b4916e72b4576716a85df0e68f1ce674_JaffaCakes118

resource
unpack001/$PLUGINSDIR/KWGameBox.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/KuWoNsis_new.dll
unpack001/$PLUGINSDIR/NsisCrypt.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/$PLUGINSDIR/nsDialogs.dll

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

50:da:15:04:90:9f:72:73:48:6d:47:ac:0a:b7:46:75
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04-11-2013 00:00

Not After

02-01-2017 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=KUWO MUSIC,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

13:a6:98:24:49:b5:5b:ae:eb:e5:ea:ec:fe:8c:4b:c2:d3:d7:31:83
Signer

Actual PE Digest

13:a6:98:24:49:b5:5b:ae:eb:e5:ea:ec:fe:8c:4b:c2:d3:d7:31:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

GetTickCount

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

GetWindowsDirectoryA

SetFileTime

GetCommandLineA

SetErrorMode

LoadLibraryA

lstrcpynA

GetDiskFreeSpaceA

GlobalUnlock

GlobalLock

CreateThread

CreateProcessA

RemoveDirectoryA

CreateFileA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

GetVersion

CloseHandle

lstrcmpiA

lstrcmpA

ExpandEnvironmentStringsA

GlobalFree

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GetModuleHandleA

LoadLibraryExA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

ReadFile

SetFilePointer

MulDiv

FindClose

FindNextFileA

FindFirstFileA

DeleteFileA

GetTempPathA

user32

EndDialog

ScreenToClient

GetWindowRect

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

GetSysColor

GetWindowLongA

SetCursor

LoadCursorA

CheckDlgButton

GetAsyncKeyState

IsDlgButtonChecked

GetMessagePos

LoadBitmapA

CallWindowProcA

IsWindowVisible

CloseClipboard

SetClipboardData

RegisterClassA

OpenClipboard

TrackPopupMenu

AppendMenuA

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

wvsprintfA

DispatchMessageA

PeekMessageA

DestroyWindow

CreateDialogParamA

SetTimer

SetWindowTextA

PostQuitMessage

ShowWindow

wsprintfA

SendMessageTimeoutA

FindWindowExA

SystemParametersInfoA

CreateWindowExA

GetClassInfoA

DialogBoxParamA

CharNextA

EmptyClipboard

ExitWindowsEx

IsWindow

GetDlgItem

SetWindowLongA

LoadImageA

GetDC

EnableWindow

InvalidateRect

SendMessageA

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

SetForegroundWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegQueryValueExA

RegSetValueExA

RegEnumKeyA

RegEnumValueA

RegOpenKeyExA

RegDeleteKeyA

RegDeleteValueA

RegCloseKey

RegCreateKeyExA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 448KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$APPDATA/kuwodata/kwshow/Conf/User/licence.txt

$PLUGINSDIR/KWGameBox.dll

.dll windows:5 windows x86 arch:x86

0214c00ca345b4ffa8325c14eba9e8a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

e:\KuWo\NsisPlugin\Plugins\KWGameBox.pdb

Imports

kernel32

VirtualAlloc

GetPrivateProfileStringW

GetPrivateProfileIntW

SetEvent

CloseHandle

CreateThread

GetCurrentProcess

FlushInstructionCache

CreateFileA

WriteConsoleW

GetConsoleOutputCP

WriteConsoleA

SetEndOfFile

LCMapStringW

LCMapStringA

GetProcAddress

GetStringTypeA

GetLocaleInfoA

FlushFileBuffers

GetConsoleMode

GetConsoleCP

SetStdHandle

CreateFileW

InitializeCriticalSectionAndSpinCount

LoadLibraryA

IsValidCodePage

GetOEMCP

GetACP

GetCPInfo

HeapReAlloc

GetSystemTimeAsFileTime

GetCurrentProcessId

IsProcessorFeaturePresent

LoadLibraryW

GetProcessHeap

VirtualFree

InterlockedCompareExchange

HeapFree

HeapAlloc

lstrcpyA

GlobalFree

MultiByteToWideChar

WideCharToMultiByte

GlobalAlloc

lstrcpynA

CreateEventW

GetModuleHandleW

WaitForSingleObject

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

GetStringTypeW

InitializeCriticalSection

GetTickCount

QueryPerformanceCounter

HeapDestroy

GetModuleHandleA

HeapCreate

GetEnvironmentStringsW

FreeEnvironmentStringsW

GetEnvironmentStrings

FreeEnvironmentStringsA

GetModuleFileNameA

WriteFile

SetFilePointer

GetStartupInfoA

GetFileType

GetStdHandle

SetHandleCount

ReadFile

ExitProcess

HeapSize

Sleep

InterlockedDecrement

SetLastError

InterlockedIncrement

TlsFree

TlsSetValue

TerminateProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetCurrentThreadId

GetCommandLineA

RaiseException

RtlUnwind

GetLastError

TlsGetValue

TlsAlloc

user32

EndDialog

GetDlgItem

PostMessageW

MapWindowPoints

GetParent

MoveWindow

SetWindowTextW

EnableWindow

FrameRect

ShowWindow

GetDesktopWindow

GetWindowTextW

InvalidateRect

SetFocus

DrawTextW

GetWindowRect

ScreenToClient

GetDlgCtrlID

SetWindowLongW

GetWindowLongW

PtInRect

GetClientRect

SetWindowRgn

SendMessageW

CallWindowProcW

DefWindowProcW

InflateRect

IsWindowEnabled

DialogBoxParamW

BringWindowToTop

GetCursorPos

EndPaint

BeginPaint

SetTimer

KillTimer

IsWindow

gdi32

BitBlt

DeleteDC

CreateCompatibleDC

CreateCompatibleBitmap

CreateRoundRectRgn

MoveToEx

GetTextExtentPoint32W

LineTo

SetTextColor

SetBkMode

DeleteObject

SelectObject

CreatePen

CreateSolidBrush

SetWindowOrgEx

CreateFontIndirectW

OffsetWindowOrgEx

GetObjectW

GetStockObject

RoundRect

gdiplus

GdiplusShutdown

GdipFree

GdipGetImageHeight

GdipSetTextRenderingHint

GdipDeleteGraphics

GdipDrawImageRectI

GdipLoadImageFromFile

GdipSetSmoothingMode

GdipAlloc

GdipDisposeImage

GdipGetDC

GdipCreateFromHDC

GdipSetInterpolationMode

GdipCloneImage

GdipGetImageWidth

GdipReleaseDC

GdipDrawImageRectRect

GdipSetImageAttributesWrapMode

GdipDisposeImageAttributes

GdipCreateImageAttributes

GdiplusStartup

Exports

ArrayGet

ArrayGetSize

ArrayInit

ArrayRelease

ArraySet

Initialize

KWPostdMessage

KWSendMessage

Release

RepairStatus

SetOnChange

ShowPages

ShowRepair

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KillProcDLL.dll

.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA

TerminateProcess

OpenProcess

LoadLibraryA

CloseHandle

GetProcAddress

FreeLibrary

GlobalFree

lstrcpyA

DisableThreadLibraryCalls

msvcrt

strcmp

_strupr

toupper

strlen

free

_initterm

malloc

_adjust_fdiv

strcpy

_itoa

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KuWoNsis_new.dll

.dll windows:5 windows x86 arch:x86

4ab986f64a1874664feabca76ad3c867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

c:\Program Files\_NSIS_246\Plugins\KuWoNsis_new.pdb

Imports

kernel32

lstrcpyA

lstrcpynA

GlobalAlloc

FindClose

FindNextFileA

FindFirstFileA

MoveFileExA

DeleteFileA

GetVersionExA

GetExitCodeProcess

WaitForSingleObject

GetExitCodeThread

CreateThread

Process32Next

TerminateProcess

DuplicateHandle

GlobalFree

GetCurrentProcessId

Process32First

CreateToolhelp32Snapshot

CreateProcessA

OpenProcess

CreateDirectoryA

MoveFileA

SetFileTime

LocalFileTimeToFileTime

SystemTimeToFileTime

GetLocalTime

GetTempPathA

GetFileAttributesA

GetLastError

RemoveDirectoryA

GetTempFileNameA

DeviceIoControl

GetLogicalDrives

CreateFileA

CloseHandle

GetLogicalDriveStringsA

GetDriveTypeA

GetCurrentProcess

GetDiskFreeSpaceExA

FlushFileBuffers

RtlUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

RaiseException

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCommandLineA

HeapFree

HeapAlloc

GetModuleHandleW

GetProcAddress

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

InterlockedDecrement

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

LCMapStringA

WideCharToMultiByte

MultiByteToWideChar

LCMapStringW

Sleep

ExitProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

DeleteCriticalSection

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

HeapCreate

HeapDestroy

VirtualFree

QueryPerformanceCounter

GetTickCount

LeaveCriticalSection

EnterCriticalSection

VirtualAlloc

HeapReAlloc

HeapSize

WriteFile

SetFilePointer

GetConsoleCP

GetConsoleMode

GetStringTypeA

GetStringTypeW

GetLocaleInfoA

LoadLibraryA

InitializeCriticalSectionAndSpinCount

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

advapi32

RegQueryValueExA

RegCloseKey

GetNamedSecurityInfoA

BuildExplicitAccessWithNameA

SetEntriesInAclA

SetNamedSecurityInfoA

RegOpenKeyExA

shell32

ShellExecuteExA

SHGetSpecialFolderPathA

shlwapi

PathFileExistsA

Exports

AddDirAccessRights

AddRegAccessRights

ClearInstDir

CreateCachePath

DecodePath

GetFileName

GetInstallDate

KwKillProc

KwKillProcEx

ModifyCacheFileAsNow

RenameDeletePathAllFiles

XORBase64

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KuWoRes/ReadMe.txt

$PLUGINSDIR/KuWoRes/ad01.png

.png

$PLUGINSDIR/KuWoRes/ad02.png

.png

$PLUGINSDIR/KuWoRes/ad03.png

.png

$PLUGINSDIR/KuWoRes/agree1.png

.png

$PLUGINSDIR/KuWoRes/agree2.png

.png

$PLUGINSDIR/KuWoRes/arrowd.png

.png

$PLUGINSDIR/KuWoRes/arrows.png

.png

$PLUGINSDIR/KuWoRes/bg.png

.png

$PLUGINSDIR/KuWoRes/bg_repair.png

.png

$PLUGINSDIR/KuWoRes/browsed.png

.png

$PLUGINSDIR/KuWoRes/browseh.png

.png

$PLUGINSDIR/KuWoRes/browsen.png

.png

$PLUGINSDIR/KuWoRes/browsep.png

.png

$PLUGINSDIR/KuWoRes/btins0.png

.png

$PLUGINSDIR/KuWoRes/btins2.png

.png

$PLUGINSDIR/KuWoRes/btins3.png

.png

$PLUGINSDIR/KuWoRes/btinsl.png

.png

$PLUGINSDIR/KuWoRes/btnd.png

.png

$PLUGINSDIR/KuWoRes/btnh.png

.png

$PLUGINSDIR/KuWoRes/btnn.png

.png

$PLUGINSDIR/KuWoRes/btnn01.png

.png

$PLUGINSDIR/KuWoRes/btnn02.png

.png

$PLUGINSDIR/KuWoRes/btnn03.png

.png

$PLUGINSDIR/KuWoRes/btnn1.png

.png

$PLUGINSDIR/KuWoRes/btnn2.png

.png

$PLUGINSDIR/KuWoRes/btnn3.png

.png

$PLUGINSDIR/KuWoRes/btnp.png

.png

$PLUGINSDIR/KuWoRes/btun1.png

.png

$PLUGINSDIR/KuWoRes/btun2.png

.png

$PLUGINSDIR/KuWoRes/btun3.png

.png

$PLUGINSDIR/KuWoRes/check.bmp

$PLUGINSDIR/KuWoRes/checkc.png

.png

$PLUGINSDIR/KuWoRes/checku.png

.png

$PLUGINSDIR/KuWoRes/close0.png

.png

$PLUGINSDIR/KuWoRes/close1.png

.png

$PLUGINSDIR/KuWoRes/close2.png

.png

$PLUGINSDIR/KuWoRes/complete.ini

$PLUGINSDIR/KuWoRes/complete1.png

.png

$PLUGINSDIR/KuWoRes/complete2.png

.png

$PLUGINSDIR/KuWoRes/complete3.png

.png

$PLUGINSDIR/KuWoRes/directory.ini

$PLUGINSDIR/KuWoRes/edit.png

.png

$PLUGINSDIR/KuWoRes/insl1.jpg

.jpg

$PLUGINSDIR/KuWoRes/insl1.png

.png

$PLUGINSDIR/KuWoRes/insl2.jpg

.jpg

$PLUGINSDIR/KuWoRes/insl2.png

.png

$PLUGINSDIR/KuWoRes/insl3.jpg

.jpg

$PLUGINSDIR/KuWoRes/insl4.jpg

.jpg

$PLUGINSDIR/KuWoRes/instfiles.ini

$PLUGINSDIR/KuWoRes/licence.ini

$PLUGINSDIR/KuWoRes/licence.txt

$PLUGINSDIR/KuWoRes/logo.png

.png

$PLUGINSDIR/KuWoRes/main.ini

$PLUGINSDIR/KuWoRes/minimize0.png

.png

$PLUGINSDIR/KuWoRes/minimize1.png

.png

$PLUGINSDIR/KuWoRes/minimize2.png

.png

$PLUGINSDIR/KuWoRes/prg_fill_l.png

.png

$PLUGINSDIR/KuWoRes/prg_fill_m.png

.png

$PLUGINSDIR/KuWoRes/prg_fill_r.png

.png

$PLUGINSDIR/KuWoRes/prg_l.png

.png

$PLUGINSDIR/KuWoRes/prg_m.png

.png

$PLUGINSDIR/KuWoRes/prg_r.png

.png

$PLUGINSDIR/KuWoRes/prog_fill_l.png

.png

$PLUGINSDIR/KuWoRes/prog_fill_m.png

.png

$PLUGINSDIR/KuWoRes/prog_fill_r.png

.png

$PLUGINSDIR/KuWoRes/prog_l.png

.png

$PLUGINSDIR/KuWoRes/prog_m.png

.png

$PLUGINSDIR/KuWoRes/prog_r.png

.png

$PLUGINSDIR/KuWoRes/radioc.png

.png

$PLUGINSDIR/KuWoRes/radiou.png

.png

$PLUGINSDIR/KuWoRes/reinstfiles.ini

$PLUGINSDIR/KuWoRes/reinstfiles_suc.ini

$PLUGINSDIR/KuWoRes/remain.ini

$PLUGINSDIR/KuWoRes/remain_suc.ini

$PLUGINSDIR/KuWoRes/repair_failed.png

.png

$PLUGINSDIR/KuWoRes/repair_ing.png

.png

$PLUGINSDIR/KuWoRes/repair_suc.png

.png

$PLUGINSDIR/KuWoRes/unbg.png

.png

$PLUGINSDIR/KuWoRes/unconfirm.ini

$PLUGINSDIR/KuWoRes/unfeedback.ini

$PLUGINSDIR/KuWoRes/uninstfiles.ini

$PLUGINSDIR/KuWoRes/unmain.ini

$PLUGINSDIR/KuWoRes/unrepair.ini

$PLUGINSDIR/KuWoRes/welcom2.png

.png

$PLUGINSDIR/KuWoRes/welcome.ini

$PLUGINSDIR/KuWoRes/°²×°01-»¶Ó.jpg

.jpg

$PLUGINSDIR/KuWoRes/°²×°02-Ñ¡Ïî.jpg

.jpg

$PLUGINSDIR/KuWoRes/°²×°03-°²×°.jpg

.jpg

$PLUGINSDIR/KuWoRes/°²×°04-Íê³É.jpg

.jpg

$PLUGINSDIR/KuWoRes/µÇÂ¼1.jpg

.jpg

$PLUGINSDIR/KuWoRes/Ð¶ÔØ1.jpg

.jpg

$PLUGINSDIR/KuWoRes/Ð¶ÔØ2.jpg

.jpg

$PLUGINSDIR/KuWoRes/Ð¶ÔØ3.jpg

.jpg

$PLUGINSDIR/NsisCrypt.dll

.dll windows:5 windows x86 arch:x86

0f7c068976b63e2ce4d710bf595f48ea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

d:\Projects\NsisCrypt\Release\NsisCrypt.pdb

Imports

kernel32

GetCurrentProcessId

GlobalAlloc

lstrcpynA

GlobalFree

GetLastError

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

InterlockedCompareExchange

Sleep

InterlockedExchange

GetSystemTimeAsFileTime

advapi32

CryptReleaseContext

CryptDecrypt

CryptEncrypt

CryptDestroyKey

CryptSetKeyParam

CryptImportKey

CryptGetHashParam

CryptDestroyHash

CryptAcquireContextW

CryptCreateHash

CryptHashData

msvcp90

??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

msvcr90

_decode_pointer

_malloc_crt

free

_encoded_null

_initterm

_onexit

_amsg_exit

_adjust_fdiv

__CppXcptFilter

_crt_debugger_hook

_except_handler4_common

__clean_type_info_names_internal

_lock

_encode_pointer

__dllonexit

_unlock

??2@YAPAXI@Z

mbstowcs_s

sprintf_s

memcpy_s

isalnum

_initterm_e

_strlwr

memset

malloc

__CxxFrameHandler3

Exports

Base64Decode

Base64Encode

DecryptSymmetric

EncryptSymmetric

Hash

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

lstrcpyA

lstrcpynA

FreeLibrary

lstrcatA

GetProcAddress

LoadLibraryA

GetModuleHandleA

MultiByteToWideChar

lstrlenA

WideCharToMultiByte

GetLastError

VirtualAlloc

VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/inetc.dll

.dll windows:4 windows x86 arch:x86

5bdcdde5acd7b395f3f3d19ebbb8c6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

msvcrt

_mbschr

_adjust_fdiv

malloc

_initterm

free

strlen

strchr

strrchr

_mbsrchr

strtoul

memset

_mbsstr

strtol

kernel32

GlobalFree

CreateThread

WaitForSingleObject

TerminateThread

GetModuleHandleA

MulDiv

lstrcpyA

GlobalAlloc

LoadLibraryA

GetProcAddress

lstrcmpiA

CreateFileA

GetFileSize

lstrlenA

WriteFile

ReadFile

lstrcmpA

lstrcpynA

lstrcatA

GetLastError

DeleteFileA

CloseHandle

SleepEx

SetFilePointer

GetTickCount

user32

MessageBoxA

GetParent

ShowWindow

SetWindowLongA

IsWindow

SetWindowTextA

SendDlgItemMessageA

GetDlgItem

PostMessageA

GetWindowTextA

SendMessageA

SetDlgItemTextA

SetWindowPos

SystemParametersInfoA

GetClientRect

GetWindowRect

SetTimer

LoadIconA

UpdateWindow

DestroyWindow

KillTimer

RedrawWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

IsWindowVisible

EnableWindow

CreateDialogParamA

FindWindowExA

wsprintfA

GetWindowLongA

wininet

HttpSendRequestA

HttpSendRequestExA

HttpQueryInfoA

FtpCreateDirectoryA

FtpOpenFileA

InternetGetLastResponseInfoA

InternetSetFilePointer

InternetSetOptionA

InternetQueryOptionA

InternetCloseHandle

InternetErrorDlg

HttpOpenRequestA

HttpAddRequestHeadersA

HttpEndRequestA

InternetConnectA

InternetCrackUrlA

InternetOpenA

InternetReadFile

InternetWriteFile

comctl32

ord17

Exports

get

head

post

put

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/nsDialogs.dll

.dll windows:4 windows x86 arch:x86

c193ea402999ea8ce8faa9fef22de03d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA

lstrcmpiA

MulDiv

lstrlenA

HeapFree

GetCurrentDirectoryA

HeapAlloc

HeapReAlloc

GlobalFree

lstrcpynA

GlobalAlloc

GetProcessHeap

SetCurrentDirectoryA

user32

GetPropA

DestroyWindow

CallWindowProcA

DrawFocusRect

CharPrevA

DrawTextA

GetWindowTextA

GetDlgItem

SetWindowLongA

SetWindowPos

CreateDialogParamA

MapWindowPoints

GetWindowRect

SetPropA

CreateWindowExA

IsWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

ShowWindow

wsprintfA

MapDialogRect

GetClientRect

CharNextA

SendMessageA

GetWindowLongA

gdi32

SetTextColor

shell32

SHBrowseForFolderA

SHGetPathFromIDListA

comdlg32

GetSaveFileNameA

GetOpenFileNameA

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Create

CreateControl

CreateItem

GetUserData

OnBack

OnChange

OnClick

OnNotify

SelectFileDialog

SelectFolderDialog

SetRTL

SetUserData

Show

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 442B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

185.png

.png

Conf/Default/config.ini

DuiLib.dll

.dll windows:5 windows x86 arch:x86

5d6344c388d6efe9a05f627831a53640

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

50:da:15:04:90:9f:72:73:48:6d:47:ac:0a:b7:46:75
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04-11-2013 00:00

Not After

02-01-2017 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=KUWO MUSIC,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

7a:ad:fe:62:7f:d1:73:7a:c1:6b:93:ba:de:7c:87:34:7b:0a:af:39
Signer

Actual PE Digest

7a:ad:fe:62:7f:d1:73:7a:c1:6b:93:ba:de:7c:87:34:7b:0a:af:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

h:\KWShow\KWShow\trunk\1.0\KWShow\KwResource\bin\release\pdb\DuiLib.pdb

Imports

riched20

ord4

kernel32

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

InterlockedCompareExchange

InterlockedExchange

Sleep

GetTickCount

MulDiv

MultiByteToWideChar

GetACP

GetProcAddress

LoadLibraryA

WideCharToMultiByte

GetLastError

LockResource

SizeofResource

FreeResource

LoadResource

FindResourceA

DisableThreadLibraryCalls

GetModuleFileNameA

GetCurrentDirectoryA

SetCurrentDirectoryA

GetModuleHandleA

CloseHandle

ReadFile

GetFileSize

CreateFileA

SetFilePointer

GetFileType

QueryPerformanceCounter

DuplicateHandle

GetCurrentProcess

SystemTimeToFileTime

DosDateTimeToFileTime

CreateDirectoryA

SetFileTime

WriteFile

CreateMutexA

CreateEventA

TerminateThread

WaitForSingleObject

SetEvent

GetCurrentProcessId

ReleaseMutex

GetCurrentThreadId

GetSystemTimeAsFileTime

user32

IsWindow

EnableWindow

GetCursorPos

ReleaseDC

GetSysColor

SetCaretPos

ShowCaret

HideCaret

CreateCaret

UpdateWindow

SetRect

CharPrevA

WindowFromPoint

GetFocus

PeekMessageA

GetUpdateRect

GetWindowDC

UpdateLayeredWindow

IsRectEmpty

CharNextA

GetWindowTextA

GetWindowTextLengthA

SetParent

SetWindowTextA

ShowWindowAsync

MapWindowPoints

GetMenu

AdjustWindowRectEx

PostMessageA

SetPropA

GetPropA

CallWindowProcA

GetClassInfoExA

RegisterClassExA

RegisterClassA

GetSystemMetrics

LoadImageA

SendMessageA

GetParent

GetWindow

SetFocus

CreateWindowExA

wvsprintfA

UnionRect

InflateRect

wsprintfA

IntersectRect

BeginPaint

EndPaint

CreateAcceleratorTableA

DefWindowProcA

InvalidateRgn

InvalidateRect

FillRect

SetCapture

ReleaseCapture

GetDC

SetWindowPos

DestroyWindow

SystemParametersInfoA

ClientToScreen

GetKeyState

KillTimer

GetDesktopWindow

GetMessageA

TranslateMessage

DispatchMessageA

MoveWindow

ShowWindow

SetForegroundWindow

IsWindowVisible

PtInRect

PostQuitMessage

MonitorFromWindow

GetMonitorInfoA

IsIconic

GetWindowRect

OffsetRect

SetWindowRgn

GetClientRect

IsZoomed

SetTimer

SetCursor

LoadCursorA

SetWindowLongA

GetWindowLongA

ScreenToClient

MessageBoxA

gdi32

Rectangle

CreateRectRgn

GetDeviceCaps

CreateCompatibleBitmap

GetTextExtentPoint32A

CreateDIBSection

BitBlt

SaveDC

CreateRoundRectRgn

RestoreDC

DeleteDC

CreateCompatibleDC

SelectObject

GetTextMetricsA

DeleteObject

GetStockObject

CreatePen

CreateFontIndirectA

GetClipBox

CombineRgn

StretchBlt

SetStretchBltMode

CreateSolidBrush

LineTo

MoveToEx

SetBkMode

RoundRect

TextOutA

SetTextColor

GetTextColor

GetCharABCWidthsA

SetBkColor

GdiFlush

SetWindowOrgEx

SelectClipRgn

ExtSelectClipRgn

GetObjectA

CreateRectRgnIndirect

advapi32

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

shell32

ShellExecuteA

ole32

CLSIDFromProgID

CLSIDFromString

CoCreateInstance

OleLockRunning

kwlib

?Alloc@CSharedMemMgr@KwLib@@SA?AVCSharedMemPointer@2@IK@Z

?MultiByteToWideCharOfGB18030@Charset@KwLib@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBDH@Z

?UTF8ToUnicode@Charset@KwLib@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z

?String2WString@Charset@KwLib@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z

?StartWith@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

?GetShortFileName@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

?Format@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ

?IsExistFile@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?UnCompress@Memzip@KwLib@@YA?AW4ZIP_RESULT@12@PAEPAJPBEJ@Z

?Compress@Memzip@KwLib@@YA?AW4ZIP_RESULT@12@PAEPAJPBEJ@Z

?GetKwPath@Dir@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4Path_Type@12@@Z

?GetFileExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

?Str2Lower@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z

?GetMemById@CSharedMemMgr@KwLib@@SA?AVCSharedMemPointer@2@K@Z

?GetFileMapping@CSharedMemMgr@KwLib@@SAPAXXZ

?GetOffset@CSharedMemPointer@KwLib@@QAEIXZ

?GetPtr@CSharedMemPointer@KwLib@@QAEPAXXZ

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ

??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z

?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z

?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z

?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

comctl32

_TrackMouseEvent

ord17

msimg32

AlphaBlend

msvcr90

sqrt

??3@YAXPAX@Z

_CxxThrowException

??2@YAPAXI@Z

_invalid_parameter_noinfo

_snprintf_s

__RTDynamicCast

??1exception@std@@UAE@XZ

??0exception@std@@QAE@XZ

??0exception@std@@QAE@ABV01@@Z

memmove_s

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

strcpy

strlen

_itoa_s

atoi

strtol

isdigit

??_V@YAXPAX@Z

cos

__CxxFrameHandler3

_purecall

fclose

fwrite

fopen_s

memcpy

fread

ftell

fseek

_mbscmp

_atodbl

_mbsicmp

abs

free

malloc

_lrotl

realloc

memcmp

memmove

strcat

wcslen

_mbsupr

_mbslwr

_mbschr

_mbsstr

_mbsrchr

strtoul

ceil

strcmp

labs

toupper

_mbsnbcpy

_mbsnbcmp

_ismbcalnum

calloc

_gmtime64

strncpy

_beginthreadex

strcpy_s

?terminate@@YAXXZ

_unlock

__dllonexit

_encode_pointer

_lock

_onexit

_decode_pointer

_except_handler4_common

_malloc_crt

_encoded_null

_initterm

_initterm_e

_amsg_exit

_adjust_fdiv

__CppXcptFilter

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

__clean_type_info_names_internal

memset

_stricmp

kwlog

?LogUserActMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PBD@Z

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

gdiplus

GdipCreateFontFromDC

GdipCreateFontFromLogfontA

GdipDeleteBrush

GdipReleaseDC

GdipDrawString

GdipSetInterpolationMode

GdipSetSmoothingMode

GdipSetTextRenderingHint

GdipSetStringFormatFlags

GdipSetStringFormatTrimming

GdipSetStringFormatLineAlign

GdipSetStringFormatAlign

GdipAlloc

GdipCloneBrush

GdipFree

GdipCreateSolidFill

GdipDeletePath

GdipCreatePath

GdipMeasureString

GdipCreateFromHDC

GdipCreateStringFormat

GdipDeleteStringFormat

GdipDeleteFont

GdipDeleteGraphics

Exports

??0CAcceptDrag@DuiLib@@QAE@ABV01@@Z

??0CAcceptDrag@DuiLib@@QAE@XZ

??0CActiveXUI@DuiLib@@QAE@ABV01@@Z

??0CActiveXUI@DuiLib@@QAE@XZ

??0CAlphaChangeAnimation@DuiLib@@QAE@ABV01@@Z

??0CAlphaChangeAnimation@DuiLib@@QAE@XZ

??0CAnimationManager@DuiLib@@QAE@ABV01@@Z

??0CAnimationManager@DuiLib@@QAE@XZ

??0CArrowWnd@DuiLib@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4ArrowDirect@01@PAVINotifyUI@1@@Z

??0CBallonInfo@DuiLib@@QAE@ABV01@@Z

??0CBallonInfo@DuiLib@@QAE@XZ

??0CBallonWnd@DuiLib@@AAE@XZ

??0CBaseFloatWnd@DuiLib@@QAE@XZ

??0CButtonUI@DuiLib@@QAE@ABV01@@Z

??0CButtonUI@DuiLib@@QAE@XZ

??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z

??0CCheckBoxUI@DuiLib@@QAE@XZ

??0CColorMgr@DuiLib@@QAE@XZ

??0CComboUI@DuiLib@@QAE@ABV01@@Z

??0CComboUI@DuiLib@@QAE@XZ

??0CContainerUI@DuiLib@@QAE@ABV01@@Z

??0CContainerUI@DuiLib@@QAE@XZ

??0CControlUI@DuiLib@@QAE@ABV01@@Z

??0CControlUI@DuiLib@@QAE@XZ

??0CDelegateBase@DuiLib@@QAE@ABV01@@Z

??0CDelegateBase@DuiLib@@QAE@PAX0@Z

??0CDialogBuilder@DuiLib@@QAE@XZ

??0CDialogLayoutUI@DuiLib@@QAE@ABV01@@Z

??0CDialogLayoutUI@DuiLib@@QAE@XZ

??0CEditUI@DuiLib@@QAE@ABV01@@Z

??0CEditUI@DuiLib@@QAE@XZ

??0CEventSource@DuiLib@@QAE@ABV01@@Z

??0CEventSource@DuiLib@@QAE@XZ

??0CFontManager@DuiLib@@QAE@XZ

??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z

??0CHorizontalLayoutUI@DuiLib@@QAE@XZ

??0CImageLayer@DuiLib@@QAE@ABV01@@Z

??0CImageLayer@DuiLib@@QAE@PAVCPaintManagerUI@1@@Z

??0CImageMgr@DuiLib@@QAE@XZ

??0CImageSliderUI@DuiLib@@QAE@ABV01@@Z

??0CImageSliderUI@DuiLib@@QAE@XZ

??0CIrrFlashRender@DuiLib@@QAE@XZ

??0CItemEditor@DuiLib@@QAE@ABV01@@Z

??0CItemEditor@DuiLib@@QAE@PAVCListUI@1@@Z

??0CKwBaseDialog@DuiLib@@QAE@XZ

??0CKwMessageBox@DuiLib@@QAE@HH@Z

??0CKwTipDlg@DuiLib@@QAE@XZ

??0CLabelUI@DuiLib@@QAE@ABV01@@Z

??0CLabelUI@DuiLib@@QAE@XZ

??0CListBodyUI@DuiLib@@QAE@ABV01@@Z

??0CListBodyUI@DuiLib@@QAE@PAVCListUI@1@@Z

??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z

??0CListContainerElementUI@DuiLib@@QAE@XZ

??0CListElementUI@DuiLib@@QAE@ABV01@@Z

??0CListElementUI@DuiLib@@QAE@XZ

??0CListExpandElementUI@DuiLib@@QAE@ABV01@@Z

??0CListExpandElementUI@DuiLib@@QAE@XZ

??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z

??0CListHeaderItemUI@DuiLib@@QAE@XZ

??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z

??0CListHeaderUI@DuiLib@@QAE@XZ

??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z

??0CListLabelElementUI@DuiLib@@QAE@XZ

??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z

??0CListTextElementUI@DuiLib@@QAE@XZ

??0CListTopPaint@DuiLib@@QAE@ABV01@@Z

??0CListTopPaint@DuiLib@@QAE@PAVCListUI@1@@Z

??0CListUI@DuiLib@@QAE@ABV01@@Z

??0CListUI@DuiLib@@QAE@XZ

??0CListUIEx@DuiLib@@QAE@ABV01@@Z

??0CListUIEx@DuiLib@@QAE@XZ

??0CMarkup@DuiLib@@QAE@PBD@Z

??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z

??0CMarkupNode@DuiLib@@AAE@XZ

??0CMenuButtonUI@DuiLib@@QAE@XZ

??0CMenuUI@DuiLib@@QAE@PAV01@@Z

??0CMulLineTips@DuiLib@@QAE@XZ

??0COptionUI@DuiLib@@QAE@ABV01@@Z

??0COptionUI@DuiLib@@QAE@XZ

??0CPaintManagerUI@DuiLib@@QAE@XZ

??0CPlayProgressUI@DuiLib@@QAE@ABV01@@Z

??0CPlayProgressUI@DuiLib@@QAE@XZ

??0CPoint@DuiLib@@QAE@ABUtagPOINT@@@Z

??0CPoint@DuiLib@@QAE@HH@Z

??0CPoint@DuiLib@@QAE@J@Z

??0CPoint@DuiLib@@QAE@XZ

??0CPosChangeAnimation@DuiLib@@QAE@ABV01@@Z

??0CPosChangeAnimation@DuiLib@@QAE@XZ

??0CProgressUI@DuiLib@@QAE@ABV01@@Z

??0CProgressUI@DuiLib@@QAE@XZ

??0CRect@DuiLib@@QAE@ABUtagRECT@@@Z

??0CRect@DuiLib@@QAE@HHHH@Z

??0CRect@DuiLib@@QAE@XZ

??0CRichEditUI@DuiLib@@QAE@ABV01@@Z

??0CRichEditUI@DuiLib@@QAE@XZ

??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z

??0CScrollBarUI@DuiLib@@QAE@XZ

??0CSeqFrameAnimation@DuiLib@@QAE@ABV01@@Z

??0CSeqFrameAnimation@DuiLib@@QAE@XZ

??0CSize@DuiLib@@QAE@ABUtagSIZE@@@Z

??0CSize@DuiLib@@QAE@HH@Z

??0CSize@DuiLib@@QAE@UtagRECT@@@Z

??0CSize@DuiLib@@QAE@XZ

??0CSkinMgr@DuiLib@@AAE@XZ

??0CSliderUI@DuiLib@@QAE@ABV01@@Z

??0CSliderUI@DuiLib@@QAE@XZ

??0CSplitterWnd@DuiLib@@QAE@XZ

??0CStdPtrArray@DuiLib@@QAE@ABV01@@Z

??0CStdPtrArray@DuiLib@@QAE@H@Z

??0CStdString@DuiLib@@QAE@ABV01@@Z

??0CStdString@DuiLib@@QAE@D@Z

??0CStdString@DuiLib@@QAE@PBDH@Z

??0CStdString@DuiLib@@QAE@XZ

??0CStdStringPtrMap@DuiLib@@QAE@H@Z

??0CStdValArray@DuiLib@@QAE@HH@Z

??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z

??0CTabLayoutUI@DuiLib@@QAE@XZ

??0CTextUI@DuiLib@@QAE@ABV01@@Z

??0CTextUI@DuiLib@@QAE@XZ

??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z

??0CTileLayoutUI@DuiLib@@QAE@XZ

??0CToolTipWnd@DuiLib@@QAE@XZ

??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z

??0CVerticalLayoutUI@DuiLib@@QAE@XZ

??0CWaitCursor@DuiLib@@QAE@XZ

??0CWindowProxyUI@DuiLib@@QAE@ABV01@@Z

??0CWindowProxyUI@DuiLib@@QAE@XZ

??0CWindowWnd@DuiLib@@QAE@ABV01@@Z

??0CWindowWnd@DuiLib@@QAE@XZ

??0Curve@DuiLib@@QAE@ABV01@@Z

??0Curve@DuiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

??0IAnimationListener@DuiLib@@QAE@ABV01@@Z

??0IAnimationListener@DuiLib@@QAE@XZ

??0IBaseAnimation@DuiLib@@QAE@ABV01@@Z

??0IBaseAnimation@DuiLib@@QAE@XZ

??0IDIYContentNotify@DuiLib@@QAE@ABV01@@Z

??0IDIYContentNotify@DuiLib@@QAE@XZ

??0IKeyFrameAnimation@DuiLib@@QAE@ABV01@@Z

??0IKeyFrameAnimation@DuiLib@@QAE@XZ

??0IProxyUICallBack@DuiLib@@QAE@ABV01@@Z

??0IProxyUICallBack@DuiLib@@QAE@XZ

??0ISkinImplementer@DuiLib@@QAE@ABV01@@Z

??0ISkinImplementer@DuiLib@@QAE@XZ

??0ISliderDragNotifyUI@DuiLib@@QAE@ABV01@@Z

??0ISliderDragNotifyUI@DuiLib@@QAE@XZ

??0KwMenuItem@DuiLib@@QAE@ABV01@@Z

??0KwMenuItem@DuiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_N100PAVCControlUI@1@0@Z

??0KwMenuItem@DuiLib@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$vector@VKwMenuItem@DuiLib@@V?$allocator@VKwMenuItem@DuiLib@@@std@@@3@00PAVCControlUI@1@@Z

??0KwMenuItem@DuiLib@@QAE@XZ

??1CAcceptDrag@DuiLib@@QAE@XZ

??1CActiveXUI@DuiLib@@UAE@XZ

??1CAnimationManager@DuiLib@@QAE@XZ

??1CArrowWnd@DuiLib@@UAE@XZ

??1CBallonInfo@DuiLib@@QAE@XZ

??1CBallonWnd@DuiLib@@UAE@XZ

??1CBaseFloatWnd@DuiLib@@UAE@XZ

??1CButtonUI@DuiLib@@UAE@XZ

??1CCheckBoxUI@DuiLib@@UAE@XZ

??1CColorMgr@DuiLib@@QAE@XZ

??1CComboUI@DuiLib@@UAE@XZ

??1CContainerUI@DuiLib@@UAE@XZ

??1CControlUI@DuiLib@@UAE@XZ

??1CDelegateBase@DuiLib@@UAE@XZ

??1CDialogBuilder@DuiLib@@QAE@XZ

??1CDialogLayoutUI@DuiLib@@UAE@XZ

??1CEditUI@DuiLib@@UAE@XZ

??1CEventSource@DuiLib@@QAE@XZ

??1CFontManager@DuiLib@@QAE@XZ

??1CHorizontalLayoutUI@DuiLib@@UAE@XZ

??1CImageLayer@DuiLib@@QAE@XZ

??1CImageMgr@DuiLib@@QAE@XZ

??1CImageSliderUI@DuiLib@@UAE@XZ

??1CIrrFlashRender@DuiLib@@QAE@XZ

??1CItemEditor@DuiLib@@UAE@XZ

??1CKwBaseDialog@DuiLib@@QAE@XZ

??1CKwMessageBox@DuiLib@@QAE@XZ

??1CKwTipDlg@DuiLib@@QAE@XZ

??1CLabelUI@DuiLib@@UAE@XZ

??1CListBodyUI@DuiLib@@UAE@XZ

??1CListContainerElementUI@DuiLib@@UAE@XZ

??1CListElementUI@DuiLib@@UAE@XZ

??1CListExpandElementUI@DuiLib@@UAE@XZ

??1CListHeaderItemUI@DuiLib@@UAE@XZ

??1CListHeaderUI@DuiLib@@UAE@XZ

??1CListLabelElementUI@DuiLib@@UAE@XZ

??1CListTextElementUI@DuiLib@@UAE@XZ

??1CListTopPaint@DuiLib@@UAE@XZ

??1CListUI@DuiLib@@UAE@XZ

??1CListUIEx@DuiLib@@UAE@XZ

??1CMarkup@DuiLib@@QAE@XZ

??1CMenuButtonUI@DuiLib@@UAE@XZ

??1CMenuUI@DuiLib@@QAE@XZ

??1CMulLineTips@DuiLib@@QAE@XZ

??1COptionUI@DuiLib@@UAE@XZ

??1CPaintManagerUI@DuiLib@@QAE@XZ

??1CPlayProgressUI@DuiLib@@UAE@XZ

??1CProgressUI@DuiLib@@UAE@XZ

??1CRenderClip@DuiLib@@QAE@XZ

??1CRichEditUI@DuiLib@@UAE@XZ

??1CScrollBarUI@DuiLib@@UAE@XZ

??1CSkinMgr@DuiLib@@AAE@XZ

??1CSliderUI@DuiLib@@UAE@XZ

??1CSplitterWnd@DuiLib@@QAE@XZ

??1CStdPtrArray@DuiLib@@QAE@XZ

??1CStdString@DuiLib@@QAE@XZ

??1CStdStringPtrMap@DuiLib@@QAE@XZ

??1CStdValArray@DuiLib@@QAE@XZ

??1CTabLayoutUI@DuiLib@@UAE@XZ

??1CTextUI@DuiLib@@UAE@XZ

??1CTileLayoutUI@DuiLib@@UAE@XZ

??1CToolTipWnd@DuiLib@@UAE@XZ

??1CVerticalLayoutUI@DuiLib@@UAE@XZ

??1CWaitCursor@DuiLib@@QAE@XZ

??1CWindowProxyUI@DuiLib@@UAE@XZ

??1CWindowWnd@DuiLib@@QAE@XZ

??1Curve@DuiLib@@QAE@XZ

??1KwMenuItem@DuiLib@@QAE@XZ

??4CAcceptDrag@DuiLib@@QAEAAV01@ABV01@@Z

??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CAlphaChangeAnimation@DuiLib@@QAEAAV01@ABV01@@Z

??4CAnimationManager@DuiLib@@QAEAAV01@ABV01@@Z

??4CBallonInfo@DuiLib@@QAEAAV01@ABV01@@Z

??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CColorEngine@DuiLib@@QAEAAV01@ABV01@@Z

??4CColorMgr@DuiLib@@QAEAAV01@ABV01@@Z

??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z

??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z

??4CDialogLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z

??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CImageLayer@DuiLib@@QAEAAV01@ABV01@@Z

??4CImageMgr@DuiLib@@QAEAAV01@ABV01@@Z

??4CImageSliderUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CIrrFlashRender@DuiLib@@QAEAAV01@ABV01@@Z

??4CItemEditor@DuiLib@@QAEAAV01@ABV01@@Z

??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListExpandElementUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListTopPaint@DuiLib@@QAEAAV01@ABV01@@Z

??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CListUIEx@DuiLib@@QAEAAV01@ABV01@@Z

??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z

??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z

??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CPlayProgressUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CPoint@DuiLib@@QAEAAV01@ABV01@@Z

??4CPosChangeAnimation@DuiLib@@QAEAAV01@ABV01@@Z

??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CRect@DuiLib@@QAEAAV01@ABV01@@Z

??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z

??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z

??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CSSE@DuiLib@@QAEAAV01@ABV01@@Z

??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CSeqFrameAnimation@DuiLib@@QAEAAV01@ABV01@@Z

??4CSize@DuiLib@@QAEAAV01@ABV01@@Z

??4CSkinMgr@DuiLib@@QAEAAV01@ABV01@@Z

??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CStdPtrArray@DuiLib@@QAEAAV01@ABV01@@Z

??4CStdString@DuiLib@@QAEABV01@ABV01@@Z

??4CStdString@DuiLib@@QAEABV01@D@Z

??4CStdString@DuiLib@@QAEABV01@PBD@Z

??4CStdString@DuiLib@@QAEABV01@PB_W@Z

??4CStdStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z

??4CStdValArray@DuiLib@@QAEAAV01@ABV01@@Z

??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z

??4CWindowProxyUI@DuiLib@@QAEAAV01@ABV01@@Z

??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z

??4Curve@DuiLib@@QAEAAV01@ABV01@@Z

??4IAnimationListener@DuiLib@@QAEAAV01@ABV01@@Z

??4IBaseAnimation@DuiLib@@QAEAAV01@ABV01@@Z

??4IDIYContentNotify@DuiLib@@QAEAAV01@ABV01@@Z

??4IKeyFrameAnimation@DuiLib@@QAEAAV01@ABV01@@Z

??4IProxyUICallBack@DuiLib@@QAEAAV01@ABV01@@Z

??4ISkinImplementer@DuiLib@@QAEAAV01@ABV01@@Z

??4ISliderDragNotifyUI@DuiLib@@QAEAAV01@ABV01@@Z

??4KwMenuItem@DuiLib@@QAEAAV01@ABV01@@Z

??8CPoint@DuiLib@@QAE_NABV01@@Z

??8CRect@DuiLib@@QAE_NABV01@@Z

??8CStdString@DuiLib@@QBE_NPBD@Z

??9CRect@DuiLib@@QAE_NABV01@@Z

??9CStdString@DuiLib@@QBE_NPBD@Z

??ACStdPtrArray@DuiLib@@QBEPAXH@Z

??ACStdString@DuiLib@@QBEDH@Z

??ACStdStringPtrMap@DuiLib@@QBEPBDH@Z

??ACStdValArray@DuiLib@@QBEPAXH@Z

??BCStdString@DuiLib@@QBEPBDXZ

??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ

??HCStdString@DuiLib@@QAE?AV01@ABV01@@Z

??HCStdString@DuiLib@@QAE?AV01@PBD@Z

??MCStdString@DuiLib@@QBE_NPBD@Z

??NCStdString@DuiLib@@QBE_NPBD@Z

??OCStdString@DuiLib@@QBE_NPBD@Z

??PCStdString@DuiLib@@QBE_NPBD@Z

??RCDelegateBase@DuiLib@@QAE_NAAUtagTEventUI@1@@Z

??RCEventSource@DuiLib@@QAE_NAAUtagTEventUI@1@@Z

??YCEventSource@DuiLib@@QAEXAAVCDelegateBase@1@@Z

??YCEventSource@DuiLib@@QAEXP6A_NAAUtagTEventUI@1@@Z@Z

??YCStdString@DuiLib@@QAEABV01@ABV01@@Z

??YCStdString@DuiLib@@QAEABV01@D@Z

??YCStdString@DuiLib@@QAEABV01@PBD@Z

??ZCEventSource@DuiLib@@QAEXAAVCDelegateBase@1@@Z

??ZCEventSource@DuiLib@@QAEXP6A_NAAUtagTEventUI@1@@Z@Z

??_7CAcceptDrag@DuiLib@@6B@

??_7CActiveXUI@DuiLib@@6BCControlUI@1@@

??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@

??_7CAlphaChangeAnimation@DuiLib@@6B@

??_7CArrowWnd@DuiLib@@6BCWindowWnd@1@@

??_7CArrowWnd@DuiLib@@6BINotifyUI@1@@

??_7CBallonWnd@DuiLib@@6BCWindowWnd@1@@

??_7CBallonWnd@DuiLib@@6BINotifyUI@1@@

??_7CBaseFloatWnd@DuiLib@@6BCWindowWnd@1@@

??_7CBaseFloatWnd@DuiLib@@6BINotifyUI@1@@

??_7CButtonUI@DuiLib@@6B@

??_7CCheckBoxUI@DuiLib@@6B@

??_7CComboUI@DuiLib@@6B@

??_7CComboUI@DuiLib@@6BCControlUI@1@@

??_7CComboUI@DuiLib@@6BIContainerUI@1@@

??_7CContainerUI@DuiLib@@6BCControlUI@1@@

??_7CContainerUI@DuiLib@@6BIContainerUI@1@@

??_7CControlUI@DuiLib@@6B@

??_7CDelegateBase@DuiLib@@6B@

??_7CDialogLayoutUI@DuiLib@@6BCControlUI@1@@

??_7CDialogLayoutUI@DuiLib@@6BIContainerUI@1@@

??_7CEditUI@DuiLib@@6B@

??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@

??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@

??_7CImageLayer@DuiLib@@6BIAnimationListener@1@@

??_7CImageLayer@DuiLib@@6BIFlashRenderCallBack@1@@

??_7CImageLayer@DuiLib@@6BISkinImplementer@1@@

??_7CImageSliderUI@DuiLib@@6B@

??_7CImageSliderUI@DuiLib@@6BCControlUI@1@@

??_7CImageSliderUI@DuiLib@@6BIContainerUI@1@@

??_7CItemEditor@DuiLib@@6B@

??_7CKwBaseDialog@DuiLib@@6BCWindowWnd@1@@

??_7CKwBaseDialog@DuiLib@@6BINotifyUI@1@@

??_7CKwBaseDialog@DuiLib@@6BISkinImplementer@1@@

??_7CKwMessageBox@DuiLib@@6BCWindowWnd@1@@

??_7CKwMessageBox@DuiLib@@6BINotifyUI@1@@

??_7CKwMessageBox@DuiLib@@6BISkinImplementer@1@@

??_7CKwTipDlg@DuiLib@@6BCWindowWnd@1@@

??_7CKwTipDlg@DuiLib@@6BINotifyUI@1@@

??_7CKwTipDlg@DuiLib@@6BISkinImplementer@1@@

??_7CLabelUI@DuiLib@@6B@

??_7CListBodyUI@DuiLib@@6BCControlUI@1@@

??_7CListBodyUI@DuiLib@@6BIContainerUI@1@@

??_7CListContainerElementUI@DuiLib@@6B@

??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@

??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@

??_7CListElementUI@DuiLib@@6BCControlUI@1@@

??_7CListElementUI@DuiLib@@6BIListItemUI@1@@

??_7CListExpandElementUI@DuiLib@@6BCControlUI@1@@

??_7CListExpandElementUI@DuiLib@@6BIListItemUI@1@@

??_7CListHeaderItemUI@DuiLib@@6B@

??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@

??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@

??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@

??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@

??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@

??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@

??_7CListTopPaint@DuiLib@@6B@

??_7CListUI@DuiLib@@6BCAcceptDrag@1@@

??_7CListUI@DuiLib@@6BCControlUI@1@@

??_7CListUI@DuiLib@@6BIContainerUI@1@@

??_7CListUI@DuiLib@@6BIListHeaderOwnerUI@1@@

??_7CListUI@DuiLib@@6BIListOwnerUI@1@@

??_7CListUIEx@DuiLib@@6BCAcceptDrag@1@@

??_7CListUIEx@DuiLib@@6BCControlUI@1@@

??_7CListUIEx@DuiLib@@6BIContainerUI@1@@

??_7CListUIEx@DuiLib@@6BIListHeaderOwnerUI@1@@

??_7CListUIEx@DuiLib@@6BIListOwnerUI@1@@

??_7CMenuButtonUI@DuiLib@@6B@

??_7CMenuUI@DuiLib@@6BCWindowWnd@1@@

??_7CMenuUI@DuiLib@@6BINotifyUI@1@@

??_7CMenuUI@DuiLib@@6BISkinImplementer@1@@

??_7CMulLineTips@DuiLib@@6BCWindowWnd@1@@

??_7CMulLineTips@DuiLib@@6BINotifyUI@1@@

??_7CMulLineTips@DuiLib@@6BISkinImplementer@1@@

??_7COptionUI@DuiLib@@6B@

??_7CPlayProgressUI@DuiLib@@6B@

??_7CPosChangeAnimation@DuiLib@@6B@

??_7CProgressUI@DuiLib@@6B@

??_7CRichEditUI@DuiLib@@6B@

??_7CRichEditUI@DuiLib@@6BCControlUI@1@@

??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@

??_7CScrollBarUI@DuiLib@@6B@

??_7CSeqFrameAnimation@DuiLib@@6B@

??_7CSliderUI@DuiLib@@6B@

??_7CSplitterWnd@DuiLib@@6B@

??_7CTabLayoutUI@DuiLib@@6B@

??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@

??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@

??_7CTextUI@DuiLib@@6B@

??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@

??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@

??_7CToolTipWnd@DuiLib@@6BCWindowWnd@1@@

??_7CToolTipWnd@DuiLib@@6BINotifyUI@1@@

??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@

??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@

??_7CWindowProxyUI@DuiLib@@6B@

??_7CWindowWnd@DuiLib@@6B@

??_7IAnimationListener@DuiLib@@6B@

??_7IBaseAnimation@DuiLib@@6B@

??_7IDIYContentNotify@DuiLib@@6B@

??_7IKeyFrameAnimation@DuiLib@@6B@

??_7IProxyUICallBack@DuiLib@@6B@

??_7ISkinImplementer@DuiLib@@6B@

??_7ISliderDragNotifyUI@DuiLib@@6B@

??_FCArrowWnd@DuiLib@@QAEXXZ

??_FCKwMessageBox@DuiLib@@QAEXXZ

??_FCMarkup@DuiLib@@QAEXXZ

??_FCMenuUI@DuiLib@@QAEXXZ

??_FCStdPtrArray@DuiLib@@QAEXXZ

??_FCStdStringPtrMap@DuiLib@@QAEXXZ

??_FCurve@DuiLib@@QAEXXZ

?Activate@CButtonUI@DuiLib@@UAE_NXZ

?Activate@CCheckBoxUI@DuiLib@@UAE_NXZ

?Activate@CComboUI@DuiLib@@UAE_NXZ

?Activate@CControlUI@DuiLib@@UAE_NXZ

?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ

?Activate@CListElementUI@DuiLib@@UAE_NXZ

?Activate@COptionUI@DuiLib@@UAE_NXZ

?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

?Add@CListHeaderUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

?Add@CStdPtrArray@DuiLib@@QAE_NPAX@Z

?Add@CStdValArray@DuiLib@@QAE_NPBX@Z

?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

?AddAt@CListHeaderUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

?AddControlPoint@Curve@DuiLib@@QAEXNN@Z

?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPBD0@Z

?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z

?AddFont@CFontManager@DuiLib@@SAPAUHFONT__@@PBD0H_N11@Z

?AddFontAt@CFontManager@DuiLib@@SAPAUHFONT__@@HPBD0H_N11@Z

?AddImage@CImageMgr@DuiLib@@SAPBUtagTImageInfo@2@PBD0K@Z

?AddImage@CImageMgr@DuiLib@@SAPBUtagTImageInfo@2@PBDPAUHBITMAP__@@HH_NPAX@Z

?AddImageQuick@CImageMgr@DuiLib@@SAXPBD0@Z

?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z

?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@PAVCControlUI@2@@Z

?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPBDPAVCControlUI@2@@Z

?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z

?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z

?AdjustAlpha@CSSE@DuiLib@@SAXAAK@Z

?AfterCreate@CMenuUI@DuiLib@@AAEXXZ

?AnimateFadeout@CControlUI@DuiLib@@UAEX_N@Z

?Append@CStdString@DuiLib@@QAEXPBD@Z

?AppendText@CRichEditUI@DuiLib@@QAEHPBD_N@Z

?ApplyAttributeList@CControlUI@DuiLib@@QAEPAV12@PBD@Z

?ApplyChildAttribute@CContainerUI@DuiLib@@QAEXPAVCControlUI@2@@Z

?Assign@CStdString@DuiLib@@QAEXPBDH@Z

?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@_N@Z

?AttachListener@CAlphaChangeAnimation@DuiLib@@UAEXPAVIAnimationListener@2@@Z

?AttachListener@CPosChangeAnimation@DuiLib@@UAEXPAVIAnimationListener@2@@Z

?AttachListener@CSeqFrameAnimation@DuiLib@@UAEXPAVIAnimationListener@2@@Z

?BSplineFunc@Curve@DuiLib@@IAENQBNNN@Z

?BindCurve@IKeyFrameAnimation@DuiLib@@UAEXPAVCurve@2@@Z

?ButtonIsChecked@CImageSliderUI@DuiLib@@QAEHXZ

?CalcTextRect@CRenderEngine@DuiLib@@SA_NPAUHDC__@@AAUtagRECT@@PBDIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z

?CancleAll@CIrrFlashRender@DuiLib@@QAEXXZ

?CenterDeskWindow@CWindowWnd@DuiLib@@QAEXPAUHWND__@@@Z

?CenterParentWindow@CWindowWnd@DuiLib@@QAEXPAUHWND__@@@Z

?CenterPoint@CRect@DuiLib@@QAE?AVCPoint@2@XZ

?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ

?ChangeBmpColor@CColorEngine@DuiLib@@SA_NPAUtagTImageInfo@2@KK@Z

?ChangeColor@CColorEngine@DuiLib@@SAXAAKK@Z

?ChangeColor@CColorMgr@DuiLib@@SAXK@Z

?ChangeColor@CSkinMgr@DuiLib@@SAXK@Z

?ChangeSkin@CImageLayer@DuiLib@@UAEXXZ

?ChangeSkin@CSkinMgr@DuiLib@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

?ChangeSubColor@CSkinMgr@DuiLib@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABK_N@Z

?ChangeSubject@CSkinMgr@DuiLib@@SAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABK_N@Z

?CharFromPos@CRichEditUI@DuiLib@@QBEHVCPoint@2@@Z

?CheckDCAndBitmap@CRenderEngine@DuiLib@@SA_NPAUHDC__@@AAPAU3@AAPAUHBITMAP__@@AAPAKAAUtagRECT@@UtagSIZE@@@Z

?CheckItem@CComboUI@DuiLib@@UAE_NABV?$vector@HV?$allocator@H@std@@@std@@@Z

?CheckItem@CComboUI@DuiLib@@UAE_NH@Z

?CheckItem@CListUI@DuiLib@@UAE_NABV?$vector@HV?$allocator@H@std@@@std@@@Z

?CheckItem@CListUI@DuiLib@@UAE_NH@Z

?CheckMouseEnter@CComboUI@DuiLib@@UAEX_N@Z

?CheckMouseEnter@CListUI@DuiLib@@UAEX_N@Z

?CheckWndRectIsCorrect@CWindowWnd@DuiLib@@QAE_NAAVCRect@2@@Z

Sections

.text
Size: 791KB - Virtual size: 791KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

DumpReport.exe

.exe windows:5 windows x86 arch:x86

b5ddeb63a8ecbb5d856ca812b71a6609

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

50:da:15:04:90:9f:72:73:48:6d:47:ac:0a:b7:46:75
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04-11-2013 00:00

Not After

02-01-2017 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=KUWO MUSIC,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

96:8b:63:72:ff:b8:26:a0:c9:55:fa:44:33:aa:be:bb:f7:e4:a8:a5
Signer

Actual PE Digest

96:8b:63:72:ff:b8:26:a0:c9:55:fa:44:33:aa:be:bb:f7:e4:a8:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\KWShow\KWShow\trunk\1.0\KWShow\KwResource\bin\release\pdb\DumpReport.pdb

Imports

kernel32

lstrlenA

GetModuleFileNameA

MultiByteToWideChar

lstrlenW

GetLastError

InitializeCriticalSection

WideCharToMultiByte

FreeLibrary

SizeofResource

LoadResource

FindResourceA

LoadLibraryExA

lstrcmpiA

GetProcAddress

IsDBCSLeadByte

GetSystemTimeAsFileTime

GetModuleHandleA

GetTickCount

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

GetStartupInfoA

Sleep

InterlockedExchange

VirtualAlloc

VirtualFree

IsProcessorFeaturePresent

LoadLibraryA

HeapAlloc

GetProcessHeap

HeapFree

InterlockedCompareExchange

InterlockedIncrement

InterlockedDecrement

LeaveCriticalSection

EnterCriticalSection

GetCurrentProcess

FlushInstructionCache

SetLastError

RaiseException

DeleteCriticalSection

GetCurrentProcessId

GetCurrentThreadId

user32

SetWindowLongA

CharNextA

PostQuitMessage

GetWindowTextA

CreateDialogParamA

GetParent

GetWindow

GetMessageA

TranslateMessage

DispatchMessageA

DefWindowProcA

GetSystemMetrics

LoadImageA

UnregisterClassA

GetWindowRect

GetWindowLongA

MonitorFromWindow

GetMonitorInfoA

GetClientRect

MapWindowPoints

SetWindowPos

IsDialogMessageA

SendMessageA

GetDlgItem

ShowWindow

DestroyWindow

PeekMessageA

advapi32

RegDeleteKeyA

RegCloseKey

RegCreateKeyExA

RegOpenKeyExA

RegEnumKeyExA

RegSetValueExA

RegQueryInfoKeyA

RegDeleteValueA

ole32

CoTaskMemRealloc

CoTaskMemAlloc

CoTaskMemFree

CoCreateInstance

CoInitialize

CoUninitialize

oleaut32

VarUI4FromStr

SysFreeString

kwlib

??1ProcessExecutor@Process@KwLib@@QAE@XZ

?Exec@ProcessExecutor@Process@KwLib@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z

??0ProcessExecutor@Process@KwLib@@QAE@XZ

?Base64Encode@Base64@KwLib@@YAHPADPBDH@Z

?KillProcessByName@System@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z

comctl32

InitCommonControlsEx

msvcp90

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

kwmodconfig

AfxGetConfigManager

kwlog

?LogClientErrorMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@000@Z

?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

msvcr90

_initterm

_acmdln

_initterm_e

_ismbblead

_XcptFilter

_configthreadlocale

__setusermatherr

_adjust_fdiv

__p__commode

__p__fmode

__set_app_type

_crt_debugger_hook

?_type_info_dtor_internal_method@type_info@@QAEXXZ

?terminate@@YAXXZ

_invoke_watson

exit

_encode_pointer

??3@YAXPAX@Z

_purecall

??2@YAPAXI@Z

memset

free

??_V@YAXPAX@Z

_recalloc

memmove_s

_resetstkoflw

memcpy_s

_mbsstr

_mbsnbcpy_s

malloc

_unlock

__dllonexit

_exit

_lock

_onexit

_decode_pointer

_except_handler4_common

_amsg_exit

__getmainargs

_cexit

_controlfp_s

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IEProxy.dll

.dll windows:5 windows x86 arch:x86

9a2cfe8eda271e05f189b0757c634bfa

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

50:da:15:04:90:9f:72:73:48:6d:47:ac:0a:b7:46:75
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

04-11-2013 00:00

Not After

02-01-2017 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=KUWO MUSIC,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

a5:06:e4:11:15:f5:7a:b1:9b:57:b1:4e:e0:45:10:9f:4c:bb:bb:44
Signer

Actual PE Digest

a5:06:e4:11:15:f5:7a:b1:9b:57:b1:4e:e0:45:10:9f:4c:bb:bb:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

h:\KWShow\KWShow\trunk\1.0\KWShow\KwResource\bin\release\pdb\IEProxy.pdb

Imports

kernel32

SetEvent

CloseHandle

TryEnterCriticalSection

Sleep

CreateToolhelp32Snapshot

Process32First

GetModuleFileNameA

Module32First

GetCurrentProcessId

Process32Next

InitializeCriticalSection

CreateEventA

lstrcpynA

GetTickCount

TerminateThread

GetCurrentThreadId

LeaveCriticalSection

EnterCriticalSection

WaitForSingleObject

GetSystemTimeAsFileTime

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

InterlockedCompareExchange

InterlockedExchange

DeleteCriticalSection

user32

DefWindowProcA

PeekMessageA

PostThreadMessageA

CreateWindowExA

RegisterClassExA

LoadCursorA

PostMessageA

FindWindowA