OGD[.]Scooby[.]Doo[.]and[.]the[.]Spooky[.]Swamp[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

OGD.Scooby.Doo.and.the.Spooky.Swamp.zip
Size

289.0MB
MD5

7774c7a774b4a58fbb217f944ced1c04
SHA1

bc531252b18e012ac9a86662931ff2e56b58f57f
SHA256

ea52b29eaa2e94bbf376951fe2d2c7373d9aa84ffb0609acf8329128aadc489b
SHA512

67065277a6aecdec86549baae52f132f8a88eb81ea4c972869f9f74eabda2bbe7317efe9ddb85282cacd2037c3c0350ebdd3d2d872e4ec36c132fef4ae992878
SSDEEP

6291456:pNSKNStNSRaczpnLWW0QaR4jNNzA+qixfhwElJUO+ASq/8gSHYT/Mv:pQKQtQRaMpL/jNPNqiZUOT/84i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/Scooby2.exe

Files

OGD.Scooby.Doo.and.the.Spooky.Swamp.zip
.zip
0x0405.ini
0x0409.ini
0x040e.ini
0x0415.ini
Crack/Scooby2.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 408KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
ISSetup.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cfee1e29d0f367e5c8bc56d6283da3b3

Code Sign

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5c
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

02/03/2011, 00:00

Not After

18/01/2013, 23:59

Subject

CN=QLOC S.A.,O=QLOC S.A.,L=Warszawa,ST=mazowieckie,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e0:75:67:12:7a:72:2c:66:2c:4b:a4:43:8a:ce:24:ba:e4:22:0c:ac
Signer

Actual PE Digest

e0:75:67:12:7a:72:2c:66:2c:4b:a4:43:8a:ce:24:ba:e4:22:0c:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetWindowRgn

gdi32

SetBkColor

advapi32

RegDeleteKeyW

shell32

SHGetPathFromIDListW

ole32

OleSaveToStream

oleaut32

SafeArrayGetDim

rpcrt4

NdrProxySendReceive

winmm

sndPlaySoundW

version

GetFileVersionInfoSizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
InstallEngineTypelib
RemoveEngineTypelib

Sections

.text
Size: 435KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
autorun.inf
bin/CZ/manual.pdf
.pdf
bin/CZ/readme.rtf
.rtf
bin/EN/Manual.pdf
.pdf
bin/EN/readme.rtf
.rtf
bin/HU/Manual.pdf
.pdf
bin/HU/readme.rtf
.rtf
bin/PL/Manual.pdf
.pdf
bin/PL/readme.rtf
.rtf
data1.hdr
icon.ico
layout.bin
setup.exe
.exe windows:4 windows x86 arch:x86

d359f27a4bcb5db01bbb086efdc99bd8

Code Sign

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5c
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

02/03/2011, 00:00

Not After

18/01/2013, 23:59

Subject

CN=QLOC S.A.,O=QLOC S.A.,L=Warszawa,ST=mazowieckie,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c9:d7:92:8f:9a:a1:0d:36:3a:f7:aa:32:fa:61:27:b9:e0:60:e0:78
Signer

Actual PE Digest

c9:d7:92:8f:9a:a1:0d:36:3a:f7:aa:32:fa:61:27:b9:e0:60:e0:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

FindResourceExW
GetDriveTypeW
WriteFile
lstrcpynW
lstrcmpiW
GetFileAttributesW
FindClose
FindFirstFileW
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
VirtualQuery
CompareStringA
IsBadReadPtr
CreateFileMappingW
CreateDirectoryW
CompareStringW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
SetFileAttributesW
FileTimeToLocalFileTime
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
GetPrivateProfileIntW
lstrcpyW
lstrlenW
Sleep
CloseHandle
CreateProcessW
RemoveDirectoryW
DeleteFileW
SetLastError
GetFileSize
SetFilePointer
CreateEventW
QueryPerformanceFrequency
GetSystemTimeAsFileTime
ReleaseMutex
GetUserDefaultLangID
GetSystemDefaultLangID
CreateMutexW
SetErrorMode
LoadLibraryW
lstrcatW
FreeLibrary
GetDiskFreeSpaceW
VerLanguageNameW
WideCharToMultiByte
ReadFile
GetTickCount
GetCommandLineW
ExitThread
CreateThread
GetDateFormatA
GetTimeFormatA
CreateFileA
FreeResource
lstrcatA
MulDiv
lstrcmpiA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
GetExitCodeProcess
GetLocaleInfoW
IsValidLocale
lstrcpyA
lstrlenA
GetWindowsDirectoryW
InterlockedDecrement
LocalFree
InterlockedIncrement
FormatMessageW
GetTempPathW
GetVersionExW
CreateFileW
GlobalFree
FindResourceW
LoadResource
SizeofResource
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
MultiByteToWideChar
GetModuleFileNameW
GetSystemDirectoryW
SetCurrentDirectoryW
WaitForSingleObject
ExitProcess
GetCurrentProcess
DuplicateHandle
GetThreadContext
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
SetThreadContext
ResumeThread
GetLastError
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleA
HeapReAlloc
RaiseException
RtlUnwind
DeleteCriticalSection
InterlockedExchange
MoveFileExW
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapSize
LCMapStringW
LCMapStringA
TlsGetValue
GetTempFileNameW
OpenProcess
CompareFileTime
GetProcessTimes
TerminateProcess
GetLocalTime
InitializeCriticalSection
GetCurrentProcessId
GetVersion
LeaveCriticalSection
EnterCriticalSection
GetCurrentThread
VirtualProtect
SearchPathW
ResetEvent
SetEvent
QueryPerformanceCounter
SystemTimeToFileTime
lstrcmpA
FindNextFileW
lstrcmpW

user32

CharUpperW
WaitForInputIdle
DialogBoxIndirectParamW
MessageBoxW
wsprintfW
SetForegroundWindow
SetWindowLongW
SetWindowTextW
SendMessageW
GetDlgItem
LoadIconW
EndDialog
MoveWindow
SetActiveWindow
DrawTextW
SetFocus
BeginPaint
LoadStringW
FillRect
EndPaint
GetMessageW
DefWindowProcW
GetWindow
SystemParametersInfoW
GetSystemMetrics
MapWindowPoints
GetPropW
EnableMenuItem
SetPropW
RemovePropW
GetSysColor
LoadImageW
GetDC
ReleaseDC
CreateDialogParamW
GetParent
GetWindowTextW
IsWindowVisible
ExitWindowsEx
UpdateWindow
InvalidateRect
DrawIcon
MapDialogRect
wsprintfA
GetClassNameW
GetWindowRect
DrawFocusRect
InflateRect
CallWindowProcW
GetWindowDC
CopyRect
EnumChildWindows
CreateWindowExW
RegisterClassExW
IntersectRect
GetDlgItemTextW
CreateDialogIndirectParamW
GetDesktopWindow
GetClientRect
IsWindowEnabled
FindWindowExW
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
TranslateMessage
DispatchMessageW
EnableWindow
ShowWindow
SendDlgItemMessageW
PostMessageW
ScreenToClient
SetWindowPos
IsWindow
DestroyWindow
GetWindowLongW
SetDlgItemTextW

gdi32

SetBkMode
SetTextColor
TextOutW
RestoreDC
SetBkColor
CreateSolidBrush
UnrealizeObject
SelectPalette
RealizePalette
BitBlt
CreateCompatibleDC
SelectObject
GetDIBColorTable
GetSystemPaletteEntries
CreatePalette
DeleteDC
CreateHalftonePalette
GetDeviceCaps
TranslateCharsetInfo
GetObjectW
CreateFontIndirectW
DeleteObject
CreateCompatibleBitmap
CreateDCW
GetStockObject
GetTextExtentPoint32W
CreatePatternBrush
CreateDIBitmap
DeleteMetaFile
SetMetaFileBitsEx
SetStretchBltMode
SelectClipRgn
CreateRectRgn
SetPixel
PatBlt
PlayMetaFile
StretchBlt
CreateBitmap
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
SetMapMode
SaveDC

advapi32

RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegEnumKeyW
RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegEnumValueW
RegQueryValueExW
RegDeleteValueW
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoInitialize
CoUninitialize
CoInitializeSecurity

oleaut32

VariantChangeType
VariantClear
GetErrorInfo
SysStringLen
SysReAllocStringLen
SysAllocString
SysFreeString
SysAllocStringLen

lz32

LZOpenFileW
LZCopy
LZClose

msi

ord88
ord137
ord141
ord169
ord8

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

Sections

.text
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup.ini
setup.inx
support/AdbeRdr1010_cs_CZ.exe
.exe windows:5 windows x86 arch:x86

6ff96ffac5d2912d767096d8ff4b1dd3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

28/09/2009, 00:00

Not After

04/11/2012, 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:28:00:64:ae:c5:82:1e:66:0c:b4:b1:cf:14:43:22:18:b7:d6:e1
Signer

Actual PE Digest

6d:28:00:64:ae:c5:82:1e:66:0c:b4:b1:cf:14:43:22:18:b7:d6:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\10D_MainQ\LocalKit\Tools\Win\Installer\AdobeSelfExtractor\Release\AdobeSelfExtractor.pdb

Imports

msi

ord70

kernel32

GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
GetFileAttributesW
SizeofResource
LockResource
LoadResource
IsValidCodePage
FindResourceW
MultiByteToWideChar
FormatMessageW
LocalFree
GetCommandLineW
DeleteFileW
GetTempPathW
GetVersionExW
GetEnvironmentVariableW
GlobalMemoryStatusEx
GetDriveTypeA
ResetEvent
WaitForSingleObject
Sleep
SetEvent
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
GetExitCodeProcess
SetFileAttributesW
RemoveDirectoryW
VirtualFree
VirtualAlloc
MoveFileW
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
HeapSize
GetFileType
SetStdHandle
ExitThread
HeapReAlloc
RaiseException
SetFileTime
GetCurrentDirectoryA
CreateEventW
GetTimeZoneInformation
RtlUnwind
SetCurrentDirectoryW
CreateThread
WideCharToMultiByte
GetVolumeInformationW
SetEnvironmentVariableW
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempFileNameW
lstrcpyW
GetSystemDirectoryW
GetFileTime
GetFileSizeEx
SetErrorMode
lstrlenA
GlobalGetAtomNameW
GlobalFlags
GetCurrentDirectoryW
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
InterlockedDecrement
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GetFullPathNameW
FindFirstFileW
FindClose
GetCurrentProcess
lstrlenW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LoadLibraryW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
LoadLibraryExW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleW
GetProcAddress

user32

CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
LockWindowUpdate
KillTimer
SetTimer
SetRect
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
DestroyIcon
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
LoadCursorW
GetSysColorBrush
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadImageW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetNextDlgGroupItem
GetWindowRgn
ValidateRect
CharUpperW
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
DestroyCursor
MapDialogRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetTopWindow
GetIconInfo
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindow
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
FindWindowW
SetWindowTextW
GetDlgItem
EnableWindow
IsWindow
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
PostMessageW
GetSystemMetrics
MessageBoxW
SetCapture
DefMDIChildProcW

gdi32

SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
DeleteObject
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileW
CreateCompatibleBitmap
CreateFontW
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ord165
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36.6MB - Virtual size: 36.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
support/AdbeRdr1010_en_US.exe
.exe windows:5 windows x86 arch:x86

6ff96ffac5d2912d767096d8ff4b1dd3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

28/09/2009, 00:00

Not After

04/11/2012, 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c3:6e:3a:e4:c4:2d:fa:be:d0:ef:f3:7b:cb:40:20:03:07:3b:e6:81
Signer

Actual PE Digest

c3:6e:3a:e4:c4:2d:fa:be:d0:ef:f3:7b:cb:40:20:03:07:3b:e6:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\10D_MainQ\LocalKit\Tools\Win\Installer\AdobeSelfExtractor\Release\AdobeSelfExtractor.pdb

Imports

msi

ord70

kernel32

GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
GetFileAttributesW
SizeofResource
LockResource
LoadResource
IsValidCodePage
FindResourceW
MultiByteToWideChar
FormatMessageW
LocalFree
GetCommandLineW
DeleteFileW
GetTempPathW
GetVersionExW
GetEnvironmentVariableW
GlobalMemoryStatusEx
GetDriveTypeA
ResetEvent
WaitForSingleObject
Sleep
SetEvent
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
GetExitCodeProcess
SetFileAttributesW
RemoveDirectoryW
VirtualFree
VirtualAlloc
MoveFileW
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
HeapSize
GetFileType
SetStdHandle
ExitThread
HeapReAlloc
RaiseException
SetFileTime
GetCurrentDirectoryA
CreateEventW
GetTimeZoneInformation
RtlUnwind
SetCurrentDirectoryW
CreateThread
WideCharToMultiByte
GetVolumeInformationW
SetEnvironmentVariableW
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempFileNameW
lstrcpyW
GetSystemDirectoryW
GetFileTime
GetFileSizeEx
SetErrorMode
lstrlenA
GlobalGetAtomNameW
GlobalFlags
GetCurrentDirectoryW
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
InterlockedDecrement
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GetFullPathNameW
FindFirstFileW
FindClose
GetCurrentProcess
lstrlenW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LoadLibraryW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
LoadLibraryExW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleW
GetProcAddress

user32

CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
LockWindowUpdate
KillTimer
SetTimer
SetRect
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
DestroyIcon
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
LoadCursorW
GetSysColorBrush
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadImageW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetNextDlgGroupItem
GetWindowRgn
ValidateRect
CharUpperW
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
DestroyCursor
MapDialogRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetTopWindow
GetIconInfo
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindow
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
FindWindowW
SetWindowTextW
GetDlgItem
EnableWindow
IsWindow
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
PostMessageW
GetSystemMetrics
MessageBoxW
SetCapture
DefMDIChildProcW

gdi32

SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
DeleteObject
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileW
CreateCompatibleBitmap
CreateFontW
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ord165
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36.4MB - Virtual size: 36.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
support/AdbeRdr1010_hu_HU.exe
.exe windows:5 windows x86 arch:x86

6ff96ffac5d2912d767096d8ff4b1dd3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

28/09/2009, 00:00

Not After

04/11/2012, 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5f:a6:04:c4:7d:2e:7a:52:1b:16:d9:cb:02:d4:47:42:96:2c:79:e6
Signer

Actual PE Digest

5f:a6:04:c4:7d:2e:7a:52:1b:16:d9:cb:02:d4:47:42:96:2c:79:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\10D_MainQ\LocalKit\Tools\Win\Installer\AdobeSelfExtractor\Release\AdobeSelfExtractor.pdb

Imports

msi

ord70

kernel32

GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
GetFileAttributesW
SizeofResource
LockResource
LoadResource
IsValidCodePage
FindResourceW
MultiByteToWideChar
FormatMessageW
LocalFree
GetCommandLineW
DeleteFileW
GetTempPathW
GetVersionExW
GetEnvironmentVariableW
GlobalMemoryStatusEx
GetDriveTypeA
ResetEvent
WaitForSingleObject
Sleep
SetEvent
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
GetExitCodeProcess
SetFileAttributesW
RemoveDirectoryW
VirtualFree
VirtualAlloc
MoveFileW
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
HeapSize
GetFileType
SetStdHandle
ExitThread
HeapReAlloc
RaiseException
SetFileTime
GetCurrentDirectoryA
CreateEventW
GetTimeZoneInformation
RtlUnwind
SetCurrentDirectoryW
CreateThread
WideCharToMultiByte
GetVolumeInformationW
SetEnvironmentVariableW
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempFileNameW
lstrcpyW
GetSystemDirectoryW
GetFileTime
GetFileSizeEx
SetErrorMode
lstrlenA
GlobalGetAtomNameW
GlobalFlags
GetCurrentDirectoryW
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
InterlockedDecrement
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GetFullPathNameW
FindFirstFileW
FindClose
GetCurrentProcess
lstrlenW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LoadLibraryW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
LoadLibraryExW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleW
GetProcAddress

user32

CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
LockWindowUpdate
KillTimer
SetTimer
SetRect
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
DestroyIcon
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
LoadCursorW
GetSysColorBrush
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadImageW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetNextDlgGroupItem
GetWindowRgn
ValidateRect
CharUpperW
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
DestroyCursor
MapDialogRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetTopWindow
GetIconInfo
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindow
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
FindWindowW
SetWindowTextW
GetDlgItem
EnableWindow
IsWindow
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
PostMessageW
GetSystemMetrics
MessageBoxW
SetCapture
DefMDIChildProcW

gdi32

SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
DeleteObject
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileW
CreateCompatibleBitmap
CreateFontW
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ord165
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35.9MB - Virtual size: 35.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
support/AdbeRdr1010_pl_PL.exe
.exe windows:5 windows x86 arch:x86

6ff96ffac5d2912d767096d8ff4b1dd3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

28/09/2009, 00:00

Not After

04/11/2012, 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Acrobat Engineering,O=Adobe Systems\, Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d4:62:a4:78:ac:59:59:f7:a9:c0:51:c4:a2:8f:0b:9e:8a:86:2e:e9
Signer

Actual PE Digest

d4:62:a4:78:ac:59:59:f7:a9:c0:51:c4:a2:8f:0b:9e:8a:86:2e:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\10D_MainQ\LocalKit\Tools\Win\Installer\AdobeSelfExtractor\Release\AdobeSelfExtractor.pdb

Imports

msi

ord70

kernel32

GetConsoleCP
GetConsoleMode
LCMapStringW
LCMapStringA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
GetFileAttributesW
SizeofResource
LockResource
LoadResource
IsValidCodePage
FindResourceW
MultiByteToWideChar
FormatMessageW
LocalFree
GetCommandLineW
DeleteFileW
GetTempPathW
GetVersionExW
GetEnvironmentVariableW
GlobalMemoryStatusEx
GetDriveTypeA
ResetEvent
WaitForSingleObject
Sleep
SetEvent
GetPrivateProfileStringW
CreateDirectoryW
CreateProcessW
GetExitCodeProcess
SetFileAttributesW
RemoveDirectoryW
VirtualFree
VirtualAlloc
MoveFileW
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
HeapCreate
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
HeapSize
GetFileType
SetStdHandle
ExitThread
HeapReAlloc
RaiseException
SetFileTime
GetCurrentDirectoryA
CreateEventW
GetTimeZoneInformation
RtlUnwind
SetCurrentDirectoryW
CreateThread
WideCharToMultiByte
GetVolumeInformationW
SetEnvironmentVariableW
ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetStartupInfoW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
GetTempFileNameW
lstrcpyW
GetSystemDirectoryW
GetFileTime
GetFileSizeEx
SetErrorMode
lstrlenA
GlobalGetAtomNameW
GlobalFlags
GetCurrentDirectoryW
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
InterlockedDecrement
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GetFullPathNameW
FindFirstFileW
FindClose
GetCurrentProcess
lstrlenW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LoadLibraryW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
LoadLibraryExW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
SetLastError
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleW
GetProcAddress

user32

CopyImage
OpenClipboard
GetMenuDefaultItem
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
EnableScrollBar
TranslateMDISysAccel
DrawMenuBar
DefFrameProcW
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
DestroyAcceleratorTable
RedrawWindow
SetWindowRgn
IsZoomed
LockWindowUpdate
KillTimer
SetTimer
SetRect
UnionRect
SetParent
GetSystemMenu
IsRectEmpty
MapVirtualKeyW
GetKeyNameTextW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
InvalidateRect
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
DestroyIcon
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
LoadCursorW
GetSysColorBrush
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadImageW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetLastActivePopup
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
GetNextDlgGroupItem
GetWindowRgn
ValidateRect
CharUpperW
GetWindowTextLengthW
GetWindowTextW
GetFocus
GetParent
SetWindowPos
SetFocus
IsWindowEnabled
DestroyCursor
MapDialogRect
SubtractRect
MapVirtualKeyExW
IsCharLowerW
GetTopWindow
GetIconInfo
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
GetWindowLongW
IsDialogMessageW
SendDlgItemMessageW
CheckDlgButton
GetWindow
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
FindWindowW
SetWindowTextW
GetDlgItem
EnableWindow
IsWindow
DrawIcon
GetClientRect
IsIconic
SendMessageW
LoadIconW
PostMessageW
GetSystemMetrics
MessageBoxW
SetCapture
DefMDIChildProcW

gdi32

SelectClipRgn
CreateRectRgn
GetObjectW
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
GetDCOrgEx
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
DPtoLP
DeleteObject
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateDIBSection
CreateEllipticRgn
Polyline
Ellipse
Polygon
OffsetRgn
GetRgnBox
SetDIBColorTable
RealizePalette
StretchBlt
SetPixel
RoundRect
Rectangle
CreatePalette
GetPaletteEntries
GetWindowOrgEx
GetViewportOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateBitmap
CopyMetaFileW
CreateCompatibleBitmap
CreateFontW
GetDeviceCaps

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW

shell32

SHAppBarMessage
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ord165
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
DragFinish

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathRemoveFileSpecW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
CoInitializeEx
CoUninitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
OleCreateMenuDescriptor

oleaut32

SysAllocString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36.2MB - Virtual size: 36.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
support/directx/APR2007_XACT_x64.cab
.cab .ps1 polyglot
apr2007_xact_x64.inf
infinst.exe
.exe windows:5 windows x64 arch:x64

6668c9525ad04c4190169dc04fde550d

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:c2:26:68:e3:a7:0e:0f:e1:0d:6e:d0:a5:42:df:15:4c:e1:0a:0f
Signer

Actual PE Digest

44:c2:26:68:e3:a7:0e:0f:e1:0d:6e:d0:a5:42:df:15:4c:e1:0a:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

infinst.pdb

Imports

kernel32

OutputDebugStringA
GetWindowsDirectoryA
GetLastError
LocalFree
FormatMessageA
CompareStringA
CloseHandle
CreateFileA
lstrlenA
GetPrivateProfileStringA
FindClose
FindFirstFileA
MoveFileExA
CopyFileA
GetCurrentDirectoryA
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
Sleep
SetFilePointer
SetStdHandle
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
ReadFile
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

CharNextA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupOpenInfFileA
SetupOpenFileQueue
SetupInstallFromInfSectionA
SetupCloseFileQueue
SetupCloseInfFile
SetupCopyOEMInfA
SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDefaultQueueCallbackA

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
x3daudio1_1.dll
.dll windows:5 windows x64 arch:x64

01dbb721ad8b0aa287d0e6cb37b97382

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6e:2b:fc:2c:be:00:d2:f9:f0:2d:7a:31:b3:c6:e8:cc:c4:87:22:77
Signer

Actual PE Digest

6e:2b:fc:2c:be:00:d2:f9:f0:2d:7a:31:b3:c6:e8:cc:c4:87:22:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X3DAudio1_1.pdb

Imports

msvcrt

tan
sinf
sin
sqrt
_initterm
cosf
malloc
acosf
free
atan2f

kernel32

Sleep
DisableThreadLibraryCalls

Exports

Exports

X3DAudioCalculate
X3DAudioInitialize

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
xact2_7_x64.cat
xact2_7_x64.inf
xact2_7_x64_xp.inf
xactengine2_7.dll
.dll regsvr32 windows:5 windows x64 arch:x64

db64690fd3880f9d7a43b3137465b79c

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a8:0a:f8:7d:a4:03:9b:2c:84:8b:b3:7d:71:bf:21:21:a5:17:49:1b
Signer

Actual PE Digest

a8:0a:f8:7d:a4:03:9b:2c:84:8b:b3:7d:71:bf:21:21:a5:17:49:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XactEngine2_7.pdb

Imports

msvcrt

_initterm
sinf
cosf
strncpy
sqrtf
free
malloc
cos
floorf
??2@YAPEAX_K@Z
_vsnwprintf
sin
powf
pow
log10
memcmp
_purecall
memcpy
acosf
atan2f
memset
sqrt
_isnan
??3@YAXPEAX@Z
_controlfp
_vsnprintf
_aligned_malloc
_aligned_free
tan

kernel32

GetSystemInfo
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
lstrcmpW
__C_specific_handler
HeapSize
GetFileSize
SetEndOfFile
SetFilePointer
DisableThreadLibraryCalls
GetLastError
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
HeapFree
CreateSemaphoreW
GetCurrentThreadId
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
TryEnterCriticalSection
CloseHandle
CreateFileA
QueryPerformanceFrequency
GetOverlappedResult
ReadFile
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CreateThread
CreateEventA
Sleep
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
WriteFile
ReleaseSemaphore
CreateEventW
SetThreadPriority
GetProcessHeap
RtlCaptureContext
SwitchToThread

rpcrt4

RpcStringFreeA
UuidToStringA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
PropVariantClear
CLSIDFromString

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

user32

GetDesktopWindow

winmm

timeEndPeriod
timeBeginPeriod

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 354KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 512B - Virtual size: 99B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
support/directx/APR2007_XACT_x86.cab
.cab
apr2007_xact_x86.inf
x3daudio1_1.dll
.dll windows:5 windows x86 arch:x86

9c6625d43656449d2c5b879dc74321e3

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b2:2b:d9:a2:23:a6:40:1b:ee:29:09:ad:5c:d8:97:f3:2d:d5:58:04
Signer

Actual PE Digest

b2:2b:d9:a2:23:a6:40:1b:ee:29:09:ad:5c:d8:97:f3:2d:d5:58:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X3DAudio1_1.pdb

Imports

msvcrt

_adjust_fdiv
_initterm
free
malloc
_CIacos

kernel32

Sleep
DisableThreadLibraryCalls

Exports

Exports

_X3DAudioCalculate@20
_X3DAudioInitialize@12

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xact2_7_x86.cat
xact2_7_x86.inf
xact2_7_x86_xp.inf
xactengine2_7.dll
.dll regsvr32 windows:5 windows x86 arch:x86

605b10ce895c22187302eed420c60859

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0b:60:68:0b:75:80:f9:29:96:8c:bd:ee:d1:5b:7d:54:87:24:38:51
Signer

Actual PE Digest

0b:60:68:0b:75:80:f9:29:96:8c:bd:ee:d1:5b:7d:54:87:24:38:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

XactEngine2_7.pdb

Imports

msvcrt

_except_handler3
??2@YAPAXI@Z
_adjust_fdiv
_initterm
strncpy
free
malloc
floor
_controlfp
_isnan
_CIpow
_vsnwprintf
_aligned_free
_purecall
??3@YAXPAX@Z
wcslen
_vsnprintf
_aligned_malloc
_CIacos

kernel32

HeapSize
GetSystemInfo
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetLastError
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
HeapFree
GetProcessHeap
InterlockedCompareExchange
GetCurrentThreadId
HeapAlloc
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreW
CloseHandle
CreateFileA
QueryPerformanceFrequency
GetOverlappedResult
ReadFile
InterlockedExchange
WaitForMultipleObjects
WaitForSingleObject
SetEvent
CreateThread
CreateEventA
Sleep
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
lstrcmpW
ReleaseSemaphore
GetFileSize
CreateEventW
SetThreadPriority
SwitchToThread
TryEnterCriticalSection
UnhandledExceptionFilter
WriteFile
SetFilePointer
SetEndOfFile

rpcrt4

RpcStringFreeA
UuidToStringA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
PropVariantClear
CLSIDFromString

advapi32

RegCreateKeyExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

user32

GetDesktopWindow

winmm

timeEndPeriod
timeBeginPeriod

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
support/directx/APR2007_d3dx10_33_x64.cab
.cab
apr2007_d3dx10_33_x64.inf
d3dcompiler_33.dll
.dll windows:6 windows x64 arch:x64

9c808cb0a9367e9df00eaf01580b5fb8

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2a:ee:f1:f2:c0:f0:f7:d0:35:bb:a6:43:ac:59:d3:db:38:9c:2b:03
Signer

Actual PE Digest

2a:ee:f1:f2:c0:f0:f7:d0:35:bb:a6:43:ac:59:d3:db:38:9c:2b:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_33.pdb

Imports

msvcrt

__dllonexit
_lock
_onexit
??1type_info@@UEAA@XZ
isspace
_unlock
_CxxThrowException
memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
isxdigit
atof
_strdup
setlocale
modf
isalnum
_strnicmp
_fpclass
strncmp
_isnan
isdigit
_clearfp
strchr
isalpha
_controlfp
_finite
tolower
memmove
_purecall
atoi
_stricmp
malloc
free
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_vsnprintf
strstr
qsort
toupper
__CxxFrameHandler
memcmp
atan2
atan
asin
acos
ceil
cosh
cos
exp
fmod
log
pow
floor
sin
tanh
tan
sqrt
sinh
floorf

gdi32

DeleteObject

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnmapViewOfFile
CloseHandle
GetSystemInfo
VirtualAlloc
VirtualFree
FreeLibrary
DeleteCriticalSection
LoadLibraryA
GetProcAddress
InitializeCriticalSection
OutputDebugStringA
GetFullPathNameA
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue
Sleep
VirtualProtect
DisableThreadLibraryCalls
GetModuleHandleA
lstrcmpiA

Exports

Exports

D3DCompileFromMemory
D3DDisassembleCode
D3DDisassembleEffect
D3DGetCodeDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocessFromMemory
D3DReflectCode
DebugSetMute

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx10_33.dll
.dll windows:6 windows x64 arch:x64

e9a81e28c053dcf21507017540b99e1e

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

56:ef:a1:45:10:98:d3:a7:3c:b6:f6:bb:67:23:56:12:c5:67:44:75
Signer

Actual PE Digest

56:ef:a1:45:10:98:d3:a7:3c:b6:f6:bb:67:23:56:12:c5:67:44:75

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d3dx10_33.pdb

Imports

msvcrt

_controlfp
__CxxFrameHandler
_purecall
_finite
iswpunct
iswdigit
iswalpha
iswspace
_vsnprintf
memmove
qsort
_isnan
??2@YAPEAX_K@Z
tolower
_stricmp
_XcptFilter
malloc
_initterm
free
_amsg_exit
??1type_info@@UEAA@XZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_CxxThrowException
sqrt
asinf
memset
memcpy
??3@YAXPEAX@Z
__C_specific_handler
sqrtf
floorf
cosf
sinf
atan2f
acosf
atan

gdi32

GetObjectW
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
TranslateCharsetInfo
DeleteDC
DeleteObject
SelectObject
ExtTextOutA
MoveToEx
ExtTextOutW
CreateDIBSection
GetGlyphOutlineA
GetObjectA
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsA
GetTextMetricsW
GetFontLanguageInfo

kernel32

SizeofResource
FindResourceW
FindResourceA
LockResource
GetLastError
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
OutputDebugStringA
GetModuleFileNameA
GetFileSize
CreateFileW
IsProcessorFeaturePresent
MultiByteToWideChar
ReadFile
GetFileSizeEx
CreateFileA
WideCharToMultiByte
GetFullPathNameA
FreeLibrary
GetModuleHandleA
DebugBreak
CloseHandle
ReleaseMutex
ReleaseSemaphore
WaitForSingleObject
CreateMutexA
CreateSemaphoreA
WaitForMultipleObjects
CreateThread
GetCurrentProcess
GetProcessAffinityMask
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetProcAddress
Sleep
VirtualProtect
DisableThreadLibraryCalls
LoadResource

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA

ole32

CreateStreamOnHGlobal

Exports

Exports

D3DX10CheckVersion
D3DX10CompileFromFileA
D3DX10CompileFromFileW
D3DX10CompileFromMemory
D3DX10CompileFromResourceA
D3DX10CompileFromResourceW
D3DX10ComputeNormalMap
D3DX10CreateAsyncCompilerProcessor
D3DX10CreateAsyncEffectCreateProcessor
D3DX10CreateAsyncEffectPoolCreateProcessor
D3DX10CreateAsyncFileLoaderA
D3DX10CreateAsyncFileLoaderW
D3DX10CreateAsyncMemoryLoader
D3DX10CreateAsyncResourceLoaderA
D3DX10CreateAsyncResourceLoaderW
D3DX10CreateAsyncShaderPreprocessProcessor
D3DX10CreateAsyncShaderResourceViewProcessor
D3DX10CreateAsyncTextureInfoProcessor
D3DX10CreateAsyncTextureProcessor
D3DX10CreateEffectFromFileA
D3DX10CreateEffectFromFileW
D3DX10CreateEffectFromMemory
D3DX10CreateEffectFromResourceA
D3DX10CreateEffectFromResourceW
D3DX10CreateEffectPoolFromFileA
D3DX10CreateEffectPoolFromFileW
D3DX10CreateEffectPoolFromMemory
D3DX10CreateEffectPoolFromResourceA
D3DX10CreateEffectPoolFromResourceW
D3DX10CreateFontA
D3DX10CreateFontIndirectA
D3DX10CreateFontIndirectW
D3DX10CreateFontW
D3DX10CreateMesh
D3DX10CreateShaderResourceViewFromFileA
D3DX10CreateShaderResourceViewFromFileW
D3DX10CreateShaderResourceViewFromMemory
D3DX10CreateShaderResourceViewFromResourceA
D3DX10CreateShaderResourceViewFromResourceW
D3DX10CreateSkinInfo
D3DX10CreateSprite
D3DX10CreateTextureFromFileA
D3DX10CreateTextureFromFileW
D3DX10CreateTextureFromMemory
D3DX10CreateTextureFromResourceA
D3DX10CreateTextureFromResourceW
D3DX10CreateThreadPump
D3DX10DisassembleEffect
D3DX10DisassembleShader
D3DX10FilterTexture
D3DX10GetDriverLevel
D3DX10GetImageInfoFromFileA
D3DX10GetImageInfoFromFileW
D3DX10GetImageInfoFromMemory
D3DX10GetImageInfoFromResourceA
D3DX10GetImageInfoFromResourceW
D3DX10LoadTextureFromTexture
D3DX10PreprocessShaderFromFileA
D3DX10PreprocessShaderFromFileW
D3DX10PreprocessShaderFromMemory
D3DX10PreprocessShaderFromResourceA
D3DX10PreprocessShaderFromResourceW
D3DX10ReflectShader
D3DX10SHProjectCubeMap
D3DX10SaveTextureToFileA
D3DX10SaveTextureToFileW
D3DX10SaveTextureToMemory
D3DX10UnsetAllDeviceObjects
D3DXBoxBoundProbe
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXCpuOptimizations
D3DXCreateMatrixStack
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFresnelTerm
D3DXIntersectTri
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSphereBoundProbe
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray

Sections

.text
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx10_33_x64.cat
d3dx10_33_x64.inf
d3dx10_33_x64_xp.inf
infinst.exe
.exe windows:5 windows x64 arch:x64

6668c9525ad04c4190169dc04fde550d

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:c2:26:68:e3:a7:0e:0f:e1:0d:6e:d0:a5:42:df:15:4c:e1:0a:0f
Signer

Actual PE Digest

44:c2:26:68:e3:a7:0e:0f:e1:0d:6e:d0:a5:42:df:15:4c:e1:0a:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

infinst.pdb

Imports

kernel32

OutputDebugStringA
GetWindowsDirectoryA
GetLastError
LocalFree
FormatMessageA
CompareStringA
CloseHandle
CreateFileA
lstrlenA
GetPrivateProfileStringA
FindClose
FindFirstFileA
MoveFileExA
CopyFileA
GetCurrentDirectoryA
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitProcess
GetProcAddress
GetModuleHandleA
WriteFile
GetStdHandle
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
Sleep
SetFilePointer
SetStdHandle
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
ReadFile
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

CharNextA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupOpenInfFileA
SetupOpenFileQueue
SetupInstallFromInfSectionA
SetupCloseFileQueue
SetupCloseInfFile
SetupCopyOEMInfA
SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDefaultQueueCallbackA

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
support/directx/APR2007_d3dx10_33_x86.cab
.cab
apr2007_d3dx10_33_x86.inf
d3dcompiler_33.dll
.dll windows:6 windows x86 arch:x86

5fd50ee8ab23e520caeada9b9e05fdcc

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:3a:5a:11:cd:a5:a6:11:12:11:7c:29:25:61:4f:b5:9a:dc:74:d7
Signer

Actual PE Digest

48:3a:5a:11:cd:a5:a6:11:12:11:7c:29:25:61:4f:b5:9a:dc:74:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_33.pdb

Imports

msvcrt

setlocale
atof
isxdigit
_CxxThrowException
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
isspace
_unlock
__dllonexit
_lock
_onexit
??1type_info@@UAE@XZ
_strdup
modf
isalnum
_strnicmp
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIsqrt
_CIexp
_CIpow
_CIfmod
_CIsin
_CIsinh
_CItan
_CItanh
ceil
_isnan
_fpclass
strncmp
_controlfp
_clearfp
floor
_CIlog
_finite
tolower
isalpha
isdigit
atoi
memmove
_purecall
_stricmp
free
memset
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
strchr
_vsnprintf
strstr
toupper
qsort
__CxxFrameHandler

gdi32

DeleteObject

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
UnmapViewOfFile
CloseHandle
FindResourceW
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
LoadLibraryA
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
OutputDebugStringA
WideCharToMultiByte
GetFullPathNameA
InterlockedCompareExchange
Sleep
TlsAlloc
TlsSetValue
InterlockedExchange
TlsFree
TlsGetValue
GetVersion
GetSystemInfo
GetProcAddress
VirtualAlloc
DisableThreadLibraryCalls
GetModuleHandleA
lstrcmpiA

Exports

Exports

D3DCompileFromMemory
D3DDisassembleCode
D3DDisassembleEffect
D3DGetCodeDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocessFromMemory
D3DReflectCode
DebugSetMute

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx10_33.dll
.dll windows:6 windows x86 arch:x86

0008d86c47dcdd56b224627bb2f25287

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0d:9a:2f:a5:9e:b5:9e:68:34:64:ce:c7:fb:4b:5a:48:37:72:b1:01
Signer

Actual PE Digest

0d:9a:2f:a5:9e:b5:9e:68:34:64:ce:c7:fb:4b:5a:48:37:72:b1:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx10_33.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
tolower
_stricmp
_CxxThrowException
_isnan
floor
_controlfp
_purecall
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
_CIsqrt
iswspace
iswalpha
iswdigit
iswpunct
memmove
qsort
memset
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
_vsnprintf
__CxxFrameHandler

gdi32

GetGlyphOutlineA
SelectObject
GetCharacterPlacementA
GetCharacterPlacementW
CreateDIBSection
DeleteDC
DeleteObject
GetTextMetricsA
GetObjectW
GetObjectA
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
SetTextColor

kernel32

CreateFileA
GetFileSizeEx
ReadFile
WideCharToMultiByte
GetFullPathNameA
GetModuleHandleA
FreeLibrary
GetCurrentProcess
GetProcessAffinityMask
CreateThread
InterlockedIncrement
Sleep
WaitForSingleObject
InterlockedDecrement
DebugBreak
WaitForMultipleObjects
ReleaseSemaphore
MultiByteToWideChar
CloseHandle
CreateSemaphoreA
CreateMutexA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetVersion
GetProcAddress
DisableThreadLibraryCalls
IsProcessorFeaturePresent
CreateFileW
GetFileSize
GetModuleFileNameA
InterlockedExchange
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetLastError
LockResource
FindResourceW
LoadResource
SizeofResource
FindResourceA
ReleaseMutex

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

ole32

CreateStreamOnHGlobal

Exports

Exports

D3DX10CheckVersion
D3DX10CompileFromFileA
D3DX10CompileFromFileW
D3DX10CompileFromMemory
D3DX10CompileFromResourceA
D3DX10CompileFromResourceW
D3DX10ComputeNormalMap
D3DX10CreateAsyncCompilerProcessor
D3DX10CreateAsyncEffectCreateProcessor
D3DX10CreateAsyncEffectPoolCreateProcessor
D3DX10CreateAsyncFileLoaderA
D3DX10CreateAsyncFileLoaderW
D3DX10CreateAsyncMemoryLoader
D3DX10CreateAsyncResourceLoaderA
D3DX10CreateAsyncResourceLoaderW
D3DX10CreateAsyncShaderPreprocessProcessor
D3DX10CreateAsyncShaderResourceViewProcessor
D3DX10CreateAsyncTextureInfoProcessor
D3DX10CreateAsyncTextureProcessor
D3DX10CreateEffectFromFileA
D3DX10CreateEffectFromFileW
D3DX10CreateEffectFromMemory
D3DX10CreateEffectFromResourceA
D3DX10CreateEffectFromResourceW
D3DX10CreateEffectPoolFromFileA
D3DX10CreateEffectPoolFromFileW
D3DX10CreateEffectPoolFromMemory
D3DX10CreateEffectPoolFromResourceA
D3DX10CreateEffectPoolFromResourceW
D3DX10CreateFontA
D3DX10CreateFontIndirectA
D3DX10CreateFontIndirectW
D3DX10CreateFontW
D3DX10CreateMesh
D3DX10CreateShaderResourceViewFromFileA
D3DX10CreateShaderResourceViewFromFileW
D3DX10CreateShaderResourceViewFromMemory
D3DX10CreateShaderResourceViewFromResourceA
D3DX10CreateShaderResourceViewFromResourceW
D3DX10CreateSkinInfo
D3DX10CreateSprite
D3DX10CreateTextureFromFileA
D3DX10CreateTextureFromFileW
D3DX10CreateTextureFromMemory
D3DX10CreateTextureFromResourceA
D3DX10CreateTextureFromResourceW
D3DX10CreateThreadPump
D3DX10DisassembleEffect
D3DX10DisassembleShader
D3DX10FilterTexture
D3DX10GetDriverLevel
D3DX10GetImageInfoFromFileA
D3DX10GetImageInfoFromFileW
D3DX10GetImageInfoFromMemory
D3DX10GetImageInfoFromResourceA
D3DX10GetImageInfoFromResourceW
D3DX10LoadTextureFromTexture
D3DX10PreprocessShaderFromFileA
D3DX10PreprocessShaderFromFileW
D3DX10PreprocessShaderFromMemory
D3DX10PreprocessShaderFromResourceA
D3DX10PreprocessShaderFromResourceW
D3DX10ReflectShader
D3DX10SHProjectCubeMap
D3DX10SaveTextureToFileA
D3DX10SaveTextureToFileW
D3DX10SaveTextureToMemory
D3DX10UnsetAllDeviceObjects
D3DXBoxBoundProbe
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXCpuOptimizations
D3DXCreateMatrixStack
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFresnelTerm
D3DXIntersectTri
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSphereBoundProbe
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d3dx10_33_x86.cat
d3dx10_33_x86.inf
d3dx10_33_x86_xp.inf
support/directx/APR2007_d3dx9_33_x64.cab
.cab
support/directx/APR2007_d3dx9_33_x86.cab
.cab
support/directx/APR2007_xinput_x64.cab
.cab
support/directx/APR2007_xinput_x86.cab
.cab
support/directx/AUG2006_XACT_x64.cab
.cab
support/directx/AUG2006_XACT_x86.cab
.cab
support/directx/AUG2006_xinput_x64.cab
.cab
support/directx/AUG2006_xinput_x86.cab
.cab
support/directx/AUG2007_XACT_x64.cab
.cab
support/directx/AUG2007_XACT_x86.cab
.cab
support/directx/AUG2007_d3dx10_35_x64.cab
.cab
support/directx/AUG2007_d3dx10_35_x86.cab
.cab
support/directx/AUG2007_d3dx9_35_x64.cab
.cab
support/directx/AUG2007_d3dx9_35_x86.cab
.cab
support/directx/Apr2005_d3dx9_25_x64.cab
.cab
support/directx/Apr2005_d3dx9_25_x86.cab
.cab
support/directx/Apr2006_MDX1_x86.cab
.cab
support/directx/Apr2006_MDX1_x86_Archive.cab
.cab
support/directx/Apr2006_XACT_x64.cab
.cab
support/directx/Apr2006_XACT_x86.cab
.cab
support/directx/Apr2006_d3dx9_30_x64.cab
.cab
support/directx/Apr2006_d3dx9_30_x86.cab
.cab
support/directx/Apr2006_xinput_x64.cab
.cab
support/directx/Apr2006_xinput_x86.cab
.cab
support/directx/Aug2005_d3dx9_27_x64.cab
.cab
support/directx/Aug2005_d3dx9_27_x86.cab
.cab
support/directx/Aug2008_XACT_x64.cab
.cab
support/directx/Aug2008_XACT_x86.cab
.cab
support/directx/Aug2008_XAudio_x64.cab
.cab
support/directx/Aug2008_XAudio_x86.cab
.cab
support/directx/Aug2008_d3dx10_39_x64.cab
.cab
support/directx/Aug2008_d3dx10_39_x86.cab
.cab
support/directx/Aug2008_d3dx9_39_x64.cab
.cab
support/directx/Aug2008_d3dx9_39_x86.cab
.cab
support/directx/Aug2009_D3DCompiler_42_x64.cab
.cab
support/directx/Aug2009_D3DCompiler_42_x86.cab
.cab
support/directx/Aug2009_XACT_x64.cab
.cab
support/directx/Aug2009_XACT_x86.cab
.cab
support/directx/Aug2009_XAudio_x64.cab
.cab
support/directx/Aug2009_XAudio_x86.cab
.cab
support/directx/Aug2009_d3dcsx_42_x64.cab
.cab
support/directx/Aug2009_d3dcsx_42_x86.cab
.cab
support/directx/Aug2009_d3dx10_42_x64.cab
.cab
support/directx/Aug2009_d3dx10_42_x86.cab
.cab
support/directx/Aug2009_d3dx11_42_x64.cab
.cab
support/directx/Aug2009_d3dx11_42_x86.cab
.cab
support/directx/Aug2009_d3dx9_42_x64.cab
.cab
support/directx/Aug2009_d3dx9_42_x86.cab
.cab
support/directx/DEC2006_XACT_x64.cab
.cab
support/directx/DEC2006_XACT_x86.cab
.cab
support/directx/DEC2006_d3dx10_00_x64.cab
.cab
support/directx/DEC2006_d3dx10_00_x86.cab
.cab
support/directx/DEC2006_d3dx9_32_x64.cab
.cab
support/directx/DEC2006_d3dx9_32_x86.cab
.cab
support/directx/DSETUP.dll
.dll windows:6 windows x86 arch:x86

5ee93a27b334994f92812e79a2fb75bd

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e7:2c:0e:bb:86:1f:cb:57:4e:97:97:44:28:c3:0a:2d:07:1d:2d:27
Signer

Actual PE Digest

e7:2c:0e:bb:86:1f:cb:57:4e:97:97:44:28:c3:0a:2d:07:1d:2d:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DSETUP.pdb

Imports

kernel32

LocalFree
LocalAlloc
lstrcmpA
WideCharToMultiByte
GetSystemDefaultLCID
GetModuleFileNameA
SetLastError
MultiByteToWideChar
lstrlenA
lstrlenW
CompareStringA
CreateDirectoryA
GetWindowsDirectoryA
FormatMessageA
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
GetLocalTime
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentDirectoryA
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
CreateFileA
LCMapStringW
GetStringTypeW
HeapSize
WriteConsoleW
SetEndOfFile
GetProcessHeap
ReadFile
CreateFileW
GetSystemDirectoryA
SetCurrentDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
OutputDebugStringA
CreateMutexA
GetLastError
CloseHandle
HeapCreate
FreeLibrary

user32

GetKeyboardType
DestroyWindow
SetFocus
CreateDialogParamA
SetDlgItemTextA
MessageBoxA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA

winmm

mmioRead
mmioDescend
mmioClose
mmioOpenA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

StringFromGUID2

Exports

Exports

DirectXDeviceDriverSetupA
DirectXDeviceDriverSetupW
DirectXLoadString
DirectXRegisterApplicationA
DirectXRegisterApplicationW
DirectXSetupA
DirectXSetupCallback
DirectXSetupGetEULAA
DirectXSetupGetEULAW
DirectXSetupGetFileVersion
DirectXSetupGetVersion
DirectXSetupIsEng
DirectXSetupIsJapan
DirectXSetupIsJapanNec
DirectXSetupSetCallback
DirectXSetupShowEULA
DirectXSetupW
DirectXUnRegisterApplication

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
support/directx/DXSETUP.exe
.exe windows:6 windows x86 arch:x86

9f601d1261adacd540476661fd007bc3

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b1:da:04:49:85:85:98:e8:94:a8:22:25:b7:5b:70:bb:f9:f9:02:96
Signer

Actual PE Digest

b1:da:04:49:85:85:98:e8:94:a8:22:25:b7:5b:70:bb:f9:f9:02:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

DXSETUP.pdb

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

kernel32

FindClose
FindFirstFileA
lstrlenA
ReadFile
GetFileSize
CreateFileA
GetCurrentDirectoryA
GetCurrentProcess
GetModuleFileNameA
SetErrorMode
CreateMutexA
GetModuleHandleA
CreateThread
GetSystemDirectoryA
CloseHandle
GetVersionExA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryA
FreeLibrary
CompareStringA
FormatMessageA
lstrcmpiA
GetProcessHeap
SetEndOfFile
WriteConsoleW
HeapReAlloc
GetStringTypeW
HeapSize
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
Sleep
LoadLibraryW
MultiByteToWideChar
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsProcessorFeaturePresent
RaiseException
HeapAlloc
RtlUnwind
CreateFileW
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
CreateDirectoryA
GetLastError
LocalFree
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetLocalTime
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapFree

gdi32

CreateCompatibleDC
GetObjectA
StretchBlt
DeleteDC
SelectObject
CreateFontIndirectA
DeleteObject
GetDeviceCaps

user32

ReleaseDC
GetDC
LoadImageA
SystemParametersInfoA
SendDlgItemMessageA
SetWindowTextA
GetWindowLongA
SetWindowLongA
PostMessageA
GetParent
SetDlgItemTextA
GetDlgItem
SendMessageA
ShowWindow
GetAsyncKeyState
ExitWindowsEx
EnumWindows
CharLowerA
LoadStringA
MessageBoxA
GetWindowTextA
GetClassNameA
SetForegroundWindow
SetFocus

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

CreatePropertySheetPageA
PropertySheetA
ord17

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
support/directx/Dec2005_d3dx9_28_x64.cab
.cab
support/directx/Dec2005_d3dx9_28_x86.cab
.cab
support/directx/FEB2007_XACT_x64.cab
.cab
support/directx/FEB2007_XACT_x86.cab
.cab
support/directx/Feb2005_d3dx9_24_x64.cab
.cab
support/directx/Feb2005_d3dx9_24_x86.cab
.cab
support/directx/Feb2006_XACT_x64.cab
.cab
support/directx/Feb2006_XACT_x86.cab
.cab
support/directx/Feb2006_d3dx9_29_x64.cab
.cab
support/directx/Feb2006_d3dx9_29_x86.cab
.cab
support/directx/Feb2010_X3DAudio_x64.cab
.cab
support/directx/Feb2010_X3DAudio_x86.cab
.cab
support/directx/Feb2010_XACT_x64.cab
.cab
support/directx/Feb2010_XACT_x86.cab
.cab
support/directx/Feb2010_XAudio_x64.cab
.cab
support/directx/Feb2010_XAudio_x86.cab
.cab
support/directx/JUN2006_XACT_x64.cab
.cab
support/directx/JUN2006_XACT_x86.cab
.cab
support/directx/JUN2007_XACT_x64.cab
.cab
support/directx/JUN2007_XACT_x86.cab
.cab
support/directx/JUN2007_d3dx10_34_x64.cab
.cab
support/directx/JUN2007_d3dx10_34_x86.cab
.cab
support/directx/JUN2007_d3dx9_34_x64.cab
.cab
support/directx/JUN2007_d3dx9_34_x86.cab
.cab
support/directx/JUN2008_X3DAudio_x64.cab
.cab
support/directx/JUN2008_X3DAudio_x86.cab
.cab
support/directx/JUN2008_XACT_x64.cab
.cab
support/directx/JUN2008_XACT_x86.cab
.cab
support/directx/JUN2008_XAudio_x64.cab
.cab
support/directx/JUN2008_XAudio_x86.cab
.cab
support/directx/JUN2008_d3dx10_38_x64.cab
.cab
support/directx/JUN2008_d3dx10_38_x86.cab
.cab
support/directx/JUN2008_d3dx9_38_x64.cab
.cab
support/directx/JUN2008_d3dx9_38_x86.cab
.cab
support/directx/Jun2005_d3dx9_26_x64.cab
.cab
support/directx/Jun2005_d3dx9_26_x86.cab
.cab
support/directx/Jun2010_D3DCompiler_43_x64.cab
.cab
support/directx/Jun2010_D3DCompiler_43_x86.cab
.cab
support/directx/Jun2010_XACT_x64.cab
.cab
support/directx/Jun2010_XACT_x86.cab
.cab
support/directx/Jun2010_XAudio_x64.cab
.cab
support/directx/Jun2010_XAudio_x86.cab
.cab
support/directx/Jun2010_d3dcsx_43_x64.cab
.cab
support/directx/Jun2010_d3dcsx_43_x86.cab
.cab
support/directx/Jun2010_d3dx10_43_x64.cab
.cab
support/directx/Jun2010_d3dx10_43_x86.cab
.cab
support/directx/Jun2010_d3dx11_43_x64.cab
.cab
support/directx/Jun2010_d3dx11_43_x86.cab
.cab
support/directx/Jun2010_d3dx9_43_x64.cab
.cab
support/directx/Jun2010_d3dx9_43_x86.cab
.cab
support/directx/Mar2008_X3DAudio_x64.cab
.cab
support/directx/Mar2008_X3DAudio_x86.cab
.cab
support/directx/Mar2008_XACT_x64.cab
.cab
support/directx/Mar2008_XACT_x86.cab
.cab
support/directx/Mar2008_XAudio_x64.cab
.cab
support/directx/Mar2008_XAudio_x86.cab
.cab
support/directx/Mar2008_d3dx10_37_x64.cab
.cab
support/directx/Mar2008_d3dx10_37_x86.cab
.cab
support/directx/Mar2008_d3dx9_37_x64.cab
.cab
support/directx/Mar2008_d3dx9_37_x86.cab
.cab
support/directx/Mar2009_X3DAudio_x64.cab
.cab
support/directx/Mar2009_X3DAudio_x86.cab
.cab
support/directx/Mar2009_XACT_x64.cab
.cab
support/directx/Mar2009_XACT_x86.cab
.cab
support/directx/Mar2009_XAudio_x64.cab
.cab
support/directx/Mar2009_XAudio_x86.cab
.cab
support/directx/Mar2009_d3dx10_41_x64.cab
.cab
support/directx/Mar2009_d3dx10_41_x86.cab
.cab
support/directx/Mar2009_d3dx9_41_x64.cab
.cab
support/directx/Mar2009_d3dx9_41_x86.cab
.cab
support/directx/NOV2007_X3DAudio_x64.cab
.cab
support/directx/NOV2007_X3DAudio_x86.cab
.cab
support/directx/NOV2007_XACT_x64.cab
.cab
support/directx/NOV2007_XACT_x86.cab
.cab
support/directx/Nov2007_d3dx10_36_x64.cab
.cab
support/directx/Nov2007_d3dx10_36_x86.cab
.cab
support/directx/Nov2007_d3dx9_36_x64.cab
.cab
support/directx/Nov2007_d3dx9_36_x86.cab
.cab
support/directx/Nov2008_X3DAudio_x64.cab
.cab
support/directx/Nov2008_X3DAudio_x86.cab
.cab
support/directx/Nov2008_XACT_x64.cab
.cab
support/directx/Nov2008_XACT_x86.cab
.cab
support/directx/Nov2008_XAudio_x64.cab
.cab
support/directx/Nov2008_XAudio_x86.cab
.cab
support/directx/Nov2008_d3dx10_40_x64.cab
.cab
support/directx/Nov2008_d3dx10_40_x86.cab
.cab
support/directx/Nov2008_d3dx9_40_x64.cab
.cab
support/directx/Nov2008_d3dx9_40_x86.cab
.cab
support/directx/OCT2006_XACT_x64.cab
.cab
support/directx/OCT2006_XACT_x86.cab
.cab
support/directx/OCT2006_d3dx9_31_x64.cab
.cab
support/directx/OCT2006_d3dx9_31_x86.cab
.cab
support/directx/Oct2005_xinput_x64.cab
.cab
support/directx/Oct2005_xinput_x86.cab
.cab
support/directx/dsetup32.dll
.dll windows:6 windows x86 arch:x86

d1671a2cd7c955bf9903489363b7585c

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

22:9d:3f:6c:9f:d6:3c:85:3d:d2:28:5b:3e:7b:4f:07:0b:5d:a1:86
Signer

Actual PE Digest

22:9d:3f:6c:9f:d6:3c:85:3d:d2:28:5b:3e:7b:4f:07:0b:5d:a1:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dsetup32.pdb

Imports

kernel32

FindClose
FindFirstFileA
GetSystemDirectoryA
CopyFileA
DeleteFileA
SetFileAttributesA
WideCharToMultiByte
LoadResource
FindResourceA
GetSystemDefaultLCID
GetModuleFileNameA
lstrcmpA
LockResource
SizeofResource
SetLastError
GetPrivateProfileStringA
MultiByteToWideChar
CloseHandle
GetFileSize
CreateFileA
GetPrivateProfileSectionA
lstrcmpiA
lstrlenA
FindNextFileA
GetShortPathNameA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryExA
GetFileAttributesA
GetPrivateProfileSectionNamesA
GetSystemInfo
GetDiskFreeSpaceA
GetModuleHandleA
ReadFile
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTempFileNameA
GetDriveTypeA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
GetTempPathA
MoveFileExA
SetFileTime
GetFileTime
Sleep
CreateMutexA
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetLocalTime
HeapFree
HeapReAlloc
EncodePointer
TlsAlloc
TlsGetValue
GetVersionExA
TlsFree
InterlockedIncrement
GetModuleHandleW
InterlockedDecrement
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapAlloc
RaiseException
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
WriteFile
GetConsoleCP
GetConsoleMode
LoadLibraryW
GetModuleFileNameW
SetFilePointer
SetStdHandle
FlushFileBuffers
HeapSize
GetStringTypeW
WriteConsoleW
SetEndOfFile
GetProcessHeap
CreateFileW
GetProcAddress
LoadLibraryA
GetCurrentProcess
FreeLibrary
CompareStringA
FormatMessageA
LocalFree
GetWindowsDirectoryA
OutputDebugStringA
CreateDirectoryA
TlsSetValue
GetLastError

gdi32

GetDeviceCaps

user32

PeekMessageA
ShowWindow
GetDlgItem
SendMessageA
CharLowerA
MessageBoxA
CreateDialogParamA
SetFocus
DestroyWindow
DialogBoxParamA
GetMessageA
CharNextA
EndDialog
SetDlgItemTextA
SendDlgItemMessageA
GetDesktopWindow
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
LoadStringA
DispatchMessageA
TranslateMessage
GetKeyboardType

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegQueryValueExA

shlwapi

SHDeleteKeyA

winmm

mmioDescend
mmioOpenA
mmioClose
mmioRead

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

SHFileOperationA

ole32

StringFromGUID2

Exports

Exports

DirectXLoadString
DirectXSetupCallback
DirectXSetupSetCallback
DirectXSetupShowEULA
iDirectXSetup
iDirectXSetupGetEULA

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
support/directx/dxdllreg_x86.cab
.cab
support/directx/dxupdate.cab
.cab
support/eula/cz/eula.rtf
.rtf
support/eula/en/eula.rtf
.rtf
support/eula/hu/eula.rtf
.rtf
support/eula/pl/EULA.rtf
.rtf

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 716KB - Virtual size: 716KB

.rsrc Size: 406KB - Virtual size: 408KB

cfee1e29d0f367e5c8bc56d6283da3b3

Code Sign

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5cCertificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

e0:75:67:12:7a:72:2c:66:2c:4b:a4:43:8a:ce:24:ba:e4:22:0c:acSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

rpcrt4

winmm

version

Exports

Exports

Sections

.text Size: 435KB - Virtual size: 1.5MB

.rsrc Size: 129KB - Virtual size: 132KB

.reloc Size: 512B - Virtual size: 4KB

d359f27a4bcb5db01bbb086efdc99bd8

Code Sign

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5cCertificate

Extended Key Usages

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5eCertificate

Extended Key Usages

Key Usages

c9:d7:92:8f:9a:a1:0d:36:3a:f7:aa:32:fa:61:27:b9:e0:60:e0:78Signer

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

lz32

msi

rpcrt4

Sections

.text Size: 404KB - Virtual size: 403KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 33KB - Virtual size: 39KB

.rsrc Size: 290KB - Virtual size: 290KB

6ff96ffac5d2912d767096d8ff4b1dd3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 716KB - Virtual size: 716KB

.rsrc
Size: 406KB - Virtual size: 408KB

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5c
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

e0:75:67:12:7a:72:2c:66:2c:4b:a4:43:8a:ce:24:ba:e4:22:0c:ac
Signer

.text
Size: 435KB - Virtual size: 1.5MB

.rsrc
Size: 129KB - Virtual size: 132KB

.reloc
Size: 512B - Virtual size: 4KB

32:70:31:0f:5c:91:96:51:73:89:c7:85:74:25:ef:5c
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

c9:d7:92:8f:9a:a1:0d:36:3a:f7:aa:32:fa:61:27:b9:e0:60:e0:78
Signer

.text
Size: 404KB - Virtual size: 403KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 33KB - Virtual size: 39KB

.rsrc
Size: 290KB - Virtual size: 290KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

6d:28:00:64:ae:c5:82:1e:66:0c:b4:b1:cf:14:43:22:18:b7:d6:e1
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 277KB - Virtual size: 277KB

.data
Size: 22KB - Virtual size: 58KB

.rsrc
Size: 36.6MB - Virtual size: 36.6MB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

02:90:96:5e:91:33:40:cd:a6:63:4c:ef:31:f7:fd:07
Certificate

c3:6e:3a:e4:c4:2d:fa:be:d0:ef:f3:7b:cb:40:20:03:07:3b:e6:81
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 277KB - Virtual size: 277KB