dialog
initDialog
show
Overview
overview
6Static
static
3b11d14d42b...18.exe
windows7-x64
3b11d14d42b...18.exe
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...nu.dll
windows7-x64
3$PLUGINSDI...nu.dll
windows10-2004-x64
3$_16_/Conf...b2.exe
windows7-x64
1$_16_/Conf...b2.exe
windows10-2004-x64
1$_16_/ErrorReport.exe
windows7-x64
1$_16_/ErrorReport.exe
windows10-2004-x64
1$_16_/HWSignature.dll
windows7-x64
6$_16_/HWSignature.dll
windows10-2004-x64
6$_16_/ImeHint.exe
windows7-x64
1$_16_/ImeHint.exe
windows10-2004-x64
1$_16_/ImeUtil.exe
windows7-x64
1$_16_/ImeUtil.exe
windows10-2004-x64
1$_16_/PinyinUp.exe
windows7-x64
1$_16_/PinyinUp.exe
windows10-2004-x64
1$_16_/Resource.dll
windows7-x64
1$_16_/Resource.dll
windows10-2004-x64
1$_16_/ScdMaker.exe
windows7-x64
1$_16_/ScdMaker.exe
windows10-2004-x64
1$_16_/ScdReg.exe
windows7-x64
1$_16_/ScdReg.exe
windows10-2004-x64
1$_16_/ScdViewer.exe
windows7-x64
1$_16_/ScdViewer.exe
windows10-2004-x64
1$_16_/SkinEditor.exe
windows7-x64
1$_16_/SkinEditor.exe
windows10-2004-x64
1$_16_/SkinReg.exe
windows7-x64
1$_16_/SkinReg.exe
windows10-2004-x64
1$_16_/SogouTSF.dll
windows7-x64
1$_16_/SogouTSF.dll
windows10-2004-x64
1Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
b11d14d42b0393b2054bec9f7a4c6278_JaffaCakes118.exe
Resource
win7-20240611-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
b11d14d42b0393b2054bec9f7a4c6278_JaffaCakes118.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/StartMenu.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$_16_/ConfigMover30b2.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral8
Sample
$_16_/ConfigMover30b2.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
$_16_/ErrorReport.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
$_16_/ErrorReport.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral11
Sample
$_16_/HWSignature.dll
Resource
win7-20240220-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
$_16_/HWSignature.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral13
Sample
$_16_/ImeHint.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
$_16_/ImeHint.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
$_16_/ImeUtil.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
$_16_/ImeUtil.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
$_16_/PinyinUp.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
$_16_/PinyinUp.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral19
Sample
$_16_/Resource.dll
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral20
Sample
$_16_/Resource.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral21
Sample
$_16_/ScdMaker.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral22
Sample
$_16_/ScdMaker.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral23
Sample
$_16_/ScdReg.exe
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral24
Sample
$_16_/ScdReg.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral25
Sample
$_16_/ScdViewer.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
$_16_/ScdViewer.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral27
Sample
$_16_/SkinEditor.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral28
Sample
$_16_/SkinEditor.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral29
Sample
$_16_/SkinReg.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral30
Sample
$_16_/SkinReg.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral31
Sample
$_16_/SogouTSF.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral32
Sample
$_16_/SogouTSF.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
b11d14d42b0393b2054bec9f7a4c6278_JaffaCakes118
-
Size
6.4MB
-
MD5
b11d14d42b0393b2054bec9f7a4c6278
-
SHA1
bb0d36da29635121c9c3d917b40a95392f822988
-
SHA256
0d1cd7340a143675078ffe98903f493ac1eef6417cf45da3a708d9461337e47f
-
SHA512
21388103993546959bd42c6a3c8d3f8a14fe6b615d3377d5ed96c72a2477917512d0b8c4ffdcb2fd295732158c44df40ad95e0acbd2ef6ef2318f456870c3189
-
SSDEEP
196608:RylOxvtWM25mUQbvmAQ98GodMVVKwkFHx2bL:RylOxvtWXUUQb3Q9xUtFHx2n
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource b11d14d42b0393b2054bec9f7a4c6278_JaffaCakes118 unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/StartMenu.dll -
NSIS installer 1 IoCs
resource yara_rule sample nsis_installer_1
Files
-
b11d14d42b0393b2054bec9f7a4c6278_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 127KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
b1cd0d78f652ce5fc63f0879371af012
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc
user32
MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect
gdi32
SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1012B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/StartMenu.dll.dll windows:4 windows x86 arch:x86
7868cd55f358bfb360f9eb8ce1512ca0
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpynA
GlobalAlloc
MulDiv
GetModuleHandleA
GlobalFree
FindClose
FindNextFileA
FindFirstFileA
lstrcmpiA
lstrcatA
lstrcpyA
user32
TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA
gdi32
GetTextMetricsA
SelectObject
shell32
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ole32
CoTaskMemFree
Exports
Exports
Init
Select
Show
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 296B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 472B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$_16_/ConfigMover30b2.exe.exe windows:4 windows x86 arch:x86
23c66f324e0bfa41a56200360ba3ef41
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ConfigMover30b2.pdb
Imports
imm32
ImmDisableIME
kernel32
CreateDirectoryW
GetVersionExW
CompareStringW
CompareStringA
GetLastError
HeapFree
HeapAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetVersionExA
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetFullPathNameW
GetCurrentDirectoryA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
RtlUnwind
LoadLibraryA
WideCharToMultiByte
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapSize
GetLocaleInfoA
GetDriveTypeA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
shell32
SHFileOperationW
SHGetFolderPathAndSubDirW
SHGetFolderPathW
Sections
.text Size: 40KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/Correction.ini
-
$_16_/ErrorReport.exe.exe windows:4 windows x86 arch:x86
eadada9b14fc50d843327593d54c00a9
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ErrorReport.pdb
Imports
kernel32
ReleaseMutex
OpenMutexW
CreateMutexW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
Sleep
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
GetCommandLineW
CreateEventW
SetLastError
CreateThread
LocalFree
GetProcAddress
GlobalUnlock
GlobalFree
CreateFileW
GlobalAlloc
GlobalLock
GetLastError
GetTickCount
GetModuleHandleW
FindFirstFileW
CloseHandle
ResetEvent
SetEvent
WaitForSingleObject
VirtualFree
OpenEventW
imm32
ImmDisableIME
user32
DrawTextW
SetWindowPos
OffsetRect
CreateWindowExW
BeginPaint
SetTimer
PtInRect
GetCursorPos
GetWindowRect
SubtractRect
GetLastInputInfo
IntersectRect
MonitorFromRect
GetMessageW
InvalidateRect
EndPaint
TranslateMessage
FindWindowW
SetWindowLongW
DispatchMessageW
DestroyWindow
MonitorFromPoint
PostQuitMessage
GetWindowLongW
SetCursor
GetForegroundWindow
CloseWindow
LoadCursorW
RegisterClassExW
AdjustWindowRect
GetMonitorInfoW
DefWindowProcW
EmptyClipboard
CloseClipboard
MessageBoxW
OpenClipboard
GetSystemMetrics
SetClipboardData
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
BitBlt
SetViewportOrgEx
SetBkMode
DeleteObject
SelectObject
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
Rectangle
CreateCompatibleDC
DeleteDC
advapi32
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityInfo
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW
RegCloseKey
RegOpenKeyExW
shell32
SHGetSpecialFolderPathW
ShellExecuteW
Sections
.text Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/HWSignature.dll.dll windows:4 windows x86 arch:x86
3805775f1dde052333909932d791dd7f
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\sogouime33\Bin\SogouInput\HWSignature.pdb
Imports
ws2_32
WSAStartup
kernel32
DeleteCriticalSection
CreateFileA
GetProcessHeap
CopyFileA
DeviceIoControl
CloseHandle
HeapAlloc
HeapFree
GetSystemDirectoryA
lstrcatA
lstrcpyA
lstrlenA
GlobalAlloc
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
LocalAlloc
GetVersionExA
LocalFree
HeapReAlloc
GetTickCount
SetLastError
GlobalFree
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSection
VirtualAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
user32
wsprintfA
IsCharAlphaNumericA
Exports
Exports
DLLGenHWID
GenHWID
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_16_/ImeHint.exe.exe windows:4 windows x86 arch:x86
819ced62d1b59ec708b1ff8978a4b4b3
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ImeHint.pdb
Imports
imm32
ImmDisableIME
kernel32
OpenMutexW
WaitForSingleObject
SetFileAttributesW
CopyFileW
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
FindClose
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
SetFilePointer
GetConsoleCP
ReleaseMutex
LoadLibraryA
GetLocaleInfoA
CreateDirectoryW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileW
MoveFileExW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetModuleFileNameW
GetSystemInfo
GetVersionExW
CreateProcessW
MultiByteToWideChar
CreateThread
LocalFree
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
GetCommandLineW
SetLastError
Sleep
OpenEventW
CreateEventW
InterlockedCompareExchange
InterlockedIncrement
GetProcAddress
GetFileSize
CreateFileW
ReadFile
GlobalAlloc
GlobalFree
CloseHandle
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleMode
CreateMutexW
DeleteCriticalSection
user32
DrawTextW
GetMonitorInfoW
FindWindowW
GetForegroundWindow
DefWindowProcW
GetLastInputInfo
RegisterClassExW
GetMessageW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
PtInRect
SetWindowLongW
SetCursor
SubtractRect
CreateWindowExW
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
SetTimer
GetCursorPos
GetWindowRect
GetSystemMetrics
MessageBoxW
MonitorFromPoint
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
CreatePen
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SetBkMode
BitBlt
Rectangle
CreateCompatibleBitmap
SelectObject
DeleteObject
SetViewportOrgEx
advapi32
RegCreateKeyExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
Sections
.text Size: 184KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ImeUtil.exe.exe windows:4 windows x86 arch:x86
54306172970cc973f6ddea76e4b5f421
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ImeUtil.pdb
Imports
imm32
ImmDisableIME
kernel32
GlobalFree
GlobalAlloc
ReadFile
LoadLibraryW
GetProcAddress
SetLastError
CreateEventW
WaitForMultipleObjects
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
LocalFree
CreateThread
GetCommandLineW
GetVersionExW
GetModuleFileNameW
GetSystemInfo
InterlockedIncrement
InterlockedCompareExchange
CopyFileW
DeleteFileW
MoveFileExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
WideCharToMultiByte
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetFileSize
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentProcessId
LCMapStringA
LCMapStringW
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetModuleHandleW
HeapAlloc
OpenEventW
WriteFile
Sleep
CreateFileW
SetFileAttributesW
GetLastError
CreateDirectoryW
HeapFree
GetProcessHeap
CloseHandle
CreateProcessW
GetVersionExA
user32
PostQuitMessage
EndPaint
LoadCursorW
MonitorFromPoint
MonitorFromRect
CloseWindow
OffsetRect
GetMessageW
AdjustWindowRect
DrawTextW
DispatchMessageW
CreateWindowExW
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
SetTimer
GetCursorPos
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
DefWindowProcW
FindWindowW
GetLastInputInfo
SetForegroundWindow
RegisterClassExW
DestroyWindow
BeginPaint
IntersectRect
GetKeyboardLayoutList
SetWindowLongW
PtInRect
SetCursor
MessageBoxW
SubtractRect
advapi32
BuildExplicitAccessWithNameW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
RegQueryValueW
shell32
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
wininet
InternetReadFile
InternetOpenW
InternetSetOptionW
InternetCloseHandle
HttpQueryInfoW
InternetOpenUrlW
gdi32
SetTextColor
GetStockObject
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SetBkMode
DeleteObject
BitBlt
CreatePen
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreateFontIndirectW
Sections
.text Size: 216KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 52KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/MoHuYin.ini
-
$_16_/PinyinUp.exe.exe windows:4 windows x86 arch:x86
81144eb83d45d3f284106bd200988db2
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\PinyinUp.pdb
Imports
wininet
HttpQueryInfoW
InternetCloseHandle
InternetSetCookieW
InternetOpenW
InternetOpenUrlW
InternetReadFile
shlwapi
StrToIntW
StrCmpIW
imm32
ImmDisableIME
ws2_32
gethostbyname
kernel32
GetExitCodeThread
FindClose
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSection
Sleep
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
FormatMessageW
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetVersionExW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
ResumeThread
CloseHandle
SetThreadPriority
SuspendThread
FindFirstFileW
MultiByteToWideChar
GetPrivateProfileStringW
GetCurrentProcess
EnterCriticalSection
LocalFree
GetLocalTime
GetLastError
WriteConsoleA
CreateProcessW
GetCurrentDirectoryA
GetFullPathNameW
GetCurrentProcessId
SetEnvironmentVariableA
GetCurrentThreadId
WideCharToMultiByte
MoveFileExW
DeleteFileW
SetFileAttributesW
CopyFileW
ReadFile
CreateFileW
FlushFileBuffers
SetLastError
GetFileSize
SetFilePointer
WriteFile
GlobalAlloc
GetCommandLineW
GlobalFree
CreateEventW
WaitForMultipleObjects
QueryPerformanceCounter
CreateThread
GetModuleHandleW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
OpenMutexW
CreateMutexW
InterlockedIncrement
InterlockedCompareExchange
OpenEventW
RemoveDirectoryW
GetProcAddress
LCMapStringW
GetTickCount
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetVersionExA
GetStartupInfoW
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
user32
RegisterClassW
LoadCursorW
GetSystemMetrics
GetMessageW
SetCursor
ShowWindow
PostQuitMessage
InvalidateRect
GetWindowTextW
CreateWindowExW
GetDlgItem
SetWindowTextW
LoadIconW
GetWindowLongW
DispatchMessageW
SetWindowPos
EnableMenuItem
TranslateMessage
SendMessageW
DefWindowProcW
GetSystemMenu
MessageBoxW
ExitWindowsEx
gdi32
CreateFontIndirectW
advapi32
RegQueryValueW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
AllocateAndInitializeSid
SetNamedSecurityInfoW
RegCloseKey
FreeSid
GetTokenInformation
EqualSid
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
shell32
Shell_NotifyIconW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
hwsignature
GenHWID
Sections
.text Size: 264KB - Virtual size: 263KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/Punctures.ini
-
$_16_/Resource.dll.dll windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_16_/ScdMaker.exe.exe windows:4 windows x86 arch:x86
b61c88b32d5d44dc2d3dbf818ee6a596
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdMaker.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
LocalFree
CreateThread
FormatMessageW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
CreateFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WriteFile
ReadFile
FlushFileBuffers
GetFileSize
SetFilePointer
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
LCMapStringW
GetTickCount
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetCurrentThreadId
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LoadLibraryA
GetLocaleInfoW
CreateFileA
GetDriveTypeA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
WaitForMultipleObjects
CreateEventW
CreateProcessW
GlobalFree
SetLastError
WideCharToMultiByte
GetLastError
DeleteFileW
MultiByteToWideChar
CopyFileW
RaiseException
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 264KB - Virtual size: 262KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ScdReg.exe.exe windows:4 windows x86 arch:x86
b9d549f1f267cec71843909cce4fcf93
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdReg.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CopyFileW
MultiByteToWideChar
CreateProcessW
GlobalFree
WaitForMultipleObjects
GlobalAlloc
GetCurrentThreadId
FormatMessageW
CreateThread
InterlockedCompareExchange
InterlockedIncrement
GetFileSize
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
OpenEventW
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventW
SetLastError
GetLastError
Sleep
LocalFree
WideCharToMultiByte
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FileTimeToLocalFileTime
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegSetValueExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 284KB - Virtual size: 282KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ScdViewer.exe.exe windows:4 windows x86 arch:x86
2fd4ce42f3412d026ae3bf4cbdcf77fc
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdViewer.pdb
Imports
user32
GetSystemMetrics
GetWindowRect
SendMessageW
GetDlgItem
EndDialog
SetWindowPos
DialogBoxParamW
MessageBoxW
gdi32
GetStockObject
imm32
ImmDisableIME
kernel32
GetCurrentThreadId
FormatMessageW
CloseHandle
LocalFree
MultiByteToWideChar
SetLastError
GlobalFree
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
GetFileSize
WaitForSingleObject
ReleaseMutex
OpenMutexW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
RemoveDirectoryW
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
SetFileAttributesW
GetLastError
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
CreateDirectoryW
DeleteFileW
RaiseException
MoveFileExW
GetStartupInfoW
GetStringTypeA
advapi32
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueW
RegOpenKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/SkinEditor.exe.exe windows:4 windows x86 arch:x86
6fc1d7a0305884e43c62ac34e3d582db
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
InitCommonControlsEx
kernel32
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
GetTimeZoneInformation
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
LoadLibraryA
GetCurrentDirectoryA
GetFullPathNameW
LCMapStringW
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetLastError
GetLastError
CopyFileW
DeleteFileW
GetTempPathW
GetLongPathNameW
CreateFileW
CloseHandle
RemoveDirectoryW
SetCurrentDirectoryW
FindFirstFileW
FindClose
CreateDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameW
SetStdHandle
GetCPInfo
InterlockedDecrement
LockResource
LoadResource
SizeofResource
FindResourceW
LoadLibraryExW
LoadLibraryW
GetProcAddress
ReadFile
GlobalAlloc
GlobalFree
GetFileSize
GlobalLock
GlobalUnlock
GetModuleHandleW
GetTickCount
GetVersionExW
GlobalReAlloc
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
LocalFree
GetCurrentThreadId
GetCommandLineW
InterlockedIncrement
InterlockedCompareExchange
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
SetFileAttributesW
MoveFileExW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetFilePointer
WriteFile
FlushFileBuffers
FindNextFileW
FreeLibrary
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
user32
RegisterClassExW
CharNextW
LoadCursorW
SetWindowPlacement
GetSystemMetrics
GetWindowPlacement
DestroyAcceleratorTable
SetCursor
SetCapture
SetTimer
KillTimer
PostMessageW
ReleaseCapture
GetCursorPos
DrawIconEx
GetClassLongW
CheckDlgButton
GetWindowTextLengthW
EnableWindow
EndDialog
DialogBoxParamW
CreateDialogParamW
DefWindowProcW
RegisterClassW
SetFocus
ScreenToClient
CreateWindowExW
GetSysColor
GetWindowTextW
FillRect
GetScrollInfo
ScrollWindow
GetWindowLongW
SetWindowLongW
SetScrollInfo
BeginPaint
EndPaint
IsDlgButtonChecked
GetSysColorBrush
OffsetRect
SetWindowPos
GetWindowRect
DrawTextW
SetWindowRgn
GetDesktopWindow
LoadImageW
LoadIconW
SetRect
PtInRect
SetCursorPos
GetMonitorInfoW
UpdateLayeredWindow
SubtractRect
MonitorFromPoint
RedrawWindow
IntersectRect
GetCursor
TrackMouseEvent
CallWindowProcW
InflateRect
InvalidateRect
GetDC
ReleaseDC
GetDlgCtrlID
MoveWindow
GetDlgItem
DestroyWindow
PostQuitMessage
MessageBoxW
SetWindowTextW
GetClientRect
GetMenu
EnableMenuItem
GetMessageW
GetParent
GetClassNameW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
FindWindowW
IsIconic
ShowWindow
SetForegroundWindow
LoadMenuW
SetMenu
LoadAcceleratorsW
SendMessageW
UpdateWindow
DestroyMenu
gdi32
Rectangle
SelectObject
CreateSolidBrush
CreateFontIndirectW
CreatePen
SetViewportOrgEx
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
GetPixel
EnumFontFamiliesExW
GetTextExtentPointW
ExtCreateRegion
CombineRgn
OffsetRgn
GetTextMetricsW
SetBkColor
MoveToEx
SelectClipRgn
GetKerningPairsW
LineTo
GetFontData
GetObjectW
GetGlyphOutlineW
TextOutW
CreateDIBSection
SetTextColor
SetBkMode
DeleteObject
GetStockObject
comdlg32
GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
CommDlgExtendedError
shell32
DragAcceptFiles
SHGetSpecialFolderPathW
SHFileOperationW
DragQueryFileW
DragFinish
msimg32
TransparentBlt
GradientFill
AlphaBlend
imm32
ImmDisableIME
ziplib
UnZip
ZipFolder
advapi32
RegCloseKey
SetSecurityInfo
RegOpenKeyExW
RegQueryValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegQueryValueExW
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
ole32
GetHGlobalFromStream
CreateStreamOnHGlobal
Sections
.text Size: 448KB - Virtual size: 445KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 92KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/SkinReg.exe.exe windows:4 windows x86 arch:x86
bc2f628937d4058c840ae1875d55d8ab
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SkinReg.pdb
Imports
user32
DrawTextW
SetWindowPos
GetWindowLongW
TranslateMessage
GetCursorPos
SetTimer
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
GetLastInputInfo
DefWindowProcW
FindWindowW
SetForegroundWindow
RegisterClassExW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
MonitorFromPoint
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
SetWindowLongW
PtInRect
SetCursor
CreateWindowExW
SubtractRect
InvalidateRect
GetMessageW
MessageBoxW
imm32
ImmDisableIME
kernel32
InterlockedCompareExchange
RemoveDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
FindFirstFileW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
Sleep
HeapSize
SetFilePointer
InterlockedIncrement
GetConsoleMode
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
FlushFileBuffers
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindNextFileW
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
LocalFree
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
CreateEventW
SetLastError
CreateThread
GetModuleFileNameW
GetCommandLineW
GetVersionExW
GetSystemInfo
SetFileAttributesW
DeleteFileW
CreateDirectoryW
MoveFileExW
CopyFileW
GetProcAddress
LoadLibraryW
GlobalFree
CloseHandle
GetFileSize
CreateFileW
GlobalAlloc
ReadFile
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleCP
FindClose
InitializeCriticalSection
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
DeleteObject
BitBlt
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreatePen
CreateCompatibleDC
DeleteDC
SetBkMode
CreateSolidBrush
advapi32
GetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
GetSecurityInfo
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 184KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/SogouTSF.dll.dll regsvr32 windows:4 windows x86 arch:x86
eeaf1cf892d8e72dc6f6ddfd02e103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\sogouime33\Bin\SogouInput\SogouTSF.pdb
Imports
kernel32
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
advapi32
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
ole32
CoCreateInstance
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_16_/SpeedMeter.exe.exe windows:4 windows x86 arch:x86
a248a7ff37d9332d68ad414c2d0103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SpeedMeter.pdb
Imports
kernel32
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTickCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetLastError
GetModuleHandleW
GetCommandLineW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
CloseHandle
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
CreateProcessW
LocalFree
CreateThread
SetLastError
CreateEventW
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
MoveFileExW
DeleteFileW
CreateDirectoryW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
CopyFileW
SetFileAttributesW
WideCharToMultiByte
GetProcAddress
LCMapStringW
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
ReadFile
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
GetFileSize
user32
SetWindowLongW
DestroyWindow
DialogBoxParamW
CreateDialogParamW
GetWindowLongW
SetWindowTextW
EndDialog
GetWindowTextLengthW
SendMessageW
LoadIconW
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
MessageBoxW
ShowWindow
SetForegroundWindow
IsIconic
FindWindowW
GetDlgItem
SetTimer
GetWindowTextW
comctl32
InitCommonControlsEx
imm32
ImmDisableIME
advapi32
SetNamedSecurityInfoW
RegQueryValueExW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 232KB - Virtual size: 230KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/UserPage.exe.exe windows:4 windows x86 arch:x86
c1753cbe9155bff72dbc8a9f999aa469
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\UserPage.pdb
Imports
imm32
ImmSetConversionStatus
ImmGetContext
ImmDisableIME
kernel32
GetLastError
GetModuleHandleW
CreateEventW
CloseHandle
CreateThread
TlsAlloc
TlsSetValue
TlsGetValue
MultiByteToWideChar
GetModuleFileNameW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetTickCount
GetVersionExW
GlobalAlloc
GlobalFree
GetFileSize
ReadFile
CreateFileW
LoadLibraryW
GetProcAddress
WideCharToMultiByte
WaitForMultipleObjects
GetCurrentThreadId
GetCommandLineW
FormatMessageW
LocalFree
CreateProcessW
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OpenMutexW
WaitForSingleObject
ReleaseMutex
CreateMutexW
DeleteFileW
MoveFileExW
SetFileAttributesW
CreateDirectoryW
CopyFileW
OpenEventW
Sleep
FindFirstFileW
FindClose
FindNextFileW
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
SetFilePointer
WriteFile
FlushFileBuffers
FreeLibrary
LCMapStringW
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
HeapSize
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentProcessId
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
user32
GetDlgItemTextW
SendMessageW
GetClassNameW
SetWindowTextW
GetCursorPos
GetDlgCtrlID
GetWindowRect
SetCapture
MoveWindow
GetWindowLongW
OffsetRect
CheckDlgButton
DialogBoxParamW
DestroyWindow
CreateDialogParamW
SetWindowRgn
UpdateLayeredWindow
FillRect
GetSystemMetrics
InvalidateRect
DefWindowProcW
SubtractRect
GetMonitorInfoW
GetCursor
PtInRect
MonitorFromPoint
SetRect
BeginPaint
EndPaint
KillTimer
RegisterClassExW
InflateRect
TrackMouseEvent
GetParent
CallWindowProcW
CharNextW
ReleaseCapture
SetWindowLongW
RedrawWindow
SetCursorPos
LoadBitmapW
ActivateKeyboardLayout
GetKeyboardLayoutList
SetForegroundWindow
IsIconic
CreateWindowExW
SetClassLongW
LoadCursorW
SetCursor
EnableWindow
ReleaseDC
IsDlgButtonChecked
PostMessageW
FindWindowW
DrawTextW
IntersectRect
SetFocus
EndDialog
MessageBoxW
GetDC
SetTimer
SetWindowPos
GetWindowTextW
SetDlgItemTextW
GetDlgItem
ShowWindow
gdi32
SelectObject
GetTextExtentPoint32W
DeleteDC
CreateCompatibleDC
GetPixel
GetObjectW
CreateSolidBrush
GetStockObject
TextOutW
CombineRgn
OffsetRgn
CreateDIBSection
GetFontData
GetGlyphOutlineW
SetTextColor
GetTextMetricsW
SelectClipRgn
GetKerningPairsW
SetBkColor
StretchBlt
Rectangle
CreateFontIndirectW
GetTextExtentPointW
CreatePen
LineTo
MoveToEx
BitBlt
DeleteObject
CreateCompatibleBitmap
SetBkMode
comctl32
InitCommonControlsEx
msimg32
GradientFill
AlphaBlend
TransparentBlt
wininet
InternetReadFile
InternetCloseHandle
HttpEndRequestW
InternetCanonicalizeUrlW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
HttpOpenRequestW
InternetQueryOptionW
InternetConnectW
HttpSendRequestW
advapi32
GetSecurityInfo
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
SetNamedSecurityInfoW
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 388KB - Virtual size: 384KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 132KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 668KB - Virtual size: 666KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/UsrDictUtil.exe.exe windows:4 windows x86 arch:x86
88e8e74f3ec0007acf22057e6057bc67
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\UsrDictUtil.pdb
Imports
imm32
ImmDisableIME
user32
MessageBoxW
kernel32
SetFileAttributesW
CopyFileW
GlobalFree
CreateEventW
WaitForMultipleObjects
GlobalAlloc
GetCommandLineW
GetCurrentThreadId
FormatMessageW
LocalFree
CreateThread
MultiByteToWideChar
CreateProcessW
SetLastError
InterlockedIncrement
InterlockedCompareExchange
GetModuleFileNameW
GetModuleHandleW
GetSystemInfo
GetVersionExW
Sleep
OpenEventW
FlushFileBuffers
GetFileSize
SetFilePointer
WriteFile
ReadFile
FindNextFileW
FindFirstFileW
FindClose
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileW
HeapReAlloc
GetTimeZoneInformation
GetCPInfo
GetStringTypeA
GetStringTypeW
LCMapStringA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateDirectoryW
MoveFileExW
CloseHandle
GetLastError
OpenFileMappingW
CreateFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WideCharToMultiByte
GetDriveTypeW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
RegOpenKeyExW
RegCloseKey
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 280KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/Wizard.exe.exe windows:4 windows x86 arch:x86
530c47d19bc90ee9db4ef1de0c4a3c97
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\Wizard.pdb
Imports
kernel32
SizeofResource
FindClose
FindResourceW
LockResource
CloseHandle
LoadLibraryExW
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
CreateFileW
GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryW
GetVersionExW
GetTickCount
GlobalReAlloc
CreateDirectoryW
DeleteFileW
SetFileAttributesW
CopyFileW
MoveFileExW
LocalFree
GetCommandLineW
CreateThread
FormatMessageW
MultiByteToWideChar
SetLastError
CreateProcessW
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
GetSystemInfo
GetModuleFileNameW
InterlockedIncrement
InterlockedCompareExchange
MapViewOfFile
UnmapViewOfFile
GetLastError
OpenFileMappingW
RemoveDirectoryW
FindNextFileW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateMutexW
ReleaseMutex
OpenMutexW
SetFilePointer
WriteFile
FlushFileBuffers
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadResource
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
Sleep
HeapSize
VirtualAlloc
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
FindFirstFileW
CreateFileMappingW
GetModuleHandleW
user32
DialogBoxParamW
SetClassLongW
CharNextW
DrawTextW
LoadImageW
GetMonitorInfoW
KillTimer
UpdateLayeredWindow
SetCapture
SubtractRect
SetCursor
PtInRect
GetCursorPos
SetWindowPos
MonitorFromPoint
IntersectRect
GetSystemMetrics
RedrawWindow
ReleaseCapture
SetRect
GetCursor
SetCursorPos
TrackMouseEvent
GetParent
CallWindowProcW
SetWindowRgn
SetWindowLongW
SetScrollInfo
GetScrollInfo
CheckDlgButton
CreateWindowExW
DefWindowProcW
FindWindowW
SetForegroundWindow
IsIconic
InflateRect
ReleaseDC
FillRect
BeginPaint
GetUpdateRect
GetDC
OffsetRect
InvalidateRect
EndPaint
SetTimer
SetWindowTextW
ScreenToClient
GetFocus
GetWindowRect
LoadIconW
ShowWindow
LoadBitmapW
EndDialog
PostMessageW
MessageBoxW
GetClientRect
MoveWindow
GetDlgItem
SendMessageW
EnableWindow
GetDlgCtrlID
IsDlgButtonChecked
DestroyWindow
CreateDialogParamW
GetWindowLongW
GetDesktopWindow
LoadCursorW
gdi32
ExtCreateRegion
GetTextExtentPointW
CombineRgn
OffsetRgn
GetPixel
GetStockObject
GetGlyphOutlineW
SetBkColor
TextOutW
SelectClipRgn
GetKerningPairsW
GetClipRgn
SelectObject
DeleteObject
StretchBlt
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
CreatePen
Rectangle
CreateSolidBrush
CreateCompatibleBitmap
GetTextExtentPoint32W
BitBlt
DeleteDC
MoveToEx
LineTo
SetBkMode
CreateDIBSection
GetTextMetricsW
GetFontData
CreateRectRgn
SetTextColor
comctl32
InitCommonControlsEx
msimg32
AlphaBlend
TransparentBlt
GradientFill
imm32
ImmDisableIME
advapi32
GetNamedSecurityInfoW
RegQueryValueW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueExW
RegCloseKey
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
ole32
GetHGlobalFromStream
CreateStreamOnHGlobal
Sections
.text Size: 352KB - Virtual size: 348KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 212KB - Virtual size: 209KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/ZipLib.dll.dll windows:4 windows x86 arch:x86
1f9bbcf64bd00ab9c608fd36f2184919
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CreateFileA
lstrcpynA
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
GetFileTime
FileTimeToLocalFileTime
GetVersion
FindNextFileA
GlobalLock
GlobalAlloc
CloseHandle
GlobalFree
lstrcmpiA
lstrlenA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetVolumeLabelA
SetFilePointer
GetLocaleInfoA
SetEndOfFile
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
lstrcpyA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
ReleaseMutex
CreateMutexA
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
GetVolumeInformationA
InitializeCriticalSection
GetDriveTypeA
GetProcessHeap
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
MultiByteToWideChar
MoveFileW
CopyFileW
GetTempPathA
FindClose
FindNextFileW
FindFirstFileW
GlobalUnlock
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
InterlockedDecrement
GetCPInfo
MoveFileA
SetStdHandle
HeapReAlloc
GetFileInformationByHandle
PeekNamedPipe
RtlUnwind
InterlockedIncrement
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStartupInfoA
Sleep
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ReadFile
GetTimeZoneInformation
HeapSize
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
user32
CharToOemA
OemToCharA
advapi32
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
IsValidSecurityDescriptor
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
OpenProcessToken
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
GetSecurityDescriptorSacl
IsValidAcl
Exports
Exports
UnZip
UnZipEx
ZipFolder
ZipFolderEx
Sections
.text Size: 196KB - Virtual size: 194KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 325KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1004B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_16_/ZipLib64.dll.dll windows:4 windows x64 arch:x64
c72b7e0f1eaf64b127485b3988f7b2c9
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
CreateFileA
ReleaseMutex
GetFileTime
FileTimeToLocalFileTime
GetVersion
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
FindNextFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GetVolumeInformationA
lstrcmpiA
lstrlenA
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
DosDateTimeToFileTime
SetVolumeLabelA
LocalFileTimeToFileTime
SetFilePointer
GetLocaleInfoA
SetEndOfFile
lstrcpyA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
InitializeCriticalSection
GetDriveTypeA
GetProcessHeap
WaitForSingleObject
HeapFree
GetCurrentProcess
HeapAlloc
lstrcpynA
CloseHandle
WideCharToMultiByte
GetTempPathW
CreateDirectoryW
MultiByteToWideChar
GetTempPathA
MoveFileW
CopyFileW
GetLastError
FindNextFileW
FindClose
GlobalFree
FindFirstFileW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetSystemTimeAsFileTime
MoveFileA
GetCPInfo
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetVersionExA
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapSetInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
RaiseException
RtlPcToFileHeader
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
Sleep
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ReadFile
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
user32
CharToOemA
OemToCharA
advapi32
GetSecurityDescriptorGroup
IsValidSecurityDescriptor
IsValidAcl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
OpenProcessToken
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
Exports
Exports
UnZip
UnZipEx
ZipFolder
ZipFolderEx
Sections
.text Size: 255KB - Virtual size: 255KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 328KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1004B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_16_/config.exe.exe windows:4 windows x86 arch:x86
b698a9e47b565a751b92c2454be0de0d
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\config.pdb
Imports
imm32
ImmGetContext
ImmSetOpenStatus
ImmDisableIME
comctl32
InitCommonControlsEx
kernel32
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenEventW
GetLastError
CreateProcessW
GetTickCount
GetExitCodeProcess
WaitForSingleObject
CloseHandle
GetLocalTime
FindFirstFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
GetFullPathNameW
HeapSize
GetCurrentProcessId
FindClose
LockResource
FindResourceW
LoadResource
SizeofResource
LoadLibraryExW
LoadLibraryW
GetProcAddress
ReadFile
GlobalAlloc
CreateFileW
GlobalFree
GlobalUnlock
GlobalLock
GetFileSize
GetVersionExW
GetModuleHandleW
GlobalReAlloc
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
ReleaseMutex
OpenMutexW
FormatMessageW
MultiByteToWideChar
GetCommandLineW
SetLastError
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
LocalFree
CreateThread
InterlockedIncrement
InterlockedCompareExchange
CopyFileW
DeleteFileW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
GetSystemInfo
GetModuleFileNameW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushFileBuffers
SetFilePointer
WriteFile
FreeLibrary
LCMapStringW
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
user32
SetWindowLongW
SendMessageW
GetDlgItem
OffsetRect
ClientToScreen
CreateWindowExW
GetWindowLongW
GetWindowTextLengthW
GetUpdateRect
GetDC
ReleaseDC
ScreenToClient
GetDlgItemTextW
GetWindowTextW
InvalidateRect
CheckRadioButton
LoadCursorW
SetWindowRgn
DefWindowProcW
GetDesktopWindow
DestroyWindow
CreateDialogParamW
DialogBoxParamW
LoadImageW
CharNextW
SetRect
PtInRect
SetCursorPos
MonitorFromPoint
GetCursorPos
SetWindowPos
IntersectRect
RedrawWindow
ReleaseCapture
UpdateLayeredWindow
GetCursor
SetCapture
SetCursor
GetMonitorInfoW
SubtractRect
InflateRect
LoadStringW
CheckDlgButton
EnableWindow
PostMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetTimer
EndDialog
KillTimer
SetWindowTextW
FillRect
DrawTextW
EndPaint
BeginPaint
FindWindowW
SetForegroundWindow
IsIconic
GetWindowRect
GetClientRect
SetFocus
MoveWindow
MessageBoxW
GetSystemMetrics
LoadIconW
ShowWindow
gdi32
SetTextColor
CreateRectRgn
GetTextExtentPoint32W
GetObjectW
EnumFontFamiliesExW
SelectClipRgn
GetDeviceCaps
SetViewportOrgEx
GetTextExtentPointW
CreateCompatibleDC
OffsetRgn
ExtCreateRegion
LineTo
CombineRgn
BitBlt
GetPixel
CreateCompatibleBitmap
CreateDIBSection
GetTextMetricsW
GetKerningPairsW
GetFontData
GetGlyphOutlineW
SetBkMode
Rectangle
DeleteDC
MoveToEx
DeleteObject
CreateSolidBrush
CreateFontIndirectW
StretchBlt
SelectObject
SetBkColor
TextOutW
GetStockObject
CreatePen
comdlg32
GetSaveFileNameW
ChooseColorW
GetOpenFileNameW
shell32
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
msimg32
TransparentBlt
AlphaBlend
GradientFill
advapi32
RegCloseKey
RegQueryValueExW
RegQueryValueW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
RegCreateKeyExW
RegOpenKeyExW
ole32
CreateStreamOnHGlobal
GetHGlobalFromStream
Sections
.text Size: 512KB - Virtual size: 510KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 108KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 132KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_16_/phrases.ini
-
$_16_/sgim_annex.bin
-
$_16_/sgim_sys.bin
-
$_16_/userNetSchedule.exe.exe windows:4 windows x86 arch:x86
27bed4e079f9e793ce5fd241d1840f6f
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmDisableIME
kernel32
MoveFileExW
CreateDirectoryW
SetFileAttributesW
SetLastError
SetFilePointer
WriteFile
FlushFileBuffers
WaitForMultipleObjects
GetCommandLineW
GetCurrentThreadId
FormatMessageW
LocalFree
CreateThread
MultiByteToWideChar
CreateEventW
FindClose
FindNextFileW
FindFirstFileW
InterlockedIncrement
InterlockedCompareExchange
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
Sleep
OpenEventW
RemoveDirectoryW
GetSystemInfo
GetVersionExW
GetModuleFileNameW
WideCharToMultiByte
FreeLibrary
LCMapStringW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
ExitProcess
LoadLibraryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
GlobalFree
CreateFileW
GetFileSize
ReadFile
GlobalAlloc
GetTickCount
CreateProcessW
DeleteFileW
GetTempFileNameW
CloseHandle
GetLastError
CopyFileW
GetModuleHandleW
InterlockedDecrement
user32
OffsetRect
GetMessageW
AdjustWindowRect
RegisterClassExW
DrawTextW
MessageBoxW
IntersectRect
PtInRect
SetWindowLongW
CloseWindow
SubtractRect
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
GetCursorPos
SetTimer
GetSystemMetrics
GetMonitorInfoW
GetWindowRect
DefWindowProcW
GetForegroundWindow
GetLastInputInfo
FindWindowW
MonitorFromRect
MonitorFromPoint
LoadCursorW
LoadIconW
CreateWindowExW
DestroyWindow
DispatchMessageW
PostQuitMessage
EndPaint
SetCursor
BeginPaint
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ziplib
UnZip
ZipFolder
wininet
InternetConnectW
InternetCloseHandle
InternetReadFile
HttpEndRequestW
InternetCanonicalizeUrlW
HttpSendRequestExW
InternetQueryOptionW
InternetWriteFile
HttpSendRequestW
InternetSetOptionW
InternetGetCookieW
InternetSetCookieW
InternetOpenW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
gdi32
CreateSolidBrush
SetBkMode
DeleteObject
SelectObject
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
DeleteDC
Rectangle
CreateCompatibleDC
CreatePen
SetTextColor
GetStockObject
CreateFontIndirectW
advapi32
SetNamedSecurityInfoW
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegQueryValueW
GetSecurityInfo
Sections
.text Size: 292KB - Virtual size: 290KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 72KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ConfigMover30b2.exe.exe windows:4 windows x86 arch:x86
23c66f324e0bfa41a56200360ba3ef41
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ConfigMover30b2.pdb
Imports
imm32
ImmDisableIME
kernel32
CreateDirectoryW
GetVersionExW
CompareStringW
CompareStringA
GetLastError
HeapFree
HeapAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileW
GetVersionExA
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetFullPathNameW
GetCurrentDirectoryA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
RtlUnwind
LoadLibraryA
WideCharToMultiByte
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapSize
GetLocaleInfoA
GetDriveTypeA
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
shell32
SHFileOperationW
SHGetFolderPathAndSubDirW
SHGetFolderPathW
Sections
.text Size: 40KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ErrorReport.exe.exe windows:4 windows x86 arch:x86
eadada9b14fc50d843327593d54c00a9
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ErrorReport.pdb
Imports
kernel32
ReleaseMutex
OpenMutexW
CreateMutexW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
LCMapStringW
Sleep
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
GetCommandLineW
CreateEventW
SetLastError
CreateThread
LocalFree
GetProcAddress
GlobalUnlock
GlobalFree
CreateFileW
GlobalAlloc
GlobalLock
GetLastError
GetTickCount
GetModuleHandleW
FindFirstFileW
CloseHandle
ResetEvent
SetEvent
WaitForSingleObject
VirtualFree
OpenEventW
imm32
ImmDisableIME
user32
DrawTextW
SetWindowPos
OffsetRect
CreateWindowExW
BeginPaint
SetTimer
PtInRect
GetCursorPos
GetWindowRect
SubtractRect
GetLastInputInfo
IntersectRect
MonitorFromRect
GetMessageW
InvalidateRect
EndPaint
TranslateMessage
FindWindowW
SetWindowLongW
DispatchMessageW
DestroyWindow
MonitorFromPoint
PostQuitMessage
GetWindowLongW
SetCursor
GetForegroundWindow
CloseWindow
LoadCursorW
RegisterClassExW
AdjustWindowRect
GetMonitorInfoW
DefWindowProcW
EmptyClipboard
CloseClipboard
MessageBoxW
OpenClipboard
GetSystemMetrics
SetClipboardData
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
BitBlt
SetViewportOrgEx
SetBkMode
DeleteObject
SelectObject
CreateSolidBrush
CreatePen
CreateCompatibleBitmap
Rectangle
CreateCompatibleDC
DeleteDC
advapi32
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityInfo
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegCreateKeyExW
RegQueryValueExW
RegQueryValueW
RegCloseKey
RegOpenKeyExW
shell32
SHGetSpecialFolderPathW
ShellExecuteW
Sections
.text Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/HWSignature.dll.dll windows:4 windows x86 arch:x86
3805775f1dde052333909932d791dd7f
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\sogouime33\Bin\SogouInput\HWSignature.pdb
Imports
ws2_32
WSAStartup
kernel32
DeleteCriticalSection
CreateFileA
GetProcessHeap
CopyFileA
DeviceIoControl
CloseHandle
HeapAlloc
HeapFree
GetSystemDirectoryA
lstrcatA
lstrcpyA
lstrlenA
GlobalAlloc
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryA
LocalAlloc
GetVersionExA
LocalFree
HeapReAlloc
GetTickCount
SetLastError
GlobalFree
FlushFileBuffers
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSection
VirtualAlloc
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
user32
wsprintfA
IsCharAlphaNumericA
Exports
Exports
DLLGenHWID
GenHWID
Sections
.text Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstTemp/ImeHint.exe.exe windows:4 windows x86 arch:x86
819ced62d1b59ec708b1ff8978a4b4b3
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ImeHint.pdb
Imports
imm32
ImmDisableIME
kernel32
OpenMutexW
WaitForSingleObject
SetFileAttributesW
CopyFileW
WideCharToMultiByte
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
RtlUnwind
RaiseException
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
FindClose
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
SetFilePointer
GetConsoleCP
ReleaseMutex
LoadLibraryA
GetLocaleInfoA
CreateDirectoryW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileW
MoveFileExW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetModuleFileNameW
GetSystemInfo
GetVersionExW
CreateProcessW
MultiByteToWideChar
CreateThread
LocalFree
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
GetCommandLineW
SetLastError
Sleep
OpenEventW
CreateEventW
InterlockedCompareExchange
InterlockedIncrement
GetProcAddress
GetFileSize
CreateFileW
ReadFile
GlobalAlloc
GlobalFree
CloseHandle
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleMode
CreateMutexW
DeleteCriticalSection
user32
DrawTextW
GetMonitorInfoW
FindWindowW
GetForegroundWindow
DefWindowProcW
GetLastInputInfo
RegisterClassExW
GetMessageW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
PtInRect
SetWindowLongW
SetCursor
SubtractRect
CreateWindowExW
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
SetTimer
GetCursorPos
GetWindowRect
GetSystemMetrics
MessageBoxW
MonitorFromPoint
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
CreatePen
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SetBkMode
BitBlt
Rectangle
CreateCompatibleBitmap
SelectObject
DeleteObject
SetViewportOrgEx
advapi32
RegCreateKeyExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueExW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteW
Sections
.text Size: 184KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ImeUtil.exe.exe windows:4 windows x86 arch:x86
54306172970cc973f6ddea76e4b5f421
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ImeUtil.pdb
Imports
imm32
ImmDisableIME
kernel32
GlobalFree
GlobalAlloc
ReadFile
LoadLibraryW
GetProcAddress
SetLastError
CreateEventW
WaitForMultipleObjects
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
LocalFree
CreateThread
GetCommandLineW
GetVersionExW
GetModuleFileNameW
GetSystemInfo
InterlockedIncrement
InterlockedCompareExchange
CopyFileW
DeleteFileW
MoveFileExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
WideCharToMultiByte
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetFileSize
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentProcessId
LCMapStringA
LCMapStringW
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetFilePointer
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
GetModuleHandleW
HeapAlloc
OpenEventW
WriteFile
Sleep
CreateFileW
SetFileAttributesW
GetLastError
CreateDirectoryW
HeapFree
GetProcessHeap
CloseHandle
CreateProcessW
GetVersionExA
user32
PostQuitMessage
EndPaint
LoadCursorW
MonitorFromPoint
MonitorFromRect
CloseWindow
OffsetRect
GetMessageW
AdjustWindowRect
DrawTextW
DispatchMessageW
CreateWindowExW
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
SetTimer
GetCursorPos
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
DefWindowProcW
FindWindowW
GetLastInputInfo
SetForegroundWindow
RegisterClassExW
DestroyWindow
BeginPaint
IntersectRect
GetKeyboardLayoutList
SetWindowLongW
PtInRect
SetCursor
MessageBoxW
SubtractRect
advapi32
BuildExplicitAccessWithNameW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
RegQueryValueW
shell32
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHGetFolderPathW
wininet
InternetReadFile
InternetOpenW
InternetSetOptionW
InternetCloseHandle
HttpQueryInfoW
InternetOpenUrlW
gdi32
SetTextColor
GetStockObject
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SetBkMode
DeleteObject
BitBlt
CreatePen
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreateFontIndirectW
Sections
.text Size: 216KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 52KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/PinyinUp.exe.exe windows:4 windows x86 arch:x86
81144eb83d45d3f284106bd200988db2
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\PinyinUp.pdb
Imports
wininet
HttpQueryInfoW
InternetCloseHandle
InternetSetCookieW
InternetOpenW
InternetOpenUrlW
InternetReadFile
shlwapi
StrToIntW
StrCmpIW
imm32
ImmDisableIME
ws2_32
gethostbyname
kernel32
GetExitCodeThread
FindClose
GetTempPathW
CreateDirectoryW
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSection
Sleep
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
FormatMessageW
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
GetVersionExW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetConsoleMode
ResumeThread
CloseHandle
SetThreadPriority
SuspendThread
FindFirstFileW
MultiByteToWideChar
GetPrivateProfileStringW
GetCurrentProcess
EnterCriticalSection
LocalFree
GetLocalTime
GetLastError
WriteConsoleA
CreateProcessW
GetCurrentDirectoryA
GetFullPathNameW
GetCurrentProcessId
SetEnvironmentVariableA
GetCurrentThreadId
WideCharToMultiByte
MoveFileExW
DeleteFileW
SetFileAttributesW
CopyFileW
ReadFile
CreateFileW
FlushFileBuffers
SetLastError
GetFileSize
SetFilePointer
WriteFile
GlobalAlloc
GetCommandLineW
GlobalFree
CreateEventW
WaitForMultipleObjects
QueryPerformanceCounter
CreateThread
GetModuleHandleW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
OpenMutexW
CreateMutexW
InterlockedIncrement
InterlockedCompareExchange
OpenEventW
RemoveDirectoryW
GetProcAddress
LCMapStringW
GetTickCount
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetVersionExA
GetStartupInfoW
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
user32
RegisterClassW
LoadCursorW
GetSystemMetrics
GetMessageW
SetCursor
ShowWindow
PostQuitMessage
InvalidateRect
GetWindowTextW
CreateWindowExW
GetDlgItem
SetWindowTextW
LoadIconW
GetWindowLongW
DispatchMessageW
SetWindowPos
EnableMenuItem
TranslateMessage
SendMessageW
DefWindowProcW
GetSystemMenu
MessageBoxW
ExitWindowsEx
gdi32
CreateFontIndirectW
advapi32
RegQueryValueW
RegCreateKeyExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
AllocateAndInitializeSid
SetNamedSecurityInfoW
RegCloseKey
FreeSid
GetTokenInformation
EqualSid
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
shell32
Shell_NotifyIconW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
hwsignature
GenHWID
Sections
.text Size: 264KB - Virtual size: 263KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 65KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/Resource.dll.dll windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstTemp/ScdMaker.exe.exe windows:4 windows x86 arch:x86
b61c88b32d5d44dc2d3dbf818ee6a596
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdMaker.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
LocalFree
CreateThread
FormatMessageW
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
CreateFileMappingW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WriteFile
ReadFile
FlushFileBuffers
GetFileSize
SetFilePointer
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
LCMapStringW
GetTickCount
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetSystemTimeAsFileTime
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
GetCurrentThreadId
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LoadLibraryA
GetLocaleInfoW
CreateFileA
GetDriveTypeA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
WaitForMultipleObjects
CreateEventW
CreateProcessW
GlobalFree
SetLastError
WideCharToMultiByte
GetLastError
DeleteFileW
MultiByteToWideChar
CopyFileW
RaiseException
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 264KB - Virtual size: 262KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1016B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ScdReg.exe.exe windows:4 windows x86 arch:x86
b9d549f1f267cec71843909cce4fcf93
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdReg.pdb
Imports
imm32
ImmDisableIME
kernel32
CloseHandle
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
GetCommandLineW
GetVersionExW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
CopyFileW
MultiByteToWideChar
CreateProcessW
GlobalFree
WaitForMultipleObjects
GlobalAlloc
GetCurrentThreadId
FormatMessageW
CreateThread
InterlockedCompareExchange
InterlockedIncrement
GetFileSize
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
OpenEventW
GetDriveTypeW
HeapReAlloc
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventW
SetLastError
GetLastError
Sleep
LocalFree
WideCharToMultiByte
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FileTimeToLocalFileTime
user32
MessageBoxW
advapi32
RegCreateKeyExW
RegQueryValueW
RegSetValueExW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegOpenKeyExW
RegCloseKey
shell32
SHGetSpecialFolderPathW
SHFileOperationW
Sections
.text Size: 284KB - Virtual size: 282KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ScdViewer.exe.exe windows:4 windows x86 arch:x86
2fd4ce42f3412d026ae3bf4cbdcf77fc
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\ScdViewer.pdb
Imports
user32
GetSystemMetrics
GetWindowRect
SendMessageW
GetDlgItem
EndDialog
SetWindowPos
DialogBoxParamW
MessageBoxW
gdi32
GetStockObject
imm32
ImmDisableIME
kernel32
GetCurrentThreadId
FormatMessageW
CloseHandle
LocalFree
MultiByteToWideChar
SetLastError
GlobalFree
GetCommandLineW
FindClose
FindNextFileW
FindFirstFileW
SetFilePointer
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
GetFileSize
WaitForSingleObject
ReleaseMutex
OpenMutexW
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetVersionExW
GetSystemInfo
GetModuleFileNameW
GetModuleHandleW
RemoveDirectoryW
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
SetFileAttributesW
GetLastError
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
HeapSize
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
CreateDirectoryW
DeleteFileW
RaiseException
MoveFileExW
GetStartupInfoW
GetStringTypeA
advapi32
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueW
RegOpenKeyExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 144KB - Virtual size: 142KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/SkinEditor.exe.exe windows:4 windows x86 arch:x86
6fc1d7a0305884e43c62ac34e3d582db
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comctl32
InitCommonControlsEx
kernel32
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
GetTimeZoneInformation
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
LoadLibraryA
GetCurrentDirectoryA
GetFullPathNameW
LCMapStringW
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetLastError
GetLastError
CopyFileW
DeleteFileW
GetTempPathW
GetLongPathNameW
CreateFileW
CloseHandle
RemoveDirectoryW
SetCurrentDirectoryW
FindFirstFileW
FindClose
CreateDirectoryW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameW
SetStdHandle
GetCPInfo
InterlockedDecrement
LockResource
LoadResource
SizeofResource
FindResourceW
LoadLibraryExW
LoadLibraryW
GetProcAddress
ReadFile
GlobalAlloc
GlobalFree
GetFileSize
GlobalLock
GlobalUnlock
GetModuleHandleW
GetTickCount
GetVersionExW
GlobalReAlloc
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
LocalFree
GetCurrentThreadId
GetCommandLineW
InterlockedIncrement
InterlockedCompareExchange
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetSystemInfo
SetFileAttributesW
MoveFileExW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetFilePointer
WriteFile
FlushFileBuffers
FindNextFileW
FreeLibrary
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
user32
RegisterClassExW
CharNextW
LoadCursorW
SetWindowPlacement
GetSystemMetrics
GetWindowPlacement
DestroyAcceleratorTable
SetCursor
SetCapture
SetTimer
KillTimer
PostMessageW
ReleaseCapture
GetCursorPos
DrawIconEx
GetClassLongW
CheckDlgButton
GetWindowTextLengthW
EnableWindow
EndDialog
DialogBoxParamW
CreateDialogParamW
DefWindowProcW
RegisterClassW
SetFocus
ScreenToClient
CreateWindowExW
GetSysColor
GetWindowTextW
FillRect
GetScrollInfo
ScrollWindow
GetWindowLongW
SetWindowLongW
SetScrollInfo
BeginPaint
EndPaint
IsDlgButtonChecked
GetSysColorBrush
OffsetRect
SetWindowPos
GetWindowRect
DrawTextW
SetWindowRgn
GetDesktopWindow
LoadImageW
LoadIconW
SetRect
PtInRect
SetCursorPos
GetMonitorInfoW
UpdateLayeredWindow
SubtractRect
MonitorFromPoint
RedrawWindow
IntersectRect
GetCursor
TrackMouseEvent
CallWindowProcW
InflateRect
InvalidateRect
GetDC
ReleaseDC
GetDlgCtrlID
MoveWindow
GetDlgItem
DestroyWindow
PostQuitMessage
MessageBoxW
SetWindowTextW
GetClientRect
GetMenu
EnableMenuItem
GetMessageW
GetParent
GetClassNameW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
FindWindowW
IsIconic
ShowWindow
SetForegroundWindow
LoadMenuW
SetMenu
LoadAcceleratorsW
SendMessageW
UpdateWindow
DestroyMenu
gdi32
Rectangle
SelectObject
CreateSolidBrush
CreateFontIndirectW
CreatePen
SetViewportOrgEx
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
GetPixel
EnumFontFamiliesExW
GetTextExtentPointW
ExtCreateRegion
CombineRgn
OffsetRgn
GetTextMetricsW
SetBkColor
MoveToEx
SelectClipRgn
GetKerningPairsW
LineTo
GetFontData
GetObjectW
GetGlyphOutlineW
TextOutW
CreateDIBSection
SetTextColor
SetBkMode
DeleteObject
GetStockObject
comdlg32
GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
CommDlgExtendedError
shell32
DragAcceptFiles
SHGetSpecialFolderPathW
SHFileOperationW
DragQueryFileW
DragFinish
msimg32
TransparentBlt
GradientFill
AlphaBlend
imm32
ImmDisableIME
ziplib
UnZip
ZipFolder
advapi32
RegCloseKey
SetSecurityInfo
RegOpenKeyExW
RegQueryValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegQueryValueExW
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
ole32
GetHGlobalFromStream
CreateStreamOnHGlobal
Sections
.text Size: 448KB - Virtual size: 445KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 92KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/SkinReg.exe.exe windows:4 windows x86 arch:x86
bc2f628937d4058c840ae1875d55d8ab
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SkinReg.pdb
Imports
user32
DrawTextW
SetWindowPos
GetWindowLongW
TranslateMessage
GetCursorPos
SetTimer
GetSystemMetrics
GetWindowRect
GetMonitorInfoW
GetForegroundWindow
GetLastInputInfo
DefWindowProcW
FindWindowW
SetForegroundWindow
RegisterClassExW
AdjustWindowRect
OffsetRect
CloseWindow
MonitorFromRect
MonitorFromPoint
LoadCursorW
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageW
BeginPaint
IntersectRect
SetWindowLongW
PtInRect
SetCursor
CreateWindowExW
SubtractRect
InvalidateRect
GetMessageW
MessageBoxW
imm32
ImmDisableIME
kernel32
InterlockedCompareExchange
RemoveDirectoryW
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
FindFirstFileW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
Sleep
HeapSize
SetFilePointer
InterlockedIncrement
GetConsoleMode
LoadLibraryA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
FlushFileBuffers
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindNextFileW
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
UnmapViewOfFile
LocalFree
MultiByteToWideChar
CreateProcessW
GetCurrentThreadId
FormatMessageW
WaitForMultipleObjects
CreateEventW
SetLastError
CreateThread
GetModuleFileNameW
GetCommandLineW
GetVersionExW
GetSystemInfo
SetFileAttributesW
DeleteFileW
CreateDirectoryW
MoveFileExW
CopyFileW
GetProcAddress
LoadLibraryW
GlobalFree
CloseHandle
GetFileSize
CreateFileW
GlobalAlloc
ReadFile
GetTickCount
GetModuleHandleW
GetLastError
GetConsoleCP
FindClose
InitializeCriticalSection
gdi32
CreateFontIndirectW
GetStockObject
SetTextColor
DeleteObject
BitBlt
SetViewportOrgEx
SelectObject
CreateCompatibleBitmap
Rectangle
CreatePen
CreateCompatibleDC
DeleteDC
SetBkMode
CreateSolidBrush
advapi32
GetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
RegCloseKey
GetSecurityInfo
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 184KB - Virtual size: 181KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 52KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/SogouTSF.dll.dll regsvr32 windows:4 windows x86 arch:x86
eeaf1cf892d8e72dc6f6ddfd02e103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\sogouime33\Bin\SogouInput\SogouTSF.pdb
Imports
kernel32
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
lstrlenW
MultiByteToWideChar
GetModuleFileNameW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
advapi32
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
ole32
CoCreateInstance
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstTemp/SpeedMeter.exe.exe windows:4 windows x86 arch:x86
a248a7ff37d9332d68ad414c2d0103df
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\SpeedMeter.pdb
Imports
kernel32
GlobalFree
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTickCount
GlobalLock
GlobalUnlock
GlobalAlloc
GetLastError
GetModuleHandleW
GetCommandLineW
GetVersionExW
GetSystemInfo
GetModuleFileNameW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileW
OpenFileMappingW
CloseHandle
FormatMessageW
GetCurrentThreadId
MultiByteToWideChar
CreateProcessW
LocalFree
CreateThread
SetLastError
CreateEventW
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
FindClose
RemoveDirectoryW
FindNextFileW
FindFirstFileW
MoveFileExW
DeleteFileW
CreateDirectoryW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
CopyFileW
SetFileAttributesW
WideCharToMultiByte
GetProcAddress
LCMapStringW
Sleep
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
ReadFile
FlushFileBuffers
SetFilePointer
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
GetFileSize
user32
SetWindowLongW
DestroyWindow
DialogBoxParamW
CreateDialogParamW
GetWindowLongW
SetWindowTextW
EndDialog
GetWindowTextLengthW
SendMessageW
LoadIconW
CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
MessageBoxW
ShowWindow
SetForegroundWindow
IsIconic
FindWindowW
GetDlgItem
SetTimer
GetWindowTextW
comctl32
InitCommonControlsEx
imm32
ImmDisableIME
advapi32
SetNamedSecurityInfoW
RegQueryValueExW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
RegQueryValueW
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 232KB - Virtual size: 230KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/UserPage.exe.exe windows:4 windows x86 arch:x86
c1753cbe9155bff72dbc8a9f999aa469
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\UserPage.pdb
Imports
imm32
ImmSetConversionStatus
ImmGetContext
ImmDisableIME
kernel32
GetLastError
GetModuleHandleW
CreateEventW
CloseHandle
CreateThread
TlsAlloc
TlsSetValue
TlsGetValue
MultiByteToWideChar
GetModuleFileNameW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetDriveTypeA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetTickCount
GetVersionExW
GlobalAlloc
GlobalFree
GetFileSize
ReadFile
CreateFileW
LoadLibraryW
GetProcAddress
WideCharToMultiByte
WaitForMultipleObjects
GetCurrentThreadId
GetCommandLineW
FormatMessageW
LocalFree
CreateProcessW
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OpenMutexW
WaitForSingleObject
ReleaseMutex
CreateMutexW
DeleteFileW
MoveFileExW
SetFileAttributesW
CreateDirectoryW
CopyFileW
OpenEventW
Sleep
FindFirstFileW
FindClose
FindNextFileW
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
InterlockedIncrement
InterlockedCompareExchange
RemoveDirectoryW
SetFilePointer
WriteFile
FlushFileBuffers
FreeLibrary
LCMapStringW
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
RtlUnwind
RaiseException
GetTimeZoneInformation
GetCPInfo
LCMapStringA
GetStringTypeA
GetStringTypeW
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
HeapSize
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
GetCurrentProcessId
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
user32
GetDlgItemTextW
SendMessageW
GetClassNameW
SetWindowTextW
GetCursorPos
GetDlgCtrlID
GetWindowRect
SetCapture
MoveWindow
GetWindowLongW
OffsetRect
CheckDlgButton
DialogBoxParamW
DestroyWindow
CreateDialogParamW
SetWindowRgn
UpdateLayeredWindow
FillRect
GetSystemMetrics
InvalidateRect
DefWindowProcW
SubtractRect
GetMonitorInfoW
GetCursor
PtInRect
MonitorFromPoint
SetRect
BeginPaint
EndPaint
KillTimer
RegisterClassExW
InflateRect
TrackMouseEvent
GetParent
CallWindowProcW
CharNextW
ReleaseCapture
SetWindowLongW
RedrawWindow
SetCursorPos
LoadBitmapW
ActivateKeyboardLayout
GetKeyboardLayoutList
SetForegroundWindow
IsIconic
CreateWindowExW
SetClassLongW
LoadCursorW
SetCursor
EnableWindow
ReleaseDC
IsDlgButtonChecked
PostMessageW
FindWindowW
DrawTextW
IntersectRect
SetFocus
EndDialog
MessageBoxW
GetDC
SetTimer
SetWindowPos
GetWindowTextW
SetDlgItemTextW
GetDlgItem
ShowWindow
gdi32
SelectObject
GetTextExtentPoint32W
DeleteDC
CreateCompatibleDC
GetPixel
GetObjectW
CreateSolidBrush
GetStockObject
TextOutW
CombineRgn
OffsetRgn
CreateDIBSection
GetFontData
GetGlyphOutlineW
SetTextColor
GetTextMetricsW
SelectClipRgn
GetKerningPairsW
SetBkColor
StretchBlt
Rectangle
CreateFontIndirectW
GetTextExtentPointW
CreatePen
LineTo
MoveToEx
BitBlt
DeleteObject
CreateCompatibleBitmap
SetBkMode
comctl32
InitCommonControlsEx
msimg32
GradientFill
AlphaBlend
TransparentBlt
wininet
InternetReadFile
InternetCloseHandle
HttpEndRequestW
InternetCanonicalizeUrlW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
HttpOpenRequestW
InternetQueryOptionW
InternetConnectW
HttpSendRequestW
advapi32
GetSecurityInfo
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
SetNamedSecurityInfoW
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 388KB - Virtual size: 384KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 132KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 668KB - Virtual size: 666KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/UsrDictUtil.exe.exe windows:4 windows x86 arch:x86
88e8e74f3ec0007acf22057e6057bc67
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\UsrDictUtil.pdb
Imports
imm32
ImmDisableIME
user32
MessageBoxW
kernel32
SetFileAttributesW
CopyFileW
GlobalFree
CreateEventW
WaitForMultipleObjects
GlobalAlloc
GetCommandLineW
GetCurrentThreadId
FormatMessageW
LocalFree
CreateThread
MultiByteToWideChar
CreateProcessW
SetLastError
InterlockedIncrement
InterlockedCompareExchange
GetModuleFileNameW
GetModuleHandleW
GetSystemInfo
GetVersionExW
Sleep
OpenEventW
FlushFileBuffers
GetFileSize
SetFilePointer
WriteFile
ReadFile
FindNextFileW
FindFirstFileW
FindClose
CreateMutexW
ReleaseMutex
OpenMutexW
WaitForSingleObject
RemoveDirectoryW
LCMapStringW
GetTickCount
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileW
HeapReAlloc
GetTimeZoneInformation
GetCPInfo
GetStringTypeA
GetStringTypeW
LCMapStringA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateDirectoryW
MoveFileExW
CloseHandle
GetLastError
OpenFileMappingW
CreateFileW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WideCharToMultiByte
GetDriveTypeW
advapi32
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetNamedSecurityInfoW
GetSecurityInfo
SetNamedSecurityInfoW
RegOpenKeyExW
RegCloseKey
shell32
SHFileOperationW
SHGetSpecialFolderPathW
Sections
.text Size: 280KB - Virtual size: 276KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1020B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/Wizard.exe.exe windows:4 windows x86 arch:x86
530c47d19bc90ee9db4ef1de0c4a3c97
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\Wizard.pdb
Imports
kernel32
SizeofResource
FindClose
FindResourceW
LockResource
CloseHandle
LoadLibraryExW
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
CreateFileW
GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryW
GetVersionExW
GetTickCount
GlobalReAlloc
CreateDirectoryW
DeleteFileW
SetFileAttributesW
CopyFileW
MoveFileExW
LocalFree
GetCommandLineW
CreateThread
FormatMessageW
MultiByteToWideChar
SetLastError
CreateProcessW
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
GetSystemInfo
GetModuleFileNameW
InterlockedIncrement
InterlockedCompareExchange
MapViewOfFile
UnmapViewOfFile
GetLastError
OpenFileMappingW
RemoveDirectoryW
FindNextFileW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
CreateMutexW
ReleaseMutex
OpenMutexW
SetFilePointer
WriteFile
FlushFileBuffers
FreeLibrary
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadResource
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
Sleep
HeapSize
VirtualAlloc
LCMapStringA
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
FindFirstFileW
CreateFileMappingW
GetModuleHandleW
user32
DialogBoxParamW
SetClassLongW
CharNextW
DrawTextW
LoadImageW
GetMonitorInfoW
KillTimer
UpdateLayeredWindow
SetCapture
SubtractRect
SetCursor
PtInRect
GetCursorPos
SetWindowPos
MonitorFromPoint
IntersectRect
GetSystemMetrics
RedrawWindow
ReleaseCapture
SetRect
GetCursor
SetCursorPos
TrackMouseEvent
GetParent
CallWindowProcW
SetWindowRgn
SetWindowLongW
SetScrollInfo
GetScrollInfo
CheckDlgButton
CreateWindowExW
DefWindowProcW
FindWindowW
SetForegroundWindow
IsIconic
InflateRect
ReleaseDC
FillRect
BeginPaint
GetUpdateRect
GetDC
OffsetRect
InvalidateRect
EndPaint
SetTimer
SetWindowTextW
ScreenToClient
GetFocus
GetWindowRect
LoadIconW
ShowWindow
LoadBitmapW
EndDialog
PostMessageW
MessageBoxW
GetClientRect
MoveWindow
GetDlgItem
SendMessageW
EnableWindow
GetDlgCtrlID
IsDlgButtonChecked
DestroyWindow
CreateDialogParamW
GetWindowLongW
GetDesktopWindow
LoadCursorW
gdi32
ExtCreateRegion
GetTextExtentPointW
CombineRgn
OffsetRgn
GetPixel
GetStockObject
GetGlyphOutlineW
SetBkColor
TextOutW
SelectClipRgn
GetKerningPairsW
GetClipRgn
SelectObject
DeleteObject
StretchBlt
CreateFontIndirectW
GetObjectW
CreateCompatibleDC
CreatePen
Rectangle
CreateSolidBrush
CreateCompatibleBitmap
GetTextExtentPoint32W
BitBlt
DeleteDC
MoveToEx
LineTo
SetBkMode
CreateDIBSection
GetTextMetricsW
GetFontData
CreateRectRgn
SetTextColor
comctl32
InitCommonControlsEx
msimg32
AlphaBlend
TransparentBlt
GradientFill
imm32
ImmDisableIME
advapi32
GetNamedSecurityInfoW
RegQueryValueW
RegCreateKeyExW
SetEntriesInAclW
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExW
GetSecurityInfo
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetSecurityDescriptorSacl
RegQueryValueExW
RegCloseKey
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
ole32
GetHGlobalFromStream
CreateStreamOnHGlobal
Sections
.text Size: 352KB - Virtual size: 348KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 212KB - Virtual size: 209KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/ZipLib.dll.dll windows:4 windows x86 arch:x86
1f9bbcf64bd00ab9c608fd36f2184919
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CreateFileA
lstrcpynA
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
GetFileTime
FileTimeToLocalFileTime
GetVersion
FindNextFileA
GlobalLock
GlobalAlloc
CloseHandle
GlobalFree
lstrcmpiA
lstrlenA
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetVolumeLabelA
SetFilePointer
GetLocaleInfoA
SetEndOfFile
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
lstrcpyA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
ReleaseMutex
CreateMutexA
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
GetVolumeInformationA
InitializeCriticalSection
GetDriveTypeA
GetProcessHeap
GetLastError
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
MultiByteToWideChar
MoveFileW
CopyFileW
GetTempPathA
FindClose
FindNextFileW
FindFirstFileW
GlobalUnlock
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
InterlockedDecrement
GetCPInfo
MoveFileA
SetStdHandle
HeapReAlloc
GetFileInformationByHandle
PeekNamedPipe
RtlUnwind
InterlockedIncrement
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStartupInfoA
Sleep
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ReadFile
GetTimeZoneInformation
HeapSize
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
user32
CharToOemA
OemToCharA
advapi32
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
IsValidSecurityDescriptor
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
OpenProcessToken
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
GetSecurityDescriptorSacl
IsValidAcl
Exports
Exports
UnZip
UnZipEx
ZipFolder
ZipFolderEx
Sections
.text Size: 196KB - Virtual size: 194KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 325KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1004B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstTemp/ZipLib64.dll.dll windows:4 windows x64 arch:x64
c72b7e0f1eaf64b127485b3988f7b2c9
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
LeaveCriticalSection
EnterCriticalSection
CreateMutexA
CreateFileA
ReleaseMutex
GetFileTime
FileTimeToLocalFileTime
GetVersion
GetFullPathNameA
GetFileAttributesA
FileTimeToSystemTime
FindFirstFileA
GetFileType
FindNextFileA
GlobalLock
GlobalAlloc
GlobalUnlock
GetVolumeInformationA
lstrcmpiA
lstrlenA
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetLocalTime
DosDateTimeToFileTime
SetVolumeLabelA
LocalFileTimeToFileTime
SetFilePointer
GetLocaleInfoA
SetEndOfFile
lstrcpyA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
InitializeCriticalSection
GetDriveTypeA
GetProcessHeap
WaitForSingleObject
HeapFree
GetCurrentProcess
HeapAlloc
lstrcpynA
CloseHandle
WideCharToMultiByte
GetTempPathW
CreateDirectoryW
MultiByteToWideChar
GetTempPathA
MoveFileW
CopyFileW
GetLastError
FindNextFileW
FindClose
GlobalFree
FindFirstFileW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetSystemTimeAsFileTime
MoveFileA
GetCPInfo
SetStdHandle
GetFileInformationByHandle
PeekNamedPipe
HeapReAlloc
RtlUnwindEx
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetVersionExA
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCurrentDirectoryA
SetCurrentDirectoryA
HeapSetInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
RaiseException
RtlPcToFileHeader
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
Sleep
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
ReadFile
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
user32
CharToOemA
OemToCharA
advapi32
GetSecurityDescriptorGroup
IsValidSecurityDescriptor
IsValidAcl
IsValidSid
GetSecurityDescriptorOwner
SetKernelObjectSecurity
GetSecurityDescriptorControl
AdjustTokenPrivileges
GetSecurityDescriptorLength
LookupPrivilegeValueA
GetKernelObjectSecurity
OpenProcessToken
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
Exports
Exports
UnZip
UnZipEx
ZipFolder
ZipFolderEx
Sections
.text Size: 255KB - Virtual size: 255KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 54KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 328KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1004B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
InstTemp/config.exe.exe windows:4 windows x86 arch:x86
b698a9e47b565a751b92c2454be0de0d
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
e:\sogouime33\Bin\SogouInput\config.pdb
Imports
imm32
ImmGetContext
ImmSetOpenStatus
ImmDisableIME
comctl32
InitCommonControlsEx
kernel32
LoadLibraryA
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenEventW
GetLastError
CreateProcessW
GetTickCount
GetExitCodeProcess
WaitForSingleObject
CloseHandle
GetLocalTime
FindFirstFileW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
GetFullPathNameW
HeapSize
GetCurrentProcessId
FindClose
LockResource
FindResourceW
LoadResource
SizeofResource
LoadLibraryExW
LoadLibraryW
GetProcAddress
ReadFile
GlobalAlloc
CreateFileW
GlobalFree
GlobalUnlock
GlobalLock
GetFileSize
GetVersionExW
GetModuleHandleW
GlobalReAlloc
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
ReleaseMutex
OpenMutexW
FormatMessageW
MultiByteToWideChar
GetCommandLineW
SetLastError
CreateEventW
WaitForMultipleObjects
GetCurrentThreadId
LocalFree
CreateThread
InterlockedIncrement
InterlockedCompareExchange
CopyFileW
DeleteFileW
SetFileAttributesW
MoveFileExW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
GetSystemInfo
GetModuleFileNameW
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushFileBuffers
SetFilePointer
WriteFile
FreeLibrary
LCMapStringW
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetTimeZoneInformation
LCMapStringA
GetCPInfo
GetStringTypeA
GetStringTypeW
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
user32
SetWindowLongW
SendMessageW
GetDlgItem
OffsetRect
ClientToScreen
CreateWindowExW
GetWindowLongW
GetWindowTextLengthW
GetUpdateRect
GetDC
ReleaseDC
ScreenToClient
GetDlgItemTextW
GetWindowTextW
InvalidateRect
CheckRadioButton
LoadCursorW
SetWindowRgn
DefWindowProcW
GetDesktopWindow
DestroyWindow
CreateDialogParamW
DialogBoxParamW
LoadImageW
CharNextW
SetRect
PtInRect
SetCursorPos
MonitorFromPoint
GetCursorPos
SetWindowPos
IntersectRect
RedrawWindow
ReleaseCapture
UpdateLayeredWindow
GetCursor
SetCapture
SetCursor
GetMonitorInfoW
SubtractRect
InflateRect
LoadStringW
CheckDlgButton
EnableWindow
PostMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetTimer
EndDialog
KillTimer
SetWindowTextW
FillRect
DrawTextW
EndPaint
BeginPaint
FindWindowW
SetForegroundWindow
IsIconic
GetWindowRect
GetClientRect
SetFocus
MoveWindow
MessageBoxW
GetSystemMetrics
LoadIconW
ShowWindow
gdi32
SetTextColor
CreateRectRgn
GetTextExtentPoint32W
GetObjectW
EnumFontFamiliesExW
SelectClipRgn
GetDeviceCaps
SetViewportOrgEx
GetTextExtentPointW
CreateCompatibleDC
OffsetRgn
ExtCreateRegion
LineTo
CombineRgn
BitBlt
GetPixel
CreateCompatibleBitmap
CreateDIBSection
GetTextMetricsW
GetKerningPairsW
GetFontData
GetGlyphOutlineW
SetBkMode
Rectangle
DeleteDC
MoveToEx
DeleteObject
CreateSolidBrush
CreateFontIndirectW
StretchBlt
SelectObject
SetBkColor
TextOutW
GetStockObject
CreatePen
comdlg32
GetSaveFileNameW
ChooseColorW
GetOpenFileNameW
shell32
SHFileOperationW
ShellExecuteW
SHGetSpecialFolderPathW
msimg32
TransparentBlt
AlphaBlend
GradientFill
advapi32
RegCloseKey
RegQueryValueExW
RegQueryValueW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
GetSecurityInfo
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
RegCreateKeyExW
RegOpenKeyExW
ole32
CreateStreamOnHGlobal
GetHGlobalFromStream
Sections
.text Size: 512KB - Virtual size: 510KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 108KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 132KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
InstTemp/sgim_annex.bin
-
InstTemp/sgim_bigram.bin
-
InstTemp/sgim_sys.bin
-
InstTemp/userNetSchedule.exe.exe windows:4 windows x86 arch:x86
27bed4e079f9e793ce5fd241d1840f6f
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before16/07/2004, 00:00Not After15/07/2014, 23:59SubjectCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
07:3f:fb:87:6a:fa:34:33:91:1b:a4:b5:51:43:56:d1Certificate
IssuerCN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=USNot Before03/07/2007, 00:00Not After02/07/2008, 23:59SubjectCN=Sogou.com,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=R&D,O=Sogou.com,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
imm32
ImmDisableIME
kernel32
MoveFileExW
CreateDirectoryW
SetFileAttributesW
SetLastError
SetFilePointer
WriteFile
FlushFileBuffers
WaitForMultipleObjects
GetCommandLineW
GetCurrentThreadId
FormatMessageW
LocalFree
CreateThread
MultiByteToWideChar
CreateEventW
FindClose
FindNextFileW
FindFirstFileW
InterlockedIncrement
InterlockedCompareExchange
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
ReleaseMutex
OpenMutexW
WaitForSingleObject
CreateMutexW
Sleep
OpenEventW
RemoveDirectoryW
GetSystemInfo
GetVersionExW
GetModuleFileNameW
WideCharToMultiByte
FreeLibrary
LCMapStringW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
ExitProcess
LoadLibraryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
GetFullPathNameW
GetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDriveTypeA
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
GlobalFree
CreateFileW
GetFileSize
ReadFile
GlobalAlloc
GetTickCount
CreateProcessW
DeleteFileW
GetTempFileNameW
CloseHandle
GetLastError
CopyFileW
GetModuleHandleW
InterlockedDecrement
user32
OffsetRect
GetMessageW
AdjustWindowRect
RegisterClassExW
DrawTextW
MessageBoxW
IntersectRect
PtInRect
SetWindowLongW
CloseWindow
SubtractRect
InvalidateRect
SetWindowPos
TranslateMessage
GetWindowLongW
GetCursorPos
SetTimer
GetSystemMetrics
GetMonitorInfoW
GetWindowRect
DefWindowProcW
GetForegroundWindow
GetLastInputInfo
FindWindowW
MonitorFromRect
MonitorFromPoint
LoadCursorW
LoadIconW
CreateWindowExW
DestroyWindow
DispatchMessageW
PostQuitMessage
EndPaint
SetCursor
BeginPaint
shell32
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
Shell_NotifyIconW
ziplib
UnZip
ZipFolder
wininet
InternetConnectW
InternetCloseHandle
InternetReadFile
HttpEndRequestW
InternetCanonicalizeUrlW
HttpSendRequestExW
InternetQueryOptionW
InternetWriteFile
HttpSendRequestW
InternetSetOptionW
InternetGetCookieW
InternetSetCookieW
InternetOpenW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
gdi32
CreateSolidBrush
SetBkMode
DeleteObject
SelectObject
BitBlt
SetViewportOrgEx
CreateCompatibleBitmap
DeleteDC
Rectangle
CreateCompatibleDC
CreatePen
SetTextColor
GetStockObject
CreateFontIndirectW
advapi32
SetNamedSecurityInfoW
GetNamedSecurityInfoW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
SetEntriesInAclW
GetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegQueryValueW
GetSecurityInfo
Sections
.text Size: 292KB - Virtual size: 290KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 72KB - Virtual size: 69KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ