptReleaseContext
CryptGenKey
CryptAcquireContextA
CryptDestroyKey
CryptSetKeyParam
CryptGetUserKey
CryptDestroyHash
CryptCreateHash

shell32

ShellExecuteA
SHGetFolderPathA

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_watchdata2G.dll
.dll windows:4 windows x86 arch:x86

9801cbe60ec9afc6c0e4b0ebacd89e04

Code Sign

e9:89:80:ad:e7:57:4b:94:23:76:59:fb:c6:00:09:95:48:cd:27:3b
Signer

Actual PE Digest

e9:89:80:ad:e7:57:4b:94:23:76:59:fb:c6:00:09:95:48:cd:27:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CryptMsgClose
CryptMsgUpdate
CryptMsgGetParam
CryptEncodeObjectEx
CertNameToStrA
CryptEncodeObject
CryptExportPublicKeyInfo
CryptSignAndEncodeCertificate
CertGetNameStringA
CertGetCertificateContextProperty
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCompareCertificate
CertGetCertificateChain
CertFreeCertificateChain
CertOpenStore
CertCreateCertificateContext
CertSetCertificateContextProperty
CertAddCertificateContextToStore
CertFreeCertificateContext
CryptMsgOpenToDecode
CertCloseStore

shlwapi

PathFileExistsA
SHSetValueA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

ws2_32

htonl

mfc42

ord920
ord5933
ord823
ord1176
ord1575
ord1577
ord1182
ord342
ord6467
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord825
ord2725
ord1168
ord3953
ord815
ord1116
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord1243
ord4274

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
memmove
realloc
toupper
printf
fopen
fread
fclose
_ftol
strrchr
malloc
free
_except_handler3
sprintf
time
mbstowcs
_strupr
strstr
__CxxFrameHandler
strchr

kernel32

GetPrivateProfileStringA
CreateFileA
ReadFile
WriteFile
GetSystemDirectoryA
GetLocalTime
Sleep
FindResourceA
SizeofResource
LoadResource
LockResource
LoadLibraryA
FreeLibrary
GetSystemDefaultLangID
GetModuleHandleA
GetProcAddress
GetLastError
FileTimeToSystemTime
SystemTimeToFileTime
CreateToolhelp32Snapshot
Process32First
Process32Next
GetWindowsDirectoryA
GetVersionExA
CreateMutexA
WaitForSingleObject
ReleaseMutex
CloseHandle
DeleteFileA
GetExitCodeProcess
CreateProcessA
CreateThread
SetLastError
LocalFree
LocalAlloc
FindFirstFileA

user32

RegisterWindowMessageA

advapi32

CryptSignHashA
CryptHashData
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
CryptReleaseContext
CryptGenKey
CryptAcquireContextA
CryptDestroyKey
CryptSetKeyParam
CryptGetUserKey
CryptDestroyHash
CryptCreateHash

shell32

ShellExecuteA
SHGetFolderPathA

Exports

Exports

CryptSign
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/Ccb_Cert_watchdata2G_GM.dll
.dll windows:4 windows x86 arch:x86

26d1aaf9c5fe72b0ac362729ab7e9d2e

Code Sign

55:d9:de:58:52:c5:e9:b2:a0:d7:85:49:c1:d1:d2:92:3c:61:89:6d
Signer

Actual PE Digest

55:d9:de:58:52:c5:e9:b2:a0:d7:85:49:c1:d1:d2:92:3c:61:89:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetOEMCP
GetCommandLineA
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
WriteFile
GetCurrentProcess
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
GetModuleHandleA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrlenA
FreeLibrary
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeEnvironmentStringsW

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
PostQuitMessage
SystemParametersInfoA
PostMessageA
SendMessageA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SetWindowTextA

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

Exports

Exports

CryptSign
Detect
DriverInfo
FreeMemory
GetParam
Manage
Repair
WriteParam

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/GetLogInfo.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

0149b371879cd843ae6e4579c78512c2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

30:5d:10:85:be:f1:15:86:92:86:2b:9e:73:1f:d5:b7:c1:23:33:a4:c3:7a:84:e0:ab:aa:40:66:01:90:c3:1e
Signer

Actual PE Digest

30:5d:10:85:be:f1:15:86:92:86:2b:9e:73:1f:d5:b7:c1:23:33:a4:c3:7a:84:e0:ab:aa:40:66:01:90:c3:1e

Digest Algorithm

sha256

PE Digest Matches

true

1c:88:33:10:e9:ec:95:19:b8:2d:96:a9:7f:c7:34:13:6f:7d:10:a4
Signer

Actual PE Digest

1c:88:33:10:e9:ec:95:19:b8:2d:96:a9:7f:c7:34:13:6f:7d:10:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Work\FullVersion\Client\trunk\PCClient\网银获取版本号控件\GetLogInfo\Release\GetLogInfo.pdb

Imports

mfc100

ord10672
ord6128
ord13300
ord7074
ord13302
ord2661
ord3984
ord13980
ord3991
ord4401
ord4368
ord4364
ord4398
ord4419
ord4377
ord4406
ord4415
ord4385
ord4389
ord4393
ord4381
ord4410
ord4373
ord1514
ord1507
ord1509
ord1503
ord1496
ord11188
ord11190
ord12644
ord2847
ord8351
ord9994
ord6217
ord11154
ord8070
ord13289
ord10883
ord3393
ord11025
ord8235
ord13973
ord13972
ord14045
ord14062
ord14058
ord14060
ord14061
ord14059
ord2417
ord7349
ord2878
ord2881
ord12535
ord5534
ord4571
ord8811
ord5446
ord3534
ord10304
ord10336
ord8279
ord10391
ord9174
ord8248
ord9564
ord9567
ord9565
ord8074
ord8086
ord8110
ord9085
ord10609
ord9298
ord9299
ord9323
ord9752
ord8071
ord9312
ord9351
ord10487
ord9423
ord9322
ord9383
ord11103
ord9385
ord10152
ord10153
ord9370
ord10199
ord10194
ord10189
ord10329
ord9100
ord8583
ord9042
ord10145
ord9326
ord9726
ord9375
ord9376
ord7444
ord12482
ord4646
ord4427
ord9472
ord9470
ord10855
ord6958
ord4569
ord10963
ord11060
ord2945
ord12421
ord10177
ord10014
ord2950
ord11714
ord9304
ord9420
ord8022
ord1598
ord11539
ord2253
ord3477
ord6033
ord5279
ord5118
ord11411
ord8450
ord13279
ord5216
ord13278
ord2119
ord2611
ord314
ord4499
ord6547
ord6796
ord1993
ord764
ord1203
ord3223
ord8305
ord9284
ord5119
ord8347
ord11148
ord13290
ord3395
ord2416
ord12531
ord5532
ord2752
ord2973
ord2974
ord3620
ord9499
ord10360
ord10007
ord8137
ord11067
ord10394
ord9998
ord9398
ord9067
ord266
ord4623
ord4904
ord5096
ord8440
ord5108
ord4626
ord4773
ord7358
ord9283
ord12005
ord1316
ord310
ord901
ord316
ord265
ord10219
ord3661
ord4341
ord7133
ord1181
ord731
ord2006
ord1991
ord1941
ord6636
ord6634
ord6790
ord6528
ord1294
ord1313
ord1201
ord761
ord7584
ord7510
ord11726
ord5253
ord11623
ord2338
ord13767
ord4724
ord2163
ord11420
ord11421
ord13301
ord7073
ord13299
ord8486
ord3676
ord3618
ord11806
ord7091
ord1732
ord14075
ord10922
ord13181
ord2504
ord3484
ord11413
ord1885
ord2944
ord2882
ord2846
ord7144
ord13483
ord13480
ord13485
ord13482
ord13484
ord13481
ord3409
ord5238
ord11172
ord11180
ord7355
ord9449
ord11184
ord11153
ord11787
ord4622
ord4903
ord5095
ord8439
ord4881
ord5098
ord4625
ord4774
ord4606
ord5443
ord6897
ord6898
ord6888
ord4772
ord7357
ord9281
ord8304
ord6018
ord2009
ord13246
ord1929
ord1997
ord13518
ord322
ord4077
ord7140
ord1288
ord888
ord9384
ord906
ord2090
ord2052
ord2050
ord2079
ord1979
ord2040
ord3406
ord408
ord1948
ord2089
ord2087
ord1940
ord1867
ord323
ord1297
ord1886
ord1296

msvcr100

memset
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
__CxxFrameHandler3
wcsncpy
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
LocalAlloc
LocalFree
EncodePointer

user32

FillRect
EnableWindow

gdi32

Ellipse
GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateInstance

oleaut32

LoadRegTypeLi

libeay32

ord272
ord273
ord271
ord961
ord3024
ord2801
ord3171

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/InfoScan.dll
.dll regsvr32 windows:5 windows x86 arch:x86

232af56b25b0ca611738b5b4e131167c

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

20/08/2024, 23:59

Subject

CN=Watchdata Technologies Pte. Ltd.,O=Watchdata Technologies Pte. Ltd.,L=Singapore,C=SG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2d:47:aa:ca:6d:6f:f9:43:fe:dc:ee:76:9d:0a:f0:55:87:c3:4e:27:ca:2e:4f:33:99:05:63:ce:96:e4:ea:21
Signer

Actual PE Digest

2d:47:aa:ca:6d:6f:f9:43:fe:dc:ee:76:9d:0a:f0:55:87:c3:4e:27:ca:2e:4f:33:99:05:63:ce:96:e4:ea:21

Digest Algorithm

sha256

PE Digest Matches

true

f3:58:0b:ca:6f:ca:b6:ee:5f:1f:8b:f5:fa:47:4e:ef:31:63:64:97
Signer

Actual PE Digest

f3:58:0b:ca:6f:ca:b6:ee:5f:1f:8b:f5:fa:47:4e:ef:31:63:64:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

netapi32

Netbios

ole32

ReadFmtUserTypeStg
CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree
StringFromCLSID
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2
CreateDataCache
CoDisconnectObject
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleSaveToStream
CreateDataAdviseHolder
CreateStreamOnHGlobal
ReadClassStm
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
GetCPInfo
GetOEMCP
GetVersion
FindResourceExA
GetProfileIntA
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
RaiseException
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
VirtualFree
FileTimeToLocalFileTime
GetShortPathNameA
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
FileTimeToSystemTime
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
IsDBCSLeadByte
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetUserDefaultLCID
FreeResource
GetModuleHandleW
InterlockedIncrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
GetComputerNameA
GlobalMemoryStatus
GetLocalTime
GetVersionExW
GetSystemDefaultLangID
GetVersionExA
GlobalMemoryStatusEx
InterlockedDecrement
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
CreatePipe
GetStartupInfoA
CreateProcessA
WaitForSingleObject
ReadFile
CreateFileA
DeviceIoControl
CloseHandle
GetDriveTypeA
GetVolumeInformationA
GetProcessHeap
HeapDestroy

user32

GetDCEx
GetDialogBaseUnits
GetTabbedTextExtentA
CharUpperA
DestroyIcon
GetSysColorBrush
UnregisterClassA
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatA
SetRect
SetWindowRgn
IsRectEmpty
CreateMenu
DestroyMenu
SetRectEmpty
LoadCursorA
SetCapture
ReleaseCapture
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
PtInRect
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetActiveWindow
CreateDialogIndirectParamA
FillRect
EnableWindow
RemoveMenu
GetSubMenu
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
CallWindowProcA
SetWindowPos
DestroyWindow
GetDesktopWindow
SetWindowLongA
InvalidateRect
UpdateWindow
GetWindowRect
OffsetRect
InflateRect
DefWindowProcA
CopyRect
ShowWindow
DrawEdge
SetParent
UnhookWindowsHookEx
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
IsChild

gdi32

CreatePatternBrush
CreatePen
CreateSolidBrush
CombineRgn
CreateRectRgnIndirect
CreateFontIndirectA
GetTextExtentPoint32A
GetTextAlign
GetTextMetricsA
SetRectRgn
PatBlt
EnumFontFamiliesExA
Rectangle
UnrealizeObject
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateDCA
CopyMetaFileA
GetDeviceCaps
GetStockObject
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetObjectA
CreateRectRgn
SelectClipRgn
DeleteObject
MoveToEx
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteDC
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
LPtoDP
CreateBitmap
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA

shell32

ExtractIconA

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
RegisterTypeLi
LoadTypeLi
OleCreatePropertyFrame
VariantChangeType
VariantCopy
SysAllocStringLen
OleLoadPicture
OleCreateFontIndirect
OleCreatePictureIndirect
LoadRegTypeLi

wsock32

WSASetLastError
WSAStartup
WSACleanup
inet_addr
gethostbyname
gethostname

iphlpapi

GetAdaptersInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/ListCert.dll
.dll regsvr32 windows:5 windows x86 arch:x86

362b1c44f1b42d14d1d1f9d1e7c6606a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:f1:0f:ce:68:f0:9b:fa:e5:5b:18:cd:8f:20:01:77
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

24/05/2016, 00:00

Not After

24/06/2027, 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

26:aa:7d:ee:08:76:b0:21:8f:0f:54:73:7e:01:5b:db:c7:10:73:ed:05:db:59:67:44:16:fa:36:a6:2a:e7:87
Signer

Actual PE Digest

26:aa:7d:ee:08:76:b0:21:8f:0f:54:73:7e:01:5b:db:c7:10:73:ed:05:db:59:67:44:16:fa:36:a6:2a:e7:87

Digest Algorithm

sha256

PE Digest Matches

true

5f:b7:ff:a8:e9:fb:5d:c0:40:42:11:d7:e1:a3:03:99:1c:6a:fd:fa
Signer

Actual PE Digest

5f:b7:ff:a8:e9:fb:5d:c0:40:42:11:d7:e1:a3:03:99:1c:6a:fd:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetACP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
Sleep
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
InterlockedCompareExchange
HeapReAlloc
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
InterlockedExchange
lstrcmpA
GetModuleFileNameW
GlobalFree
FormatMessageA
LocalFree
LoadLibraryExA
SetLastError
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetCurrentProcess
FlushInstructionCache
IsDBCSLeadByte
GetModuleHandleW
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
EnterCriticalSection
LoadLibraryA
FreeLibrary
LeaveCriticalSection
IsProcessorFeaturePresent
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
GetModuleHandleA
GetSystemTimeAsFileTime
GetProcAddress

user32

GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
GetSystemMetrics
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageTime
TranslateMessage
GetActiveWindow
IsWindowVisible
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
SendMessageA
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostMessageA
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateWindowExA
RegisterClassExA
InvalidateRect
GetKeyState
GetParent
GetFocus
IsChild
SetFocus
CallWindowProcA
BeginPaint
MessageBoxA
IsWindow
CharNextA
CharNextW
GetClientRect
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
GetDC
ReleaseDC
LoadCursorA
GetClassInfoExA
ShowWindow
GetWindowLongA
SetWindowLongA
UnionRect
GetTopWindow
GetDlgItem
GetForegroundWindow
GetMessageA
DestroyWindow
DefWindowProcA
PtInRect
DestroyMenu
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
DispatchMessageA
RemovePropA

gdi32

SetTextColor
GetClipBox
DeleteObject
PtVisible
RectVisible
ExtTextOutA
Escape
SelectObject
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetStockObject
SetBkColor
CreateBitmap
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCA
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
Rectangle
TextOutA
SetTextAlign

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

OleSaveToStream
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleLoadFromStream
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
WriteClassStm

oleaut32

OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
SysAllocStringLen

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertNameToStrA
CertOpenStore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/WebBrowser.exe
.exe windows:5 windows x86 arch:x86

066246b562ba45d72ae9a10ae136dd9b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:a0:1c:f4:ea:ef:99:fd:46:6c:ed:16:30:c1:b0:1f
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 4,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ec:8c:e4:fc:30:db:d9:e1:fa:d6:be:23:88:30:c4:b2:ce:48:94:c6:78:7a:96:50:9f:bd:9d:db:87:5b:aa:b5
Signer

Actual PE Digest

ec:8c:e4:fc:30:db:d9:e1:fa:d6:be:23:88:30:c4:b2:ce:48:94:c6:78:7a:96:50:9f:bd:9d:db:87:5b:aa:b5

Digest Algorithm

sha256

PE Digest Matches

true

82:55:05:6a:c5:fa:94:77:cb:75:e3:f0:1f:d7:05:f9:02:60:96:be
Signer

Actual PE Digest

82:55:05:6a:c5:fa:94:77:cb:75:e3:f0:1f:d7:05:f9:02:60:96:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files (x86)\CCBComponents\Detector\WebBrowser.pdb

Imports

kernel32

SetEnvironmentVariableA
CreateFileW
GetProcessHeap
WriteConsoleW
CompareStringW
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
HeapCreate
IsProcessorFeaturePresent
GetConsoleMode
GetConsoleCP
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
ExitProcess
CreateThread
ExitThread
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
DecodePointer
EncodePointer
HeapAlloc
HeapFree
FindResourceExW
VirtualProtect
SearchPathA
Sleep
GetProfileIntA
GetTickCount
GetTempPathA
GetTempFileNameA
GetCurrentDirectoryA
GetNumberFormatA
GetWindowsDirectoryA
GetSystemDirectoryW
GetOEMCP
GetCPInfo
GetUserDefaultUILanguage
GetLocaleInfoA
InterlockedExchange
FindResourceA
FreeResource
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
lstrcmpW
GlobalAddAtomA
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFlags
GetModuleHandleW
CompareStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GetCurrentProcessId
GlobalGetAtomNameA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetFileTime
GetFileSizeEx
GetFileAttributesA
GetFileAttributesExA
CreateFileA
CloseHandle
WaitForSingleObject
FindFirstFileA
FindClose
GetModuleFileNameW
ReleaseActCtx
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
LocalFree
LocalAlloc
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
ActivateActCtx
LoadLibraryW
DeactivateActCtx
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
LoadLibraryA
GetProcAddress
lstrcpyA
lstrlenA
GetLastError
GetACP
FormatMessageA
GetSystemTime
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
lstrcmpA
GetLocalTime
LockResource
SizeofResource
WideCharToMultiByte
LoadResource
FindResourceW

user32

GetIconInfo
OffsetRect
GetNextDlgTabItem
MessageBeep
NotifyWinEvent
SetCursor
EnableScrollBar
HideCaret
DrawFocusRect
InvertRect
ReleaseCapture
GetAsyncKeyState
SetCapture
InvalidateRect
MapVirtualKeyA
IsRectEmpty
CreatePopupMenu
GetMenuDefaultItem
LoadCursorW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
SystemParametersInfoA
DestroyMenu
GetMenuItemInfoA
IntersectRect
InflateRect
IsIconic
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconW
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
LoadImageA
DefWindowProcA
CallWindowProcA
GetMenu
CopyRect
SetCursorPos
BeginPaint
GetWindowDC
ScreenToClient
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DestroyIcon
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetWindowPos
MoveWindow
SetWindowLongA
IsWindow
SendDlgItemMessageA
BringWindowToTop
LockWindowUpdate
GetKeyNameTextA
GetDlgItem
GetSysColor
DispatchMessageA
ShowWindow
LoadAcceleratorsA
OpenClipboard
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
GetFocus
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
LoadCursorA
GetDC
ReleaseDC
GetSysColorBrush
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetTimer
KillTimer
GetNextDlgGroupItem
DrawIconEx
EndDialog
CreateDialogIndirectParamA
ShowOwnedPopups
DeleteMenu
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
SetClassLongA
EnableWindow
GetWindowTextLengthA
GetWindowTextA
CharUpperA
GetSystemMetrics
UnhookWindowsHookEx
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
LoadMenuW
GetSystemMenu
DrawStateA
DrawEdge
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
GetWindowPlacement
SetRect
SetClipboardData
CloseClipboard
TranslateAcceleratorA
MessageBoxA
TranslateMessage
IsDialogMessageA
SendMessageA
GetClientRect
LoadIconA
PostQuitMessage
CreateDialogParamA
GetMessageA
GetParent
GetDesktopWindow
RemoveMenu
GetSubMenu
GetMenuItemCount
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
GetDoubleClickTime
CharUpperBuffA
CopyIcon
RegisterClipboardFormatA
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
PostThreadMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
InsertMenuItemA
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MapVirtualKeyExA
IsCharLowerA
LoadImageW
EndPaint
EmptyClipboard

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
GetTextExtentPoint32A
CreateDIBitmap
CreateCompatibleBitmap
GetTextMetricsA
EnumFontFamiliesA
GetTextCharsetInfo
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetWindowOrgEx
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExA
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
GetObjectA
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCA
GetDeviceCaps
CopyMetaFileA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
CryptExportKey
CryptReleaseContext
CryptAcquireContextA
CryptGetProvParam
CryptGenKey
CryptDestroyKey
CryptGetUserKey
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA

shell32

SHGetDesktopFolder
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

ole32

CoTaskMemFree
RegisterDragDrop
DoDragDrop
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
OleCreate
StgCreateDocfile
OleInitialize
OleTranslateAccelerator
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleLockRunning

oleaut32

VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
SysAllocString
SysFreeString
VariantClear
VariantInit

crypt32

CryptExportPublicKeyInfo
CertCreateCertificateContext
CryptMsgClose
CertOpenStore
CertFreeCertificateContext
CertAddCertificateContextToStore
CertCloseStore
CryptMsgUpdate
CryptMsgGetParam
CryptSignAndEncodeCertificate
CryptMsgOpenToDecode
CryptEncodeObject
CertSetCertificateContextProperty

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetSetOptionExA

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Detector/capicom.dll
.dll regsvr32 windows:6 windows x86 arch:x86

817acf67b593a3bed6b4a50e83400d47

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ae:dc:60:ea:8c:a7:8d:66:7d:61:97:0e:c8:08:83:13:b2:18:c8:4d
Signer

Actual PE Digest

ae:dc:60:ea:8c:a7:8d:66:7d:61:97:0e:c8:08:83:13:b2:18:c8:4d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\ntsrc\lhsecurity.obj.x86fre\ds\security\cryptoapi\pki\activex\capicom\objfre\i386\capicom.pdb

Imports

mssign32

SignerTimeStamp

advapi32

CryptGetKeyParam
CryptContextAddRef
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
CryptReleaseContext
CryptDestroyHash
RegEnumKeyExA
RegQueryValueExA
CryptGetProvParam
CryptAcquireContextA
CryptDestroyKey
CryptSetKeyParam
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptGenRandom
CryptEncrypt
CryptDecrypt
CryptGetHashParam
CryptGetUserKey

crypt32

CertOpenStore
CertDeleteCertificateFromStore
CertFreeCertificateContext
CertFreeCertificateChain
CertCloseStore
CertAddEncodedCertificateToStore
CertFindExtension
CertGetEnhancedKeyUsage
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertEnumCertificatesInStore
CertDuplicateCertificateContext
CertDuplicateStore
CertComparePublicKeyInfo
CryptExportPublicKeyInfo
CertGetNameStringW
CertAddCertificateContextToStore
CertGetCertificateContextProperty
PFXImportCertStore
CryptQueryObject
CertSetCertificateContextProperty
CertVerifyTimeValidity
CertFindCertificateInStore
CertGetValidUsages
CertGetIntendedKeyUsage
CryptFindOIDInfo
CertFindChainInStore
CertAddCertificateLinkToStore
CertSaveStore
CertCreateCertificateContext
CryptMsgGetParam
CertDuplicateCertificateChain
CryptEncodeObject
CryptDecodeObject
CryptAcquireCertificatePrivateKey
CryptFormatObject
CryptMsgOpenToEncode
CryptMsgClose
CryptMsgUpdate
CryptMsgOpenToDecode
CryptMsgControl
CertGetSubjectCertificateFromStore
CertEnumCertificateContextProperties
CertCompareIntegerBlob
CertCompareCertificateName
PFXExportCertStoreEx
CertGetPublicKeyLength
CertFindAttribute
CertControlStore

kernel32

lstrcmpA
CreateFileW
GetVersionExA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenA
IsDBCSLeadByte
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
DisableThreadLibraryCalls
lstrcatA
lstrcpynA
lstrcpyA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
LocalFree
LocalAlloc
FormatMessageA
FileTimeToSystemTime
SetLastError
FileTimeToLocalFileTime
UnmapViewOfFile
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
ExpandEnvironmentStringsW
CloseHandle
GetFileType
MapViewOfFile
CreateFileMappingA
GetFileSize
WriteFile
GetACP
OutputDebugStringA
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
HeapSize
GetModuleHandleW
Sleep
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

ole32

ProgIDFromCLSID
CoCreateInstance
CoTreatAsClass
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocString
SysFreeString
SysStringLen
VariantClear
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
VariantCopy
SysAllocStringLen
SetErrorInfo
CreateErrorInfo
VariantChangeType
SystemTimeToVariantTime
SysStringByteLen
VariantTimeToSystemTime
SysAllocStringByteLen
VariantInit

rpcrt4

UuidFromStringA

user32

IsDlgButtonChecked
DialogBoxParamA
SetWindowLongA
GetDlgItem
SetFocus
EndDialog
GetWindowLongA
LoadStringA
CharNextA
CharPrevA
SetWindowPos
GetSystemMetrics
GetWindowRect

wininet

InternetCanonicalizeUrlW
InternetCrackUrlW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/libeay32.dll
.dll windows:4 windows x86 arch:x86

4df87f510b02928c902201c28885ce6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
InitializeCriticalSection
GetEnvironmentStringsW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameA
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CompareStringA
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
LCMapStringW
GetSystemTimeAsFileTime
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetLastError
GetVersion
GetFileType
GetStdHandle
GetCurrentThread
GetThreadTimes
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
LoadLibraryA
SetLastError
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
CloseHandle
GetVersionExA
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapReAlloc
HeapAlloc
MultiByteToWideChar
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetFileAttributesA
GetFileAttributesA
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
GetProcessHeap
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
DeleteCriticalSection
SetHandleCount
GetStartupInfoA
Sleep
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetTimeZoneInformation
SetFilePointer

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
COMP_zlib_cleanup
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number

Sections

.text
Size: 720KB - Virtual size: 718KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/mfc100.dll
.dll windows:5 windows x86 arch:x86

d981f9b9d6fba82bf0fc343dd10d43cc

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

17:f8:6a:8d:02:33:e2:5d:66:03:97:ba:aa:89:53:e2:6f:0c:e5:fc
Signer

Actual PE Digest

17:f8:6a:8d:02:33:e2:5d:66:03:97:ba:aa:89:53:e2:6f:0c:e5:fc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomA
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameA
GetAtomNameA
SuspendThread
ResumeThread
SetEvent
CopyFileA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
WaitForSingleObject
FormatMessageA
SetFileAttributesA
LocalFileTimeToFileTime
GetFileAttributesExA
GetFileSizeEx
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetStringTypeExA
GetThreadLocale
FindClose
FindFirstFileA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntA
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
VirtualProtect
RaiseException
lstrcpyW
lstrcmpW
lstrlenW
GetVersion
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAddAtomA
GetCurrentProcessId
SetErrorMode
GlobalDeleteAtom
CompareStringA
GetCurrentThread
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
LoadLibraryExA
SearchPathA
GlobalSize
GetFileAttributesA
GetFileSize
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameA
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GetLocaleInfoA
GetNumberFormatA
lstrcmpiA
GetWindowsDirectoryA
GetTickCount
FindResourceA
GlobalFree
lstrcmpA
GetCurrentDirectoryA
Sleep
InterlockedDecrement
InterlockedIncrement
SetFilePointer
CreateFileA
GetTempFileNameA
GetTempPathA
CloseHandle
GetModuleHandleW
InterlockedExchange
FreeLibrary
GetVersionExA
GetSystemDirectoryW
MulDiv
GetOEMCP
GetCPInfo
lstrlenA
LoadLibraryW
DeleteFileA
GetACP
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyA
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource
SizeofResource
IsProcessorFeaturePresent

msvcr100

memmove_s
strlen
memset
memcpy_s
toupper
strnlen
wcslen
wmemcpy_s
abort
_mbslwr_s
__CxxFrameHandler3
wcscspn
wcsspn
_wcsicmp
_mbscmp
vsprintf_s
_vscprintf
_mbschr
_mbsinc
_ismbcspace
_mbsstr
_purecall
free
malloc
labs
ldiv
atoi
_mbsupr_s
calloc
sqrt
atan2
_mbsicmp
_mbspbrk
_mbsrchr
_mbscspn
_mbsspn
clock
memcpy
abs
cos
sin
floor
fabs
ceil
exp
_splitpath_s
_mbscoll
_mbsicoll
wcscat_s
_mbsnbcmp
wcscpy_s
strcpy_s
_ismbcdigit
_ismbcalpha
_ismbcalnum
_ismbcprint
_mbctoupper
_mbctolower
atol
memcmp
sscanf_s
wcstombs_s
_localtime64_s
_endthread
_beginthread
_strdup
_makepath_s
_time64
strtod
_resetstkoflw
_recalloc
_errno
_snprintf_s
wcstoul
strcat_s
__argc
__argv
_strnicmp
_ismbblead
_mbsnbcpy_s
sprintf_s
wcsnlen
wcsrchr
_itoa_s
_ltoa_s
_mbsnbicmp
_mktime64
wcscmp
_snscanf_s
_vsnprintf_s
strtol
strtoul
realloc
_mbsdec
_fullpath
_get_osfhandle
_fileno
_open_osfhandle
_fdopen
__doserrno
fread
feof
ferror
clearerr_s
fwrite
fputs
fgets
fseek
ftell
fflush
fclose
_ultoa_s
wcsncpy_s
_snwprintf_s
_endthreadex
_beginthreadex
strncpy_s
_msize
_expand
wcschr
_vscwprintf
memmove
wcscoll
_mbsrev
vswprintf_s
_wcslwr_s
_wcsupr_s
wcsstr
_wcsicoll
wcspbrk
_wcsrev
iswspace
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_CxxThrowException

user32

GetWindowTextLengthA
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
GetPropA
RemovePropA
SetPropA
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextA
SetWindowContextHelpId
IsDialogMessageA
ClipCursor
SendNotifyMessageA
InSendMessage
GetMenuStringA
WindowFromDC
SetScrollRange
AdjustWindowRectEx
GetTabbedTextExtentA
CountClipboardFormats
LoadBitmapA
GetMenu
SetMenu
GetClassInfoExA
CreateWindowExA
SetWindowPlacement
TrackPopupMenuEx
RegisterClassA
WinHelpA
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
GetMenuCheckMarkDimensions
LoadAcceleratorsA
LoadMenuA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
GetMenuBarInfo
GetWindowDC
BeginPaint
EndPaint
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
SetRect
PtInRect
InvalidateRect
UpdateWindow
SetTimer
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageA
EnableWindow
IsCharLowerA
GetKeyNameTextA
GetKeyboardLayout
MapVirtualKeyExA
SetMenuItemBitmaps
SetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
DrawEdge
CharUpperBuffA
RegisterClipboardFormatA
InsertMenuA
IsWindowEnabled
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextA
EnumChildWindows
GrayStringA
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
SetFocus
GetMessageA
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoA
CheckMenuItem
GetMenuState
SetWindowTextA
LoadIconW
LoadImageW
CharUpperA
MapVirtualKeyA
ToAsciiEx
GetKeyboardState
CopyAcceleratorTableA
CreateAcceleratorTableA
DestroyCursor
IsClipboardFormatAvailable
GetClassLongA
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuA
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuA
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
LoadCursorA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcA
GetClassInfoA
PostThreadMessageA
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsW
GetCapture
DrawStateA
CloseClipboard
SetClipboardData
EmptyClipboard
OffsetRect
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconA
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongA
CopyImage
GetIconInfo
FillRect
LoadImageA
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
DrawTextExA
DrawTextA
TabbedTextOutA
InvalidateRgn
MoveWindow
CreateMenu
SetActiveWindow
InvertRect
CallWindowProcA
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageA
DestroyIcon
GetClassNameA
SetParent
ShowWindow
GetWindowPlacement
RedrawWindow
IsRectEmpty
GetDlgCtrlID
PostMessageA
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongA
IsWindow
GetParent
DrawIconEx
SendDlgItemMessageA
InflateRect
OpenClipboard

gdi32

Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectA
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesA
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
DeleteDC
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExA
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutA
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
CreateFontA
GetCharWidthA
LPtoDP
CreateMetaFileA
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutA
Escape
GetClipBox
Polygon
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceA
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetTextExtentPoint32W
GetTextExtentPointA
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCA
SetBrushOrgEx
SetAbortProc
StartDocA
DPtoLP
AbortDoc
CopyMetaFileA
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetTextColor
GetObjectType
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush
GetObjectA
GetTextExtentPoint32A
GetTextAlign
GetTextMetricsA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathRemoveExtensionA
PathFindFileNameA
PathFindExtensionA
SHStrDupW
UrlUnescapeA

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawEx

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/mfc42.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bcd2542f46e742c06cabefff84c7320d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC42.pdb

Imports

msvcrt

memcpy
memmove
malloc
free
abort
_mbsinc
memset
_get_osfhandle
__doserrno
_fdopen
_open_osfhandle
fclose
clearerr
fread
fwrite
fputs
fgets
ftell
fseek
fflush
realloc
_mbscmp
_mbschr
_mbspbrk
_mbsrev
_mbslwr
_mbsupr
wcslen
_mbscspn
_mbsrchr
_mbsspn
_mbsstr
_mbsnbcmp
_mbclen
vsprintf
strlen
sprintf
_ismbcdigit
atoi
_ismbcspace
mktime
gmtime
localtime
strftime
time
_mbctype
_purecall
_msize
calloc
memcmp
abs
strtoul
strtol
strtod
_expand
_mbsdec
_strdup
_endthreadex
_beginthreadex
__p___argv
__p___argc
atol
_fullpath
_splitpath
floor
fabs
_ftol
ceil
modf
_itoa
labs
swprintf
_ultoa
_ltoa
wcscpy
wcsncpy
_mbsnbicmp
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm
_adjust_fdiv
strcmp
strcpy
_CxxThrowException
__CxxFrameHandler

kernel32

WriteFile
GetProcAddress
LoadLibraryA
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetCurrentProcess
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
InterlockedDecrement
WideCharToMultiByte
InterlockedIncrement
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetVersionExA
GetModuleHandleA
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
LockResource
LoadResource
FindResourceA
MulDiv
GetProfileIntA
VirtualProtect
FindResourceExA
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetTickCount
lstrlenW
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemDirectoryA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DuplicateHandle
MultiByteToWideChar
GetModuleFileNameA
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpA
OutputDebugStringA
lstrlenA
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetLastError
SetLastError
lstrcpynA
RaiseException
InterlockedExchange
CreateFileA

gdi32

ScaleWindowExtEx
GetROP2
EnumFontFamiliesA
GetPixel
GetPaletteEntries
RealizePalette
CreatePalette
OffsetRgn
SetBrushOrgEx
CreateMetaFileA
CopyMetaFileA
LPtoDP
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
ExtCreatePen
CreateDIBPatternBrushPt
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
SelectPalette
StartDocA
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExA
CreateDCA
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
GetPolyFillMode
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetCurrentPositionEx
MoveToEx
GetWindowExtEx
GetViewportExtEx
GetTextFaceA
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetBkMode
GetBkColor
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
StretchDIBits
DeleteDC
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
ExtTextOutA
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetStretchBltMode

user32

GetScrollRange
LoadStringA
FrameRect
InvalidateRgn
EnumChildWindows
DrawEdge
ClipCursor
GetNextDlgGroupItem
CharNextA
SetWindowContextHelpId
CountClipboardFormats
WindowFromDC
CreateMenu
PostThreadMessageA
InSendMessage
CopyAcceleratorTableA
RegisterClipboardFormatA
InsertMenuA
GetMenuStringA
ShowOwnedPopups
UnregisterClassA
PostQuitMessage
ValidateRect
RemoveMenu
MessageBeep
IsClipboardFormatAvailable
FindWindowA
SetCursorPos
DestroyCursor
DestroyIcon
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetWindowTextA
GetClassNameA
GetSysColorBrush
EndPaint
BeginPaint
TabbedTextOutA
GetDialogBaseUnits
MapDialogRect
GetAsyncKeyState
wvsprintfA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DrawFocusRect
UnionRect
GrayStringA
DrawTextA
GetTabbedTextExtentA
LockWindowUpdate
GetDCEx
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
IsZoomed
GetDC
KillTimer
SetTimer
SetRect
LoadBitmapA
ReleaseDC
GetWindowDC
InvertRect
FillRect
PtInRect
InflateRect
RedrawWindow
TranslateMDISysAccel
wsprintfA
GetSystemMetrics
CharUpperA
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindow
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
RegisterClassA
GetClassInfoA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
GetParent
UpdateWindow
MessageBoxA
IsWindowVisible
SetActiveWindow
SetScrollInfo
GetScrollInfo
ScrollWindow
ShowScrollBar
GetLastActivePopup
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetForegroundWindow
GetForegroundWindow
GetSysColor
MapWindowPoints
EnableWindow
PeekMessageA
LoadIconA
GetScrollPos
SetScrollPos
DrawMenuBar
SetScrollRange
DestroyWindow
GetKeyState
TrackPopupMenu
IsChild
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetFocus
IsWindow
GetFocus
GetMessagePos
GetMessageTime
RemovePropA
GetPropA
DispatchMessageA
SendDlgItemMessageA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
WinHelpA
GetCapture
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
InvalidateRect
ReleaseCapture
SetCursor
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
LoadCursorA
ClientToScreen
GetWindowThreadProcessId
SetCapture
WindowFromPoint
GetCursorPos
TranslateMessage
GetMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Detector/msvcr100.dll
.dll windows:5 windows x86 arch:x86

5271d5ce8b44dd47bc92563e27585466

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:b2:9b:00:00:00:00:00:15
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

21/02/2011, 20:53

Not After

21/05/2012, 20:53

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc
Signer

Actual PE Digest

8d:91:f0:a3:ff:41:70:8c:67:d0:ba:79:6d:52:da:88:0c:59:23:cc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr100.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineW
GetCommandLineA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileExA
FindClose
FindNextFileW
FindFirstFileExW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Sleep
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameA
GetDriveTypeW
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
GetDriveTypeA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetEvent
CreateEventW
SwitchToThread
SignalObjectAndWait
TryEnterCriticalSection
GetTickCount
VirtualFree
GetVersionExW
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetProcessAffinityMask
VirtualProtect
SetThreadAffinityMask
InitializeSListHead
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetThreadPriority
LoadLibraryW
SleepEx
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
DebugBreak
MultiByteToWideChar
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeFormatW
GetDateFormatW
RtlUnwind
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
HeapWalk
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
CreateFileA
CreateFileW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreatePipe
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetProcessHeap
InterlockedExchange
LockFile
UnlockFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
SetConsoleCtrlHandler
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LCMapStringW
CompareStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsProcessorFeaturePresent

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@details@Concurrency@@QAE@PBD@Z
??0task_canceled@details@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@IAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_ConcRT_Assert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_DumpMessage@details@Concurrency@@YAXPB_WZZ
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p

Sections

.text
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/AddCert.exe
.exe windows:4 windows x86 arch:x86

bcb787ce8c887361827e52084a145423

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:f8:0a:29:62:f1:de:b7:8a:5a:88:89:67:37:f8:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

26/11/2015, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:4c:43:c6:70:0e:4c:81:c9:44:2b:63:01:18:c7:57
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/01/2016, 00:00

Not After

25/12/2018, 23:59

Subject

CN=Beijing Watchsmart Technologies Co.\,Ltd,OU=Security Authentication Business Unit,O=Beijing Watchsmart Technologies Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:45:ca:02:24:61:90:d9:79:ee:b4:0d:b9:ff:bc:18
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

11/06/2015, 00:00

Not After

29/12/2020, 23:59

Subject

CN=GeoTrust 2048-bit Timestamping Signer 3,O=GeoTrust Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

01/01/1997, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

14:de:8c:68:eb:62:6a:cd:67:cb:4c:52:ae:83:8b:a9:03:cc:65:3b:92:ef:f0:2a:40:a2:86:7a:ab:8a:c1:50
Signer

Actual PE Digest

14:de:8c:68:eb:62:6a:cd:67:cb:4c:52:ae:83:8b:a9:03:cc:65:3b:92:ef:f0:2a:40:a2:86:7a:ab:8a:c1:50

Digest Algorithm

sha256

PE Digest Matches

true

4a:86:5b:14:af:71:ca:3c:ae:51:68:39:cc:18:dc:7c:27:22:e5:4b
Signer

Actual PE Digest

4a:86:5b:14:af:71:ca:3c:ae:51:68:39:cc:18:dc:7c:27:22:e5:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
SHGetFolderPathA

shlwapi

PathFileExistsA

kernel32

GetModuleFileNameA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
GetSystemDirectoryA
Sleep
WaitForSingleObject
CreateThread
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/CARoot/CCBSM2CACHILD.cer
Plugins/CARoot/CCBSM2CAROOT.cer
Plugins/CARoot/Microsoft.VC90.CRT.manifest
Plugins/CARoot/ccbcert.cer
Plugins/CARoot/certutil.exe
.exe windows:5 windows x86 arch:x86

4c9bebbb9daf0ef3005c395e49f4132c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nssutil3

SECITEM_ZfreeItem_Util
PORT_SetError_Util
PORT_ArenaRelease_Util
PORT_ArenaAlloc_Util
SECOID_AddEntry_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
CERT_GenTime2FormattedAscii_Util
SECOID_GetAlgorithmTag_Util
SEC_QuickDERDecodeItem_Util
SECOID_FindOID_Util
DER_GeneralizedTimeToTime_Util
DER_UTCTimeToTime_Util
DER_GetInteger_Util
ATOB_ConvertAsciiToItem_Util
SECITEM_AllocItem_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
ATOB_AsciiToData_Util
SEC_ASN1Decode_Util
PORT_Realloc_Util
PORT_Alloc_Util
SECOID_FindOIDTag_Util
SECOID_SetAlgorithmID_Util
PORT_Strdup_Util
NSS_Get_SEC_ObjectIDTemplate_Util
DER_AsciiToTime_Util
BTOA_DataToAscii_Util
BTOA_ConvertItemToAscii_Util
PORT_Free_Util
SEC_ASN1DecodeItem_Util
SECITEM_FreeItem_Util
PORT_ArenaStrdup_Util
NSS_Get_SEC_IA5StringTemplate_Util
SECITEM_CopyItem_Util
SEC_StringToOID
SEC_ASN1EncodeInteger_Util
PORT_ArenaGrow_Util
PORT_GetError_Util
PORT_ZAlloc_Util
SEC_ASN1EncodeItem_Util
SECOID_FindOIDByTag_Util
PORT_NewArena_Util
PORT_FreeArena_Util
PORT_ArenaMark_Util
PORT_ArenaZAlloc_Util

smime3

CERT_DecodeCertFromPackage

nss3

SECKEY_DestroyPrivateKeyList
PK11_GetCertFromPrivateKey
PK11_GetPrivateKeyNickname
PK11_ListPrivateKeysInSlot
PK11_ListPrivKeysInSlot
PK11_FreeSlotList
PK11_GetSlotName
PK11_GetAllTokens
PK11_DeleteTokenCertAndKey
PK11_FreeSlot
PK11_GetInternalKeySlot
CERT_DestroyValidity
CERT_CreateCertificate
CERT_CreateValidity
SECKEY_DestroyPrivateKey
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_SignedDataTemplate
CERT_DestroyCertificateRequest
PK11_FindKeyByDERCert
CERT_MergeExtensions
CERT_GetCertificateRequestExtensions
CERT_StartCertExtensions
PK11_ReadRawAttribute
NSS_Shutdown
SECKEY_DestroyPublicKey
CERT_ExtractPublicKey
PK11_ResetToken
PK11_DestroyMergeLog
PK11_MergeTokens
PK11_CreateMergeLog
SECMOD_CloseUserDB
SECMOD_OpenUserDB
PK11_IsPresent
PK11_IsLoggedIn
PK11_IsRemovable
PK11_IsInternal
PK11_FindSlotByName
CERT_GetDefaultCertDB
NSS_InitWithMerge
NSS_Initialize
PK11_GetLowLevelKeyIDForPrivateKey
PK11_RandomUpdate
PK11_GenerateKeyPair
PK11_ProtectedAuthenticationPath
PK11_ChangePW
PK11_CheckUserPassword
PK11_InitPin
PK11_NeedUserInit
CERT_GetOidString
SEC_PKCS5IsAlgorithmPBEAlgTag
CERT_DestroyOidSequence
CERT_DecodeOidSequence
CERT_DecodeBasicConstraintValue
CERT_NameToAscii
CERT_Hexify
PK11_HashBuf
SECKEY_ExtractPublicKey
CERT_GetNextGeneralName
CERT_DecodeAuthKeyID
CERT_DecodeAltNameExtension
CERT_GetNextNameConstraint
CERT_DecodeNameConstraintsExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeCRLDistributionPoints
CERT_DestroyUserNotice
CERT_DecodeUserNotice
CERT_DestroyCertificatePoliciesExtension
CERT_DecodePrivKeyUsagePeriodExtension
CERT_VerifyCertificate
SEC_DeletePermCertificate
PK11_ListCerts
PK11_IsFriendly
PK11_NeedLogin
CERT_CreateSubjectCertList
CERT_DestroyCertList
PK11_ListCertsInSlot
PK11_FindCertFromNickname
CERT_CertChainFromCert
CERT_FindCertByDERCert
CERT_DestroyCertificateList
CERT_FindCertByNicknameOrEmailAddr
SECKEY_CreateSubjectPublicKeyInfo
CERT_CreateCertificateRequest
SECKEY_DestroySubjectPublicKeyInfo
CERT_StartCertificateRequestAttributes
CERT_FinishExtensions
CERT_FinishCertificateRequestAttributes
SEC_GetSignatureAlgorithmOidTag
SEC_DerSignData
CERT_GetCommonName
CERT_GetCertEmailAddress
CERT_GetOrgName
CERT_GetStateName
CERT_GetCountryName
CERT_DecodeTrustString
PK11_ImportCert
PK11_Authenticate
PK11_GetTokenName
CERT_ChangeCertTrust
CERT_SaveSMimeProfile
PK11_SetPasswordFunc
CERT_DestroyCertificate
NSS_Get_CERT_CertificateRequestTemplate
CERT_VerifySignedDataWithPublicKeyInfo
CERT_EncodeAltNameExtension
CERT_EncodeInfoAccessExtension
CERT_EncodeCertPoliciesExtension
CERT_EncodeNoticeReference
CERT_EncodeUserNotice
CERT_EncodePolicyMappingExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodePolicyConstraintsExtension
CERT_CopyRDN
CERT_EncodeCRLDistributionPoints
CERT_EncodeSubjectKeyID
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_AddExtension
CERT_EncodeAndAddBitStrExtension
CERT_AsciiToName
CERT_CopyName
CERT_DestroyName
PK11_FindKeyByAnyCert

libplc4

PL_CreateLongOptState
PL_GetNextOpt
PL_DestroyOptState
PL_strdup
PL_strcmp
PL_strlen
PL_strncasecmp

libnspr4

PR_GetErrorText
PR_IsNetAddrType
PR_NetAddrToString
PR_FormatTime
PR_GetEnv
PR_GetOpenFileInfo
PR_Read
PR_Cleanup
PR_Open
PR_GetOSError
PR_Init
PR_smprintf
PR_smprintf_free
PR_Close
PR_Delete
PR_GetError
PR_GMTParameters
PR_ExplodeTime
PR_ImplodeTime
PR_GetSpecialFD
PR_Now
PR_fprintf
PR_Write
PR_snprintf
PR_GetErrorTextLength

msvcr90

_getch
_fileno
_isatty
_strdup
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
tolower
isprint
strstr
_errno
strerror
getc
strrchr
fopen
strpbrk
isspace
fclose
exit
sprintf
memset
printf
strchr
strncmp
memcpy
strtol
puts
fprintf
fputs
fflush
__iob_func
fgets
vfprintf

kernel32

QueryPerformanceCounter
Sleep
InterlockedCompareExchange
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/CARoot/freebl3.dll
.dll windows:5 windows x86 arch:x86

954079e3ab0d3ffddf19642181185a31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

SECITEM_CompareItem_Util
PORT_GetError_Util
SECITEM_FreeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_CopyItem_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
SECITEM_AllocItem_Util
PORT_ZFree_Util
PORT_ZAlloc_Util
PORT_SetError_Util
PORT_Free_Util
PORT_Alloc_Util

libnspr4

PR_GetLibraryFilePathname
PR_Seek
PR_Free
PR_Lock
PR_Unlock
PR_CallOnce
PR_NewLock
PR_DestroyLock
PR_Open
PR_Read
PR_Close

shell32

SHGetSpecialFolderPathW

msvcr90

_except_handler4_common
_time64
_stat64i32
memcpy
_snwprintf
fclose
fread
fopen
memset
strncmp
rand
free
malloc
abort
calloc
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit

kernel32

GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalMemoryStatus
GetLogicalDrives
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetVolumeInformationA
GetDiskFreeSpaceA
WideCharToMultiByte
GetTempPathW
FindFirstFileW
FindNextFileW
FindClose
GetTickCount
QueryPerformanceCounter

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/libnspr4.dll
.dll windows:5 windows x86 arch:x86

9ce7f9d36ecd7c8c282672671029a463

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor

wsock32

WSACleanup
WSASetLastError
select
recvfrom
sendto
send
recv
__WSAFDIsSet
getpeername
shutdown
ord1140
ord1141
ord1142
setsockopt
inet_ntoa
WSAStartup
socket
bind
getsockname
listen
connect
accept
getsockopt
ntohl
ntohs
htons
getprotobynumber
getprotobyname
gethostbyaddr
gethostbyname
htonl
closesocket
WSAGetLastError
gethostname

winmm

timeGetTime

msvcr90

_lock
_onexit
_except_handler4_common
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_time64
_beginthreadex
_exit
_endthreadex
_access
_mbsdec
_stat64i32
_mbsinc
qsort
_stricmp
strpbrk
memmove
isalpha
strftime
_mktime64
_localtime64
strncmp
_errno
strerror
realloc
calloc
malloc
strrchr
strstr
getenv
strchr
isdigit
strtoul
strtol
isspace
tolower
memchr
sprintf
abort
free
fwrite
fflush
fopen
setvbuf
fclose
sscanf
memcpy
exit
__iob_func
fprintf
atoi
memset
_strdup
_environ
_putenv

kernel32

GetFileAttributesExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OpenFileMappingA
GetTickCount
QueryPerformanceCounter
OpenSemaphoreA
SetLastError
SwitchToFiber
CreateFiber
ResumeThread
SuspendThread
GetProcessAffinityMask
SetThreadAffinityMask
ConvertThreadToFiber
SetThreadPriority
GetCurrentThread
DuplicateHandle
CreateEventA
TlsFree
TlsAlloc
CancelIo
GetLogicalDriveStringsA
SetErrorMode
GetDriveTypeA
GetVolumeInformationA
lstrlenA
UnlockFileEx
LockFileEx
RemoveDirectoryA
CreateDirectoryA
MoveFileA
DeleteFileA
FindNextFileA
FindFirstFileA
FindClose
GetHandleInformation
SetHandleInformation
FlushFileBuffers
CreateFileA
SetFilePointer
WriteFile
WaitForMultipleObjects
GetOverlappedResult
ResetEvent
CreateIoCompletionPort
PostQueuedCompletionStatus
DeleteFiber
GetQueuedCompletionStatus
GetThreadContext
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcess
UnmapViewOfFile
MapViewOfFile
FormatMessageA
CreateFileMappingA
GetVersionExA
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTime
SystemTimeToFileTime
TryEnterCriticalSection
Sleep
GetStdHandle
CreatePipe
CloseHandle
GetFileInformationByHandle
GlobalMemoryStatus
InterlockedExchange
GetSystemInfo
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryExW
GetModuleHandleA
DebugBreak
TlsGetValue
TlsSetValue
OutputDebugStringA
GetLastError
ReadFile
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NTFast_Accept
PR_NTFast_AcceptRead
PR_NTFast_AcceptRead_WithTimeoutCallback
PR_NTFast_UpdateAcceptContext
PR_NT_CancelIo
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/libplc4.dll
.dll windows:5 windows x86 arch:x86

4186cd42be9b2afabef8dd72516938ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libnspr4

PR_SetError
PR_Calloc
PR_GetSpecialFD
PR_GetError
PR_GetOSError
PR_ErrorToName
PR_fprintf
PR_Free
PR_Malloc

msvcr90

strrchr
strpbrk
strstr
_encode_pointer
_malloc_crt
strchr
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
strncmp
free
memcpy
malloc
_encoded_null

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/libplds4.dll
.dll windows:5 windows x86 arch:x86

b6d90a32750acf0af0a8655d5d0a030b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libnspr4

PR_DestroyLock
PR_Free
PR_Malloc
PR_CeilingLog2
PR_Unlock
PR_CallOnce
PR_Lock
PR_NewLock

msvcr90

_decode_pointer
_initterm
_encoded_null
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
free
_malloc_crt
_encode_pointer
memset
memcpy
_initterm_e

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
libVersionPoint

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/modutil.exe
.exe windows:5 windows x86 arch:x86

d1c110c6fd01d9faf03947596064714c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

nssutil3

PORT_Free_Util
PORT_ZAlloc_Util
PORT_Strdup_Util
PORT_Alloc_Util
PORT_RegExpSearch
ATOB_AsciiToData_Util
PORT_SetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_GetError_Util

smime3

SEC_PKCS7DestroyContentInfo
SEC_PKCS7VerifyDetachedSignature
SEC_PKCS7ContentIsSigned
SEC_PKCS7ContentIsEncrypted
SEC_PKCS7DecoderFinish
SEC_PKCS7DecoderUpdate
SEC_PKCS7DecoderStart

nss3

SECMOD_FindModule
PK11_GetModInfo
PK11_CreateDigestContext
PK11_DigestBegin
PK11_DigestOp
PK11_DigestFinal
PK11_DestroyContext
CERT_DupCertificate
CERT_GetDefaultCertDB
CERT_DestroyCertificate
SECMOD_AddNewModule
PK11_GetDefaultArray
PK11_UpdateSlotAttribute
PK11_UserEnableSlot
PK11_UserDisableSlot
PK11_FindSlotByName
PK11_NeedUserInit
PK11_CheckUserPassword
PK11_InitPin
PK11_ChangePW
PK11_FreeSlot
PK11_GetDefaultFlags
PK11_GetSlotInfo
PK11_IsHW
PK11_IsDisabled
PK11_GetDisabledReason
PK11_GetTokenInfo
SECMOD_DestroyModule
SECMOD_GetDefaultModuleListLock
SECMOD_GetReadLock
SECMOD_GetDefaultModuleList
SECMOD_GetDeadModuleList
SECMOD_ReleaseReadLock
PK11_GetSlotName
PK11_GetTokenName
SECMOD_UpdateModule
SECMOD_LoadModule
SECMOD_GetModuleSpecList
SECMOD_DeleteModule
SECMOD_PubCipherFlagstoInternal
SECMOD_PubMechFlagstoInternal
SECMOD_AddNewModuleEx
PK11_IsFIPS
SECMOD_GetInternalModule
SECMOD_DeleteInternalModule
NSS_Shutdown
NSS_Initialize

libplc4

PL_strncasecmp
PL_strcasestr
PL_strcasecmp

libnspr4

PR_GetEnv
PR_Seek
PR_Write
PR_Close
PR_snprintf
PR_Realloc
PR_Open
PR_GetSystemInfo
PR_NewProcessAttr
PR_CreateProcess
PR_WaitProcess
PR_DestroyProcessAttr
PR_MkDir
PR_Access
PR_GetFileInfo
PR_OpenDir
PR_ReadDir
PR_CloseDir
PR_RmDir
PR_Delete
PR_vsmprintf
PR_NewLock
PR_Lock
PR_Unlock
PR_GetErrorTextLength
PR_GetErrorText
PR_Malloc
PR_Free
PR_smprintf_free
PR_Init
PR_smprintf
PR_Cleanup
PR_Read
PR_GetSpecialFD
PR_fprintf

msvcr90

_isatty
_fileno
_getch
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
fflush
vfprintf
memcpy
fwrite
__iob_func
fprintf
free
strtol
strpbrk
sprintf
malloc
memset
printf
strchr
strrchr
strtok
exit
strncmp
fgets

kernel32

QueryPerformanceCounter
Sleep
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Plugins/CARoot/msvcr90.dll
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:13:79:94:a8:94:70:d8:e8:ea:19:5c:85:d8:c4:57:81:82:2d:8c
Signer

Actual PE Digest

54:13:79:94:a8:94:70:d8:e8:ea:19:5c:85:d8:c4:57:81:82:2d:8c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_wpgmptr
_getc_nolock
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2
_gmtime32

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/nspr4.dll
.dll windows:5 windows x86 arch:x86

e336f25dce4d873c578e183b318c3009

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor

wsock32

recvfrom
sendto
send
recv
connect
accept
select
__WSAFDIsSet
setsockopt
getpeername
getsockname
shutdown
listen
bind
inet_ntoa
closesocket
WSAStartup
WSACleanup
gethostname
getsockopt
WSAGetLastError
ioctlsocket
ntohl
ntohs
htons
getprotobynumber
getprotobyname
gethostbyaddr
gethostbyname
htonl
socket

winmm

timeGetTime

msvcr90

_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_time64
_stat64i32
_access
_mbspbrk
_mbsdec
_mbsinc
_beginthreadex
_exit
_environ
qsort
_stricmp
strpbrk
strftime
_mktime64
_localtime64
strncmp
_errno
strerror
realloc
calloc
malloc
strrchr
strstr
getenv
memset
strchr
isdigit
strtoul
strtol
isspace
tolower
memchr
sprintf
abort
free
fwrite
fflush
fopen
setvbuf
__iob_func
fclose
sscanf
memcpy
atoi
_strdup
isalpha
_putenv

kernel32

ResumeThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
OpenFileMappingA
GetTickCount
QueryPerformanceCounter
OpenSemaphoreA
LoadLibraryW
LeaveCriticalSection
UnlockFile
LockFile
RemoveDirectoryA
CreateDirectoryA
MoveFileA
GetHandleInformation
SetHandleInformation
GetFileInformationByHandle
SetLastError
FindFirstFileA
GetFullPathNameA
GetDriveTypeA
DeleteFileA
FindNextFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SuspendThread
SetThreadPriority
GetCurrentThread
DuplicateHandle
TlsFree
TlsAlloc
GetThreadContext
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcess
UnmapViewOfFile
MapViewOfFile
FormatMessageA
CreateFileMappingA
GetVersionExA
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTime
SystemTimeToFileTime
TlsSetValue
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
Sleep
GetStdHandle
CreatePipe
CreateFileA
CloseHandle
GlobalMemoryStatus
InterlockedExchange
GetSystemInfo
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LoadLibraryExW
GetModuleHandleA
DebugBreak
EnterCriticalSection
OutputDebugStringA

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_MD_FREE_CV
_PR_MD_NEW_CV
_PR_MD_NOTIFYALL_CV
_PR_MD_NOTIFY_CV
_PR_MD_UNLOCK
_PR_MD_WAIT_CV
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/nss3.dll
.dll windows:5 windows x86 arch:x86

325b68c91cd2e51c7407b8bf789b7706

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

SECITEM_HashCompare
SECITEM_Hash
NSS_Get_SEC_IA5StringTemplate_Util
PORT_RegExpCaseSearch
NSS_Get_SEC_SkipTemplate
SECOID_KnownCertExtenOID
DER_GetUInteger
DER_StoreHeader
DER_LengthLength
PORT_UCS4_UTF8Conversion
PORT_ISO88591_UTF8Conversion
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_T61StringTemplate
PORT_RegExpValid
NSS_Get_SEC_BMPStringTemplate_Util
SEC_StringToOID
SECOID_FindOIDByMechanism
PORT_LoadLibraryFromOrigin
NSS_Get_SEC_ObjectIDTemplate_Util
SGN_DecodeDigestInfo
NSS_Get_SEC_BitStringTemplate_Util
NSS_GetAlgorithmPolicy
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_IntegerTemplate_Util
DER_SetUInteger
NSS_Get_SEC_AnyTemplate_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_UnlockWrite_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_LockRead_Util
NSSRWLock_Destroy_Util
NSSRWLock_New_Util
NSSBase64_EncodeItem_Util
NSSBase64_DecodeBuffer_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Decoder_Create_Util
BTOA_ConvertItemToAscii_Util
ATOB_ConvertAsciiToItem_Util
ATOB_AsciiToData_Util
BTOA_DataToAscii_Util
SEC_ASN1LengthLength_Util
SEC_ASN1DecodeInteger_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1EncoderStart_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderStart_Util
DER_EncodeTimeChoice_Util
DER_DecodeTimeChoice_Util
CERT_GenTime2FormattedAscii_Util
DER_GeneralizedTimeToTime_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeChoiceDayToAscii_Util
DER_GeneralizedDayToAscii_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
DER_AsciiToTime_Util
DER_TimeToUTCTime_Util
DER_GetInteger_Util
DER_Lengths_Util
DER_Encode_Util
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_DupItem_Util
SECITEM_CopyItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CompareItem_Util
SECITEM_AllocItem_Util
SECOID_AddEntry_Util
SECOID_FindOIDTagDescription_Util
SECOID_CompareAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDByTag_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
NSS_PutEnv_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaRelease_Util
PORT_ArenaMark_Util
PORT_ArenaGrow_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_ArenaAlloc_Util
PORT_NewArena_Util
PORT_GetError_Util
PORT_ZFree_Util
PORT_Realloc_Util
SECOID_Init
SECOID_Shutdown
PORT_SetError_Util
PORT_ZAlloc_Util
PORT_Free_Util
PORT_Strdup_Util
PORT_Alloc_Util

libplc4

PL_strdup
PL_strfree
PL_strnstr
PL_strstr
PL_strcat
PL_strlen
PL_strncpyz
PL_strcatn
PL_strcasecmp
PL_strncasecmp

libplds4

PL_HashString
PL_FinishArenaPool
PL_InitArenaPool
PL_ArenaAllocate
PL_ArenaRelease
PL_HashTableEnumerateEntries
PL_HashTableDestroy
PL_CompareValues
PL_NewHashTable
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_CompareStrings

libnspr4

PR_htons
PR_Accept
PR_Send
PR_Shutdown
PR_Listen
PR_ConnectContinue
PR_Bind
PR_ErrorToString
PR_FindFunctionSymbol
PR_DestroyRWLock
PR_Realloc
PR_Malloc
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_Free
PR_Calloc
PR_sprintf_append
PR_GetError
PR_NetAddrToString
PR_ConvertIPv4AddrToIPv6
PR_htonl
PR_SetErrorText
PR_Sleep
PR_CallOnce
PR_FindSymbol
PR_LoadLibrary
PR_UnloadLibrary
PR_IntervalToSeconds
PR_IntervalToMilliseconds
PR_IntervalToMicroseconds
PR_NewLogModule
PR_LogPrint
PR_snprintf
PR_CallOnceWithArg
PR_IntervalNow
PR_GetEnv
PR_Poll
PR_TicksPerSecond
PR_Recv
PR_Write
PR_NewTCPSocket
PR_SecondsToInterval
PR_StringToNetAddr
PR_GetHostByName
PR_EnumerateHostEnt
PR_Connect
PR_InitializeNetAddr
PR_Close
PR_DestroyMonitor
PR_NewMonitor
PR_Now
PR_EnterMonitor
PR_ExitMonitor
PR_Lock
PR_Unlock
PR_VersionCheck
PR_NewLock
PR_DestroyLock
PR_smprintf
PR_smprintf_free

msvcr90

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
printf
sprintf
qsort
tolower
strncpy
isspace
fopen
__iob_func
fprintf
fflush
fclose
strstr
strchr
atoi
memmove
strtol
strncmp
getenv
isdigit
memcpy
strrchr
memset
_mktemp

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddExtension
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AsciiToName
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertTimesValid
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckNameSpace
CERT_ClearOCSPCache
CERT_CompareCerts
CERT_CompareName
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyName
CERT_CopyRDN
CERT_CreateAVA
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DistNamesFromCertList
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodeSubjectKeyID
CERT_EncodeUserNotice
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCRLEntryReasonExten
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIssuerAndSN
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDomainComponentName
CERT_GetFirstEmailAddress
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_IsCACert
CERT_IsCADERCert
CERT_IsRootDERCert
CERT_IsUserCert
CERT_KeyFromDERCrl
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_OCSPCacheSettings
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetSlopTime
CERT_SetUsePKIXForValidation
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_UncacheCRL
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_DSAPublicKeyTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_AnyTemplate
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BooleanTemplate
NSS_Get_SEC_GeneralizedTimeTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_NullTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToAnyTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTCTimeTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_sgn_DigestInfoTemplate
NSS_Init
NSS_InitContext
NSS_InitReadWrite
NSS_InitWithMerge
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_PutEnv
NSS_RegisterShutdown
NSS_Shutdown
NSS_ShutdownContext
NSS_UnregisterShutdown
NSS_VersionCheck
PBE_CreateContext
PBE_DestroyContext
PBE_GenerateBits
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_BlockData
PK11_ChangePW
PK11_CheckSSOPassword
PK11_CheckUserPassword
PK11_CipherOp
PK11_CloneContext
PK11_ConfigurePKCS11
PK11_ConvertSessionPrivKeyToTokenPrivKey
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CopySymKeyForSigning
PK11_CopyTokenPrivKeyToSessionPrivKey
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreateMergeLog
PK11_CreatePBEAlgorithmID
PK11_CreatePBEParams
PK11_CreatePBEV2AlgorithmID
PK11_DEREncodePublicKey
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithFlagsPerm
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyMergeLog
PK11_DestroyObject
PK11_DestroyPBEParams
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestKey
PK11_DigestOp
PK11_DoesMechanism
PK11_ExportEncryptedPrivKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
PK11_ExportPrivateKeyInfo
PK11_ExtractKeyValue
PK11_Finalize
PK11_FindBestKEAMatch
PK11_FindCertAndKeyByRecipientList
PK11_FindCertAndKeyByRecipientListNew
PK11_FindCertByIssuerAndSN
PK11_FindCertFromDERCert
PK11_FindCertFromDERCertItem
PK11_FindCertFromNickname
PK11_FindCertInSlot
PK11_FindCertsFromNickname
PK11_FindFixedKey
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindPrivateKeyFromCert
PK11_FindSlotByName
PK11_FindSlotsByNames
PK11_FortezzaHasKEA
PK11_FortezzaMapSig
PK11_FreeSlot
PK11_FreeSlotList
PK11_FreeSlotListElement
PK11_FreeSymKey
PK11_GenerateFortezzaIV
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithFlags
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateNewParam
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetAllSlotsForCert
PK11_GetAllTokens
PK11_GetBestKeyLength
PK11_GetBestSlot
PK11_GetBestSlotMultiple
PK11_GetBestWrapMechanism
PK11_GetBlockSize
PK11_GetCertFromPrivateKey
PK11_GetCurrentWrapIndex
PK11_GetDefaultArray
PK11_GetDefaultFlags
PK11_GetDisabledReason
PK11_GetFirstSafe
PK11_GetIVLength
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetKeyGen
PK11_GetKeyLength
PK11_GetKeyStrength
PK11_GetKeyType
PK11_GetLowLevelKeyIDForCert
PK11_GetLowLevelKeyIDForPrivateKey
PK11_GetMechanism
PK11_GetMinimumPwdLength
PK11_GetModInfo
PK11_GetModule
PK11_GetModuleID
PK11_GetNextGenericObject
PK11_GetNextSafe
PK11_GetNextSymKey
PK11_GetPBECryptoMechanism
PK11_GetPBEIV
PK11_GetPQGParamsFromPrivateKey
PK11_GetPadMechanism
PK11_GetPrevGenericObject
PK11_GetPrivateKeyNickname
PK11_GetPrivateModulusLen
PK11_GetPublicKeyNickname
PK11_GetSlotFromKey
PK11_GetSlotFromPrivateKey
PK11_GetSlotID
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotPWValues
PK11_GetSlotSeries
PK11_GetSymKeyHandle
PK11_GetSymKeyNickname
PK11_GetSymKeyType
PK11_GetSymKeyUserData
PK11_GetTokenInfo
PK11_GetTokenName
PK11_GetWindow
PK11_GetWrapKey
PK11_HasRootCerts
PK11_HashBuf
PK11_IVFromParam
PK11_ImportCRL
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportCertForKeyToSlot
PK11_ImportDERCert
PK11_ImportDERCertForKey
PK11_ImportDERPrivateKeyInfo
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportEncryptedPrivateKeyInfo
PK11_ImportPrivateKeyInfo
PK11_ImportPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey
PK11_ImportSymKey
PK11_ImportSymKeyWithFlags
PK11_InitPin
PK11_IsDisabled
PK11_IsFIPS
PK11_IsFriendly
PK11_IsHW
PK11_IsInternal
PK11_IsInternalKeySlot
PK11_IsLoggedIn
PK11_IsPresent
PK11_IsReadOnly
PK11_IsRemovable
PK11_KeyForCertExists
PK11_KeyForDERCertExists
PK11_KeyGen
PK11_LinkGenericObject
PK11_ListCerts
PK11_ListCertsInSlot
PK11_ListFixedKeysInSlot
PK11_ListPrivKeysInSlot
PK11_ListPrivateKeysInSlot
PK11_ListPublicKeysInSlot
PK11_LoadPrivKey
PK11_Logout
PK11_LogoutAll
PK11_MakeIDFromPubKey
PK11_MakeKEAPubKey
PK11_MapPBEMechanismToCryptoMechanism
PK11_MapSignKeyType
PK11_MechanismToAlgtag
PK11_MergeTokens
PK11_MoveSymKey
PK11_NeedLogin
PK11_NeedPWInit
PK11_NeedUserInit
PK11_PBEKeyGen
PK11_PQG_DestroyParams
PK11_PQG_DestroyVerify
PK11_PQG_GetBaseFromParams
PK11_PQG_GetCounterFromVerify
PK11_PQG_GetHFromVerify
PK11_PQG_GetPrimeFromParams
PK11_PQG_GetSeedFromVerify
PK11_PQG_GetSubPrimeFromParams
PK11_PQG_NewParams
PK11_PQG_NewVerify
PK11_PQG_ParamGen
PK11_PQG_ParamGenSeedLen
PK11_PQG_VerifyParams
PK11_ParamFromAlgid
PK11_ParamFromIV
PK11_ParamToAlgid
PK11_PrivDecryptPKCS1
PK11_ProtectedAuthenticationPath
PK11_PubDecryptRaw
PK11_PubDerive

Sections

.text
Size: 629KB - Virtual size: 629KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/nssckbi.dll
.dll windows:5 windows x86 arch:x86

c5503482ef8b9ca430a42f7593d706b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libplc4

PL_strlen

libplds4

PL_ArenaAllocate
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRemove
PL_HashTableAdd
PL_HashTableDestroy
PL_CompareValues
PL_NewHashTable
PL_FinishArenaPool
PL_InitArenaPool

libnspr4

PR_CallOnce
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_Free
PR_Calloc
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock

msvcr90

_crt_debugger_hook
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
memcpy
memset
memmove
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/nssdbm3.dll
.dll windows:5 windows x86 arch:x86

3ee47eced1cde33db6a3dc7585fc5c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libplc4

PL_strcasecmp
PL_strncasecmp

libplds4

PL_HashTableDestroy
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableAdd
PL_HashTableEnumerateEntries
PL_NewHashTable

libnspr4

PR_CallOnce
PR_FindFunctionSymbol
PR_GetLibraryFilePathname
PR_GetDirectorySeparator
PR_LoadLibraryWithFlags
PR_NewMonitor
PR_DestroyMonitor
PR_ExitMonitor
PR_EnterMonitor
PR_Now
PR_LoadLibrary
PR_FindSymbol
PR_GetEnv
PR_UnloadLibrary
PR_SetError
PR_Free
PR_htonl
PR_ntohl
PR_DestroyLock
PR_Lock
PR_Unlock
PR_NewLock
PR_CreateFileMap
PR_MemMap
PR_Read
PR_MemUnmap
PR_CloseFileMap
PR_Access
PR_MkDir
PR_OpenFile
PR_GetError
PR_Write
PR_Close
PR_Delete
PR_smprintf_free
PR_smprintf

nssutil3

NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
DER_DecodeTimeChoice_Util
SECITEM_AllocItem_Util
SECOID_Init
SECITEM_HashCompare
PORT_Realloc_Util
DER_SetUInteger
PORT_Strdup_Util
SECOID_FindOIDTag_Util
SECITEM_FreeItem_Util
SECOID_FindOIDByTag_Util
PORT_ArenaAlloc_Util
PORT_GetError_Util
SECITEM_ZfreeItem_Util
NSS_Get_SEC_AnyTemplate_Util
SEC_QuickDERDecodeItem_Util
SECOID_GetAlgorithmTag_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SEC_ASN1EncodeItem_Util
SECOID_SetAlgorithmID_Util
PORT_SetError_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_ZAlloc_Util
PORT_Alloc_Util
PORT_Free_Util
NSSBase64_EncodeItem_Util
PORT_ArenaRelease_Util
PORT_ArenaUnmark_Util
PORT_ArenaMark_Util
PORT_ArenaStrdup_Util
SECITEM_CompareItem_Util
SEC_ASN1EncodeInteger_Util
SECOID_Shutdown

msvcr90

tolower
strncmp
memcpy
free
memmove
malloc
calloc
abort
getenv
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
memset
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
isspace
atoi
isdigit
strncpy
strrchr
_lseek
_write
_getpid
_unlink
_close
_read
_open
_strdup
_errno
_stat64i32
_initterm
_get_osfhandle

kernel32

GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
FlushFileBuffers
GetCurrentProcess

Exports

Exports

legacy_AddSecmodDB
legacy_DeleteSecmodDB
legacy_Open
legacy_ReadSecmodDB
legacy_ReleaseSecmodDBData
legacy_SetCryptFunctions
legacy_Shutdown

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/nssutil3.dll
.dll windows:5 windows x86 arch:x86

8185d98bb77aeac629df9a7bb74862d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libplc4

PL_strncasecmp
PL_strcasecmp
PL_strpbrk
PL_strlen

libplds4

PL_FreeArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_HashTableDestroy
PL_ClearArenaPool
PL_HashTableLookup
PL_CompareValues
PL_NewHashTable
PL_HashTableAdd
PL_ArenaGrow
PL_ArenaRelease
PL_InitArenaPool
PL_HashTableLookupConst

libnspr4

PR_GetError
PR_LocalTimeParameters
PR_FormatTime
PR_GetEnv
PR_GetLibraryFilePathname
PR_GetDirectorySeparator
PR_LoadLibraryWithFlags
PR_NewLock
PR_NewCondVar
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_GetCurrentThread
PR_Lock
PR_WaitCondVar
PR_Unlock
PR_DestroyCondVar
PR_DestroyLock
PR_Free
PR_Realloc
PR_Malloc
PR_SetError
PR_Calloc
PR_ImplodeTime
PR_GMTParameters
PR_ExplodeTime

msvcr90

memcpy
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
strstr
strrchr
strchr
isalnum
isalpha
toupper
memset
tolower
isdigit
_putenv

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SetAlgorithmPolicy
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ReallocItem
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
UTIL_SetForkState

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/plc4.dll
.dll windows:5 windows x86 arch:x86

ed34896d023ebecd1611eecfb70c835f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_SetError
PR_Calloc
PR_GetSpecialFD
PR_GetError
PR_GetOSError
PR_ErrorToName
PR_fprintf
PR_Free
PR_Malloc

msvcr90

strrchr
strpbrk
strstr
_encode_pointer
_malloc_crt
strchr
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
strncmp
free
memcpy
malloc
_encoded_null

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/plds4.dll
.dll windows:5 windows x86 arch:x86

911c0f542103f8dffb47c759e9d17331

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_DestroyLock
PR_Free
PR_Malloc
PR_CeilingLog2
PR_Unlock
PR_CallOnce
PR_Lock
PR_NewLock

msvcr90

_decode_pointer
_initterm
_encoded_null
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
free
_malloc_crt
_encode_pointer
memset
memcpy
_initterm_e

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
libVersionPoint

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/rsa2048ca.cer
Plugins/CARoot/smime3.dll
.dll windows:5 windows x86 arch:x86

bee940391959a04bbe282d4c5f2a4e9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

SECKEY_CopyPublicKey
CERT_GetCertIssuerAndSN
CERT_DupCertificate
SECKEY_CreateSubjectPublicKeyInfo
SECKEY_DestroySubjectPublicKeyInfo
CERT_FindSubjectKeyIDExtension
PK11_FindPrivateKeyFromCert
SECKEY_CopyPrivateKey
CERT_DestroyCertificateList
CERT_VerifyCert
CERT_FindCertByDERCert
CERT_CertChainFromCert
CERT_DestroyCertList
CERT_DestroyCertArray
CERT_FilterCertListByUsage
CERT_AddCertToListTail
CERT_NewCertList
CERT_ImportCerts
CERT_FindCertByIssuerAndSN
CERT_FindCertBySubjectKeyID
CERT_GetCommonName
PK11_FortezzaHasKEA
CERT_SaveSMimeProfile
CERT_GetDefaultCertDB
CERT_CertListFromCert
SGN_Digest
SEC_SignData
SEC_GetSignatureAlgorithmOidTag
PK11_FortezzaMapSig
VFY_VerifyDigestDirect
VFY_VerifyDataDirect
HASH_GetHashObjectByOidTag
CERT_FindSMimeProfile
NSS_VersionCheck
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
PK11_GenerateRandom
PK11_HashBuf
PK11_MakeKEAPubKey
PK11_DigestOp
PK11_DigestBegin
SEC_PKCS5GetKeyLength
SEC_PKCS5GetCryptoAlgorithm
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
PK11_GetInternalSlot
PK11_ReferenceSlot
PK11_PBEKeyGen
PK11_GetInternalKeySlot
PK11_IsInternal
SECKEY_DestroyEncryptedPrivateKeyInfo
SECKEY_CopyEncryptedPrivateKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
SECKEY_DestroyPrivateKeyInfo
SECKEY_CopyPrivateKeyInfo
PK11_ExportPrivateKeyInfo
PK11_DestroyPBEParams
PK11_CreatePBEParams
PK11_SetSymKeyUserData
PK11_GetTokenName
PK11_TraverseCertsForSubjectInSlot
__CERT_DecodeDERCertificate
PK11_TraverseCertsForNicknameInSlot
PK11_FindKeyByDERCert
PK11_ImportDERCert
PK11_ImportCertForKeyToSlot
CERT_NewTempCertificate
CERT_IsRootDERCert
CERT_IsCADERCert
PK11_ImportPublicKey
PK11_ImportPrivateKeyInfo
PK11_ImportEncryptedPrivateKeyInfo
PK11_FindCertAndKeyByRecipientList
HASH_ResultLen
HASH_GetHashTypeByOidTag
PK11_UnwrapSymKey
CERT_ExtractPublicKey
NSS_Get_CERT_SetOfSignedCrlTemplate
PK11_FindBestKEAMatch
CERT_DestroyCertificate
SECKEY_DestroyPublicKey
PK11_FindKeyByAnyCert
PK11_PubDerive
SECKEY_DestroyPrivateKey
PK11_WrapSymKey
PK11_GetKeyLength
PK11_PubUnwrapSymKey
SECKEY_GetPublicKeyType
SECKEY_PublicKeyStrength
PK11_PubWrapSymKey
PK11_SetPasswordFunc
PK11_FindCertAndKeyByRecipientListNew
PK11_GetBestSlot
PK11_KeyGen
SEC_PKCS5IsAlgorithmPBEAlgTag
PK11_CreatePBEAlgorithmID
PK11_GenerateNewParam
PK11_ParamToAlgid
SEC_PKCS5IsAlgorithmPBEAlg
PK11_GetSymKeyUserData
PK11_GetPBECryptoMechanism
PK11_AlgtagToMechanism
PK11_ParamFromAlgid
PK11_GetBlockSize
PK11_GetSlotFromKey
PK11_IsHW
PK11_FreeSlot
PK11_CreateContextBySymKey
PK11_CipherOp
PK11_DestroyContext
PK11_FreeSymKey
PK11_ReferenceSymKey
PK11_GetKeyStrength
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_CERT_IssuerAndSNTemplate
PK11_DigestFinal

nssutil3

SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearNotifyProc_Util
NSS_Get_SEC_IntegerTemplate_Util
SEC_ASN1DecodeItem_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1DecodeInteger_Util
DER_DecodeTimeChoice_Util
PORT_Strdup_Util
DER_EncodeTimeChoice_Util
SECOID_CompareAlgorithmID_Util
SECITEM_ItemsAreEqual_Util
SECOID_FindOIDTag_Util
NSS_Get_sgn_DigestInfoTemplate_Util
SECITEM_ZfreeItem_Util
SGN_CreateDigestInfo_Util
PORT_UCS2_ASCIIConversion_Util
SGN_DestroyDigestInfo_Util
SECITEM_CompareItem_Util
PORT_Realloc_Util
PORT_UCS2_UTF8Conversion_Util
SGN_CopyDigestInfo_Util
DER_GetInteger_Util
NSS_Get_SEC_BMPStringTemplate_Util
PORT_ArenaStrdup_Util
SEC_ASN1DecoderClearNotifyProc_Util
PORT_ZFree_Util
SECITEM_DupItem_Util
ATOB_ConvertAsciiToItem_Util
ATOB_AsciiToData_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderUpdate_Util
SECOID_DestroyAlgorithmID_Util
PORT_NewArena_Util
PORT_FreeArena_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderFinish_Util
PORT_GetError_Util
PORT_Alloc_Util
SECITEM_FreeItem_Util
PORT_ZAlloc_Util
PORT_Free_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECITEM_AllocItem_Util
SEC_ASN1EncodeItem_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
SECOID_FindOID_Util
PORT_SetError_Util
PORT_ArenaMark_Util
SECOID_FindOIDByTag_Util
SECITEM_CopyItem_Util
SECITEM_ArenaDupItem_Util
PORT_ArenaRelease_Util
PORT_ArenaUnmark_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_SetOfAnyTemplate_Util
PORT_ArenaGrow_Util
PORT_ArenaZAlloc_Util
PORT_ArenaAlloc_Util

libplc4

PL_strncasecmp

libnspr4

PR_Now

msvcr90

_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_initterm_e
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
memmove
strchr
memset
memcpy
__clean_type_info_names_internal

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

CERT_ConvertAndDecodeCertificate
CERT_DecodeCertFromPackage
CERT_DecodeCertPackage
NSSSMIME_VersionCheck
NSS_CMSContentInfo_GetBulkKey
NSS_CMSContentInfo_GetBulkKeySize
NSS_CMSContentInfo_GetContent
NSS_CMSContentInfo_GetContentEncAlgTag
NSS_CMSContentInfo_GetContentTypeTag
NSS_CMSContentInfo_SetBulkKey
NSS_CMSContentInfo_SetContent
NSS_CMSContentInfo_SetContentEncAlg
NSS_CMSContentInfo_SetContent_Data
NSS_CMSContentInfo_SetContent_DigestedData
NSS_CMSContentInfo_SetContent_EncryptedData
NSS_CMSContentInfo_SetContent_EnvelopedData
NSS_CMSContentInfo_SetContent_SignedData
NSS_CMSDEREncode
NSS_CMSDecoder_Cancel
NSS_CMSDecoder_Finish
NSS_CMSDecoder_Start
NSS_CMSDecoder_Update
NSS_CMSDigestContext_Cancel
NSS_CMSDigestContext_FinishMultiple
NSS_CMSDigestContext_FinishSingle
NSS_CMSDigestContext_StartMultiple
NSS_CMSDigestContext_StartSingle
NSS_CMSDigestContext_Update
NSS_CMSDigestedData_Create
NSS_CMSDigestedData_Destroy
NSS_CMSDigestedData_GetContentInfo
NSS_CMSEncoder_Cancel
NSS_CMSEncoder_Finish
NSS_CMSEncoder_Start
NSS_CMSEncoder_Update
NSS_CMSEncryptedData_Create
NSS_CMSEncryptedData_Destroy
NSS_CMSEncryptedData_GetContentInfo
NSS_CMSEnvelopedData_AddRecipient
NSS_CMSEnvelopedData_Create
NSS_CMSEnvelopedData_Destroy
NSS_CMSEnvelopedData_GetContentInfo
NSS_CMSMessage_ContentLevel
NSS_CMSMessage_ContentLevelCount
NSS_CMSMessage_Copy
NSS_CMSMessage_Create
NSS_CMSMessage_CreateFromDER
NSS_CMSMessage_Destroy
NSS_CMSMessage_GetContent
NSS_CMSMessage_GetContentInfo
NSS_CMSMessage_IsEncrypted
NSS_CMSMessage_IsSigned
NSS_CMSRecipientInfo_Create
NSS_CMSRecipientInfo_CreateFromDER
NSS_CMSRecipientInfo_CreateNew
NSS_CMSRecipientInfo_CreateWithSubjKeyID
NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert
NSS_CMSRecipientInfo_Destroy
NSS_CMSRecipientInfo_Encode
NSS_CMSRecipientInfo_GetCertAndKey
NSS_CMSRecipientInfo_UnwrapBulkKey
NSS_CMSRecipientInfo_WrapBulkKey
NSS_CMSSignedData_AddCertChain
NSS_CMSSignedData_AddCertList
NSS_CMSSignedData_AddCertificate
NSS_CMSSignedData_AddDigest
NSS_CMSSignedData_AddSignerInfo
NSS_CMSSignedData_Create
NSS_CMSSignedData_CreateCertsOnly
NSS_CMSSignedData_Destroy
NSS_CMSSignedData_GetContentInfo
NSS_CMSSignedData_GetDigestAlgs
NSS_CMSSignedData_GetSignerInfo
NSS_CMSSignedData_HasDigests
NSS_CMSSignedData_ImportCerts
NSS_CMSSignedData_SetDigestValue
NSS_CMSSignedData_SetDigests
NSS_CMSSignedData_SignerInfoCount
NSS_CMSSignedData_VerifyCertsOnly
NSS_CMSSignedData_VerifySignerInfo
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSMIMECaps
NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSigningTime
NSS_CMSSignerInfo_Create
NSS_CMSSignerInfo_CreateWithSubjKeyID
NSS_CMSSignerInfo_Destroy
NSS_CMSSignerInfo_GetCertList
NSS_CMSSignerInfo_GetSignerCommonName
NSS_CMSSignerInfo_GetSignerEmailAddress
NSS_CMSSignerInfo_GetSigningCertificate
NSS_CMSSignerInfo_GetSigningTime
NSS_CMSSignerInfo_GetVerificationStatus
NSS_CMSSignerInfo_GetVersion
NSS_CMSSignerInfo_IncludeCerts
NSS_CMSUtil_VerificationStatusToString
NSS_SMIMESignerInfo_SaveSMIMEProfile
NSS_SMIMEUtil_FindBulkAlgForRecipients
SECMIME_DecryptionAllowed
SEC_PKCS12AddCertAndKey
SEC_PKCS12AddCertOrChainAndKey
SEC_PKCS12AddPasswordIntegrity
SEC_PKCS12CreateExportContext
SEC_PKCS12CreatePasswordPrivSafe
SEC_PKCS12CreateUnencryptedSafe
SEC_PKCS12DecoderFinish
SEC_PKCS12DecoderGetCerts
SEC_PKCS12DecoderImportBags
SEC_PKCS12DecoderIterateInit
SEC_PKCS12DecoderIterateNext
SEC_PKCS12DecoderSetTargetTokenCAs
SEC_PKCS12DecoderStart
SEC_PKCS12DecoderUpdate
SEC_PKCS12DecoderValidateBags
SEC_PKCS12DecoderVerify
SEC_PKCS12DecryptionAllowed
SEC_PKCS12DestroyExportContext
SEC_PKCS12EnableCipher
SEC_PKCS12Encode
SEC_PKCS12IsEncryptionAllowed
SEC_PKCS12SetPreferredCipher
SEC_PKCS7AddCertificate
SEC_PKCS7AddRecipient
SEC_PKCS7AddSigningTime
SEC_PKCS7ContainsCertsOrCrls
SEC_PKCS7ContentIsEncrypted
SEC_PKCS7ContentIsSigned
SEC_PKCS7ContentType
SEC_PKCS7CopyContentInfo
SEC_PKCS7CreateCertsOnly
SEC_PKCS7CreateData
SEC_PKCS7CreateEncryptedData
SEC_PKCS7CreateEnvelopedData
SEC_PKCS7CreateSignedData
SEC_PKCS7DecodeItem
SEC_PKCS7DecoderAbort
SEC_PKCS7DecoderFinish
SEC_PKCS7DecoderStart
SEC_PKCS7DecoderUpdate
SEC_PKCS7DecryptContents
SEC_PKCS7DestroyContentInfo
SEC_PKCS7Encode
SEC_PKCS7EncodeItem
SEC_PKCS7EncoderAbort
SEC_PKCS7EncoderFinish
SEC_PKCS7EncoderStart
SEC_PKCS7EncoderUpdate
SEC_PKCS7GetCertificateList
SEC_PKCS7GetContent
SEC_PKCS7GetEncryptionAlgorithm
SEC_PKCS7GetSignerCommonName
SEC_PKCS7GetSignerEmailAddress
SEC_PKCS7GetSigningTime
SEC_PKCS7IncludeCertChain
SEC_PKCS7IsContentEmpty
SEC_PKCS7SetContent
SEC_PKCS7VerifyDetachedSignature
SEC_PKCS7VerifySignature

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/softokn3.dll
.dll .ps1 windows:5 windows x86 arch:x86 polyglot

3c7e3bcaece3a242721e345b7dfe12ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sqlite3

sqlite3_bind_text
sqlite3_bind_int
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_step
sqlite3_column_int
sqlite3_prepare_v2
sqlite3_bind_blob
sqlite3_reset
sqlite3_finalize
sqlite3_open
sqlite3_busy_timeout
sqlite3_close
sqlite3_free
sqlite3_mprintf
sqlite3_exec

nssutil3

SECITEM_CompareItem_Util
PORT_Strdup_Util
SECOID_FindOIDByMechanism
SEC_QuickDERDecodeItem_Util
SGN_DecodeDigestInfo
SGN_CreateDigestInfo_Util
DER_Encode_Util
SGN_DestroyDigestInfo_Util
PORT_GetError_Util
UTIL_SetForkState
SECOID_Shutdown
SECOID_Init
SECITEM_HashCompare
DER_SetUInteger
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_Realloc_Util
SECOID_GetAlgorithmTag_Util
SEC_ASN1DecodeItem_Util
DER_GetInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SECOID_SetAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECITEM_DupItem_Util
SECITEM_AllocItem_Util
PORT_ZFree_Util
SECITEM_ZfreeItem_Util
PORT_ZAlloc_Util
SECITEM_FreeItem_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
SECITEM_CopyItem_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
PORT_SetError_Util
PORT_Alloc_Util
PORT_Free_Util
PORT_FreeArena_Util

libplc4

PL_strcasecmp
PL_strncasecmp

libplds4

PL_HashTableDestroy
PL_HashTableRemove
PL_NewHashTable
PL_HashTableAdd
PL_HashTableLookupConst
PL_HashTableEnumerateEntries
PL_CompareValues
PL_HashTableLookup

libnspr4

PR_CallOnce
PR_SetError
PR_Free
PR_Delete
PR_Rename
PR_smprintf
PR_NewMonitor
PR_DestroyMonitor
PR_Now
PR_EnterMonitor
PR_GetCurrentThread
PR_ExitMonitor
PR_snprintf
PR_GetEnv
PR_LoadLibraryWithFlags
PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_Unlock
PR_Lock
PR_UnloadLibrary
PR_FindFunctionSymbol
PR_AtomicDecrement
PR_DestroyLock
PR_smprintf_free
PR_Sleep
PR_AtomicIncrement
PR_NewLock
PR_SecondsToInterval
PR_Access
PR_IntervalNow
PR_MillisecondsToInterval

msvcr90

_close
_fdopen
_open
_strdup
_chmod
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
strncpy
isspace
strstr
strchr
fprintf
fopen
fclose
fgets
strncmp
fwrite
fputs
strncat
malloc
free
sprintf
memcpy
strrchr
atoi
isdigit
islower
isupper
memset

kernel32

QueryPerformanceCounter
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
InterlockedExchange
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/sqlite3.dll
.dll windows:5 windows x86 arch:x86

903a9ed01f660affdd1454447faccc91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
memmove
strncmp
atoi
memcpy
memset
realloc
free
malloc
_localtime64_s

kernel32

SetFilePointer
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedExchange
CreateFileW
CreateFileA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetFullPathNameW
GetFullPathNameA
FormatMessageW
FormatMessageA
LocalFree
GetTempPathW
GetTempPathA
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FreeLibrary
Sleep
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
CloseHandle
ReadFile
GetLastError
WriteFile
SetEndOfFile
FlushFileBuffers
GetFileSize
UnlockFile
LockFile
GetFileAttributesA
DeleteFileA
GetFileAttributesW
DeleteFileW
LoadLibraryA
LoadLibraryW
GetProcAddress

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_realloc
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_step
sqlite3_thread_cleanup
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vmprintf

Sections

.text
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/CARoot/ssl3.dll
.dll windows:5 windows x86 arch:x86

4e98c9f942a3754c37d443bc06f85e72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

CERT_DupCertList
SECKEY_CacheStaticFlags
PK11_MapSignKeyType
PK11_CopyTokenPrivKeyToSessionPrivKey
PK11_ReferenceSlot
CERT_DistNamesFromCertList
CERT_DupDistNames
CERT_DestroyCertificate
CERT_FreeNicknames
CERT_CheckCertValidTimes
CERT_GetCertNicknames
PK11_FindKeyByAnyCert
CERT_FindUserCertByUsage
CERT_FindCertByName
PK11_VerifyKeyOK
PK11_ReferenceSymKey
PK11_GetBestKeyLength
PK11_SaveContextAlloc
PK11_DigestKey
PK11_RestoreContext
PK11_CreateDigestContext
PK11_Derive
CERT_GetSSLCACerts
PK11_GetSlotFromKey
PK11_SymKeyFromHandle
SECMOD_LookupSlot
PK11_IsPresent
PK11_GetSlotSeries
PK11_GetSlotID
PK11_GetModuleID
PK11_NeedLogin
PK11_IsLoggedIn
PK11_DigestBegin
PK11_DigestOp
PK11_DigestFinal
PK11_CreateContextBySymKey
PK11_IVFromParam
PK11_CipherOp
PK11_ParamFromIV
PK11_DestroyContext
PK11_HashBuf
DSAU_DecodeDerSig
PK11_Verify
PK11_SignatureLen
PK11_Sign
DSAU_EncodeDerSigWithLen
PK11_Finalize
CERT_FreeDistNames
NSS_RegisterShutdown
NSS_VersionCheck
VFY_CreateContext
VFY_Begin
VFY_Update
VFY_End
VFY_DestroyContext
SGN_NewContext
SGN_Begin
SGN_Update
SGN_End
SGN_DestroyContext
PK11_PubEncryptRaw
PK11_PubDecryptRaw
PK11_GetBestSlot
__PK11_CreateContextByRawKey
HASH_GetHashObject
CERT_VerifyCertName
CERT_NameToAscii
SECKEY_CopyPrivateKey
CERT_NewTempCertificate
SECKEY_UpdateCertPQG
CERT_VerifyCertNow
PK11_UnwrapSymKeyWithFlags
PK11_ImportSymKey
SECKEY_PublicKeyStrengthInBits
SECKEY_CreateDHPrivateKey
PK11_PubDerive
CERT_DupCertificate
CERT_CertChainFromCert
PK11_GetSlotFromPrivateKey
PK11_GetInternalSlot
PK11_GetKeyData
CERT_DestroyCertificateList
SECKEY_CreateRSAPrivateKey
SECKEY_DestroyPrivateKey
PK11_GetCurrentWrapIndex
PK11_GetWrapKey
PK11_GetBestWrapMechanism
PK11_SetWrapKey
PK11_GetMechanism
PK11_FreeSymKey
PK11_WrapSymKey
PK11_GenerateRandom
PK11_TokenExists
CERT_ExtractPublicKey
SECKEY_GetPrivateKeyType
PK11_GetPrivateModulusLen
PK11_GetBestSlotMultiple
PK11_KeyGen
PK11_FreeSlot
SECKEY_PublicKeyStrength
PK11_PubWrapSymKey
PK11_PrivDecryptPKCS1
PK11_PubUnwrapSymKey
SECKEY_DestroyPublicKey
PK11_DeriveWithFlags
PK11_ExtractKeyValue
CERT_GetDefaultCertDB

nssutil3

SECITEM_DupItem_Util
DER_Lengths_Util
NSSRWLock_New_Util
NSSRWLock_Destroy_Util
ATOB_AsciiToData_Util
BTOA_DataToAscii_Util
NSS_PutEnv_Util
SECITEM_Hash
SECOID_GetAlgorithmTag_Util
PORT_Realloc_Util
SECITEM_AllocItem_Util
SECITEM_ZfreeItem_Util
NSS_SecureMemcmp
PORT_ArenaAlloc_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
PORT_GetError_Util
PORT_FreeArena_Util
PORT_ZAlloc_Util
SECITEM_CopyItem_Util
PORT_Strdup_Util
SECITEM_CompareItem_Util
NSSRWLock_LockRead_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_UnlockWrite_Util
PORT_Free_Util
PORT_Alloc_Util
SECITEM_FreeItem_Util
PORT_SetError_Util
PORT_ZFree_Util

libplc4

PL_strdup

libnspr4

PR_FindFunctionSymbol
PR_UnloadLibrary
PR_GetLibraryFilePathname
PR_Free
PR_GetDirectorySeparator
PR_LoadLibraryWithFlags
PR_Now
PR_Close
PR_NewMonitor
PR_CreateIOLayerStub
PR_PushIOLayer
PR_GetUniqueIdentity
PR_GetDefaultIOMethods
PR_GetSocketOption
PR_ConvertIPv4AddrToIPv6
PR_SetError
PR_DestroyMonitor
PR_GetIdentitiesLayer
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_ImportFileMapFromString
PR_ExportFileMapAsString
PR_smprintf
PR_OpenAnonFileMap
PR_smprintf_free
PR_MemMap
PR_MemUnmap
PR_CloseFileMap
PR_StringToNetAddr
PR_CallOnce
PR_CallOnceWithArg
PR_PopIOLayer
PR_GetCurrentThread
PR_ExitMonitor
PR_Sleep
PR_EnterMonitor
PR_GetError
PR_NewLock
PR_Lock
PR_Unlock
PR_DestroyLock
PR_GetEnv

msvcr90

_crt_debugger_hook
__clean_type_info_names_internal
__CppXcptFilter
__dllonexit
_lock
_onexit
_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm_e
memcpy
memmove
memset
_getpid
strstr
_time64
strchr
getenv
strrchr
malloc
free
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_unlock
_initterm

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateMutexA
GetLastError
GetSystemTimeAsFileTime

Exports

Exports

NSSSSL_VersionCheck
NSS_CmpCertChainWCANames
NSS_FindCertKEAType
NSS_GetClientAuthData
NSS_SetDomesticPolicy
NSS_SetExportPolicy
NSS_SetFrancePolicy
SSL_AuthCertificate
SSL_AuthCertificateHook
SSL_BadCertHook
SSL_CanBypass
SSL_CertDBHandleSet
SSL_CipherPolicyGet
SSL_CipherPolicySet
SSL_CipherPrefGet
SSL_CipherPrefGetDefault
SSL_CipherPrefSet
SSL_CipherPrefSetDefault
SSL_ClearSessionCache
SSL_ConfigMPServerSIDCache
SSL_ConfigSecureServer
SSL_ConfigServerSessionIDCache
SSL_ConfigServerSessionIDCacheWithOpt
SSL_DataPending
SSL_ForceHandshake
SSL_ForceHandshakeWithTimeout
SSL_GetChannelInfo
SSL_GetCipherSuiteInfo
SSL_GetClientAuthDataHook
SSL_GetImplementedCiphers
SSL_GetMaxServerCacheLocks
SSL_GetNegotiatedHostInfo
SSL_GetNumImplementedCiphers
SSL_GetSessionID
SSL_GetStatistics
SSL_HandshakeCallback
SSL_HandshakeNegotiatedExtension
SSL_ImplementedCiphers
SSL_ImportFD
SSL_InheritMPServerSIDCache
SSL_InvalidateSession
SSL_LocalCertificate
SSL_NumImplementedCiphers
SSL_OptionGet
SSL_OptionGetDefault
SSL_OptionSet
SSL_OptionSetDefault
SSL_PeerCertificate
SSL_PreencryptedFileToStream
SSL_PreencryptedStreamToFile
SSL_ReHandshake
SSL_ReHandshakeWithTimeout
SSL_ReconfigFD
SSL_ResetHandshake
SSL_RestartHandshakeAfterCertReq
SSL_RestartHandshakeAfterServerCert
SSL_RevealCert
SSL_RevealPinArg
SSL_RevealURL
SSL_SNISocketConfigHook
SSL_SecurityStatus
SSL_SetMaxServerCacheLocks
SSL_SetPKCS11PinArg
SSL_SetSockPeerID
SSL_SetTrustAnchors
SSL_SetURL
SSL_ShutdownServerSessionIDCache

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
log/$SYSDIR/FindDLL.dll
.dll windows:4 windows x86 arch:x86

22a80766aab97d5b80bc30aaad66029f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\IBM\桌面\FindDLL\release\FindDLL.pdb

Imports

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

shlwapi

StrStrIA

kernel32

GetModuleFileNameA
HeapSize
OpenProcess
CloseHandle
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
WriteFile
LoadLibraryA
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind

Exports

Exports

FindModules

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

099c0646ea7282d232219f8807883be0

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1Certificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

71:65:4c:58:b2:4b:03:71:85:53:04:cb:5c:35:3a:63:1d:6f:dc:f2:83:c2:16:9a:13:53:bf:38:4d:ab:33:55Signer

0d:e7:8a:f1:2c:9f:3a:de:a2:47:0d:a4:c6:5b:79:18:31:1d:98:b5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 116KB

.rsrc Size: 11KB - Virtual size: 10KB

Password: infected

7fa974366048f9c551ef45714595665e

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate

Extended Key Usages

Key Usages

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fcCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

34:c9:d2:bf:12:81:f9:b0:fd:4d:2e:12:15:0e:d9:84:11:dc:66:84:f0:ea:4e:11:ab:18:7a:85:99:04:24:d4Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:9b:76:fd:fd:e6:0a:03:e3:58:f6:88:6b:62:b7:b1
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

71:65:4c:58:b2:4b:03:71:85:53:04:cb:5c:35:3a:63:1d:6f:dc:f2:83:c2:16:9a:13:53:bf:38:4d:ab:33:55
Signer

0d:e7:8a:f1:2c:9f:3a:de:a2:47:0d:a4:c6:5b:79:18:31:1d:98:b5
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 116KB

.rsrc
Size: 11KB - Virtual size: 10KB

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fc
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

34:c9:d2:bf:12:81:f9:b0:fd:4d:2e:12:15:0e:d9:84:11:dc:66:84:f0:ea:4e:11:ab:18:7a:85:99:04:24:d4
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 43KB - Virtual size: 42KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

4f:bc:56:89:bb:11:5d:21:d3:6c:1a:0b:01:73:37:fc
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

ec:e7:9e:cc:de:f7:47:2c:d8:f9:f3:62:39:7f:a3:b8:da:50:f2:f7:59:4a:af:1d:22:0f:32:38:a1:3f:51:dd
Signer