9eadb225767071c60ee4244e4c7ae048_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9eadb225767071c60ee4244e4c7ae048_JaffaCakes118
Size

1.5MB
MD5

9eadb225767071c60ee4244e4c7ae048
SHA1

4620e07c0a247a12a60f1181588a44b770a313df
SHA256

fa1391f82cf84e2e118f439fe276ab9fa6c1dbc4dda8009a25572ff1bc9b4657
SHA512

fd28d356d94dc2af45e81b32a7ebf78beee12f45ce6df2ca7921ff49074b999eb9bfac8695f2d3031b24dd9d847f4f999bd33270ba154465c22aff8d4f3a30ad
SSDEEP

24576:GMCkTJuZjoCNm/LakQ4MJSp1oLQo1CTXoHrI4R20MB+OD8ijQVP6UJD1Hdx7:vElGLTBuSILr1CT4HrI40lgOD8iSP627

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstOpt.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/MACDll.dll
unpack001/lame_enc.dll
unpack001/libFLAC.dll
unpack001/libvorbis.dll

Files

9eadb225767071c60ee4244e4c7ae048_JaffaCakes118
.exe windows:5 windows x86 arch:x86

32f3282581436269b3a75b6675fe3e08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05-01-2018 00:00

Not After

05-01-2019 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

17-05-2017 00:00

Not After

15-08-2020 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=North Point,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:61:da:2c:d5:fd:d1:04:60:45:ae:4b:ec:7e:90:b4:19:9e:42:89:ab:31:eb:0e:19:91:b4:05:74:a5:ad:62
Signer

Actual PE Digest

2e:61:da:2c:d5:fd:d1:04:60:45:ae:4b:ec:7e:90:b4:19:9e:42:89:ab:31:eb:0e:19:91:b4:05:74:a5:ad:62

Digest Algorithm

sha256

PE Digest Matches

true

03:9a:1a:f1:93:9f:81:3c:b3:a3:fb:7d:5a:9c:1a:f7:14:22:3f:02
Signer

Actual PE Digest

03:9a:1a:f1:93:9f:81:3c:b3:a3:fb:7d:5a:9c:1a:f7:14:22:3f:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$0
.exe windows:4 windows x86 arch:x86

08deff66666d9f562e0cd9c9296e4950

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05-01-2018 00:00

Not After

05-01-2019 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

17-05-2017 00:00

Not After

15-08-2020 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=North Point,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08
Signer

Actual PE Digest

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08

Digest Algorithm

sha256

PE Digest Matches

true

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42
Signer

Actual PE Digest

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetStdHandle
GetACP
GetOEMCP
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
GetDriveTypeA
CreateFileA
CompareStringA
SetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
GetFileType
GetStdHandle
QueryPerformanceCounter
FindResourceA
GlobalAddAtomA
GetProfileStringA
GlobalUnlock
LocalFree
LocalAlloc
SetHandleCount
GetCurrentProcessId
FindClose
GetTickCount
SystemTimeToFileTime
GetLastError
CloseHandle
ReadFile
InitializeCriticalSection
MulDiv
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ResetEvent
FreeLibrary
SetLastError
ResumeThread
SuspendThread
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
GetFileTime
GetLogicalDrives
GetCurrentThreadId
GlobalHandle
UnmapViewOfFile
GetCurrentProcess
MapViewOfFile
GetFileSize
GlobalLock
SetFilePointer
WriteFile
GetVersion
ExitProcess
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetSystemTimeAsFileTime
GetCurrentDirectoryA
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
GetSystemTime
CreateThread
SetEvent
SetThreadPriority
DeviceIoControl
Sleep
GlobalFree
GetTimeZoneInformation
TerminateProcess
RtlUnwind
SetErrorMode
GetThreadLocale
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GlobalSize
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
TlsAlloc
GetProcessVersion
lstrcmpiA
lstrcmpA
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalDeleteAtom
DeleteCriticalSection
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
SetThreadExecutionState
CreateEventA
GetOverlappedResult
SizeofResource
LoadResource
LockResource
GetSystemDefaultLangID
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
GetCurrentThread
GlobalAlloc

user32

GetNextDlgGroupItem
SetWindowContextHelpId
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetDesktopWindow
SetRectEmpty
MapDialogRect
GetAsyncKeyState
EndDialog
GetActiveWindow
EndPaint
BeginPaint
DestroyCursor
ReleaseCapture
SetCapture
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetCapture
GetMenu
GetMenuItemID
TrackPopupMenu
DestroyWindow
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
IntersectRect
IsRectEmpty
GetWindowRect
GetClientRect
AdjustWindowRectEx
IsChild
MessageBoxA
CharToOemA
OemToCharA
GetMenuItemCount
RemoveMenu
CheckMenuItem
DrawEdge
UpdateWindow
GetWindowDC
CreateIconIndirect
ShowWindow
GetIconInfo
DestroyIcon
PtInRect
EnumChildWindows
UnhookWindowsHookEx
GetWindowPlacement
CallNextHookEx
GetDlgCtrlID
SetWindowPos
DrawFrameControl
GetSysColorBrush
FrameRect
DrawFocusRect
InvalidateRgn
SetMenuDefaultItem
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
SetCursorPos
DefDlgProcA
DefWindowProcA
CharNextA
SetWindowsHookExA
SendMessageA
GetClassNameA
InvalidateRect
InflateRect
GetSysColor
RedrawWindow
ReleaseDC
GetDC
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
GetParent
KillTimer
SetTimer
SetCursor
GetDlgItem
GetFocus
SetMenu
GetSystemMenu
LockWindowUpdate
IsWindow
GetWindow
DeferWindowPos
GetKeyState
MoveWindow
ScreenToClient
SetFocus
CloseClipboard
EmptyClipboard
GetSubMenu
CheckMenuRadioItem
MessageBeep
IsIconic
DrawIcon
GetSystemMetrics
GetCursorPos
FillRect
CopyRect
OffsetRect
ShowScrollBar
ClientToScreen
WindowFromPoint
SetClipboardData
OpenClipboard

gdi32

LPtoDP
DPtoLP
GetClipBox
GetMapMode
CreatePatternBrush
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetDIBits
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
Escape
GetDIBits
GetDeviceCaps
DeleteDC
GetBkColor
PatBlt
SelectObject
GetStockObject
CreateBitmap
StretchBlt
BitBlt
SetStretchBltMode
SetPixel
GetPixel
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
CreateSolidBrush
SetTextColor
SetBkColor
CreateDIBitmap
GetTextColor
ExtTextOutA
GetTextExtentPointA

winspool.drv

ClosePrinter

advapi32

RegCloseKey
OpenProcessToken
GetTokenInformation

shell32

SHGetDesktopFolder
DragAcceptFiles
SHGetMalloc
DragFinish
SHGetSpecialFolderPathW

comctl32

ord17
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW
DestroyPropertySheetPage
_TrackMouseEvent
CreatePropertySheetPageW

ole32

CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CLSIDFromString
CoRegisterMessageFilter
CoGetClassObject
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
CoTaskMemFree
ReleaseStgMedium
PropVariantClear
CoInitialize
CoCreateInstance
CoUninitialize
DoDragDrop

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
SysStringLen

wininet

InternetCloseHandle
InternetConnectW
HttpQueryInfoW
InternetReadFile
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetOpenW
InternetAttemptConnect

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 948KB - Virtual size: 945KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstOpt.dll
.dll windows:4 windows x86 arch:x86

52963c73128befcc683116d6ab0cd3f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
LocalAlloc

user32

CreateDialogParamW
MapWindowPoints
CallWindowProcW
SetWindowLongW
ShowWindow
IsDialogMessageW
GetWindowRect
MoveWindow
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
GetDlgItem
SetWindowTextW
SendMessageW
PostMessageW

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

ShellExecuteExW

msvcrt

_itow
swprintf
wcsncpy
memset
wcscpy
wcscmp

Exports

Exports

Dialog
InitDialog
Show
Uninstall

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AnyBurn.exe
.exe windows:4 windows x86 arch:x86

08deff66666d9f562e0cd9c9296e4950

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

05-01-2018 00:00

Not After

05-01-2019 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=NORTH POINT,ST=HONG KONG,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

17-05-2017 00:00

Not After

15-08-2020 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=North Point,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08
Signer

Actual PE Digest

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08

Digest Algorithm

sha256

PE Digest Matches

true

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42
Signer

Actual PE Digest

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetStdHandle
GetACP
GetOEMCP
GetStringTypeA
IsBadReadPtr
IsBadCodePtr
GetDriveTypeA
CreateFileA
CompareStringA
SetEnvironmentVariableA
GetWindowsDirectoryA
GetSystemDirectoryA
InterlockedExchange
GetFileType
GetStdHandle
QueryPerformanceCounter
FindResourceA
GlobalAddAtomA
GetProfileStringA
GlobalUnlock
LocalFree
LocalAlloc
SetHandleCount
GetCurrentProcessId
FindClose
GetTickCount
SystemTimeToFileTime
GetLastError
CloseHandle
ReadFile
InitializeCriticalSection
MulDiv
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ResetEvent
FreeLibrary
SetLastError
ResumeThread
SuspendThread
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
GetFileTime
GetLogicalDrives
GetCurrentThreadId
GlobalHandle
UnmapViewOfFile
GetCurrentProcess
MapViewOfFile
GetFileSize
GlobalLock
SetFilePointer
WriteFile
GetVersion
ExitProcess
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
GetSystemTimeAsFileTime
GetCurrentDirectoryA
HeapReAlloc
RaiseException
HeapAlloc
HeapFree
GetSystemTime
CreateThread
SetEvent
SetThreadPriority
DeviceIoControl
Sleep
GlobalFree
GetTimeZoneInformation
TerminateProcess
RtlUnwind
SetErrorMode
GetThreadLocale
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
GlobalSize
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
TlsAlloc
GetProcessVersion
lstrcmpiA
lstrcmpA
InterlockedDecrement
InterlockedIncrement
lstrlenA
GlobalDeleteAtom
DeleteCriticalSection
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
SetThreadExecutionState
CreateEventA
GetOverlappedResult
SizeofResource
LoadResource
LockResource
GetSystemDefaultLangID
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
GetCurrentThread
GlobalAlloc

user32

GetNextDlgGroupItem
SetWindowContextHelpId
TranslateMessage
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetDesktopWindow
SetRectEmpty
MapDialogRect
GetAsyncKeyState
EndDialog
GetActiveWindow
EndPaint
BeginPaint
DestroyCursor
ReleaseCapture
SetCapture
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetCapture
GetMenu
GetMenuItemID
TrackPopupMenu
DestroyWindow
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
IntersectRect
IsRectEmpty
GetWindowRect
GetClientRect
AdjustWindowRectEx
IsChild
MessageBoxA
CharToOemA
OemToCharA
GetMenuItemCount
RemoveMenu
CheckMenuItem
DrawEdge
UpdateWindow
GetWindowDC
CreateIconIndirect
ShowWindow
GetIconInfo
DestroyIcon
PtInRect
EnumChildWindows
UnhookWindowsHookEx
GetWindowPlacement
CallNextHookEx
GetDlgCtrlID
SetWindowPos
DrawFrameControl
GetSysColorBrush
FrameRect
DrawFocusRect
InvalidateRgn
SetMenuDefaultItem
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
SetCursorPos
DefDlgProcA
DefWindowProcA
CharNextA
SetWindowsHookExA
SendMessageA
GetClassNameA
InvalidateRect
InflateRect
GetSysColor
RedrawWindow
ReleaseDC
GetDC
EndDeferWindowPos
BeginDeferWindowPos
EqualRect
GetParent
KillTimer
SetTimer
SetCursor
GetDlgItem
GetFocus
SetMenu
GetSystemMenu
LockWindowUpdate
IsWindow
GetWindow
DeferWindowPos
GetKeyState
MoveWindow
ScreenToClient
SetFocus
CloseClipboard
EmptyClipboard
GetSubMenu
CheckMenuRadioItem
MessageBeep
IsIconic
DrawIcon
GetSystemMetrics
GetCursorPos
FillRect
CopyRect
OffsetRect
ShowScrollBar
ClientToScreen
WindowFromPoint
SetClipboardData
OpenClipboard

gdi32

LPtoDP
DPtoLP
GetClipBox
GetMapMode
CreatePatternBrush
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SetDIBits
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
Escape
GetDIBits
GetDeviceCaps
DeleteDC
GetBkColor
PatBlt
SelectObject
GetStockObject
CreateBitmap
StretchBlt
BitBlt
SetStretchBltMode
SetPixel
GetPixel
CreateCompatibleDC
DeleteObject
CreateCompatibleBitmap
CreateSolidBrush
SetTextColor
SetBkColor
CreateDIBitmap
GetTextColor
ExtTextOutA
GetTextExtentPointA

winspool.drv

ClosePrinter

advapi32

RegCloseKey
OpenProcessToken
GetTokenInformation

shell32

SHGetDesktopFolder
DragAcceptFiles
SHGetMalloc
DragFinish
SHGetSpecialFolderPathW

comctl32

ord17
ImageList_Destroy
ImageList_Create
ImageList_ReplaceIcon
ImageList_SetBkColor
PropertySheetW
DestroyPropertySheetPage
_TrackMouseEvent
CreatePropertySheetPageW

ole32

CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
CLSIDFromString
CoRegisterMessageFilter
CoGetClassObject
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
OleGetClipboard
CoTaskMemFree
ReleaseStgMedium
PropVariantClear
CoInitialize
CoCreateInstance
CoUninitialize
DoDragDrop

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
SysStringLen

wininet

InternetCloseHandle
InternetConnectW
HttpQueryInfoW
InternetReadFile
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetOpenW
InternetAttemptConnect

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 948KB - Virtual size: 945KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lang/Arabic.ini
Lang/Bulgarian.ini
Lang/Croatian.ini
Lang/Dutch.ini
Lang/English.ini
Lang/Finnish.ini
Lang/French.ini
Lang/German.ini
Lang/Hungarian.ini
Lang/Italian.ini
Lang/Korean.ini
Lang/Polish.ini
Lang/PortugueseBrazil.ini
Lang/Romanian.ini
Lang/Russian.ini
Lang/SimpChinese.ini
Lang/Spanish.ini
Lang/TradChinese.ini
License.txt
MACDll.dll
.dll windows:4 windows x86 arch:x86

9cccf50fd736d2bf0d9e08c6a2a173a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memmove
strncpy
_purecall
wcscpy
_ftol
wcsrchr
atoi
_strnicmp
strstr
labs
_CxxThrowException
_wtoi
free
calloc
_initterm
malloc
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_wcsicmp
strncmp
sprintf
qsort
strcpy
strlen
_EH_prolog
wcslen
??2@YAPAXI@Z
memcpy
memset
__CxxFrameHandler
abs
_wcsnicmp
memcmp
??3@YAXPAX@Z

kernel32

DisableThreadLibraryCalls
Sleep
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
GetFileSize
SetEndOfFile
SetFilePointer
WriteFile
ReadFile
CreateFileW
CloseHandle

Exports

Exports

CompressFile
ConvertFile
DecompressFile
FillWaveFormatEx
FillWaveHeader
GetFieldTagW
GetInterfaceCompatibility
GetVersionNumber
RemoveTag
SetFieldTagW
TagFileSimple
VerifyFile
_GetID3Tag@8
c_APECompress_AddData
c_APECompress_Create
c_APECompress_Destroy
c_APECompress_Finish
c_APECompress_GetBufferBytesAvailable
c_APECompress_Kill
c_APECompress_LockBuffer
c_APECompress_Start
c_APECompress_StartW
c_APECompress_UnlockBuffer
c_APEDecompress_Create
c_APEDecompress_CreateW
c_APEDecompress_Destroy
c_APEDecompress_GetData
c_APEDecompress_GetInfo
c_APEDecompress_Seek

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Readme.txt
abcmd.exe
.exe windows:4 windows x86 arch:x86

08c6c6afda2527b8a47741d922302b10

Code Sign

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

17-05-2017 00:00

Not After

15-08-2020 23:59

Subject

CN=Power Software Limited,O=Power Software Limited,L=North Point,ST=Hong Kong,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

14:99:dc:83:a1:7a:e8:ab:3b:11:9d:f3:da:37:0c:75:18:d2:42:58:ab:a6:eb:60:18:2e:ed:4d:46:00:a5:a3
Signer

Actual PE Digest

14:99:dc:83:a1:7a:e8:ab:3b:11:9d:f3:da:37:0c:75:18:d2:42:58:ab:a6:eb:60:18:2e:ed:4d:46:00:a5:a3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

?cout@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@PBD@Z
?flush@@YAAAVostream@@AAV1@@Z
?cerr@@3Vostream_withassign@@A

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_splitpath
strchr
printf
sprintf

kernel32

GetConsoleMode
GetStdHandle
CreateMutexA
CreateNamedPipeA
GetCurrentDirectoryA
CreateProcessA
ResumeThread
WaitForSingleObject
Sleep
GetExitCodeProcess
WriteFile
ConnectNamedPipe
ReadFile
TerminateThread
CreateThread
CloseHandle
SetConsoleMode

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lame_enc.dll
.dll windows:4 windows x86 arch:x86

c99914745d82a188c29bb89ee14d44a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_vsnprintf
atoi
strncpy
_wfopen
_adj_fdiv_r
calloc
_adj_fdivr_m32
_adj_fdiv_m32i
_CIpow
free
fseek
_adj_fpatan
floor
_adj_fdivr_m64
fflush
vfprintf
ceil
malloc
_adj_fdiv_m32
fopen
fscanf
ftell
fwrite
strncmp
fread
tolower
strtol
sprintf
_snprintf
memmove
qsort
fprintf
exit
_initterm
_adjust_fdiv
_iob
fputs
fclose
abort
_ftol

kernel32

GetModuleFileNameA
OutputDebugStringA
GetPrivateProfileIntA

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteInfoTagW
beWriteVBRHeader
beWriteVBRHeaderW
id3tag_add_v2
id3tag_init
id3tag_set_album
id3tag_set_artist
id3tag_set_comment
id3tag_set_genre
id3tag_set_title
id3tag_set_track
id3tag_set_year
id3tag_v1_only
id3tag_v2_only
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_bitstream
lame_init_params
lame_mp3_tags_fid
lame_set_bWriteVbrTag
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libFLAC.dll
.dll windows:4 windows x86 arch:x86

3a578b1e8977c8e4eb6e3e0cb14d130d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
realloc
qsort
frexp
_ftol
fclose
_errno
ftell
fopen
fseek
fread
fwrite
free
rename
memchr
_iob
_wfopen
_setmode
strtod
strchr
strncmp
_initterm
_adjust_fdiv
calloc
strrchr
memmove
_strdup
_unlink
_stat
_utime
_chmod
_strnicmp
_fstat
_fileno

kernel32

SetUnhandledExceptionFilter
DisableThreadLibraryCalls

Exports

Exports

FLAC_API_SUPPORTS_OGG_FLAC
FLAC__ChannelAssignmentString
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE2_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ESCAPE_PARAMETER
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_ORDER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_PARAMETER_LEN
FLAC__ENTROPY_CODING_METHOD_PARTITIONED_RICE_RAW_LEN
FLAC__ENTROPY_CODING_METHOD_TYPE_LEN
FLAC__EntropyCodingMethodTypeString
FLAC__FRAME_FOOTER_CRC_LEN
FLAC__FRAME_HEADER_BITS_PER_SAMPLE_LEN
FLAC__FRAME_HEADER_BLOCKING_STRATEGY_LEN
FLAC__FRAME_HEADER_BLOCK_SIZE_LEN
FLAC__FRAME_HEADER_CHANNEL_ASSIGNMENT_LEN
FLAC__FRAME_HEADER_CRC_LEN
FLAC__FRAME_HEADER_RESERVED_LEN
FLAC__FRAME_HEADER_SAMPLE_RATE_LEN
FLAC__FRAME_HEADER_SYNC
FLAC__FRAME_HEADER_SYNC_LEN
FLAC__FRAME_HEADER_ZERO_PAD_LEN
FLAC__FrameNumberTypeString
FLAC__MetadataTypeString
FLAC__Metadata_ChainStatusString
FLAC__Metadata_SimpleIteratorStatusString
FLAC__STREAM_METADATA_APPLICATION_ID_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_INDEX_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_IS_CD_LEN
FLAC__STREAM_METADATA_CUESHEET_LEAD_IN_LEN
FLAC__STREAM_METADATA_CUESHEET_MEDIA_CATALOG_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_NUM_TRACKS_LEN
FLAC__STREAM_METADATA_CUESHEET_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_ISRC_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUMBER_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_NUM_INDICES_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_OFFSET_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_PRE_EMPHASIS_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_RESERVED_LEN
FLAC__STREAM_METADATA_CUESHEET_TRACK_TYPE_LEN
FLAC__STREAM_METADATA_IS_LAST_LEN
FLAC__STREAM_METADATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_COLORS_LEN
FLAC__STREAM_METADATA_PICTURE_DATA_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_DEPTH_LEN
FLAC__STREAM_METADATA_PICTURE_DESCRIPTION_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_HEIGHT_LEN
FLAC__STREAM_METADATA_PICTURE_MIME_TYPE_LENGTH_LEN
FLAC__STREAM_METADATA_PICTURE_TYPE_LEN
FLAC__STREAM_METADATA_PICTURE_WIDTH_LEN
FLAC__STREAM_METADATA_SEEKPOINT_FRAME_SAMPLES_LEN
FLAC__STREAM_METADATA_SEEKPOINT_PLACEHOLDER
FLAC__STREAM_METADATA_SEEKPOINT_SAMPLE_NUMBER_LEN
FLAC__STREAM_METADATA_SEEKPOINT_STREAM_OFFSET_LEN
FLAC__STREAM_METADATA_STREAMINFO_BITS_PER_SAMPLE_LEN
FLAC__STREAM_METADATA_STREAMINFO_CHANNELS_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MAX_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MD5SUM_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_BLOCK_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_MIN_FRAME_SIZE_LEN
FLAC__STREAM_METADATA_STREAMINFO_SAMPLE_RATE_LEN
FLAC__STREAM_METADATA_STREAMINFO_TOTAL_SAMPLES_LEN
FLAC__STREAM_METADATA_TYPE_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_ENTRY_LENGTH_LEN
FLAC__STREAM_METADATA_VORBIS_COMMENT_NUM_COMMENTS_LEN
FLAC__STREAM_SYNC
FLAC__STREAM_SYNC_LEN
FLAC__STREAM_SYNC_STRING
FLAC__SUBFRAME_LPC_QLP_COEFF_PRECISION_LEN
FLAC__SUBFRAME_LPC_QLP_SHIFT_LEN
FLAC__SUBFRAME_TYPE_CONSTANT_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_FIXED_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_LEN
FLAC__SUBFRAME_TYPE_LPC_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_TYPE_VERBATIM_BYTE_ALIGNED_MASK
FLAC__SUBFRAME_WASTED_BITS_FLAG_LEN
FLAC__SUBFRAME_ZERO_PAD_LEN
FLAC__StreamDecoderErrorStatusString
FLAC__StreamDecoderInitStatusString
FLAC__StreamDecoderLengthStatusString
FLAC__StreamDecoderReadStatusString
FLAC__StreamDecoderSeekStatusString
FLAC__StreamDecoderStateString
FLAC__StreamDecoderTellStatusString
FLAC__StreamDecoderWriteStatusString
FLAC__StreamEncoderInitStatusString
FLAC__StreamEncoderSeekStatusString
FLAC__StreamEncoderStateString
FLAC__StreamEncoderTellStatusString
FLAC__StreamEncoderWriteStatusString
FLAC__StreamMetadata_Picture_TypeString
FLAC__SubframeTypeString
FLAC__VENDOR_STRING
FLAC__VERSION_STRING
FLAC__format_cuesheet_is_legal
FLAC__format_picture_is_legal
FLAC__format_sample_rate_is_subset
FLAC__format_sample_rate_is_valid
FLAC__format_seektable_is_legal
FLAC__format_seektable_sort
FLAC__format_vorbiscomment_entry_is_legal
FLAC__format_vorbiscomment_entry_name_is_legal
FLAC__format_vorbiscomment_entry_value_is_legal
FLAC__metadata_chain_check_if_tempfile_needed
FLAC__metadata_chain_delete
FLAC__metadata_chain_merge_padding
FLAC__metadata_chain_new
FLAC__metadata_chain_read
FLAC__metadata_chain_read_ogg
FLAC__metadata_chain_read_ogg_with_callbacks
FLAC__metadata_chain_read_with_callbacks
FLAC__metadata_chain_sort_padding
FLAC__metadata_chain_status
FLAC__metadata_chain_write
FLAC__metadata_chain_write_with_callbacks
FLAC__metadata_chain_write_with_callbacks_and_tempfile
FLAC__metadata_get_cuesheet
FLAC__metadata_get_picture
FLAC__metadata_get_streaminfo
FLAC__metadata_get_tags
FLAC__metadata_get_tagsW
FLAC__metadata_iterator_delete
FLAC__metadata_iterator_delete_block
FLAC__metadata_iterator_get_block
FLAC__metadata_iterator_get_block_type
FLAC__metadata_iterator_init
FLAC__metadata_iterator_insert_block_after
FLAC__metadata_iterator_insert_block_before
FLAC__metadata_iterator_new
FLAC__metadata_iterator_next
FLAC__metadata_iterator_prev
FLAC__metadata_iterator_set_block
FLAC__metadata_object_application_set_data
FLAC__metadata_object_clone
FLAC__metadata_object_cuesheet_calculate_cddb_id
FLAC__metadata_object_cuesheet_delete_track
FLAC__metadata_object_cuesheet_insert_blank_track
FLAC__metadata_object_cuesheet_insert_track
FLAC__metadata_object_cuesheet_is_legal
FLAC__metadata_object_cuesheet_resize_tracks
FLAC__metadata_object_cuesheet_set_track
FLAC__metadata_object_cuesheet_track_clone
FLAC__metadata_object_cuesheet_track_delete
FLAC__metadata_object_cuesheet_track_delete_index
FLAC__metadata_object_cuesheet_track_insert_blank_index
FLAC__metadata_object_cuesheet_track_insert_index
FLAC__metadata_object_cuesheet_track_new
FLAC__metadata_object_cuesheet_track_resize_indices
FLAC__metadata_object_delete
FLAC__metadata_object_is_equal
FLAC__metadata_object_new
FLAC__metadata_object_picture_is_legal
FLAC__metadata_object_picture_set_data
FLAC__metadata_object_picture_set_description
FLAC__metadata_object_picture_set_mime_type
FLAC__metadata_object_seektable_delete_point
FLAC__metadata_object_seektable_insert_point
FLAC__metadata_object_seektable_is_legal
FLAC__metadata_object_seektable_resize_points
FLAC__metadata_object_seektable_set_point
FLAC__metadata_object_seektable_template_append_placeholders
FLAC__metadata_object_seektable_template_append_point
FLAC__metadata_object_seektable_template_append_points
FLAC__metadata_object_seektable_template_append_spaced_points
FLAC__metadata_object_seektable_template_append_spaced_points_by_samples
FLAC__metadata_object_seektable_template_sort
FLAC__metadata_object_vorbiscomment_append_comment
FLAC__metadata_object_vorbiscomment_delete_comment
FLAC__metadata_object_vorbiscomment_entry_from_name_value_pair
FLAC__metadata_object_vorbiscomment_entry_matches
FLAC__metadata_object_vorbiscomment_entry_to_name_value_pair
FLAC__metadata_object_vorbiscomment_find_entry_from
FLAC__metadata_object_vorbiscomment_insert_comment
FLAC__metadata_object_vorbiscomment_remove_entries_matching
FLAC__metadata_object_vorbiscomment_remove_entry_matching
FLAC__metadata_object_vorbiscomment_replace_comment
FLAC__metadata_object_vorbiscomment_resize_comments
FLAC__metadata_object_vorbiscomment_set_comment
FLAC__metadata_object_vorbiscomment_set_vendor_string
FLAC__metadata_simple_iterator_delete
FLAC__metadata_simple_iterator_delete_block
FLAC__metadata_simple_iterator_get_application_id
FLAC__metadata_simple_iterator_get_block
FLAC__metadata_simple_iterator_get_block_length
FLAC__metadata_simple_iterator_get_block_offset
FLAC__metadata_simple_iterator_get_block_type
FLAC__metadata_simple_iterator_init
FLAC__metadata_simple_iterator_insert_block_after
FLAC__metadata_simple_iterator_is_last
FLAC__metadata_simple_iterator_is_writable
FLAC__metadata_simple_iterator_new
FLAC__metadata_simple_iterator_next
FLAC__metadata_simple_iterator_prev
FLAC__metadata_simple_iterator_set_block
FLAC__metadata_simple_iterator_status
FLAC__stream_decoder_delete
FLAC__stream_decoder_finish
FLAC__stream_decoder_flush
FLAC__stream_decoder_get_bits_per_sample
FLAC__stream_decoder_get_blocksize
FLAC__stream_decoder_get_channel_assignment
FLAC__stream_decoder_get_channels
FLAC__stream_decoder_get_decode_position
FLAC__stream_decoder_get_md5_checking
FLAC__stream_decoder_get_resolved_state_string
FLAC__stream_decoder_get_sample_rate
FLAC__stream_decoder_get_state
FLAC__stream_decoder_get_total_samples
FLAC__stream_decoder_init_FILE
FLAC__stream_decoder_init_file
FLAC__stream_decoder_init_fileW
FLAC__stream_decoder_init_ogg_FILE
FLAC__stream_decoder_init_ogg_file
FLAC__stream_decoder_init_ogg_stream
FLAC__stream_decoder_init_stream
FLAC__stream_decoder_new
FLAC__stream_decoder_process_single
FLAC__stream_decoder_process_until_end_of_metadata
FLAC__stream_decoder_process_until_end_of_stream
FLAC__stream_decoder_reset
FLAC__stream_decoder_seek_absolute
FLAC__stream_decoder_set_md5_checking
FLAC__stream_decoder_set_metadata_ignore
FLAC__stream_decoder_set_metadata_ignore_all
FLAC__stream_decoder_set_metadata_ignore_application
FLAC__stream_decoder_set_metadata_respond
FLAC__stream_decoder_set_metadata_respond_all
FLAC__stream_decoder_set_metadata_respond_application
FLAC__stream_decoder_set_ogg_serial_number
FLAC__stream_decoder_skip_single_frame
FLAC__stream_encoder_delete
FLAC__stream_encoder_disable_constant_subframes
FLAC__stream_encoder_disable_fixed_subframes
FLAC__stream_encoder_disable_verbatim_subframes
FLAC__stream_encoder_finish
FLAC__stream_encoder_get_bits_per_sample
FLAC__stream_encoder_get_blocksize
FLAC__stream_encoder_get_channels
FLAC__stream_encoder_get_do_escape_coding
FLAC__stream_encoder_get_do_exhaustive_model_search
FLAC__stream_encoder_get_do_md5
FLAC__stream_encoder_get_do_mid_side_stereo
FLAC__stream_encoder_get_do_qlp_coeff_prec_search
FLAC__stream_encoder_get_loose_mid_side_stereo
FLAC__stream_encoder_get_max_lpc_order
FLAC__stream_encoder_get_max_residual_partition_order
FLAC__stream_encoder_get_min_residual_partition_order
FLAC__stream_encoder_get_qlp_coeff_precision
FLAC__stream_encoder_get_resolved_state_string
FLAC__stream_encoder_get_rice_parameter_search_dist
FLAC__stream_encoder_get_sample_rate
FLAC__stream_encoder_get_state
FLAC__stream_encoder_get_streamable_subset
FLAC__stream_encoder_get_total_samples_estimate
FLAC__stream_encoder_get_verify
FLAC__stream_encoder_get_verify_decoder_error_stats
FLAC__stream_encoder_get_verify_decoder_state
FLAC__stream_encoder_init_FILE
FLAC__stream_encoder_init_file
FLAC__stream_encoder_init_fileW
FLAC__stream_encoder_init_ogg_FILE
FLAC__stream_encoder_init_ogg_file
FLAC__stream_encoder_init_ogg_stream
FLAC__stream_encoder_init_stream
FLAC__stream_encoder_new
FLAC__stream_encoder_process
FLAC__stream_encoder_process_interleaved
FLAC__stream_encoder_set_apodization
FLAC__stream_encoder_set_bits_per_sample
FLAC__stream_encoder_set_blocksize
FLAC__stream_encoder_set_channels
FLAC__stream_encoder_set_compression_level
FLAC__stream_encoder_set_do_escape_coding
FLAC__stream_encoder_set_do_exhaustive_model_search
FLAC__stream_encoder_set_do_md5
FLAC__stream_encoder_set_do_mid_side_stereo
FLAC__stream_encoder_set_do_qlp_coeff_prec_search
FLAC__stream_encoder_set_loose_mid_side_stereo
FLAC__stream_encoder_set_max_lpc_order
FLAC__stream_encoder_set_max_residual_partition_order
FLAC__stream_encoder_set_metadata
FLAC__stream_encoder_set_min_residual_partition_order
FLAC__stream_encoder_set_ogg_serial_number
FLAC__stream_encoder_set_qlp_coeff_precision
FLAC__stream_encoder_set_rice_parameter_search_dist
FLAC__stream_encoder_set_sample_rate
FLAC__stream_encoder_set_streamable_subset
FLAC__stream_encoder_set_total_samples_estimate
FLAC__stream_encoder_set_verify
FLAC__treamEncoderReadStatusString

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libvorbis.dll
.dll windows:4 windows x86 arch:x86

b9c3a479befdc7ea9a5d536df78e7324

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
free
realloc
memmove
calloc
qsort
exit
memchr
toupper
ceil
ldexp
_ftol
_errno
ftell
fclose
fread
fseek
fopen
_wfopen
_initterm
_adjust_fdiv
_CIpow
floor

kernel32

DisableThreadLibraryCalls

Exports

Exports

_floor_P
_mapping_P
_residue_P
ogg_packet_clear
ogg_page_bos
ogg_page_checksum_set
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_stream_reset_serialno
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggpackB_adv
oggpackB_adv1
oggpackB_bits
oggpackB_bytes
oggpackB_get_buffer
oggpackB_look
oggpackB_look1
oggpackB_read
oggpackB_read1
oggpackB_readinit
oggpackB_reset
oggpackB_write
oggpackB_writealign
oggpackB_writeclear
oggpackB_writecopy
oggpackB_writeinit
oggpackB_writetrunc
oggpack_adv
oggpack_adv1
oggpack_bits
oggpack_bytes
oggpack_get_buffer
oggpack_look
oggpack_look1
oggpack_read
oggpack_read1
oggpack_readinit
oggpack_reset
oggpack_write
oggpack_writealign
oggpack_writeclear
oggpack_writecopy
oggpack_writeinit
oggpack_writetrunc
ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_crosslap
ov_fopen
ov_fopenW
ov_halfrate
ov_halfrate_p
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_lap
ov_pcm_seek_page
ov_pcm_seek_page_lap
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_seek_lap
ov_raw_tell
ov_raw_total
ov_read
ov_read_float
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_lap
ov_time_seek_page
ov_time_seek_page_lap
ov_time_tell
ov_time_total
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_commentheader_out
vorbis_dsp_clear
vorbis_encode_ctl
vorbis_encode_init
vorbis_encode_init_vbr
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_granule_time
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_headerin
vorbis_synthesis_idheader
vorbis_synthesis_init
vorbis_synthesis_lapout
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_restart
vorbis_synthesis_trackonly
vorbis_version_string
vorbis_window

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
unicows.dll
.dll windows:5 windows x86 arch:x86

628730441f2453f40c61ce661f08e0ca

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04-12-2003 00:00

Not After

03-12-2008 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-12-2000 08:00

Not After

12-11-2005 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-10-2003 05:59

Not After

25-01-2005 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:a2:13:01:eb:da:5d:60:b9:4a:67:90:6b:06:79:8b:f5:ed:1c:2f
Signer

Actual PE Digest

a7:a2:13:01:eb:da:5d:60:b9:4a:67:90:6b:06:79:8b:f5:ed:1c:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\dnsrv\sdktools\unicows\godot\obj\i386\unicows.pdb

Imports

kernel32

GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileAttributesW
FindClose
IsDBCSLeadByte
GetFullPathNameA
GetFullPathNameW
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNumberFormatA
GetNumberFormatW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeExA
GetStringTypeExW
GetSystemDirectoryA
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTimeFormatA
GetTimeFormatW
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
GlobalGetAtomNameA
GlobalGetAtomNameW
IsBadStringPtrW
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LoadLibraryExW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
MoveFileW
OpenEventA
GetDefaultCommConfigW
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
PeekConsoleInputW
QueryDosDeviceA
QueryDosDeviceW
ReadConsoleA
ReadConsoleW
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputW
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
RemoveDirectoryA
RemoveDirectoryW
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetComputerNameA
SetComputerNameW
SetConsoleTitleA
SetConsoleTitleW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetDefaultCommConfigW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileAttributesA
SetFileAttributesW
SetLocaleInfoA
SetLocaleInfoW
SetVolumeLabelA
SetVolumeLabelW
VerLanguageNameA
VerLanguageNameW
WaitNamedPipeA
WaitNamedPipeW
WriteConsoleA
WriteConsoleW
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleOutputA
WriteConsoleOutputW
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WritePrivateProfileSectionA
WritePrivateProfileSectionW
WritePrivateProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
WriteProfileSectionA
WriteProfileSectionW
WriteProfileStringA
WriteProfileStringW
FindResourceA
IsBadWritePtr
SetErrorMode
GetStringTypeW
FindResourceW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetDefaultCommConfigA
GetDateFormatW
GetDateFormatA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleTitleA
GetComputerNameW
GetComputerNameA
GetAtomNameW
GetAtomNameA
FormatMessageW
FormatMessageA
HeapReAlloc
LocalAlloc
FreeEnvironmentStringsW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindAtomW
FindAtomA
FillConsoleOutputCharacterW
FillConsoleOutputCharacterA
FatalAppExitW
FatalAppExitA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnumTimeFormatsW
EnumTimeFormatsA
EnumSystemLocalesW
EnumSystemLocalesA
EnumSystemCodePagesW
EnumDateFormatsW
EnumDateFormatsA
EnumCalendarInfoW
EnumCalendarInfoA
DeleteFileW
CreateSemaphoreW
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreateNamedPipeW
CreateNamedPipeA
CreateMutexW
CreateMutexA
CreateMailslotW
CreateMailslotA
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateEventW
CreateEventA
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CommConfigDialogW
CommConfigDialogA
CallNamedPipeW
CallNamedPipeA
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BuildCommDCBW
BuildCommDCBA
AddAtomW
AddAtomA
InitializeCriticalSection
GetACP
GetOEMCP
DeleteCriticalSection
GetFileAttributesA
LoadLibraryExA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
lstrlenW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeResource
GetTempFileNameA
GetTempPathA
DeleteFileA
MoveFileA
_lclose
_lread
_lwrite
_llseek
VirtualQuery
GetSystemInfo
VirtualFree
VirtualAlloc
VirtualProtect
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcessId
GetLastError
EnterCriticalSection
LeaveCriticalSection
CompareStringA
LocalFree
GlobalAddAtomA
lstrcpyA
AreFileApisANSI
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
WideCharToMultiByte
GetCurrentThreadId
lstrcmpA
lstrcmpiA
GetLocaleInfoA
CreateFileA
GetFileSize
CloseHandle
IsDBCSLeadByteEx
LoadLibraryA
InterlockedExchange
FreeLibrary
GetCPInfo
GetVersion
GetModuleHandleA
GetProcAddress
lstrlenA
GetProcessHeap
HeapAlloc
SetLastError
MultiByteToWideChar
OpenEventW
HeapFree
RtlUnwind

user32

TranslateAcceleratorW
TabbedTextOutA
TabbedTextOutW
UnregisterClassA
UnregisterClassW
VkKeyScanExA
VkKeyScanExW
WinHelpA
WinHelpW
wvsprintfW
CharLowerW
CharUpperW
EnumClipboardFormats
GetClipboardData
VkKeyScanW
wsprintfW
IsCharUpperW
IsCharLowerW
IsCharAlphaNumericW
IsCharAlphaW
InsertMenuItemW
InsertMenuItemA
InsertMenuW
InsertMenuA
GrayStringW
GrayStringA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetTabbedTextExtentW
GetTabbedTextExtentA
GetPropW
GetMessageW
GetMenuStringW
GetMenuStringA
GetMenuItemInfoW
GetMenuItemInfoA
GetKeyNameTextW
GetKeyboardLayout
GetKeyNameTextA
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetDlgItemTextW
GetDlgItemTextA
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClassNameW
GetClassLongW
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoW
GetClassInfoA
FindWindowExW
FindWindowExA
FindWindowW
FindWindowA
EnableWindow
EnumPropsExW
EnumPropsExA
EnumPropsW
EnumPropsA
EnumDisplaySettingsW
EnumDisplaySettingsA
DrawTextExW
DrawTextExA
DrawTextW
DrawTextA
DrawStateW
DrawStateA
DlgDirSelectExW
DlgDirSelectExA
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListComboBoxW
DlgDirListComboBoxA
SystemParametersInfoW
DlgDirListA
DispatchMessageW
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
DdeQueryStringW
DdeQueryStringA
DdeQueryConvInfo
DdeInitializeW
DdeInitializeA
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeConnectList
DdeConnect
CharUpperBuffW
IsCharLowerA
CharToOemBuffW
CharToOemW
CharPrevW
CharNextW
CharLowerBuffW
IsCharUpperA
SystemParametersInfoA
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowsHookW
SetWindowsHookA
SetWindowLongW
SetPropW
SetMenuItemInfoW
SetMenuItemInfoA
SetDlgItemTextW
SetDlgItemTextA
SetClassLongW
SetClassLongA
SendNotifyMessageW
SendMessageTimeoutW
SendMessageCallbackW
SendMessageW
SendDlgItemMessageW
RemovePropW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassExW
RegisterClassExA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostMessageW
PeekMessageW
OemToCharBuffW
OemToCharW
ModifyMenuW
ModifyMenuA
MessageBoxIndirectW
MessageBoxIndirectA
MessageBoxExW
MessageBoxW
MapVirtualKeyExW
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsA
CreateWindowExW
CreateWindowExA
CreateMDIWindowW
CreateMDIWindowA
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateAcceleratorTableW
CreateAcceleratorTableA
CopyAcceleratorTableW
CopyAcceleratorTableA
CallWindowProcW
CallMsgFilterW
CallMsgFilterA
AppendMenuW
AppendMenuA
GetWindowThreadProcessId
SetWindowLongA
TranslateAcceleratorA
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetMessageA
PostThreadMessageA
PostMessageA
SendNotifyMessageA
SendMessageTimeoutA
SendMessageCallbackA
SendMessageA
DefWindowProcA
CallWindowProcA
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
GetWindowLongA
GetParent
GetDlgItem
DestroyWindow
SetPropA
RemovePropA
GetClassNameA
UnhookWindowsHookEx
SetWindowsHookExA
RegisterWindowMessageA
CallNextHookEx
MapVirtualKeyExA
EnumChildWindows
MapVirtualKeyW
MapVirtualKeyA
LoadStringW
LoadMenuIndirectW
IsDlgButtonChecked
GetPropA
LoadMenuIndirectA
LoadMenuW
LoadMenuA
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageW
LoadImageA
LoadIconW
LoadIconA
LoadCursorFromFileW
LoadCursorFromFileA
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsWindowUnicode
IsWindow
DlgDirListW
IsDialogMessageW
IsClipboardFormatAvailable

gdi32

GetEnhMetaFileDescriptionW
GetGlyphOutlineA
GetGlyphOutlineW
GetICMProfileA
GetICMProfileW
GetKerningPairsA
GetKerningPairsW
GetLogColorSpaceA
GetLogColorSpaceW
GetMetaFileA
GetMetaFileW
GetObjectA
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPointA
GetEnhMetaFileDescriptionA
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
PolyTextOutA
PolyTextOutW
RemoveFontResourceA
RemoveFontResourceW
ResetDCA
ResetDCW
SetICMProfileA
SetICMProfileW
StartDocA
StartDocW
TextOutW
UpdateICMRegKeyA
UpdateICMRegKeyW
GetEnhMetaFileW
GetEnhMetaFileA
GetCharacterPlacementW
GetCharacterPlacementA
GetCharWidthFloatW
GetCharWidthFloatA
GetCharWidth32W
GetCharWidthW
GetCharWidthA
GetCharABCWidthsFloatW
GetCharABCWidthsFloatA
GetCharABCWidthsW
GetCharABCWidthsA
ExtTextOutW
ExtTextOutA
EnumICMProfilesW
EnumICMProfilesA
EnumFontsW
EnumFontsA
EnumFontFamiliesExW
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontFamiliesA
CreateScalableFontResourceW
CreateScalableFontResourceA
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontIndirectW
CreateFontIndirectA
CreateFontW
CreateFontA
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDCW
CreateDCA
CreateColorSpaceW
CreateColorSpaceA
CopyMetaFileW
CopyMetaFileA
CopyEnhMetaFileW
CopyEnhMetaFileA
AddFontResourceW
AddFontResourceA
GetFontData
GetTextExtentPointW
TranslateCharsetInfo
GetTextCharset

mpr

WNetGetUniversalNameW
MultinetGetConnectionPerformanceW
WNetAddConnectionA
WNetAddConnectionW
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetCancelConnectionA
WNetCancelConnectionW
WNetCancelConnection2A
WNetCancelConnection2W
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetEnumResourceA
WNetEnumResourceW
WNetGetConnectionA
WNetGetConnectionW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetProviderNameA
WNetUseConnectionW
WNetUseConnectionA
WNetOpenEnumW
WNetOpenEnumA
WNetGetUserW
WNetGetUserA
MultinetGetConnectionPerformanceA
WNetGetUniversalNameA
WNetGetResourceParentW
WNetGetResourceParentA
WNetGetResourceInformationW
WNetGetResourceInformationA
WNetGetProviderNameW

advapi32

RegOpenKeyA
RegEnumValueA
RegUnLoadKeyW
RegUnLoadKeyA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegSaveKeyW
RegSaveKeyA
RegReplaceKeyW
RegReplaceKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
RegLoadKeyW
RegLoadKeyA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
IsTextUnicode
GetUserNameW
GetUserNameA
RegOpenKeyExA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetFileTitleA
FindTextW
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgW
GetSaveFileNameW

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetFileInfoA
SHFileOperationA
SHChangeNotify
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteW
ShellExecuteA
ShellAboutW
ShellAboutA
FindExecutableW
FindExecutableA
ExtractIconExA
DragQueryFileA
DragQueryFileW
ExtractIconW
ExtractIconA

winspool.drv

GetPrinterW
GetPrinterDataW
GetPrinterDriverW
GetPrinterDriverDirectoryA
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
GetJobW
OpenPrinterW
ResetPrinterA
ResetPrinterW
SetJobA
SetJobW
SetPrinterA
SetPrinterW
SetPrinterDataA
SetPrinterDataW
StartDocPrinterA
EnumPrintProcessorsW
EnumPrintProcessorDatatypesW
EnumPrintersW
EnumPrinterDriversW
EnumPortsW
EnumMonitorsW
DocumentPropertiesW
DocumentPropertiesA
DeviceCapabilitiesW
DeviceCapabilitiesA
DeletePrintProvidorW
DeletePrintProvidorA
DeletePrintProcessorW
DeletePrintProcessorA
DeletePrinterDriverW
DeletePrinterDriverA
DeletePortW
DeletePortA
DeleteMonitorW
DeleteMonitorA
ConfigurePortW
ConfigurePortA
AdvancedDocumentPropertiesW
AdvancedDocumentPropertiesA
AddPrintProvidorW
AddPrintProvidorA
AddPrintProcessorW
AddPrintProcessorA
AddPrinterDriverW
AddPrinterDriverA
AddPrinterW
AddPrinterA
AddPortW
AddPortA
AddMonitorW
AddMonitorA
AddJobW
AddJobA
OpenPrinterA
StartDocPrinterW

oledlg

OleUIUpdateLinksW
OleUIPromptUserW
OleUIPasteSpecialW
OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIConvertW
OleUIChangeSourceW
OleUIChangeIconW
OleUIBusyW
ord8
OleUIAddVerbMenuW
ord1
ord6

winmm

waveOutGetErrorTextW
waveOutGetErrorTextA
waveOutGetDevCapsW
waveOutGetDevCapsA
waveInGetErrorTextW
mixerGetControlDetailsW
midiOutGetErrorTextW
midiOutGetErrorTextA
midiOutGetDevCapsW
midiOutGetDevCapsA
midiInGetErrorTextW
midiInGetDevCapsW
midiInGetDevCapsA
mciSendStringW
mciSendStringA
mciSendCommandW
mciGetErrorStringW
mciGetErrorStringA
midiInGetErrorTextA
mciGetDeviceIDW
mciGetDeviceIDA
joyGetDevCapsW
joyGetDevCapsA
auxGetDevCapsW
auxGetDevCapsA
PlaySoundW
PlaySoundA
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRenameA
mmioRenameW
mmioStringToFOURCCA
mmioStringToFOURCCW
sndPlaySoundA
sndPlaySoundW
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
mixerGetDevCapsA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

MCIWndCreateW
MCIWndCreateA
GetSaveFileNamePreviewW
GetOpenFileNamePreviewW

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext
ImmGetCompositionStringW

Exports

Exports

AcquireCredentialsHandleW
AddAtomW
AddFontResourceW
AddJobW
AddMonitorW
AddPortW
AddPrintProcessorW
AddPrintProvidorW
AddPrinterDriverW
AddPrinterW
AdvancedDocumentPropertiesW
AppendMenuW
BeginUpdateResourceA
BeginUpdateResourceW
BroadcastSystemMessageW
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallMsgFilterW
CallNamedPipeW
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuW
CharLowerBuffW
CharLowerW
CharNextW
CharPrevW
CharToOemBuffW
CharToOemW
CharUpperBuffW
CharUpperW
ChooseColorW
ChooseFontW
CommConfigDialogW
CompareStringW
ConfigurePortW
CopyAcceleratorTableW
CopyEnhMetaFileW
CopyFileExW
CopyFileW
CopyMetaFileW
CreateAcceleratorTableW
CreateColorSpaceW
CreateDCW
CreateDialogIndirectParamW
CreateDialogParamW
CreateDirectoryExW
CreateDirectoryW
CreateEnhMetaFileW
CreateEventW
CreateFileMappingW
CreateFileW
CreateFontIndirectW
CreateFontW
CreateICW
CreateMDIWindowW
CreateMailslotW
CreateMetaFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateScalableFontResourceW
CreateSemaphoreW
CreateStdAccessibleProxyW
CreateWaitableTimerW
CreateWindowExW
CryptAcquireContextW
CryptEnumProviderTypesW
CryptEnumProvidersW
CryptGetDefaultProviderW
CryptSetProviderExW
CryptSetProviderW
CryptSignHashW
CryptVerifySignatureW
DdeConnect
DdeConnectList
DdeCreateStringHandleW
DdeInitializeW
DdeQueryConvInfo
DdeQueryStringW
DefDlgProcW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteFileW
DeleteMonitorW
DeletePortW
DeletePrintProcessorW
DeletePrintProvidorW
DeletePrinterDriverW
DeviceCapabilitiesW
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExW
DlgDirSelectExW
DocumentPropertiesW
DragQueryFileW
DrawStateW
DrawTextExW
DrawTextW
EnableWindow
EndUpdateResourceA
EndUpdateResourceW
EnumCalendarInfoExW
EnumCalendarInfoW
EnumClipboardFormats
EnumDateFormatsExW
EnumDateFormatsW
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsW
EnumICMProfilesW
EnumMonitorsW
EnumPortsW
EnumPrintProcessorDatatypesW
EnumPrintProcessorsW
EnumPrinterDriversW
EnumPrintersW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumSystemCodePagesW
EnumSystemLocalesW
EnumTimeFormatsW
EnumerateSecurityPackagesW
ExpandEnvironmentStringsW
ExtTextOutW
ExtractIconExW
ExtractIconW
FatalAppExitW
FillConsoleOutputCharacterW
FindAtomW
FindExecutableW
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FindTextW
FindWindowExW
FindWindowW
FormatMessageW
FreeContextBuffer
FreeEnvironmentStringsW
GetAltTabInfoW
GetAtomNameW
GetCPInfo
GetCPInfoExW
GetCalendarInfoW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCharWidth32W
GetCharWidthFloatW
GetCharWidthW
GetCharacterPlacementW
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetComputerNameW
GetConsoleTitleW
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentHwProfileW
GetDateFormatW
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDlgItemTextW
GetDriveTypeW
GetEnhMetaFileDescriptionW
GetEnhMetaFileW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileTitleW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFullPathNameW
GetGlyphOutlineW
GetICMProfileW
GetJobW
GetKerningPairsW
GetKeyNameTextW
GetKeyboardLayoutNameW
GetLocaleInfoW
GetLogColorSpaceW
GetLogicalDriveStringsW
GetLongPathNameW
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetMetaFileW
GetModuleFileNameW
GetModuleHandleW
GetMonitorInfoW
GetNamedPipeHandleStateW
GetNumberFormatW
GetObjectW
GetOpenFileNamePreviewW
GetOpenFileNameW
GetOutlineTextMetricsW
GetPrintProcessorDirectoryW
GetPrinterDataW
GetPrinterDriverDirectoryW
GetPrinterDriverW
GetPrinterW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcAddress
GetProfileIntW
GetProfileSectionW
GetProfileStringW
GetPropA
GetPropW
GetRoleTextW
GetSaveFileNamePreviewW
GetSaveFileNameW
GetShortPathNameW
GetStartupInfoW
GetStateTextW
GetStringTypeExW
GetStringTypeW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
GetTabbedTextExtentW
GetTempFileNameW
GetTempPathW
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetTimeFormatW
GetUserNameW
GetVersionExW
GetVolumeInformationW
GetWindowLongA
GetWindowLongW
GetWindowModuleFileNameW
GetWindowTextLengthW
GetWindowTextW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomW
GlobalGetAtomNameW
GrayStringW
InitSecurityInterfaceW
InitializeSecurityContextW
InsertMenuItemW
InsertMenuW
IsBadStringPtrW
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDestinationReachableW
IsDialogMessageW
IsTextUnicode
IsValidCodePage
IsWindowUnicode
LCMapStringW
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadLibraryExW
LoadLibraryW
LoadMenuIndirectW
LoadMenuW
LoadStringW
MCIWndCreateW
MapVirtualKeyExW
MapVirtualKeyW
MessageBoxExW
MessageBoxIndirectW
MessageBoxW
ModifyMenuW
MoveFileW
MultiByteToWideChar
MultinetGetConnectionPerformanceW
OemToCharBuffW
OemToCharW
OleUIAddVerbMenuW
OleUIBusyW
OleUIChangeIconW
OleUIChangeSourceW
OleUIConvertW
OleUIEditLinksW
OleUIInsertObjectW
OleUIObjectPropertiesW
OleUIPasteSpecialW
OleUIPromptUserW
OleUIUpdateLinksW
OpenEventW
OpenFileMappingW
OpenMutexW
OpenPrinterW
OpenSemaphoreW
OpenWaitableTimerW
OutputDebugStringW
PageSetupDlgW
PeekConsoleInputW
PeekMessageW
PlaySoundW
PolyTextOutW
PostMessageW
PostThreadMessageW
PrintDlgW
QueryContextAttributesW
QueryCredentialsAttributesW
QueryDosDeviceW
QuerySecurityPackageInfoW
RasConnectionNotificationW
RasCreatePhonebookEntryW
RasDeleteEntryW
RasDeleteSubEntryW
RasDialW
RasEditPhonebookEntryW
RasEnumConnectionsW
RasEnumDevicesW
RasEnumEntriesW
RasGetConnectStatusW
RasGetEntryDialParamsW
RasGetEntryPropertiesW
RasGetErrorStringW
RasGetProjectionInfoW
RasHangUpW
RasRenameEntryW
RasSetEntryDialParamsW
RasSetEntryPropertiesW
RasSetSubEntryPropertiesW
RasValidateEntryNameW
ReadConsoleInputW
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
RegConnectRegistryW
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryMultipleValuesW
RegQueryValueExW
RegQueryValueW
RegReplaceKeyW
RegSaveKeyW
RegSetValueExW
RegSetValueW
RegUnLoadKeyW
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterWindowMessageW
RemoveDirectoryW
RemoveFontResourceW
RemovePropA
RemovePropW
ReplaceTextW
ResetDCW
ResetPrinterW
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetFileInfoW
SHGetNewLinkInfoW
SHGetPathFromIDListW
ScrollConsoleScreenBufferW
SearchPathW
SendDlgItemMessageW
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCalendarInfoW
SetClassLongW
SetComputerNameW
SetConsoleTitleW
SetCurrentDirectoryW
SetDefaultCommConfigW
SetDlgItemTextW
SetEnvironmentVariableW
SetFileAttributesW
SetICMProfileW
SetJobW
SetLocaleInfoW
SetMenuItemInfoW
SetPrinterDataW
SetPrinterW
SetPropA
SetPropW
SetVolumeLabelW
SetWindowLongA
SetWindowLongW
SetWindowTextW
SetWindowsHookExW
SetWindowsHookW
ShellAboutW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
StartDocPrinterW
StartDocW
SystemParametersInfoW
TabbedTextOutW
TextOutW
TranslateAcceleratorW
UnregisterClassW
UpdateICMRegKeyW
UpdateResourceA
UpdateResourceW
VerFindFileW
VerInstallFileW
VerLanguageNameW
VerQueryValueW
VkKeyScanExW
VkKeyScanW
WNetAddConnection2W
WNetAddConnection3W
WNetAddConnectionW
WNetCancelConnection2W
WNetCancelConnectionW
WNetConnectionDialog1W
WNetDisconnectDialog1W
WNetEnumResourceW
WNetGetConnectionW
WNetGetLastErrorW
WNetGetNetworkInformationW
WNetGetProviderNameW
WNetGetResourceInformationW
WNetGetResourceParentW
WNetGetUniversalNameW
WNetGetUserW
WNetOpenEnumW
WNetUseConnectionW
WaitNamedPipeW
WideCharToMultiByte
WinHelpW
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteConsoleW
WritePrivateProfileSectionW
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringW
__FreeAllLibrariesInMsluDll
auxGetDevCapsW
capCreateCaptureWindowW
capGetDriverDescriptionW
joyGetDevCapsW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
mciGetDeviceIDW
mciGetErrorStringW
mciSendCommandW
mciSendStringW
midiInGetDevCapsW
midiInGetErrorTextW
midiOutGetDevCapsW
midiOutGetErrorTextW
mixerGetControlDetailsW
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenW
mmioRenameW
mmioStringToFOURCCW

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe.nsis

Sharing

General

Malware Config

Signatures

Files

32f3282581436269b3a75b6675fe3e08

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ceCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

2e:61:da:2c:d5:fd:d1:04:60:45:ae:4b:ec:7e:90:b4:19:9e:42:89:ab:31:eb:0e:19:91:b4:05:74:a5:ad:62Signer

03:9a:1a:f1:93:9f:81:3c:b3:a3:fb:7d:5a:9c:1a:f7:14:22:3f:02Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 1.0MB

.rsrc Size: 38KB - Virtual size: 37KB

.reloc Size: 4KB - Virtual size: 3KB

08deff66666d9f562e0cd9c9296e4950

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ceCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08Signer

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42Signer

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2e:61:da:2c:d5:fd:d1:04:60:45:ae:4b:ec:7e:90:b4:19:9e:42:89:ab:31:eb:0e:19:91:b4:05:74:a5:ad:62
Signer

03:9a:1a:f1:93:9f:81:3c:b3:a3:fb:7d:5a:9c:1a:f7:14:22:3f:02
Signer

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 1.0MB

.rsrc
Size: 38KB - Virtual size: 37KB

.reloc
Size: 4KB - Virtual size: 3KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

64:dd:24:7c:94:c9:3f:95:5a:f2:ff:28:00:92:4d:c3:33:0d:41:4c:9f:91:40:22:ac:8d:fe:9e:21:ce:88:08
Signer

9d:09:cf:7e:1e:92:2e:72:67:e8:b7:58:a5:0e:cc:68:87:9a:6b:42
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 948KB - Virtual size: 945KB

.data
Size: 348KB - Virtual size: 1.3MB

.rsrc
Size: 256KB - Virtual size: 254KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 312B

.reloc
Size: 1024B - Virtual size: 590B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

13:24:f4:75:eb:a5:95:13:91:c5:12:6c:f4:ee:b3:ce
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

58:ed:01:9d:da:86:72:57:49:3e:61:e5:f1:8d:fa:f4
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate