f2683fad85dcdcf71d0354ae8cbb04fa6507170fa62f68d2177bf4195306ab5b

Sharing

Copy URL Twitter E-mail

General

Target

f2683fad85dcdcf71d0354ae8cbb04fa6507170fa62f68d2177bf4195306ab5b
Size

14.3MB
MD5

02261502ee0ba5b65653a71ca2b35d63
SHA1

bed032ec286a32ce67caa7b1508ff60310a96bdc
SHA256

f2683fad85dcdcf71d0354ae8cbb04fa6507170fa62f68d2177bf4195306ab5b
SHA512

8b2b3fd3c5eedfe476f928eb0f79aa6baa0af17f1d83eee37de36dd07f948bdad2a9ce6f77ce4c87f16e10c15dd87b844801a7598cb87c5aedb4caf5ee614385
SSDEEP

393216:jHI5DZAcdSXZkDM3sjhKeiyRT9rj7OFQofWh0iW7ySxj:jHI5d0ZeM3sceicr3XGWdayaj

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/��9.61��52pojie��/mmt/��͡�.mt9	vmprotect

Unsigned PE 49 IoCs

Checks for missing Authenticode signature.

resource
unpack001/��9.61��52pojie��/QMColorActionCtl.ocx
unpack001/��9.61��52pojie��/mmt/��͡�.mt9
unpack001/��9.61��52pojie��/plugin/Access.dll
unpack001/��9.61��52pojie��/plugin/Access.ocx
unpack001/��9.61��52pojie��/plugin/Bkgnd.dll
unpack001/��9.61��52pojie��/plugin/Bkgnd.ocx
unpack001/��9.61��52pojie��/plugin/BkgndColor.dll
unpack001/��9.61��52pojie��/plugin/Color.dll
unpack001/��9.61��52pojie��/plugin/Color.ocx
unpack001/��9.61��52pojie��/plugin/ColorEx.dll
unpack001/��9.61��52pojie��/plugin/ColorEx.ocx
unpack001/��9.61��52pojie��/plugin/Console.dll
unpack001/��9.61��52pojie��/plugin/Console.ocx
unpack001/��9.61��52pojie��/plugin/Encrypt.dll
unpack001/��9.61��52pojie��/plugin/Encrypt.ocx
unpack001/��9.61��52pojie��/plugin/File.dll
unpack001/��9.61��52pojie��/plugin/File.ocx
unpack001/��9.61��52pojie��/plugin/GetSysInfo.dll
unpack001/��9.61��52pojie��/plugin/Media.dll
unpack001/��9.61��52pojie��/plugin/Media.ocx
unpack001/��9.61��52pojie��/plugin/Memory.dll
unpack001/��9.61��52pojie��/plugin/Memory.ocx
unpack001/��9.61��52pojie��/plugin/Msg.dll
unpack001/��9.61��52pojie��/plugin/Msg.ocx
unpack001/��9.61��52pojie��/plugin/Net.dll
unpack001/��9.61��52pojie��/plugin/Net.ocx
unpack001/��9.61��52pojie��/plugin/Office.dll
unpack001/��9.61��52pojie��/plugin/Office.ocx
unpack001/��9.61��52pojie��/plugin/Oracle.dll
unpack001/��9.61��52pojie��/plugin/Oracle.ocx
unpack001/��9.61��52pojie��/plugin/Pic.dll
unpack001/��9.61��52pojie��/plugin/Pic.ocx
unpack001/��9.61��52pojie��/plugin/SQLServer.dll
unpack001/��9.61��52pojie��/plugin/SQLServer.ocx
unpack001/��9.61��52pojie��/plugin/Sys.dll
unpack001/��9.61��52pojie��/plugin/Sys.ocx
unpack001/��9.61��52pojie��/plugin/SysEx.dll
unpack001/��9.61��52pojie��/plugin/SysEx.ocx
unpack001/��9.61��52pojie��/plugin/Web.dll
unpack001/��9.61��52pojie��/plugin/Web.ocx
unpack001/��9.61��52pojie��/plugin/Window.dll
unpack001/��9.61��52pojie��/plugin/Window.ocx
unpack001/��9.61��52pojie��/tools/Merge/Languages/TortoiseMerge2052.dll
unpack001/��9.61��52pojie��/tools/Merge/bin/TortoiseMerge.exe
unpack001/��9.61��52pojie��/tools/Merge/bin/intl3_svn.dll
unpack001/��9.61��52pojie��/tools/Merge/bin/libapr_tsvn.dll
unpack001/��9.61��52pojie��/tools/Merge/bin/libapriconv_tsvn.dll
unpack001/��9.61��52pojie��/tools/Merge/bin/libaprutil_tsvn.dll
unpack001/��9.61��52pojie��/tools/Merge/bin/mfc80u.dll

Files

f2683fad85dcdcf71d0354ae8cbb04fa6507170fa62f68d2177bf4195306ab5b
.zip
��9.61��52pojie��/CommondInfo.xml
.xml
��9.61��52pojie��/Import.log
��9.61��52pojie��/Importer.exe
.exe windows:4 windows x86 arch:x86

e630a52e99cba1c17ccb05f90aaddfb1

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:bc:e2:de:50:f1:13:0c:81:e6:46:c1:79:33:12:72
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

06/01/2011, 00:00

Not After

05/01/2014, 23:59

Subject

CN=Fuzhou TianxiaChuangshi Digital Co.\,Ltd.,OU=WoSign Class 3 Code Signing,O=福州天下创世数码有限公司,L=福州市,ST=福建省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4699
ord5307
ord5289
ord5715
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord565
ord817
ord2726
ord4226
ord537
ord4202
ord5710
ord5683
ord4129
ord4277
ord2763
ord2818
ord941
ord798
ord1997
ord5448
ord3318
ord5194
ord533
ord2764
ord542
ord802
ord3663
ord5440
ord6383
ord5450
ord6394
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord5302
ord4698
ord5714
ord3738
ord561
ord815
ord2528
ord1085
ord6569
ord1199
ord2621
ord1134
ord2725
ord1908
ord1690
ord5288
ord4439
ord2054
ord4431
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord5303
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord3402
ord4627
ord3721
ord795
ord771
ord1008
ord1086
ord1146
ord1168
ord567
ord497
ord768
ord692
ord765
ord4259
ord6197
ord2860
ord2116
ord3092
ord4715
ord6199
ord4160
ord2820
ord3811
ord1572
ord5161
ord4905
ord4742
ord4948
ord4358
ord5265
ord4377
ord4854
ord4998
ord4710
ord2514
ord6052
ord1775
ord5287
ord4835
ord4425
ord3699
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord489
ord2302
ord4258
ord5160
ord5162
ord2765
ord3803
ord4976
ord2864
ord641
ord3452
ord2515
ord355
ord668
ord1980
ord3181
ord4058
ord2781
ord2770
ord356
ord2379
ord5572
ord2642
ord3698
ord1106
ord922
ord6392
ord939
ord5300
ord3346
ord2396
ord1948
ord823
ord924
ord535
ord540
ord858
ord6282
ord6283
ord800
ord2817
ord1200
ord2915
ord860
ord5601
ord4441
ord825
ord1576

msvcrt

__p__fmode
__set_app_type
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_onexit
__dllonexit
_mbsicmp
_splitpath
_setmbcp
_stricmp
_mbscmp
__CxxFrameHandler
_mbsrchr
__p___argv
__p___argc
__p__commode

kernel32

CreateSemaphoreA
CloseHandle
OpenFileMappingA
GetLastError
GetTickCount
GetModuleHandleA
GetStartupInfoA
ReleaseSemaphore
CreateDirectoryA
GetModuleFileNameA
MultiByteToWideChar
ExitThread
CopyFileA

user32

GetParent
GetDesktopWindow
ShowWindow
GetLastActivePopup
IsWindow
GetWindow
PostThreadMessageA
SetForegroundWindow
EnableWindow
LoadIconA
SetPropA
IsIconic
SendMessageA
GetPropA
PostMessageA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA
DragQueryFileA
DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantClear

shlwapi

PathFileExistsA
PathIsDirectoryA

syntconv

ConvertScriptFile
SetNotifyHwnd

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
��9.61��52pojie��/QMColorActionCtl.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

278ce3f6bca07a736fa9bba94f7a89b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
ord709
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
ord712
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaFpI4
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/Recorder.exe
.exe windows:5 windows x64 arch:x64

2839cb0ebb031fc4407ca6c9690cb465

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f7:f6:1e:58:a5:06:c7:68:f7:51:18:ad:e0:0c:4e:27:14:05:de:85
Signer

Actual PE Digest

f7:f6:1e:58:a5:06:c7:68:f7:51:18:ad:e0:0c:4e:27:14:05:de:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

m:\VP\QM\trunk\output\Recorder.pdb

Imports

kernel32

HeapReAlloc
RaiseException
RtlPcToFileHeader
HeapQueryInformation
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
ExitProcess
Sleep
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetStartupInfoW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
FileTimeToSystemTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrlenA
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
MulDiv
GlobalUnlock
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomW
CloseHandle
lstrlenW
WritePrivateProfileStringW
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
LockResource
TerminateProcess
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
LoadCursorW
SetCapture
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
GetClassNameW
GetClassLongPtrW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColor
DestroyMenu
CopyRect
UnhookWindowsHookEx
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
UnregisterClassW
CharUpperW
SetCursor
SetWindowsHookExW
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetWindowContextHelpId
GetParent
MapDialogRect
SetWindowPos
PostQuitMessage
PostMessageW
SetPropW
GetPropW
IsWindow
GetDesktopWindow
GetWindow
EnableWindow
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageW
AppendMenuW
GetSystemMenu
LoadIconW
UpdateWindow

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
GetTextColor
CreateBitmap
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
ExtTextOutW
GetObjectW
PtVisible

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleFlushClipboard
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
StgOpenStorageOnILockBytes

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysFreeString

refs64

ord5
ord4

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/Syntconv.dll
.dll windows:4 windows x86 arch:x86

52fb12c4da53f5f2692b33e73eefd8da

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

99:81:c0:82:8b:1c:c1:93:ce:07:e3:c1:8f:45:0a:cb:6b:16:14:17
Signer

Actual PE Digest

99:81:c0:82:8b:1c:c1:93:ce:07:e3:c1:8f:45:0a:cb:6b:16:14:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord941
ord939
ord926
ord538
ord2448
ord2764
ord798
ord1997
ord5465
ord5194
ord533
ord6877
ord4204
ord6392
ord2044
ord5834
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2614
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord4278
ord860
ord858
ord535
ord2915
ord5572
ord6143
ord5861
ord2818
ord537
ord6282
ord6283
ord541
ord801
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord6394
ord5450
ord3663
ord823
ord6383
ord5440
ord825
ord540
ord800
ord3953

msvcrt

strchr
strncmp
strtol
sprintf
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
memmove
_purecall
wcslen
_mbscmp
_mbsrchr
__CxxFrameHandler
??8type_info@@QBEHABV0@@Z
_mbclen
fwrite
fread
ftell
fseek
fopen
fclose
fflush
strncpy
strstr
atoi
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_onexit
free
_initterm
malloc
_adjust_fdiv
__dllonexit

kernel32

LocalFree
FormatMessageA
GetACP
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
CopyFileA
LocalAlloc
VirtualProtect
VirtualFree
VirtualQuery
GetSystemInfo
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
GetStringTypeExW
FreeLibrary
LoadLibraryA
LCMapStringW
Sleep
InterlockedCompareExchange
InterlockedExchange
GetLastError

user32

SendMessageA
LoadStringA
LoadStringW

msvcp60

??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?insert@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIG@Z
??Ostd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??_7bad_exception@std@@6B@
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0ABV?$allocator@D@1@@Z
?_Eos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?erase@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@II@Z
?_Grow@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?what@logic_error@std@@UBEPBDXZ
??0logic_error@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7logic_error@std@@6B@
?_Xran@std@@YAXXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PAG0PBG1@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEPAGXZ
?_Freeze@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??1runtime_error@std@@UAE@XZ
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7runtime_error@std@@6B@
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEABGI@Z
?_Copy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXI@Z
?max_size@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IG@Z
?_Split@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEXXZ
??1bad_exception@std@@UAE@XZ
??0bad_exception@std@@QAE@ABV01@@Z
??1logic_error@std@@UAE@XZ
??A?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAGI@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0runtime_error@std@@QAE@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?_Doraise@runtime_error@std@@MBEXXZ
?what@runtime_error@std@@UBEPBDXZ

shlwapi

PathIsDirectoryA
PathFileExistsA

Exports

Exports

ConvertScriptFile
ConvertScriptString
SetNotifyHwnd

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/TABCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

e0cb36c66e5c120ef20ebc4f30366345

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7
Signer

Actual PE Digest

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
GetProcessHeap
HeapReAlloc
lstrcmpA
InitializeCriticalSection
lstrcatA

user32

BeginPaint
GetClientRect
MoveWindow
IntersectRect
PtInRect
CreateWindowExA
SetWindowPos
SetFocus
SetWindowRgn
FillRect
CopyRect
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowRect
GetWindowDC
DestroyWindow
GetWindowLongA
SetWindowLongA
CallWindowProcA
CharNextA
OffsetRect
SetRectEmpty
ShowWindow
IsDialogMessageA
ScreenToClient
GetClipboardFormatNameA
RegisterClipboardFormatA
MapWindowPoints
SetCursorPos
InvalidateRect
UnregisterClassA
ReleaseCapture
GetNextDlgTabItem
CreateDialogIndirectParamA
IsChild
SetParent
IsWindowVisible
WinHelpA
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
IsIconic
GetParent
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetWindow
GetSystemMetrics
EndPaint
ClientToScreen

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayGetElement
SafeArrayCreate
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayUnaccessData
VariantCopyInd
SafeArrayAccessData
LoadTypeLibEx
UnRegisterTypeLi
VariantCopy
CreateErrorInfo
SetErrorInfo
RegisterTypeLi
VariantInit
SysStringLen
VariantChangeType
GetErrorInfo
OleLoadPicture
OleTranslateColor
LoadRegTypeLi
SysAllocStringByteLen
SysStringByteLen
OleCreatePictureIndirect
OleCreateFontIndirect
VariantClear
SysFreeString
SysAllocString

gdi32

SetMapMode
GetWindowExtEx
GetViewportExtEx
LPtoDP
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
GetPaletteEntries
CreateRectRgnIndirect
CreateICA

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/cfgdll.dll
.dll windows:4 windows x86 arch:x86

e3493c33b4da4c9e132164b491c5d2cc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49
Signer

Actual PE Digest

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
OpenFileMappingA
CreateFileMappingA
CloseHandle
UnmapViewOfFile
OpenEventA
CreateEventA
WaitForSingleObject
PulseEvent
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PostMessageA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/doc/command.ini
.vbs
��9.61��52pojie��/doc/command.xml
.vbs .xml polyglot
��9.61��52pojie��/doc/syntax.xml
��9.61��52pojie��/doc/web.ico
��9.61��52pojie��/kne.dll
.dll windows:4 windows x86 arch:x86

e3493c33b4da4c9e132164b491c5d2cc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49
Signer

Actual PE Digest

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
OpenFileMappingA
CreateFileMappingA
CloseHandle
UnmapViewOfFile
OpenEventA
CreateEventA
WaitForSingleObject
PulseEvent
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PostMessageA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/lib/API.html
.html
��9.61��52pojie��/lib/API.qml
.vbs
��9.61��52pojie��/lib/��.qml
.vbs
��9.61��52pojie��/lib/��.html
.html
��9.61��52pojie��/lib/��.qml
.vbs
��9.61��52pojie��/lib/��.html
.html
��9.61��52pojie��/lib/��.qml
.vbs
��9.61��52pojie��/lib/�㷨.html
.html
��9.61��52pojie��/lib/�㷨.qml
.vbs
��9.61��52pojie��/lib/ͼ��.html
.html
��9.61��52pojie��/lib/ͼ��.qml
.vbs
��9.61��52pojie��/lib/��.html
.html
��9.61��52pojie��/lib/��.qml
.vbs
��9.61��52pojie��/lib/��.html
.html
��9.61��52pojie��/lib/��.qml
.vbs
��9.61��52pojie��/lib/�ļ�.html
.html
��9.61��52pojie��/lib/�ļ�.qml
.vbs
��9.61��52pojie��/lib/ϵͳ.html
.html
��9.61��52pojie��/lib/ϵͳ.qml
��9.61��52pojie��/mmt/��͡�.mt9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 744KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.newimp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 268KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
��9.61��52pojie��/mmt/Ĭ�Ϸ��.ini
��9.61��52pojie��/picker.dll
.dll windows:4 windows x86 arch:x86

7422286e01cb866f6aa635902a4b9e4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:61:b6:12:a8:5d:2f:be:c8:45:82:38:27:79:44:fc
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2014, 00:00

Not After

22/12/2017, 23:59

Subject

CN=福建创意嘉和软件有限公司,OU=运维中心,O=福建创意嘉和软件有限公司,L=福州,ST=福建,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ef:df:e9:25:2b:ff:cd:36:5c:31:74:72:92:07:26:cf:be:54:0e:6b
Signer

Actual PE Digest

ef:df:e9:25:2b:ff:cd:36:5c:31:74:72:92:07:26:cf:be:54:0e:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

UnhookWindowsHookEx
SetWindowsHookExA
PostMessageA
CallNextHookEx

kernel32

HeapFree
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

share
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/picker.exe
.exe windows:5 windows x86 arch:x86

7e3e1522d038b72210f7b3de6fc6b4b4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:61:b6:12:a8:5d:2f:be:c8:45:82:38:27:79:44:fc
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2014, 00:00

Not After

22/12/2017, 23:59

Subject

CN=福建创意嘉和软件有限公司,OU=运维中心,O=福建创意嘉和软件有限公司,L=福州,ST=福建,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

28:f0:b6:a5:17:7b:d6:aa:73:2b:d7:3d:f9:ba:7f:d2:81:30:2c:5e
Signer

Actual PE Digest

28:f0:b6:a5:17:7b:d6:aa:73:2b:d7:3d:f9:ba:7f:d2:81:30:2c:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetConsoleCP
GetConsoleMode
WriteConsoleW
CreateFileW
SetEnvironmentVariableA
GetProcessHeap
QueryPerformanceCounter
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
IsValidCodePage
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
SetStdHandle
HeapQueryInformation
HeapSize
ExitProcess
CreateThread
ExitThread
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
CreateDirectoryA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapAlloc
HeapFree
RtlUnwind
SearchPathA
GetTickCount
GetFileSizeEx
FileTimeToLocalFileTime
GetFileAttributesExA
SetErrorMode
GetNumberFormatA
GetTempPathA
GetTempFileNameA
GetFileTime
FindResourceExW
GetFullPathNameA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentDirectoryA
GetACP
GetSystemDirectoryW
GetOEMCP
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
FileTimeToSystemTime
GetThreadLocale
GetProfileIntA
VirtualProtect
GetPrivateProfileStringA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
InterlockedExchange
lstrcmpA
WaitForSingleObject
ResumeThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetModuleFileNameA
CopyFileA
GlobalSize
FormatMessageA
LocalFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
lstrcmpW
GetShortPathNameA
MulDiv
InitializeCriticalSection
DeleteCriticalSection
GetVolumeInformationA
GlobalFree
Beep
DeleteFileA
Sleep
GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
GetWindowsDirectoryA
FreeLibrary
lstrcatA
WinExec
lstrcpyA
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileAttributesA
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenW
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
FindResourceA
FreeResource
GetCPInfo
lstrlenA
lstrcmpiA
MultiByteToWideChar
GetVersion
GetVersionExA
CreateFileA
WriteFile
CloseHandle
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource

user32

IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetPropA
SetFocus
GetWindowTextLengthA
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
ScrollWindow
TrackPopupMenu
SetMenu
ShowScrollBar
ValidateRect
UpdateWindow
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcA
GetMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
GetKeyNameTextA
IntersectRect
RegisterWindowMessageA
ChildWindowFromPoint
GetWindowRgn
IsZoomed
GetScrollInfo
GetClassInfoA
DefWindowProcA
ChildWindowFromPointEx
SetWindowRgn
MapVirtualKeyA
GetWindowTextA
FindWindowA
GetWindowDC
SetClipboardViewer
ChangeClipboardChain
IsClipboardFormatAvailable
GetClipboardData
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
LoadCursorW
IsRectEmpty
LoadIconA
GetDlgItem
SetWindowPos
SetWindowsHookExA
SetPropA
RemovePropA
SetCursorPos
CallNextHookEx
IsIconic
ShowWindow
LockWindowUpdate
GetKeyState
SetWindowLongA
LoadCursorA
CopyIcon
ReleaseCapture
SetCapture
LoadBitmapA
RegisterHotKey
GetMessagePos
SendMessageTimeoutA
FindWindowExA
IsWindowVisible
ScreenToClient
EnableMenuItem
UnregisterHotKey
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetWindow
KillTimer
SetTimer
MapWindowPoints
RedrawWindow
GetFocus
GetClassNameA
GetForegroundWindow
GetCursorPos
LoadIconW
LoadMenuW
DrawIcon
PtInRect
DestroyCursor
LoadImageA
SetCursor
GetWindowLongA
WindowFromPoint
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
DrawFocusRect
FrameRect
OffsetRect
GetIconInfo
DrawStateA
IsMenu
IsWindow
GetParent
GetWindowRect
PostMessageA
GetMenuItemInfoA
CreateAcceleratorTableA
LoadAcceleratorsW
GetKeyboardState
GetSystemMetrics
SystemParametersInfoA
GetSysColor
SetRectEmpty
GetNextDlgGroupItem
InflateRect
UnionRect
DrawIconEx
DestroyIcon
GrayStringA
DrawTextExA
TabbedTextOutA
GetSysColorBrush
GetDesktopWindow
ReleaseDC
GetDC
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
SubtractRect
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
CharUpperBuffA
LoadImageW
GetUpdateRect
SetMenuDefaultItem
WaitMessage
PostThreadMessageA
UpdateLayeredWindow
AppendMenuA
DeleteMenu
CreatePopupMenu
CreateMenu
DrawEdge
FillRect
LoadBitmapW
SetRect
DrawTextA
SendMessageA
EnableWindow
InvalidateRect
MonitorFromPoint
RegisterClipboardFormatA
EnableScrollBar
HideCaret
InvertRect
GetLastActivePopup
GetMenuDefaultItem
CopyRect
GetClientRect
GetKeyboardLayout
ToAsciiEx
DrawFrameControl
SetClassLongA
NotifyWinEvent
DestroyAcceleratorTable
MessageBeep
GetMenuStringA
InvalidateRgn
CopyAcceleratorTableA
CharNextA
CharUpperA
SetParent
GetSystemMenu
UnregisterClassA
SetLayeredWindowAttributes
EnumDisplayMonitors
CopyImage
RealChildWindowFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
GetDCEx
GetAsyncKeyState
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
EndDialog
GetMessageA
TranslateMessage
DestroyMenu
GetWindowThreadProcessId
EndPaint
SetForegroundWindow
BeginPaint

gdi32

SetBkColor
CreateBitmap
CreateDCA
CreateDIBitmap
GetDIBits
RealizePalette
SelectPalette
CreateRectRgn
CreatePolygonRgn
CreateRoundRectRgn
CombineRgn
OffsetRgn
GetTextColor
FillRgn
FrameRgn
GetTextMetricsA
GetBkColor
CreateRectRgnIndirect
CopyMetaFileA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetTextColor
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
GetObjectType
SetRectRgn
GetMapMode
DPtoLP
GetCharWidthA
StretchDIBits
UnrealizeObject
EnumFontFamiliesA
GetTextCharsetInfo
GetRgnBox
EnumFontFamiliesExA
CreateEllipticRgn
Polyline
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
SetDIBColorTable
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceA
SetPixelV
StretchBlt
GetStockObject
GetTextExtentPoint32W
Escape
TextOutA
RectVisible
PtVisible
SetPixel
GetPixel
PatBlt
Rectangle
Ellipse
GetBkMode
GetObjectA
CreateCompatibleBitmap
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetTextExtentPoint32A
GetDeviceCaps
CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
ExtTextOutA
SetWindowExtEx
GetDIBColorTable
SetDIBits
CreateFontA

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA
RegCloseKey

shell32

SHGetDesktopFolder
ShellExecuteA
DragFinish
DragQueryFileA
SHGetPathFromIDListA
SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetFileInfoA
DragAcceptFiles

comctl32

ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW
PathIsUNCA

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateStreamOnHGlobal
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleLockRunning
CoInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoCreateInstance
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleIsCurrentClipboard
OleFlushClipboard
DoDragDrop
CoTaskMemFree
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoGetClassObject

oleaut32

VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
SysAllocStringByteLen
VariantInit
SysFreeString
VariantChangeType
SysAllocStringLen
VariantClear

oledlg

ord8

winmm

PlaySoundA

picker

ord3
ord2
ord1

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipDisposeImage
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromHBITMAP

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Access.dll
.dll regsvr32 windows:4 windows x86 arch:x86

12f16fbbd78ab57b166adcb102988cd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord860
ord539
ord823
ord924
ord939
ord941
ord540
ord2818
ord535
ord1601
ord537
ord800
ord825
ord743
ord446
ord2486
ord4226
ord6354
ord2915
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307

msvcrt

strrchr
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
_mbscmp
wcstombs
__CxxFrameHandler
wcslen
_CxxThrowException
_EH_prolog
strchr

kernel32

LocalFree
InterlockedIncrement
InterlockedDecrement
lstrlenA
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
MultiByteToWideChar
WideCharToMultiByte
GetLastError

ole32

OleRun
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

GetErrorInfo
VariantTimeToSystemTime
VarR8FromDec
VariantClear
SysFreeString
VariantChangeType
VariantInit
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Access.ini
��9.61��52pojie��/plugin/Access.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

cb66623ce26efeaab6fd8bfc68484b03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Bkgnd.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9c733a9cb001aeccfd9f3ab4c40e8c93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathIsRelativeA

mfc42

ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3262
ord3081
ord3738
ord561
ord924
ord535
ord2764
ord4622
ord1223
ord290
ord6877
ord2915
ord4204
ord743
ord446
ord2486
ord4226
ord861
ord939
ord941
ord4129
ord540
ord860
ord922
ord858
ord537
ord823
ord2818
ord1601
ord800
ord825
ord815
ord2623
ord1206
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord859
ord940
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1871
ord6354
ord1131
ord1132
ord5500
ord269
ord826
ord600
ord1578

msvcrt

memmove
strtol
_mbscmp
_ftol
sscanf
__CxxFrameHandler
strrchr
strchr
wcstombs
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
__RTDynamicCast
wcslen
atoi
sprintf
malloc
free

kernel32

GetTempPathA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalAlloc
LocalFree
GetEnvironmentVariableA
TlsGetValue
lstrlenA
lstrcpynA
MulDiv
Sleep
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
WritePrivateProfileStringA
GetLongPathNameA
OutputDebugStringA

user32

GetSystemMetrics
ClientToScreen
GetWindowRect
GetWindowDC
IsRectEmpty
PostMessageA
ReleaseDC
LoadImageA
MapVirtualKeyA
GetDC

gdi32

SetTextColor
SetBkColor
TextOutW
GetTextExtentPointW
GetPixel
GetBitmapBits
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
CreateFontIndirectA
DeleteObject
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetObjectA
GetDIBits
DPtoLP
DeleteDC

ole32

CLSIDFromProgID
CoCreateInstance
CoTaskMemFree
StringFromCLSID

oleaut32

VariantCopy
SysAllocString
VariantClear

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Bkgnd.ini
��9.61��52pojie��/plugin/Bkgnd.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

13760d57ff82474a3bbfa7c1561e4413

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/BkgndColor.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0b501e04791adaf9382223e7d946167b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3081
ord3738
ord561
ord815
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord5500
ord1132
ord1131
ord6354
ord540
ord860
ord1601
ord800
ord743
ord446
ord2486
ord3262
ord600
ord1243
ord1176
ord1168
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord342
ord1182
ord1577
ord1575
ord1116
ord269
ord826
ord6877
ord940
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord4226

msvcrt

_ftol
sprintf
strtol
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
strchr
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_EH_prolog
atoi
strrchr

kernel32

WritePrivateProfileStringA
IsDebuggerPresent
IsBadWritePtr
IsBadCodePtr
GetEnvironmentVariableA
GetPrivateProfileStringA
LocalAlloc
LocalFree
OutputDebugStringA
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalLock
GetModuleFileNameA

user32

PrintWindow
GetWindowDC
GetWindowRect
IsRectEmpty
GetDC
ClientToScreen
ReleaseDC

gdi32

CreateDCA
GetObjectA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
BitBlt
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/BkgndColor.ini
��9.61��52pojie��/plugin/Color.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7f64cff0859bcb2ffcb4cfb7b9065763

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2414
ord1641
ord1640
ord323
ord6928
ord858
ord4278
ord939
ord4129
ord860
ord924
ord535
ord1871
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord640
ord2405
ord2450
ord3626
ord3571
ord3663
ord4204
ord540
ord2915
ord465
ord743
ord446
ord2486
ord4226
ord861
ord537
ord823
ord2818
ord1601
ord800
ord825
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4003
ord4622
ord1223
ord290
ord2623
ord1206
ord614
ord4424
ord4080
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079

msvcrt

malloc
free
_mbscmp
atol
sscanf
_ftol
sprintf
strtol
__CxxFrameHandler
__RTDynamicCast
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
wcstombs
strchr
strrchr
_adjust_fdiv

kernel32

LocalAlloc
LocalFree
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
Sleep
GetTickCount

user32

GetSystemMetrics
GetDC
ReleaseDC

gdi32

GetBitmapBits
DeleteDC
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetObjectA
GetDIBits
CreateDCA

oleaut32

VariantClear

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Color.ini
��9.61��52pojie��/plugin/Color.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

78cfb62b497e49781501abac8bc50d61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
ord588
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaFpR4
ord520
ord307
__vbaFpR8
_CIsin
ord632
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaI2I4
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
ord710
__vbaExceptHandler
__vbaStrToUnicode
ord712
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaR4ForNextCheck
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
__vbaFpI4
ord616
ord617
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
__vbaI2ErrVar
ord619
__vbaR8IntI4
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/ColorEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

41093615c11ad02fcdcef71db8b7939c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3663
ord3626
ord2450
ord2405
ord640
ord2414
ord1641
ord860
ord535
ord462
ord1770
ord539
ord2763
ord926
ord4278
ord858
ord6928
ord323
ord5442
ord3318
ord353
ord1979
ord665
ord2393
ord2452
ord1871
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3571
ord537
ord2915
ord540
ord2818
ord1601
ord800
ord825
ord823
ord743
ord446
ord2486
ord1640
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord4226
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord939
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375

msvcrt

atol
_mbscmp
sscanf
free
malloc
_ftol
__CxxFrameHandler
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
wcstombs
strchr
strrchr

kernel32

WritePrivateProfileStringA
LocalAlloc
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileStringA
HeapFree
GetProcessHeap
HeapAlloc
GlobalReAlloc
GetLastError
SetLastError
GlobalSize
IsDebuggerPresent
GetModuleFileNameA

user32

GetDC
ReleaseDC
GetSystemMetrics
LoadImageA

gdi32

DeleteObject
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA
GetDIBits
SetDIBits
CreateDIBSection
SelectObject

oleaut32

VariantClear

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/ColorEx.ini
��9.61��52pojie��/plugin/ColorEx.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

594875067d04ba866f91089ee4af751c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
ord588
__vbaAptOffset
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
__vbaFpR8
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaI2I4
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
ord710
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
__vbaR4ForNextCheck
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
__vbaFpI2
__vbaFpI4
ord616
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
ord619
__vbaR8IntI4
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Console.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3ee25517d80f50b3dc6c3077fe84ed0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2915
ord1131
ord537
ord6354
ord540
ord2818
ord1601
ord800
ord743
ord446
ord2486
ord941
ord4226
ord1132
ord5500
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord860
ord6877
ord940
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3262
ord3081
ord3738
ord561
ord815

msvcrt

free
__CxxFrameHandler
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
malloc
strrchr
wcstombs
_initterm
_EH_prolog
_onexit
__dllonexit
??2@YAPAXI@Z
strchr

kernel32

AllocConsole
WriteFile
SetConsoleCtrlHandler
GetModuleHandleA
ReadConsoleInputA
LocalFree
GetStdHandle
ReadFile
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetProcAddress
FreeConsole
LocalAlloc

user32

SetForegroundWindow

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Console.ini
��9.61��52pojie��/plugin/Console.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

3a72b91329e847f69e48f79053a696ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Encrypt.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f27e57f8fa92e554d02a3c00a459e267

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2770
ord356
ord665
ord2803
ord6385
ord940
ord2818
ord1979
ord5442
ord2915
ord3318
ord5186
ord354
ord668
ord939
ord4278
ord823
ord535
ord860
ord537
ord800
ord1601
ord540
ord858
ord4204
ord743
ord446
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord2486
ord4226
ord4129
ord825
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
sprintf
strrchr
strchr
wcstombs
strtol
_vsnprintf
malloc
free
__CxxFrameHandler
_mbscmp

kernel32

WritePrivateProfileStringA
IsDebuggerPresent
OutputDebugStringA
LocalFree
GetModuleFileNameA
GetPrivateProfileStringA
LocalAlloc

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Encrypt.ini
��9.61��52pojie��/plugin/Encrypt.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

6b0dd5c8a12a53dec2629ffc03a93994

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/File.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6a793c63e5e4df48e38cafb11494ec68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6407
ord823
ord2818
ord4278
ord536
ord858
ord535
ord2915
ord6662
ord533
ord5194
ord5465
ord924
ord939
ord1997
ord798
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord354
ord5186
ord3318
ord1979
ord665
ord3790
ord6153
ord537
ord940
ord540
ord860
ord1601
ord800
ord743
ord446
ord2486
ord4226
ord825
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2554
ord4486
ord6375
ord4274
ord4003
ord4622
ord1223
ord290
ord2623
ord1206
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord859
ord6877
ord1116
ord1176
ord1575
ord1168
ord2512
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269

msvcrt

_mkdir
rename
wcstombs
__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_tzset
_timezone
sscanf
memchr
atoi
_stricmp
fclose
strrchr
strchr
memmove

kernel32

CloseHandle
CreateFileA
WriteFile
ReadFile
SetFilePointer
SystemTimeToFileTime
OpenFile
SetFileTime
MoveFileA
DeleteFileA
GetFileAttributesA
CopyFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalFree
LocalAlloc
_lclose

comdlg32

GetOpenFileNameA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA

msvcp60

??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?getline@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ifstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??_8?$basic_ifstream@DU?$char_traits@D@std@@@std@@7B@
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
?clear@ios_base@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/File.ini
��9.61��52pojie��/plugin/File.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

4f988188dc4adc4db8d4689ea1406bdf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaVarCat
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/GetSysInfo.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c7e26a54a63442c678a21968d23a3416

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord540
ord2818
ord6354
ord1131
ord1132
ord5500
ord815
ord1601
ord800
ord743
ord446
ord2486
ord561
ord3738
ord3081
ord3262
ord5714
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord860
ord6877
ord940
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord4226

msvcrt

__CxxFrameHandler
??2@YAPAXI@Z
__dllonexit
_onexit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
malloc
atoi
strrchr
strchr
_initterm
free

kernel32

GetModuleFileNameA
LocalAlloc
LocalFree
GetVolumeInformationA
GetLocalTime
GetVersion
WritePrivateProfileStringA
GetPrivateProfileStringA
IsDebuggerPresent
GetEnvironmentVariableA
IsBadCodePtr
IsBadWritePtr

user32

EnumDisplaySettingsA
GetSystemMetrics

winmm

timeGetTime

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/GetSysInfo.ini
��9.61��52pojie��/plugin/Media.dll
.dll regsvr32 windows:4 windows x86 arch:x86

ad4a40c665cadb0f107e26d05c0debd6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mixerGetLineInfoA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineControlsA
mixerClose
mixerGetNumDevs
waveOutOpen
mixerGetID
waveOutClose
mixerOpen
mciSendStringA

mfc42

ord2486
ord446
ord743
ord941
ord2818
ord540
ord2915
ord825
ord4226
ord860
ord800
ord4129
ord537
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5500
ord1132
ord1131
ord6354
ord823
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord6375
ord6877
ord940
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord1601
ord4003
ord4274
ord1116

msvcrt

wcstombs
strchr
strrchr
atol
_mbscmp
__CxxFrameHandler
free
malloc
__dllonexit
_onexit
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm

kernel32

IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
LocalFree
GetShortPathNameA
Beep

user32

CallWindowProcA
GetCursorPos
SetWindowLongA
GetWindowLongA
DestroyWindow
ShowWindow
CreateWindowExA
DefWindowProcA
RegisterClassExA

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Media.ini
��9.61��52pojie��/plugin/Media.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

baae46ef61cc570a6eaf2828c5d4421d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
__vbaFPFix
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Memory.dll
.dll regsvr32 windows:4 windows x86 arch:x86

782fb5d2779c606c6cb3e9c92d6db5a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord941
ord537
ord6354
ord4204
ord823
ord825
ord540
ord860
ord1601
ord800
ord743
ord446
ord2486
ord4226
ord2915
ord1131
ord1132
ord5500
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3262
ord3081
ord3738
ord561
ord815

msvcrt

_initterm
__CxxFrameHandler
free
malloc
??1type_info@@UAE@XZ
_adjust_fdiv
strrchr
strchr
wcstombs
strtol
_onexit
__dllonexit
sprintf

kernel32

GetTickCount
WideCharToMultiByte
OutputDebugStringA
lstrlenA
GetExitCodeProcess
TerminateProcess
GetPriorityClass
GetCurrentProcess
LocalFree
LocalAlloc
ReadProcessMemory
WritePrivateProfileStringA
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
OpenProcess
SetPriorityClass
CloseHandle

user32

IsWindow
wsprintfA
GetWindowThreadProcessId

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Memory.ini
��9.61��52pojie��/plugin/Memory.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

27c11bf7786b4576b67e23bdaed234d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarTstGt
__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Msg.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b46d4bcb11d7d8fd1063b547af1e2abf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord268
ord389
ord922
ord4204
ord2818
ord665
ord5442
ord3318
ord5186
ord354
ord5207
ord940
ord535
ord4203
ord825
ord800
ord1567
ord690
ord743
ord446
ord2486
ord4226
ord823
ord6354
ord2915
ord1131
ord1132
ord5500
ord815
ord858
ord536
ord941
ord939
ord540
ord860
ord859
ord561
ord3738
ord3081
ord3262
ord5714
ord537
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord1601
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346

msvcrt

floor
__CxxFrameHandler
_ftol
strtoul
_mbscmp
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
atoi
strrchr
strchr
wcstombs
_onexit
__dllonexit
sprintf
srand
rand

kernel32

LocalFree
GetTickCount
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
TlsGetValue
GetEnvironmentVariableA
GetModuleFileNameA
IsDebuggerPresent
LocalAlloc

user32

GetDC
ReleaseDC
DrawTextA
InvalidateRect

gdi32

SetTextColor

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyA

ole32

StringFromCLSID
CLSIDFromProgID
CoCreateInstance
CoTaskMemFree

oleaut32

VariantClear
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Msg.ini
��9.61��52pojie��/plugin/Msg.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

3a72b91329e847f69e48f79053a696ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Net.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f31db322725c89acdcdc646dbdcd3bb6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaGosubReturn
__vbaStrVarMove
__vbaAptOffset
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaGosubFree
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
__vbaStrVarVal
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaAryLock
__vbaStrComp
__vbaStrToAnsi
__vbaVarCopy
_CIatan
__vbaStrMove
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Net.ini
��9.61��52pojie��/plugin/Net.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

71b83bfea469e035f23fae947b9dbaab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord717
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaAryLock
__vbaStrToAnsi
ord616
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Office.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a5b7bd06a57b388720df7a32bdb4c583

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAptOffset
__vbaLenBstr
__vbaGosubReturn
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVargVar
_CIsin
__vbaChkstk
__vbaGosubFree
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
__vbaCastObjVar
_adj_fpatan
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
__vbaLateIdCallSt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord607
ord716
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord645
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
__vbaStrComp
__vbaVarCopy
_CIatan
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr
__vbaI4ErrVar

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Office.ini
��9.61��52pojie��/plugin/Office.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

cb66623ce26efeaab6fd8bfc68484b03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaStrVarVal
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Oracle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3d9ffda3fa1c6ad82ea32454c092ded3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord924
ord823
ord939
ord860
ord941
ord540
ord2818
ord1601
ord537
ord5683
ord5710
ord2915
ord4129
ord858
ord800
ord535
ord825
ord743
ord446
ord2486
ord539
ord4226
ord6354
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079

msvcrt

_CxxThrowException
_EH_prolog
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
wcstombs
atoi
__CxxFrameHandler
wcslen
_mbscmp
strrchr
strchr

kernel32

InterlockedDecrement
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalFree
LocalAlloc
GetLastError

ole32

OleRun
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

GetErrorInfo
VariantTimeToSystemTime
VarR8FromDec
VariantClear
SysFreeString
VariantChangeType
VariantInit
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Oracle.ini
��9.61��52pojie��/plugin/Oracle.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

3a72b91329e847f69e48f79053a696ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Pic.dll
.dll regsvr32 windows:4 windows x86 arch:x86

30753a1f6fd0de4b3601b4011fe9ca44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathIsRelativeA

mfc42

ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord1871
ord5710
ord924
ord535
ord859
ord940
ord2554
ord6354
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord939
ord941
ord4129
ord860
ord922
ord858
ord823
ord1116
ord2818
ord825
ord537
ord2764
ord6877
ord2915
ord540
ord861
ord1601
ord800
ord743
ord446
ord2486
ord4226
ord4486
ord5714
ord5289
ord5307
ord1176
ord1575
ord1168
ord1577
ord1182
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269

msvcrt

__CxxFrameHandler
_mbscmp
memmove
strrchr
_ftol
strchr
wcstombs
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
__RTDynamicCast
wcslen
atoi
malloc
wcscmp
free

kernel32

WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalAlloc
LocalFree
GetEnvironmentVariableA
TlsGetValue
lstrlenA
lstrcpynA
MulDiv
CreateFileA
GetTempPathA
CloseHandle
MultiByteToWideChar
InitializeCriticalSection
DeleteFileA
DeleteCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
OutputDebugStringA
GetLongPathNameA

user32

IsRectEmpty
ReleaseDC
GetDC
GetSystemMetrics
LoadImageA

gdi32

DPtoLP
CreateFontIndirectA
SetTextColor
SetBkColor
TextOutW
GetTextExtentPointW
GetPixel
GetBitmapBits
GetDeviceCaps
SelectPalette
RealizePalette
DeleteObject
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetObjectA
GetDIBits
GetStockObject
DeleteDC

ole32

CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
CoCreateInstance

oleaut32

VariantClear
SysAllocString
VariantCopy

gdiplus

GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipSaveImageToFile
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipCloneImage

msvcp60

?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Pic.ini
��9.61��52pojie��/plugin/Pic.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

13760d57ff82474a3bbfa7c1561e4413

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaRecDestruct
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord520
ord307
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaStrCmp
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaRecUniToAnsi
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaVarCat
ord537
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
__vbaI4Var
ord103
ord104
ord105
__vbaStrToAnsi
ord616
__vbaRecDestructAnsi
ord617
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/SQLServer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

94f483cf8591bce164399e5746a83e92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord924
ord823
ord939
ord860
ord941
ord540
ord2818
ord535
ord1601
ord537
ord5683
ord5710
ord2915
ord4129
ord858
ord800
ord825
ord743
ord446
ord2486
ord539
ord4226
ord6354
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079

msvcrt

_CxxThrowException
_EH_prolog
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
wcstombs
atoi
__CxxFrameHandler
wcslen
_mbscmp
strrchr
strchr

kernel32

InterlockedDecrement
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
IsDebuggerPresent
LocalFree
LocalAlloc
GetLastError

ole32

OleRun
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

GetErrorInfo
VariantTimeToSystemTime
VarR8FromDec
VariantClear
SysFreeString
VariantChangeType
VariantInit
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/SQLServer.ini
��9.61��52pojie��/plugin/SQLServer.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

3a72b91329e847f69e48f79053a696ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Sys.dll
.dll regsvr32 windows:4 windows x86 arch:x86

e93bfeb76c64ccc394a705e60434beee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

mfc42

ord941
ord6354
ord1871
ord535
ord1131
ord1132
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord2915
ord2614
ord858
ord1601
ord537
ord540
ord2818
ord4003
ord823
ord825
ord1158
ord860
ord6663
ord4622
ord1223
ord290
ord2623
ord1206
ord614
ord800
ord743
ord446
ord2486
ord4226
ord4424
ord4080
ord5500
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord939
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079

msvcrt

__CxxFrameHandler
??1type_info@@UAE@XZ
wcstombs
strchr
strrchr
free
malloc
__dllonexit
_onexit
_initterm
_adjust_fdiv

kernel32

LocalAlloc
LocalFree
GetLocalTime
GetVolumeInformationA
IsDebuggerPresent
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempPathA
GetCurrentDirectoryA
GlobalSize
GetVersionExA
GetCurrentProcess
GlobalUnlock
GlobalLock
GlobalAlloc

user32

GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ExitWindowsEx
ChangeDisplaySettingsA

gdi32

CreateDCA
GetDeviceCaps
DeleteDC

advapi32

RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

ole32

StringFromCLSID
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Sys.ini
��9.61��52pojie��/plugin/Sys.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

067adff9f8d6f519fc9879f917db686e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/SysEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4b278f2a93a57e710c84f597d1b1f90e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2623
ord1206
ord614
ord4424
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord356
ord2770
ord2781
ord4058
ord3181
ord3178
ord1980
ord668
ord4129
ord6648
ord924
ord6282
ord6283
ord2859
ord4204
ord861
ord5683
ord5710
ord922
ord4278
ord1601
ord6383
ord5440
ord6394
ord5834
ord5450
ord535
ord2448
ord2841
ord4226
ord3903
ord2107
ord2044
ord860
ord858
ord3663
ord825
ord4080
ord3079
ord6354
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord823
ord2915
ord5572
ord4202
ord540
ord2818
ord2764
ord537
ord941
ord5289
ord5307
ord4698
ord800
ord743
ord446
ord3825
ord2486
ord290
ord4079
ord5302
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord859
ord939
ord940
ord6877
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord5300

msvcrt

wcstombs
strchr
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
srand
rand
tolower
_mbsstr
_mbsnbcpy
malloc
free
calloc
memmove
sprintf
_mbscmp
__CxxFrameHandler
strrchr

kernel32

WritePrivateProfileStringA
IsDebuggerPresent
LocalAlloc
LocalFree
GetTickCount
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
GetLocalTime
SetFileTime
LocalFileTimeToFileTime
ReadFile
GetFileAttributesA
SystemTimeToFileTime
SetFilePointer
CreateDirectoryA
lstrcpyA
MultiByteToWideChar
GetLastError
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemDirectoryA
GetTempPathA
GetLongPathNameA
GetModuleFileNameA
GetVersionExA
GetComputerNameA
lstrlenA
Sleep
GetPrivateProfileStringA
OpenProcess
GetProcessTimes
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
VirtualFreeEx
WaitForSingleObject
GetCurrentProcess
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetModuleHandleW
GetWindowsDirectoryA
FindResourceA
SizeofResource
LoadResource
LockResource
CreateFileA
WriteFile
CloseHandle
GetFileInformationByHandle

user32

GetDesktopWindow
GetKeyboardLayoutList
GetDC
ReleaseDC
FindWindowA
PostMessageA
wsprintfA
SystemParametersInfoA
EnumChildWindows
GetWindowThreadProcessId
GetWindowLongA

gdi32

GetDeviceCaps

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromCLSID

imm32

ImmGetDescriptionA

shlwapi

PathIsRelativeA

msvcp60

?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/SysEx.ini
��9.61��52pojie��/plugin/SysEx.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

f8116acd1f9e513715235912d568252a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaAptOffset
__vbaStrVarMove
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaVarCat
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Web.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3bda4e16faafbd5c4a3fdaf434f98b0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

shlwapi

SHDeleteKeyA

mfc42

ord5714
ord3262
ord5307
ord3081
ord4079
ord5302
ord3738
ord561
ord815
ord5500
ord1132
ord1131
ord5572
ord2919
ord1601
ord537
ord2818
ord2915
ord4204
ord540
ord860
ord941
ord800
ord940
ord823
ord743
ord446
ord2486
ord4226
ord825
ord6354
ord5300
ord3346
ord4698
ord5289
ord2396
ord5199
ord1089
ord3922
ord5731
ord269
ord826
ord600
ord2512
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord939
ord859
ord535
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4424
ord614
ord1206
ord2623
ord290
ord1223
ord4622
ord4003
ord4274
ord6375
ord4486
ord2554
ord1578

msvcrt

wcstombs
strchr
_mbsicmp
_mbscmp
__CxxFrameHandler
strrchr
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit

kernel32

WritePrivateProfileStringA
LocalAlloc
LocalFree
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
CreateToolhelp32Snapshot
Process32First
Process32Next
GetModuleFileNameA
CreateProcessA
CreateEventA
WaitForSingleObject
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CloseHandle
FindFirstFileA
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
FindNextFileA
FindClose
IsDebuggerPresent
GetPrivateProfileStringA

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoTaskMemFree
StringFromCLSID

oleaut32

VariantClear
VariantCopy
SysAllocString

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Web.ini
��9.61��52pojie��/plugin/Web.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

1dd42d909878556a24bcf89e394115d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
ord301
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaI2Str
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaR8Str
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
__vbaFpI2
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 428KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Window.dll
.dll regsvr32 windows:4 windows x86 arch:x86

23c0230a3203b217bd8c3dbcb089c026

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord861
ord535
ord5440
ord6383
ord5450
ord6394
ord2915
ord540
ord1871
ord6354
ord941
ord1131
ord1132
ord5500
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord860
ord539
ord537
ord2764
ord2818
ord939
ord800
ord1601
ord3663
ord825
ord823
ord743
ord446
ord4226
ord2486
ord2512
ord2554
ord4486
ord6375
ord4274
ord4003
ord4622
ord1223
ord290
ord2623
ord1206
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord6877
ord940
ord859
ord1799
ord2982
ord3147
ord3259
ord4465
ord3136
ord2985
ord2976

msvcrt

_mbscmp
_ftol
__CxxFrameHandler
sscanf
sprintf
strchr
strrchr
free
wcstombs
malloc
__dllonexit
_onexit
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
atoi

kernel32

Sleep
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
TlsGetValue
GetEnvironmentVariableA
LocalAlloc
LocalFree
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetCurrentThreadId
CreateToolhelp32Snapshot
Module32First
IsDebuggerPresent
GetModuleFileNameA
CloseHandle

user32

SetWindowTextA
AttachThreadInput
GetGUIThreadInfo
GetWindow
ClientToScreen
GetWindowThreadProcessId
GetClassNameA
SendMessageA
SetWindowPos
GetWindowRect
MoveWindow
ShowWindow
PostMessageA
IsWindow
SetForegroundWindow
EnumWindows
GetWindowTextA
GetWindowLongA
IsZoomed
IsIconic
IsWindowVisible
SetParent
GetParent
SetWindowRgn
GetCursorPos
WindowFromPoint
GetForegroundWindow
FindWindowExA
FindWindowA
MapVirtualKeyA
GetClientRect

gdi32

CreatePolygonRgn
CreateEllipticRgn

oleaut32

SysAllocString
VariantClear
VariantCopy

msvcp60

??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA

ole32

CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
StringFromCLSID

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/plugin/Window.ini
��9.61��52pojie��/plugin/Window.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

067adff9f8d6f519fc9879f917db686e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaAptOffset
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord301
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord307
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord101
ord102
ord103
ord104
ord105
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/qmacro.ini
��9.61��52pojie��/qmc/3030394639324442303045384343464636383033423543433634414443424444.lc
.zip
��9.61��52pojie��/qmc/3139414530443136304441343238303142353534424643463138454138363643.lc
.zip
��9.61��52pojie��/qmc/3142433530334241394133463445314544324442414338393335324142313935.lc
.zip
��9.61��52pojie��/qmc/3142464644394532434638333630373937364245444433423642373346323038.lc
.zip
��9.61��52pojie��/qmc/3242394142453636353736303143433833424342324330373536373542443945.lc
.zip
��9.61��52pojie��/qmc/3246443837413736334641424246433343373346313639363336394631313930.lc
.zip
��9.61��52pojie��/qmc/3337393033394330343833444533364344363542324641383838453630334444.lc
.zip
��9.61��52pojie��/qmc/3339313737414633383541463344393237374339303445363636373738413438.lc
.zip
��9.61��52pojie��/qmc/3346324533333332373835323633433942363943393942323431333645324244
.zip
��9.61��52pojie��/qmc/3434374330333633433344443545344239324238414138454332444135454137.lc
.zip
��9.61��52pojie��/qmc/3436353742373345394537314337324337364344314344454631444138414636.lc
.zip
��9.61��52pojie��/qmc/3530424631454542364338334241423242354133313445323637443445373742.lc
.zip
��9.61��52pojie��/qmc/3534333433413135454532463131334244344237304139353045334346373344.lc
.zip
��9.61��52pojie��/qmc/3537413637373644464444393942343546393532443444394139373130303043.lc
.zip
��9.61��52pojie��/qmc/3742344234453642433546424143354539454632423237373642384637443233.lc
.zip
��9.61��52pojie��/qmc/3846443231433232354534334434364341333143413932414343443139423230.lc
.zip
��9.61��52pojie��/qmc/4131464345424132393532454341374535383939384543384239433834344245
.zip
��9.61��52pojie��/qmc/4134414141323432334633323846314242303834323539314235343435414638.lc
.zip
��9.61��52pojie��/qmc/4142454438453244414134384341433043353435464139434142313442354434.lc
.zip
��9.61��52pojie��/qmc/4233323537414444423330424345383035423232323738384338463743343834.lc
.zip
��9.61��52pojie��/qmc/4235463433344446344335313339453746413543353435424134453835463239.lc
.zip
��9.61��52pojie��/qmc/4236464643414231393837323235394237323437333536373142443145363930.lc
.zip
��9.61��52pojie��/qmc/4244443438344145453732454632423632374145394435313938313645464341
.zip
��9.61��52pojie��/qmc/4330464337464146393134373941413542433645303442384642423537314131.lc
.zip
��9.61��52pojie��/qmc/4335394639383435313331383432443643363535364342414537304430373037.lc
.zip
��9.61��52pojie��/qmc/4341413739334243383637303543373844424531384237313142443444333135.lc
.zip
��9.61��52pojie��/qmc/4532433038334639323930304437394237314132393244323843303037374341
.zip
��9.61��52pojie��/qmc/4536434141314642443434423936434437353244453033464437344432324546
.zip
��9.61��52pojie��/qmc/4543444546343630363935464345444246383741343043453544333434464145.lc
.zip
��9.61��52pojie��/qmc/4545384233463343463142394334313438334530414339314441313343314437.style
��9.61��52pojie��/qmc/4632304544303643393741423645414230443734314145354645464245334335
.zip
��9.61��52pojie��/qmc/QMShow/18
��9.61��52pojie��/qmc/QMShow/19
��9.61��52pojie��/qmc/QMShow/index.dat
��9.61��52pojie��/refs.dll
.dll windows:5 windows x86 arch:x86

fbeb4357592c9ba44cf88121499db022

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4c:a6:b8:7e:7e:00:2c:6c:98:e6:32:f1:56:7f:cd:e9:1e:13:df:2d
Signer

Actual PE Digest

4c:a6:b8:7e:7e:00:2c:6c:98:e6:32:f1:56:7f:cd:e9:1e:13:df:2d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

m:\VP\QM\trunk\output\refs.pdb

Imports

kernel32

HeapFree
RtlUnwind
Sleep
ExitProcess
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
HeapAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCommandLineA
lstrlenA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
InterlockedIncrement
FormatMessageW
GlobalFlags
GetModuleHandleA
WritePrivateProfileStringW
SetErrorMode
lstrlenW
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalUnlock
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetCurrentProcessId
GetLastError
GlobalAddAtomW
CloseHandle
InterlockedDecrement
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetSystemTimeAsFileTime
GetProcAddress

user32

DestroyMenu
LoadCursorW
GetSysColorBrush
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuItemID
GetSubMenu
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
SendMessageTimeoutW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
MapWindowPoints
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
DrawTextW
TabbedTextOutW
GetMenuItemCount
UnregisterClassW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
GetMessageW

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
ScaleWindowExtEx
SelectObject
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateBitmap
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
SetViewportOrgEx

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

share
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/refs64.dll
.dll windows:5 windows x64 arch:x64

0a6e7c480a6ce148356b7c0e89402464

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f4:72:b6:13:65:e4:1d:f5:ac:b3:0e:24:b5:47:8d:65:68:03:64:cb
Signer

Actual PE Digest

f4:72:b6:13:65:e4:1d:f5:ac:b3:0e:24:b5:47:8d:65:68:03:64:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

m:\VP\QM\trunk\output\refs64.pdb

Imports

kernel32

RtlUnwindEx
Sleep
ExitProcess
RaiseException
RtlPcToFileHeader
HeapSize
HeapQueryInformation
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
RtlLookupFunctionEntry
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapFree
HeapAlloc
GetCommandLineA
FlsSetValue
lstrlenA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFindAtomW
LoadLibraryA
GetVersionExA
FormatMessageW
GlobalFlags
WritePrivateProfileStringW
SetErrorMode
lstrlenW
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalUnlock
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetCurrentProcessId
GetLastError
GlobalAddAtomW
CloseHandle
SetLastError
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
HeapCreate
GetProcAddress

user32

DestroyMenu
LoadCursorW
GetSysColorBrush
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
MapWindowPoints
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuItemID
GetSubMenu
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
SendMessageTimeoutW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
GetMessagePos
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
DrawTextW
TabbedTextOutW
GetMenuItemCount
UnregisterClassW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
GetMessageW
SetMenu

gdi32

DeleteDC
GetStockObject
GetDeviceCaps
SelectObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateBitmap
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
SetViewportOrgEx

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

share
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/rjhook.dll
.dll windows:4 windows x86 arch:x86

e3493c33b4da4c9e132164b491c5d2cc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49
Signer

Actual PE Digest

48:46:3f:61:18:dc:9c:9b:07:6e:09:32:5b:4b:d9:b3:e1:3c:ed:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
OpenFileMappingA
CreateFileMappingA
CloseHandle
UnmapViewOfFile
OpenEventA
CreateEventA
WaitForSingleObject
PulseEvent
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PostMessageA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/Languages/TortoiseMerge2052.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/TortoiseMerge.exe
.exe windows:4 windows x86 arch:x86

cb7c3f73500194bd12816706a458ff08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Development\SVN\Releases\TortoiseSVN-1.4.7\bin\release\bin\TortoiseMerge.pdb

Imports

shlwapi

SHAutoComplete
PathIsDirectoryW
PathIsRelativeW
PathCompactPathW
PathFileExistsW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

libapr_tsvn

_apr_strnatcasecmp@8
_apr_hash_first@8
_apr_hash_this@16
_apr_hash_next@4
_apr_conv_ucs2_to_utf8@16
_apr_filepath_encoding@8
_apr_pmemdup@12
_apr_pstrmemdup@12
_apr_pstrndup@12
_apr_thread_mutex_lock@4
_apr_hash_get@12
_apr_thread_mutex_unlock@4
_apr_hash_pool_get@4
_apr_array_make@12
_apr_array_push@4
_apr_pvsprintf@12
_apr_pstrdup@8
_apr_hash_make@4
_apr_hash_set@16
apr_pool_cleanup_null
_apr_strtoi64@12
_apr_file_rename@12
_apr_file_write_full@16
_apr_file_seek@12
_apr_file_read_full@16
_apr_file_read@12
_apr_file_info_get@12
_apr_file_getc@8
_apr_pool_userdata_set@16
_apr_pool_userdata_get@12
apr_day_snames
_apr_uid_name_get@12
_apr_uid_current@12
_apr_time_exp_gmt@12
_apr_hash_count@4
_apr_strerror@12
_apr_time_exp_gmt_get@8
_apr_ltoa@8
apr_terminate
_apr_file_name_get@8
_apr_file_attrs_set@16
_apr_pool_cleanup_register@16
_apr_file_close@4
_apr_file_remove@8
_apr_sleep@8
_apr_file_open@20
_apr_stat@16
apr_pstrcat
apr_psprintf
_apr_file_eof@4
_apr_palloc@8
_apr_pool_clear@4
_apr_initialize@0
_apr_pool_destroy@4
_apr_pool_create_ex@16
apr_month_snames

libaprutil_tsvn

_apr_base64_encode_len@4
_apr_xlate_open@16
_apr_base64_encode@12
_apr_xlate_conv_buffer@20
_apr_base64_decode_len@4
_apr_md5@12
_apr_base64_decode@8

intl3_svn

libintl_dgettext
libintl_sprintf

mfc80u

ord4884
ord1647
ord4729
ord1955
ord4206
ord5171
ord5178
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord283
ord2402
ord4743
ord2407
ord3435
ord4574
ord2390
ord330
ord2392
ord589
ord2394
ord2388
ord354
ord2404
ord605
ord293
ord2384
ord931
ord577
ord927
ord929
ord2310
ord925
ord920
ord6063
ord5229
ord2651
ord5231
ord5956
ord1058
ord1591
ord4276
ord4716
ord3397
ord1079
ord1894
ord5199
ord4256
ord4179
ord1785
ord4480
ord6271
ord287
ord3943
ord5067
ord2638
ord1899
ord504
ord3703
ord5148
ord710
ord3713
ord4238
ord1650
ord3712
ord1392
ord3635
ord2527
ord3940
ord2640
ord1608
ord2534
ord1611
ord2856
ord5908
ord2708
ord6720
ord4301
ord2829
ord280
ord774
ord776
ord2311
ord3990
ord5524
ord5485
ord899
ord4784
ord4437
ord4438
ord1118
ord1920
ord2254
ord565
ord756
ord4026
ord563
ord753
ord3204
ord3071
ord2151
ord2146
ord5981
ord1006
ord5053
ord3342
ord4558
ord1925
ord5618
ord2460
ord2255
ord5923
ord5398
ord5925
ord5170
ord4300
ord1156
ord4346
ord6700
ord762
ord2369
ord3326
ord3946
ord282
ord3569
ord4267
ord1352
ord1479
ord3338
ord3676
ord347
ord1271
ord602
ord5147
ord1393
ord5633
ord5911
ord1270
ord6721
ord3198
ord4882
ord3968
ord4855
ord4858
ord4373
ord2361
ord4378
ord4100
ord4375
ord2366
ord4393
ord3155
ord4395
ord1472
ord2121
ord4380
ord4771
ord4585
ord896
ord4175
ord2362
ord4166
ord4974
ord578
ord4775
ord1460
ord5210
ord4198
ord300
ord3585
ord6140
ord1946
ord4094
ord2085
ord1274
ord3238
ord5723
ord3280
ord6053
ord2010
ord4155
ord2066
ord3157
ord6050
ord5604
ord6056
ord5607
ord2521
ord5640
ord502
ord5185
ord3080
ord3417
ord3281
ord4117
ord2985
ord3995
ord6061
ord4109
ord3678
ord587
ord5636
ord5637
ord4686
ord5934
ord6058
ord2648
ord4255
ord4226
ord1536
ord3331
ord4101
ord5884
ord3174
ord572
ord760
ord4119
ord5715
ord5638
ord5917
ord5727
ord5397
ord6033
ord5410
ord5584
ord333
ord5519
ord326
ord3349
ord5643
ord3249
ord567
ord758
ord5482
ord6166
ord6172
ord900
ord860
ord3448
ord620
ord1178
ord2083
ord4232
ord2952
ord3869
ord3224
ord5708
ord5558
ord3873
ord5484
ord1476
ord6751
ord2461
ord658
ord370
ord618
ord416
ord651
ord1555
ord6749
ord2364
ord1176
ord5999
ord310
ord5399
ord2469
ord5091
ord2462
ord1174
ord2122
ord1443
ord1240
ord3314
ord3092
ord1908
ord2740
ord2747
ord2744
ord2116
ord5873
ord5342
ord2904
ord5325
ord4054
ord6211
ord6291
ord917
ord556
ord2305
ord744
ord2465
ord6306
ord5343
ord6171
ord380
ord4074
ord2260
ord5489
ord2697
ord3991
ord2696
ord5626
ord4102
ord6169
ord3195
ord6175
ord1646
ord2262
ord904
ord783
ord781
ord6232
ord5829
ord2155
ord1784
ord1883
ord777
ord591
ord1960
ord1957
ord1556
ord426
ord663
ord865
ord4642
ord3016
ord5426
ord2893
ord3165
ord4228
ord1538
ord1474
ord1922
ord4060
ord4092
ord2080
ord894
ord2444
ord6293
ord5327
ord5711
ord5713
ord557
ord745
ord564
ord755
ord6282
ord1172
ord5316
ord6002
ord266
ord265
ord3395
ord3756
ord6251
ord3311
ord4234
ord1582
ord2086
ord741
ord5198
ord357
ord6265
ord606
ord5141
ord5909
ord1334
ord3636
ord4980
ord1343
ord2030
ord2068
ord2072
ord1903
ord3981
ord5351
ord2713
ord3923
ord4190
ord6010
ord1543
ord1953
ord3436
ord5157
ord1338
ord3079
ord4628
ord4284
ord5201
ord5144
ord3939
ord1047
ord4013
ord2418
ord2419
ord2986
ord5352
ord940
ord395
ord2579
ord4898
ord1087
ord2933
ord2027
ord2365
ord4129
ord4303
ord3752
ord5006
ord553
ord5003
ord742
ord4244
ord4293
ord2609
ord1315
ord1904
ord6059
ord4755
ord2237
ord532
ord4098
ord1962
ord4162
ord3201
ord3642
ord595
ord635
ord1548
ord5855
ord5721
ord5161
ord4588
ord3797
ord4945
ord3070
ord1416
ord6086
ord5701
ord4336
ord4259
ord5973
ord2261
ord5762
ord4271
ord4538
ord4921
ord1297
ord4533
ord2164
ord3176
ord356
ord3829
ord5803
ord2159
ord1386
ord5609
ord6279
ord4290
ord4741
ord2225
ord3885
ord3857
ord1633
ord1564
ord562
ord3493
ord751
ord5710
ord3648
ord3240
ord1086
ord1586
ord4035
ord2065
ord1244
ord3460
ord4687
ord431
ord1461
ord2471
ord609
ord4347
ord3499
ord444
ord435
ord677
ord1959

msvcr80

isspace
strncmp
strstr
strtol
strtoul
sscanf
qsort
atol
memchr
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
iscntrl
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
wcspbrk
wcscpy_s
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
strcpy_s
_invalid_parameter_noinfo
wcsncpy_s
memmove_s
rand
_CxxThrowException
atoi
memset
memcpy
memmove
setlocale
_wcsdup
getenv_s
_wtoi
wcsstr
malloc
wcscat_s
wcsrchr
swprintf_s
swscanf_s
wcstoul
memcpy_s
__doserrno
clearerr
feof
fgets
_recalloc
free
_purecall
abort
_wtol
wcschr
_adjust_fdiv
realloc
__CxxFrameHandler3
tolower

kernel32

lstrcpyW
GetVersionExW
GetModuleHandleW
GetProcAddress
FindFirstFileW
FindClose
FindNextFileW
RaiseException
SetLastError
LoadLibraryW
CreateDirectoryW
CreateFileW
ReadFile
FreeLibrary
GetWindowsDirectoryW
GetFileAttributesW
DeleteFileW
MoveFileW
GetVersion
FindResourceW
LoadResource
LockResource
GetCurrentThreadId
GetTickCount
GlobalAddAtomW
GlobalDeleteAtom
GlobalFindAtomW
GetLocaleInfoW
GetTempPathW
GetTempFileNameW
GetCommandLineW
MultiByteToWideChar
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
FormatMessageW
LoadLibraryA
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrlenW
lstrcmpW
CreateProcessW
GetLastError
LocalFree
WaitForSingleObject
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
lstrcpynW
MulDiv
GetModuleFileNameW

user32

PtInRect
LoadIconW
EnableWindow
SetTimer
IsIconic
MessageBoxW
OffsetRect
OpenClipboard
EmptyClipboard
ReleaseDC
IsWindowVisible
LoadImageW
SetClipboardData
CloseClipboard
GetDC
DestroyIcon
GetSysColor
LoadCursorW
DrawIconEx
GetKeyState
SetCursor
InvalidateRect
ScreenToClient
GetFocus
GetDlgCtrlID
DrawEdge
UpdateWindow
AppendMenuW
CreatePopupMenu
CreateWindowExW
FindWindowExW
GetWindowRect
SetWindowPos
SetWindowLongW
CallWindowProcW
DrawFrameControl
TabbedTextOutW
SetCapture
InflateRect
DrawTextW
DrawFocusRect
DrawTextExW
GetCapture
FrameRect
GrayStringW
GetSysColorBrush
GetMessagePos
GetParent
SetRect
SystemParametersInfoW
IsWindow
SetRectEmpty
ReleaseCapture
CopyRect
GetCursorPos
SendMessageW
RegisterWindowMessageW
FillRect
KillTimer
CopyIcon
AdjustWindowRectEx
MenuItemFromPoint
DestroyMenu
GetSystemMenu
GetMenuInfo
GetMenu
GetWindowDC
IsChild
GetIconInfo
SetForegroundWindow
MessageBeep
GetAsyncKeyState
GetDesktopWindow
GetMonitorInfoW
IntersectRect
DefWindowProcW
GetWindowLongW
ValidateRect
MonitorFromRect
WindowFromDC
BeginPaint
SetLayeredWindowAttributes
CopyAcceleratorTableW
EndPaint
MapVirtualKeyW
LoadMenuW
GetKeyNameTextW
GetMenuState
GetMenuItemID
IsRectEmpty
ClientToScreen
RedrawWindow
LoadBitmapW
SetWindowsHookExW
GetClassNameW
GetMenuItemInfoW
UnhookWindowsHookEx
SetPropW
DrawStateW
SetMenu
CallNextHookEx
GetPropW
RemovePropW
IsMenu
GetMenuDefaultItem
SetMenuInfo
GetMenuItemRect
CopyImage
GetMenuItemCount
GetSubMenu
ModifyMenuW
PeekMessageW
GetMessageW
DispatchMessageW
EnableMenuItem
PostMessageW
GetClassLongW
WindowFromPoint
ShowWindow
IsCharAlphaNumericW
DrawIcon
GetClientRect
GetSystemMetrics
SetMenuDefaultItem

gdi32

Polygon
Escape
GetBkColor
GdiFlush
SetDIBitsToDevice
DeleteObject
CreateDiscardableBitmap
GetPixel
CreateDIBSection
CreateFontW
EnumFontFamiliesExW
GetStockObject
CreateSolidBrush
GetTextMetricsW
GetTextColor
StretchBlt
SetPixel
SetBrushOrgEx
UnrealizeObject
GetWindowOrgEx
CreateRectRgn
CombineRgn
GetNearestColor
CreateRectRgnIndirect
CreatePen
SelectClipRgn
CreatePatternBrush
Rectangle
RealizePalette
TextOutW
CreatePalette
RectVisible
PtVisible
SetBkMode
GetObjectW
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutW
GetTextExtentPoint32W
CreateFontIndirectW
SelectObject
GetDeviceCaps
SetWindowOrgEx
GetCurrentPositionEx
GetTextExtentPointW
MoveToEx
SetTextAlign
GetLayout
RoundRect
GetTextAlign
GetCurrentObject
DeleteDC
SetBkColor
CreateBitmap

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW

shell32

SHGetFileInfoW
SHGetPathFromIDListW
CommandLineToArgvW
SHGetFolderPathA
SHGetFolderPathW
ShellExecuteW
SHBrowseForFolderW
SHGetMalloc
DragQueryFileW

comctl32

_TrackMouseEvent
ord17
ImageList_GetIconSize

ole32

ReleaseStgMedium
RegisterDragDrop
OleDuplicateData
CoCreateInstance

msvcp80

?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Sections

.text
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/intl3_svn.dll
.dll windows:4 windows x86 arch:x86

3761595a8e4b18475b752a438167c12a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr80

fopen
bsearch
isdigit
isalpha
isalnum
raise
getenv
strtoul
strstr
strcpy
strncmp
fputs
putc
fprintf
_snprintf
fwrite
vfprintf
fgets
vsprintf
_vsnprintf
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
isspace
strchr
feof
fclose
qsort
tolower
isupper
realloc
_errno
abort
_fstat64i32
strcmp
free
strlen
malloc
__iob_func
memcpy
_strdup
_close
_read
_open
_getcwd

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetThreadLocale
GetSystemTimeAsFileTime

Exports

Exports

bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_gettext
libintl_ngettext
libintl_printf
libintl_set_relocation_prefix
libintl_snprintf
libintl_sprintf
libintl_textdomain
libintl_vfprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
ngettext
textdomain

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/libapr_tsvn.dll
.dll windows:4 windows x86 arch:x86

2e00c0d99ce9edb2f3be2c5d9c356acd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Development\SVN\Releases\TortoiseSVN-1.4.7\ext\apr\release_win32\libapr_tsvn.pdb

Imports

ws2_32

WSAStartup
WSACleanup
gethostname
setsockopt
ioctlsocket
connect
getsockopt
accept
listen
bind
shutdown
socket
closesocket
getservbyname
gethostbyaddr
gethostbyname
htonl
inet_addr
htons
getpeername
getsockname
ntohs
WSAGetOverlappedResult
recvfrom
sendto
WSARecv
WSASend
select
WSAGetLastError
__WSAFDIsSet
ntohl

mswsock

TransmitFile

rpcrt4

UuidCreate

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter
InterlockedCompareExchange
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
InterlockedDecrement
GetACP
GetLocaleInfoA
GetThreadLocale
GetLastError
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
FreeLibrary
LoadLibraryExA
LoadLibraryExW
SetErrorMode
GetProcAddress
GetEnvironmentVariableA
GetEnvironmentVariableW
SetEnvironmentVariableA
SetEnvironmentVariableW
FormatMessageA
DuplicateHandle
GetCurrentProcess
CloseHandle
SetStdHandle
GetStdHandle
LocalFree
GetFileType
GetFileInformationByHandle
SetFileAttributesA
SetFileAttributesW
GetFileAttributesA
GetFileAttributesW
SetFileTime
GetFileTime
GetDriveTypeA
GetFullPathNameW
GetDriveTypeW
GetFullPathNameA
GetCurrentDirectoryA
GetCurrentDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
Sleep
LockFile
LockFileEx
UnlockFile
UnlockFileEx
GetVersionExA
LoadLibraryA
LeaveCriticalSection
WriteFile
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
CreateFileA
GetCurrentProcessId
GetModuleFileNameA
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedIncrement
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemInfo
SetFilePointer
CreateFileW
DeleteFileA
DeleteFileW
MoveFileA
MoveFileExW
SetLastError
SetHandleInformation
GetExitCodeProcess
CreatePipe
CreateNamedPipeA
CreateEventA
CreateProcessA
CreateProcessW
WaitForSingleObject
CreateMutexA
DeleteCriticalSection
OpenMutexA
OpenMutexW
ReleaseMutex
GetOverlappedResult
ReadFile
PeekNamedPipe
SetEndOfFile
CreateFileMappingW
OpenFileMappingA
OpenFileMappingW
TerminateProcess
TlsFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
GetCurrentThread
InterlockedExchange
ResetEvent
SetEvent
CreateMutexW

advapi32

RegOpenKeyExA
RegQueryValueExW
AllocateAndInitializeSid
LookupAccountNameA
LookupAccountSidA
EqualSid
IsValidSid
CryptReleaseContext
CryptGenRandom
RegCloseKey
RegQueryValueExA
OpenProcessToken
GetTokenInformation
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
CryptAcquireContextA
FreeSid

msvcr80

getenv
strspn
strtol
_wenviron
_environ
__doserrno
_beginthreadex
_endthreadex
strftime
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_stricmp
_strnicmp
_getpid
strrchr
isspace
tolower
strchr
exit
iscntrl
fputc
_getch
fputs
__iob_func
memset
malloc
free
memcpy
modf
isalpha
strncmp
isdigit
islower
memchr
_strtoui64
toupper
wcschr
strerror
memmove
wcsncmp
fprintf
_errno
realloc
isupper
atoi
sprintf
rand
srand

Exports

Exports

_apr_accept@12
_apr_allocator_alloc@8
_apr_allocator_create@4
_apr_allocator_destroy@4
_apr_allocator_free@8
_apr_allocator_get_mutex@4
_apr_allocator_get_owner@4
_apr_allocator_max_free_set@8
_apr_allocator_mutex_get@4
_apr_allocator_mutex_set@8
_apr_allocator_owner_get@4
_apr_allocator_owner_set@8
_apr_allocator_set_max_free@8
_apr_allocator_set_mutex@8
_apr_allocator_set_owner@8
_apr_app_initialize@12
_apr_array_append@12
_apr_array_cat@8
_apr_array_copy@8
_apr_array_copy_hdr@8
_apr_array_make@12
_apr_array_pop@4
_apr_array_pstrcat@12
_apr_array_push@4
_apr_atoi64@4
_apr_bind@8
_apr_collapse_spaces@8
_apr_compare_groups@8
_apr_compare_users@8
_apr_connect@8
_apr_conv_ucs2_to_utf8@16
_apr_conv_utf8_to_ucs2@16
_apr_cpystrn@12
_apr_ctime@12
_apr_current_userid@12
_apr_dir_close@4
_apr_dir_make@12
_apr_dir_make_recursive@12
_apr_dir_open@12
_apr_dir_read@12
_apr_dir_remove@8
_apr_dir_rewind@4
_apr_dso_error@12
_apr_dso_load@12
_apr_dso_sym@12
_apr_dso_unload@4
_apr_env_delete@8
_apr_env_get@12
_apr_env_set@12
_apr_explode_localtime@12
_apr_explode_time@16
_apr_file_append@16
_apr_file_attrs_set@16
_apr_file_close@4
_apr_file_copy@16
_apr_file_data_get@12
_apr_file_data_set@16
_apr_file_dup2@12
_apr_file_dup@12
_apr_file_eof@4
_apr_file_flags_get@4
_apr_file_flush@4
_apr_file_getc@8
_apr_file_gets@12
_apr_file_info_get@12
_apr_file_inherit_set@4
_apr_file_inherit_unset@4
_apr_file_lock@8
_apr_file_mktemp@16
_apr_file_mtime_set@16
_apr_file_name_get@8
_apr_file_namedpipe_create@12
_apr_file_open@20
_apr_file_open_stderr@8
_apr_file_open_stdin@8
_apr_file_open_stdout@8
_apr_file_perms_set@8
_apr_file_pipe_create@12
_apr_file_pipe_timeout_get@8
_apr_file_pipe_timeout_set@12
_apr_file_pool_get@4
_apr_file_putc@8
_apr_file_puts@8
_apr_file_read@12
_apr_file_read_full@16
_apr_file_remove@8
_apr_file_rename@12
_apr_file_seek@12
_apr_file_set_inherit@4
_apr_file_setaside@12
_apr_file_trunc@12
_apr_file_ungetc@8
_apr_file_unlock@4
_apr_file_unset_inherit@4
_apr_file_write@12
_apr_file_write_full@16
_apr_file_writev@16
_apr_filename_of_pathname@4
_apr_filepath_encoding@8
_apr_filepath_get@12
_apr_filepath_list_merge@12
_apr_filepath_list_split@12
_apr_filepath_merge@20
_apr_filepath_name_get@4
_apr_filepath_root@16
_apr_filepath_set@8
_apr_fnmatch@12
_apr_fnmatch_test@4
_apr_generate_random_bytes@8
_apr_get_groupid@12
_apr_get_groupname@12
_apr_get_home_directory@12
_apr_get_userid@16
_apr_get_username@12
_apr_gethostname@12
_apr_getnameinfo@12
_apr_getopt@16
_apr_getopt_init@16
_apr_getopt_long@16
_apr_getservbyname@8
_apr_getsocketopt@12
_apr_gid_compare@8
_apr_gid_get@12
_apr_gid_name_get@12
_apr_group_name_get@12
_apr_hash_copy@8
_apr_hash_count@4
_apr_hash_first@8
_apr_hash_get@12
_apr_hash_make@4
_apr_hash_merge@20
_apr_hash_next@4
_apr_hash_overlay@12
_apr_hash_pool_get@4
_apr_hash_set@16
_apr_hash_this@16
_apr_implode_gmt@8
_apr_initialize@0
_apr_ipsubnet_create@16
_apr_ipsubnet_test@8
_apr_is_empty_array@4
_apr_is_empty_table@4
_apr_is_fnmatch@4
_apr_itoa@8
_apr_listen@8
_apr_lstat@16
_apr_ltoa@8
_apr_mmap_create@28
_apr_mmap_delete@4
_apr_mmap_dup@16
_apr_mmap_offset@16
_apr_off_t_toa@12
_apr_os_default_encoding@4
_apr_os_dir_get@8
_apr_os_dir_put@12
_apr_os_dso_handle_get@8
_apr_os_dso_handle_put@12
_apr_os_exp_time_get@8
_apr_os_exp_time_put@12
_apr_os_file_get@8
_apr_os_file_put@16
_apr_os_imp_time_get@8
_apr_os_imp_time_put@12
_apr_os_locale_encoding@4
_apr_os_pipe_put@12
_apr_os_pipe_put_ex@16
_apr_os_proc_mutex_get@8
_apr_os_proc_mutex_put@12
_apr_os_shm_get@8
_apr_os_shm_put@12
_apr_os_sock_get@8
_apr_os_sock_make@12
_apr_os_sock_put@12
_apr_os_thread_current@0
_apr_os_thread_equal@8
_apr_os_thread_get@8
_apr_os_thread_put@12
_apr_os_threadkey_get@8
_apr_os_threadkey_put@12
_apr_os_uuid_get@4
_apr_palloc@8
_apr_palloc_debug@12
_apr_parse_addr_port@20
_apr_password_get@12
_apr_pcalloc@8
_apr_pcalloc_debug@12
_apr_pmemdup@12
_apr_poll@20
_apr_poll_revents_get@12
_apr_poll_setup@12
_apr_poll_socket_add@12
_apr_poll_socket_clear@8
_apr_poll_socket_mask@12
_apr_poll_socket_remove@8
_apr_pollset_add@8
_apr_pollset_create@16
_apr_pollset_destroy@4
_apr_pollset_poll@20
_apr_pollset_remove@8
_apr_pool_abort_get@4
_apr_pool_abort_set@8
_apr_pool_allocator_get@4
_apr_pool_child_cleanup_set@16
_apr_pool_cleanup_for_exec@0
_apr_pool_cleanup_kill@12
_apr_pool_cleanup_register@16
_apr_pool_cleanup_run@12
_apr_pool_clear@4
_apr_pool_clear_debug@8
_apr_pool_create_ex@16
_apr_pool_create_ex_debug@20
_apr_pool_destroy@4
_apr_pool_destroy_debug@8
_apr_pool_get_abort@4
_apr_pool_get_parent@4
_apr_pool_initialize@0
_apr_pool_is_ancestor@8
_apr_pool_note_subprocess@12
_apr_pool_parent_get@4
_apr_pool_set_abort@8
_apr_pool_tag@8
_apr_pool_terminate@0
_apr_pool_userdata_get@12
_apr_pool_userdata_set@16
_apr_pool_userdata_setn@16
_apr_proc_create@24
_apr_proc_kill@8
_apr_proc_mutex_child_init@12
_apr_proc_mutex_create@16
_apr_proc_mutex_defname@0
_apr_proc_mutex_destroy@4
_apr_proc_mutex_lock@4
_apr_proc_mutex_lockfile@4
_apr_proc_mutex_name@4
_apr_proc_mutex_pool_get@4
_apr_proc_mutex_trylock@4
_apr_proc_mutex_unlock@4
_apr_proc_other_child_alert@12
_apr_proc_other_child_check@0
_apr_proc_other_child_read@8
_apr_proc_other_child_refresh@8
_apr_proc_other_child_refresh_all@4
_apr_proc_other_child_register@20
_apr_proc_other_child_unregister@4
_apr_proc_wait@16
_apr_proc_wait_all_procs@20
_apr_procattr_addrspace_set@8
_apr_procattr_child_err_set@12
_apr_procattr_child_errfn_set@8
_apr_procattr_child_in_set@12
_apr_procattr_child_out_set@12
_apr_procattr_cmdtype_set@8
_apr_procattr_create@8
_apr_procattr_detach_set@8
_apr_procattr_dir_set@8
_apr_procattr_error_check_set@8
_apr_procattr_io_set@16
_apr_pstrcatv@16
_apr_pstrdup@8
_apr_pstrmemdup@12
_apr_pstrndup@12
_apr_pvsprintf@12
_apr_recv@12
_apr_recvfrom@20
_apr_rfc822_date@12
_apr_send@12
_apr_sendfile@24
_apr_sendto@20
_apr_sendv@16
_apr_setsocketopt@12
_apr_shm_attach@12
_apr_shm_baseaddr_get@4
_apr_shm_create@16
_apr_shm_destroy@4
_apr_shm_detach@4
_apr_shm_pool_get@4
_apr_shm_size_get@4
_apr_shutdown@8
_apr_sleep@8
_apr_sockaddr_equal@8
_apr_sockaddr_info_get@24
_apr_sockaddr_ip_get@8
_apr_sockaddr_ip_set@8
_apr_sockaddr_port_get@8
_apr_sockaddr_port_set@8
_apr_socket_accept@12
_apr_socket_addr_get@12
_apr_socket_atmark@8
_apr_socket_bind@8
_apr_socket_close@4
_apr_socket_connect@8
_apr_socket_create@16
_apr_socket_create_ex@20
_apr_socket_data_get@12
_apr_socket_data_set@16
_apr_socket_inherit_set@4
_apr_socket_inherit_unset@4
_apr_socket_listen@8
_apr_socket_opt_get@12
_apr_socket_opt_set@12
_apr_socket_protocol_get@8
_apr_socket_recv@12
_apr_socket_recvfrom@20
_apr_socket_send@12
_apr_socket_sendfile@24
_apr_socket_sendto@20
_apr_socket_sendv@16
_apr_socket_set_inherit@4
_apr_socket_shutdown@8
_apr_socket_timeout_get@8
_apr_socket_timeout_set@12
_apr_socket_unset_inherit@4
_apr_stat@16
_apr_strerror@12
_apr_strfsize@12
_apr_strftime@20
_apr_strnatcasecmp@8
_apr_strnatcmp@8
_apr_strtoi64@12
_apr_strtok@12
_apr_table_add@12
_apr_table_addn@12
_apr_table_clear@4
_apr_table_compress@8
_apr_table_copy@8
_apr_table_elts@4
_apr_table_get@8
_apr_table_make@8
_apr_table_merge@12
_apr_table_mergen@12
_apr_table_overlap@12
_apr_table_overlay@12
_apr_table_set@12
_apr_table_setn@12
_apr_table_unset@8
_apr_table_vdo@16
_apr_temp_dir_get@8
_apr_terminate2@0
_apr_thread_cond_broadcast@4
_apr_thread_cond_create@8
_apr_thread_cond_destroy@4
_apr_thread_cond_pool_get@4
_apr_thread_cond_signal@4
_apr_thread_cond_timedwait@16
_apr_thread_cond_wait@8
_apr_thread_create@20
_apr_thread_data_get@12
_apr_thread_data_set@16
_apr_thread_detach@4
_apr_thread_exit@8
_apr_thread_join@8
_apr_thread_mutex_create@12
_apr_thread_mutex_destroy@4
_apr_thread_mutex_lock@4
_apr_thread_mutex_pool_get@4
_apr_thread_mutex_trylock@4
_apr_thread_mutex_unlock@4
_apr_thread_once@8
_apr_thread_once_init@8
_apr_thread_pool_get@4
_apr_thread_rwlock_create@8
_apr_thread_rwlock_destroy@4
_apr_thread_rwlock_pool_get@4
_apr_thread_rwlock_rdlock@4
_apr_thread_rwlock_tryrdlock@4
_apr_thread_rwlock_trywrlock@4
_apr_thread_rwlock_unlock@4
_apr_thread_rwlock_wrlock@4
_apr_thread_yield@0
_apr_threadattr_create@8
_apr_threadattr_detach_get@4
_apr_threadattr_detach_set@8
_apr_threadattr_stacksize_set@8
_apr_threadkey_data_get@12
_apr_threadkey_data_set@16
_apr_threadkey_private_create@12
_apr_threadkey_private_delete@4
_apr_threadkey_private_get@8
_apr_threadkey_private_set@8
_apr_time_ansi_put@8
_apr_time_clock_hires@4
_apr_time_exp_get@8
_apr_time_exp_gmt@12
_apr_time_exp_gmt_get@8
_apr_time_exp_lt@12
_apr_time_exp_tz@16
_apr_time_now@0
_apr_tokenize_to_argv@12
_apr_uid_compare@8
_apr_uid_current@12
_apr_uid_get@16
_apr_uid_homepath_get@12
_apr_uid_name_get@12
_apr_version@4
_apr_version_string@0
_apr_vformatter@16
_apr_vsnprintf@16
apr_app_init_complete
apr_day_snames
apr_dbg_log
apr_file_printf
apr_month_snames
apr_os_level
apr_pool_cleanup_null
apr_psprintf
apr_pstrcat
apr_snprintf
apr_table_do
apr_terminate

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/libapriconv_tsvn.dll
.dll windows:4 windows x86 arch:x86

7959cb240b2d58d2b9d6056e2ce74523

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Development\SVN\Releases\TortoiseSVN-1.4.7\ext\apr-iconv\release_win32\libapriconv_tsvn.pdb

Imports

libapr_tsvn

_apr_dso_load@12
_apr_dso_sym@12
_apr_dso_unload@4
_apr_pool_create_ex@16
_apr_pool_destroy@4
_apr_env_get@12
_apr_filepath_list_split@12
apr_snprintf
_apr_stat@16

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
Sleep
InterlockedExchange
InterlockedCompareExchange

msvcr80

memcpy
bsearch
strrchr
tolower
memset
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
malloc
free
_encode_pointer

Exports

Exports

_api_version@4
_api_version_string@0
_apr_iconv@24
_apr_iconv_close@8
_apr_iconv_open@16
apr_iconv_ccs_event
apr_iconv_ces_close
apr_iconv_ces_close_func
apr_iconv_ces_nbits7
apr_iconv_ces_nbits8
apr_iconv_ces_no_func
apr_iconv_ces_open
apr_iconv_ces_open_func
apr_iconv_ces_reset_func
apr_iconv_ces_zero
apr_iconv_euc_close
apr_iconv_euc_convert_from_ucs
apr_iconv_euc_convert_to_ucs
apr_iconv_euc_open
apr_iconv_iso2022_close
apr_iconv_iso2022_convert_from_ucs
apr_iconv_iso2022_convert_to_ucs
apr_iconv_iso2022_open
apr_iconv_iso2022_reset
apr_iconv_mod_load
apr_iconv_mod_noevent
apr_iconv_mod_unload

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/libaprutil_tsvn.dll
.dll windows:4 windows x86 arch:x86

d720325bdc518bbb5eecae9ef8e03219

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Development\SVN\Releases\TortoiseSVN-1.4.7\ext\apr-util\release_win32\libaprutil_tsvn.pdb

Imports

libapr_tsvn

_apr_file_read_full@16
_apr_file_info_get@12
_apr_file_write_full@16
_apr_os_locale_encoding@4
_apr_os_default_encoding@4
_apr_file_open@20
_apr_file_unlock@4
_apr_os_uuid_get@4
_apr_generate_random_bytes@8
_apr_pool_get_abort@4
apr_psprintf
apr_snprintf
_apr_pstrndup@12
_apr_pstrmemdup@12
_apr_proc_mutex_lock@4
_apr_thread_rwlock_rdlock@4
_apr_thread_rwlock_wrlock@4
_apr_proc_mutex_unlock@4
_apr_thread_rwlock_unlock@4
_apr_thread_cond_timedwait@16
_apr_pool_cleanup_run@12
_apr_time_now@0
_apr_thread_cond_broadcast@4
_apr_thread_mutex_lock@4
_apr_thread_cond_wait@8
_apr_thread_mutex_unlock@4
_apr_thread_cond_signal@4
_apr_thread_mutex_create@12
_apr_thread_cond_create@8
_apr_thread_cond_destroy@4
_apr_thread_mutex_destroy@4
_apr_strtok@12
_apr_hash_make@4
_apr_hash_set@16
_apr_hash_get@12
_apr_pool_create_ex@16
_apr_array_make@12
_apr_array_push@4
apr_pstrcat
_apr_pstrdup@8
_apr_cpystrn@12
_apr_time_exp_gmt_get@8
_apr_time_exp_get@8
_apr_socket_timeout_get@8
_apr_socket_timeout_set@12
_apr_socket_recv@12
_apr_file_pipe_timeout_get@8
_apr_file_pipe_timeout_set@12
_apr_file_close@4
_apr_mmap_dup@16
_apr_mmap_delete@4
_apr_mmap_offset@16
_apr_file_pool_get@4
_apr_pool_is_ancestor@8
_apr_file_setaside@12
_apr_file_seek@12
_apr_file_read@12
_apr_mmap_create@28
_apr_pool_allocator_get@4
_apr_allocator_alloc@8
_apr_allocator_free@8
apr_pool_cleanup_null
_apr_pool_cleanup_register@16
_apr_pool_cleanup_kill@12
_apr_vformatter@16
_apr_file_lock@8
_apr_palloc@8

libapriconv_tsvn

_apr_iconv_open@16
_apr_iconv_close@8
_apr_iconv@24

msvcr80

_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_onexit
realloc
memmove
srand
rand
sprintf
strtol
tolower
strncmp
strncat
calloc
malloc
free
fputs
printf
__iob_func
fputc
memset
qsort
atoi
isspace
strchr
isdigit
isupper
islower
isxdigit
memchr
memcpy
_except_handler4_common
_encode_pointer
_stricmp
_strnicmp
_strdup

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

_apr_base64_decode@8
_apr_base64_decode_binary@8
_apr_base64_decode_len@4
_apr_base64_encode@12
_apr_base64_encode_binary@12
_apr_base64_encode_len@4
_apr_brigade_cleanup@4
_apr_brigade_create@8
_apr_brigade_destroy@4
_apr_brigade_flatten@12
_apr_brigade_length@12
_apr_brigade_partition@16
_apr_brigade_pflatten@16
_apr_brigade_putc@16
_apr_brigade_puts@16
_apr_brigade_split@8
_apr_brigade_split_line@20
_apr_brigade_to_iovec@12
_apr_brigade_vprintf@20
_apr_brigade_vputstrs@16
_apr_brigade_write@20
_apr_brigade_writev@20
_apr_bucket_eos_create@4
_apr_bucket_eos_make@4
_apr_bucket_file_create@24
_apr_bucket_file_enable_mmap@8
_apr_bucket_file_make@24
_apr_bucket_flush_create@4
_apr_bucket_flush_make@4
_apr_bucket_heap_create@16
_apr_bucket_heap_make@16
_apr_bucket_immortal_create@12
_apr_bucket_immortal_make@12
_apr_bucket_mmap_create@20
_apr_bucket_mmap_make@20
_apr_bucket_pipe_create@8
_apr_bucket_pipe_make@8
_apr_bucket_pool_create@16
_apr_bucket_pool_make@16
_apr_bucket_shared_destroy@4
_apr_bucket_shared_make@20
_apr_bucket_socket_create@8
_apr_bucket_socket_make@8
_apr_bucket_transient_create@12
_apr_bucket_transient_make@12
_apr_date_checkmask@8
_apr_date_parse_http@4
_apr_date_parse_rfc@4
_apr_dbm_close@4
_apr_dbm_delete@12
_apr_dbm_exists@12
_apr_dbm_fetch@16
_apr_dbm_firstkey@8
_apr_dbm_freedatum@12
_apr_dbm_get_usednames@16
_apr_dbm_get_usednames_ex@20
_apr_dbm_geterror@16
_apr_dbm_nextkey@8
_apr_dbm_open@20
_apr_dbm_open_ex@24
_apr_dbm_store@20
_apr_dynamic_fn_retrieve@4
_apr_hook_debug_show@12
_apr_hook_deregister_all@0
_apr_hook_sort_all@0
_apr_hook_sort_register@8
_apr_ldap_free_urldesc@4
_apr_ldap_is_ldap_url@4
_apr_ldap_is_ldapi_url@4
_apr_ldap_is_ldaps_url@4
_apr_ldap_url_parse@8
_apr_md4@12
_apr_md4_final@8
_apr_md4_init@4
_apr_md4_set_xlate@8
_apr_md4_update@12
_apr_md5@12
_apr_md5_encode@16
_apr_md5_final@8
_apr_md5_init@4
_apr_md5_set_xlate@8
_apr_md5_update@12
_apr_optional_hook_add@20
_apr_optional_hook_get@4
_apr_password_validate@8
_apr_posix_perms2mode@4
_apr_queue_create@12
_apr_queue_interrupt_all@4
_apr_queue_pop@8
_apr_queue_push@8
_apr_queue_size@4
_apr_queue_term@4
_apr_queue_trypop@8
_apr_queue_trypush@8
_apr_reslist_acquire@8
_apr_reslist_create@40
_apr_reslist_destroy@4
_apr_reslist_invalidate@8
_apr_reslist_release@8
_apr_reslist_timeout_set@12
_apr_retrieve_optional_fn@4
_apr_rmm_addr_get@8
_apr_rmm_attach@16
_apr_rmm_calloc@8
_apr_rmm_destroy@4
_apr_rmm_detach@4
_apr_rmm_free@8
_apr_rmm_init@20
_apr_rmm_malloc@8
_apr_rmm_offset_get@8
_apr_rmm_overhead_get@4
_apr_rmm_realloc@12
_apr_sdbm_close@4
_apr_sdbm_delete@12
_apr_sdbm_fetch@16
_apr_sdbm_firstkey@8
_apr_sdbm_lock@8
_apr_sdbm_nextkey@8
_apr_sdbm_open@20
_apr_sdbm_rdonly@4
_apr_sdbm_store@24
_apr_sdbm_unlock@4
_apr_sha1_base64@12
_apr_sha1_final@8
_apr_sha1_init@4
_apr_sha1_update@12
_apr_sha1_update_binary@12
_apr_show_hook@12
_apr_sort_hooks@0
_apr_strmatch_precompile@12
_apr_text_append@12
_apr_uri_default_port_for_scheme@4
_apr_uri_parse@12
_apr_uri_parse_hostinfo@12
_apr_uri_port_of_scheme@4
_apr_uri_unparse@12
_apr_uuid_format@8
_apr_uuid_get@4
_apr_uuid_parse@8
_apr_xlate_close@4
_apr_xlate_conv_buffer@20
_apr_xlate_conv_byte@8
_apr_xlate_get_sb@8
_apr_xlate_open@16
_apr_xlate_sb_get@8
_apr_xml_empty_elem@8
_apr_xml_insert_uri@8
_apr_xml_parse_file@20
_apr_xml_parser_create@4
_apr_xml_parser_done@8
_apr_xml_parser_feed@12
_apr_xml_parser_geterror@12
_apr_xml_quote_elem@8
_apr_xml_quote_string@12
_apr_xml_to_text@28
_apu_version@4
_apu_version_string@0
apr_brigade_printf
apr_brigade_putstrs
apr_bucket_alloc
apr_bucket_alloc_create
apr_bucket_alloc_create_ex
apr_bucket_alloc_destroy
apr_bucket_copy_notimpl
apr_bucket_destroy_noop
apr_bucket_free
apr_bucket_setaside_noop
apr_bucket_setaside_notimpl
apr_bucket_shared_copy
apr_bucket_shared_split
apr_bucket_simple_copy
apr_bucket_simple_split
apr_bucket_split_notimpl
apr_bucket_type_eos
apr_bucket_type_file
apr_bucket_type_flush
apr_bucket_type_heap
apr_bucket_type_immortal
apr_bucket_type_mmap
apr_bucket_type_pipe
apr_bucket_type_pool
apr_bucket_type_socket
apr_bucket_type_transient
apr_current_hooking_module
apr_dbm_type_sdbm
apr_debug_module_hooks
apr_dynamic_fn_register
apr_global_hook_pool
apr_hook_debug_current
apr_hook_debug_enabled
apr_hook_global_pool
apr_register_optional_fn

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/mfc80u.dll
.dll windows:4 windows x86 arch:x86

4ca444b09cab86ae48fe835cb05c6e94

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC80U.i386.pdb

Imports

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
strcpy_s
_itow_s
_ultow_s
_ltow_s
iswdigit
ceil
wcsncmp
_wcsnicmp
_wfullpath
_wtol
__wargv
__argc
swscanf_s
_beginthreadex
_endthreadex
_wcsdup
_expand
_wtoi
_recalloc
wcstod
wcstoul
_mbspbrk
wcstol
_resetstkoflw
_wmakepath_s
_wsplitpath_s
_vsnwprintf_s
_snwscanf_s
labs
abs
calloc
_msize
wcscat_s
_snwprintf_s
_errno
_purecall
_localtime64_s
_mktime64
realloc
fclose
fflush
ftell
fseek
fgetws
fputws
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
wcscpy_s
abort
memcmp
swprintf_s
wcsncpy_s
_mbscspn
_mbscmp
_vscprintf
wcscmp
wcscspn
wcsspn
iswspace
_mbsinc
_mbsupr_s
_wcsrev
memcpy_s
_mbsspn
_mbscoll
wcspbrk
memset
_wcsicoll
wcsstr
wcsrchr
_mbsrchr
_mbschr
vsprintf_s
_wcsupr_s
wcslen
_wcslwr_s
_ismbcspace
vswprintf_s
_mbsstr
_mbsicoll
_mbsrev
strlen
malloc
free
wcscoll
memmove
_vscwprintf
_mbsicmp
_wcsicmp
memmove_s
_mbslwr_s
wcschr
_CxxThrowException
memcpy
__clean_type_info_names_internal
__CxxFrameHandler3

kernel32

GetLocaleInfoA
GetSystemTimeAsFileTime
GetEnvironmentVariableW
FindResourceExW
FindResourceW
LoadResource
FormatMessageA
WideCharToMultiByte
SizeofResource
FormatMessageW
GetEnvironmentVariableA
MultiByteToWideChar
GetLastError
LockResource
LocalFree
SetLastError
GetAtomNameW
GlobalGetAtomNameW
lstrlenW
lstrcmpA
lstrlenA
DuplicateHandle
GetCurrentProcess
CreateFileW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
LockFile
UnlockFile
SetEndOfFile
GetFileSize
MoveFileW
DeleteFileW
LoadLibraryW
GetProcAddress
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
lstrcmpiW
GetThreadLocale
GetStringTypeExW
GetModuleFileNameW
GetShortPathNameW
GlobalLock
GlobalSize
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
GetFileTime
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileAttributesW
SetFileTime
FreeLibrary
GetModuleHandleW
InterlockedDecrement
LocalAlloc
TlsAlloc
InitializeCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
LocalReAlloc
TlsSetValue
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
lstrcmpW
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomW
CompareStringW
GlobalAddAtomW
GetCurrentThreadId
GetVersion
GetCurrentProcessId
GetVersionExW
MulDiv
GetProfileIntW
LoadLibraryA
VirtualProtect
GetModuleHandleA
RaiseException
GlobalFlags
GetDiskFreeSpaceW
GetTempFileNameW
LocalLock
LocalUnlock
GetTempPathW
SearchPathW
SetEvent
SetThreadPriority
ResumeThread
SuspendThread
GetLocaleInfoW
ConvertDefaultLocale
EnumResourceLanguagesW
GetCurrentThread
InterlockedExchange
CompareStringA
SetErrorMode
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
InterlockedIncrement
FindNextFileW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyW
lstrcpyA
GetSystemTime
LoadLibraryExW
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetACP

gdi32

GetCurrentPositionEx
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileW
CopyMetaFileW
LPtoDP
Ellipse
CreateEllipticRgn
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
DPtoLP
SetRectRgn
CombineRgn
GetMapMode
GetPixel
CreateDIBPatternBrushPt
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
EnumMetaFile
PlayMetaFile
PlayMetaFileRecord
GetObjectType
ExtSelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
StartDocW
EnumFontFamiliesExW
CreateDCW
BitBlt
CreateRectRgnIndirect
PatBlt
UnrealizeObject
Rectangle
CreatePen
CreatePatternBrush
CreateBitmap
TextOutW
DeleteMetaFile
CloseMetaFile
RectVisible
PtVisible
IntersectClipRect
SetWindowOrgEx
GetWindowOrgEx
GetViewportOrgEx
GetDeviceCaps
Escape
ExtTextOutW
MoveToEx
GetTextAlign
GetTextExtentPoint32A
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetNearestColor
GetViewportExtEx
GetWindowExtEx
CreateFontIndirectW
GetTextFaceW
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetBkMode
GetROP2
RestoreDC
SaveDC
GetStockObject
GetTextMetricsW
GetTextExtentPoint32W
DeleteObject
GetCharWidthW
CreateFontW
DeleteDC
StretchDIBits
SelectObject
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
SetBkColor
GetObjectW
GetClipBox

user32

IntersectRect
RegisterWindowMessageW
GetWindowLongW
SetWindowLongW
SetWindowPos
IsWindow
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetMessageTime
GetMessagePos
DefWindowProcW
GetPropW
CallWindowProcW
RemovePropW
CallNextHookEx
GetClassLongW
GetClassInfoExW
GetClassNameW
SetPropW
SetWindowsHookExW
CreateWindowExW
DestroyWindow
GetKeyState
GetDlgCtrlID
SendMessageW
GetWindowTextLengthW
GetWindowTextW
GetDlgItem
SetWindowPlacement
TrackPopupMenu
TrackPopupMenuEx
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetClassInfoW
RegisterClassW
WinHelpW
GetCapture
GetParent
GetWindow
IsChild
MessageBoxW
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
IsWindowVisible
ScrollWindow
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
EqualRect
DeferWindowPos
AdjustWindowRectEx
GetFocus
SetActiveWindow
SetFocus
PtInRect
PeekMessageW
DispatchMessageW
GetSysColor
GetClientRect
MapWindowPoints
SendDlgItemMessageW
SendDlgItemMessageA
UpdateWindow
PostMessageW
LoadIconW
EnableWindow
SetRectEmpty
LoadAcceleratorsW
TranslateAcceleratorW
ReleaseCapture
SetCursor
GetDesktopWindow
IsWindowEnabled
ShowWindow
GetWindowThreadProcessId
GetActiveWindow
LoadMenuW
DestroyMenu
SetMenu
UnpackDDElParam
ReuseDDElParam
InvalidateRect
CreatePopupMenu
InsertMenuItemW
BringWindowToTop
LoadCursorW
OffsetRect
WaitMessage
WindowFromPoint
SetCapture
ClientToScreen
GetMessageW
TranslateMessage
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
RedrawWindow
InflateRect
KillTimer
SetTimer
SetRect
GetDC
ReleaseDC
IsZoomed
SetParent
IsRectEmpty
GetSystemMenu
DeleteMenu
AppendMenuW
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextW
DrawTextExW
GrayStringW
UnionRect
MapVirtualKeyW
GetKeyNameTextW
LoadBitmapW
DrawFocusRect
FillRect
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutW
GetMenuStringW
SystemParametersInfoW
GetMenuItemInfoW
GetSysColorBrush
SetWindowTextW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
ModifyMenuW
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
FindWindowW
SetWindowRgn
DrawIcon
GetTabbedTextExtentW
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassW
ShowOwnedPopups
InsertMenuW
RegisterClipboardFormatW
SendNotifyMessageW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
SystemParametersInfoA
GetWindowRect
GetWindowPlacement
IsIconic
MsgWaitForMultipleObjects
UnhookWindowsHookEx
GetCursorPos
CharUpperW
CharToOemBuffA
UnregisterClassA
OemToCharBuffA
GetSystemMetrics

shlwapi

UrlUnescapeW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/msvcp80.dll
.dll windows:4 windows x86 arch:x86

6488997e312be12f8300ea7b1c34d497

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f3:a8:5f:22:7e:72:2b:5b:ca:3e:f0:ec:95:7a:c0:45:66:72:e6:ca
Signer

Actual PE Digest

f3:a8:5f:22:7e:72:2b:5b:ca:3e:f0:ec:95:7a:c0:45:66:72:e6:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp80.i386.pdb

Imports

msvcr80

setvbuf
fwrite
??0exception@std@@QAE@XZ
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
__iob_func
_invoke_watson
_fsopen
wcstombs_s
_wfsopen
_get_osplatform
mbstowcs_s
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
_Strftime
strcspn
_strtoi64
_strtoui64
sprintf_s
abort
??0exception@std@@QAE@ABQBDH@Z
_realloc_crt
setlocale
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fputs
fflush
towlower
towupper
strcmp
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
memcpy
isupper
_calloc_crt
islower
__crtGetStringTypeW
__crtLCMapStringW
__crtCompareStringW
isspace
tolower
strtod
isdigit
isalnum
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
ungetc
fputc
fgetc
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
_invalid_parameter_noinfo
??_V@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove_s
memcpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
__uncaught_exception
??0exception@std@@QAE@ABQBD@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@IAE@PBDI_N@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@IAE@PBDI_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@IAE@PBDI_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@V?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@1@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@IAE@PBDI@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@IAE@PBDI@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@IAE@PBDI@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@IAE@PBDI@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@IAE@PBDI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@IAE@PBDI@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@IAE@PBDI@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@IAE@PBDI@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@IAE@PBDI@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@IAE@PBDI@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@IAE@PBDI@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/tools/Merge/bin/msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d
Signer

Actual PE Digest

33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
��9.61��52pojie��/uservar.ini
��9.61��52pojie��/wqm.exe
.exe windows:5 windows x86 arch:x86

399dd6c19a3202685045179d5c3a4ff8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:61:b6:12:a8:5d:2f:be:c8:45:82:38:27:79:44:fc
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2014, 00:00

Not After

22/12/2017, 23:59

Subject

CN=福建创意嘉和软件有限公司,OU=运维中心,O=福建创意嘉和软件有限公司,L=福州,ST=福建,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:4d:cf:87:c6:21:3b:0d:8a:94:98:82:34:12:cc:fb:bd:d9:3d:4e
Signer

Actual PE Digest

4e:4d:cf:87:c6:21:3b:0d:8a:94:98:82:34:12:cc:fb:bd:d9:3d:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetCurrentDirectoryA
GetDriveTypeA
WriteConsoleA
LCMapStringA
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapReAlloc
CreateThread
ExitThread
ExitProcess
RaiseException
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoW
GetFileSizeEx
LocalFileTimeToFileTime
SetErrorMode
FindResourceExW
GetProfileIntW
GetProcessHeap
GetTimeFormatW
SearchPathW
GetDateFormatW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetDiskFreeSpaceW
GetTempFileNameW
GetFileTime
SetFileTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
lstrlenA
lstrcmpA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
GlobalGetAtomNameW
GetModuleHandleA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
SuspendThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
ResetEvent
lstrcpynW
GetLocalTime
VirtualProtect
GetTickCount
WaitForSingleObject
OpenFileMappingW
CreateProcessW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateDirectoryW
CreateEventW
CloseHandle
WinExec
InterlockedDecrement
lstrcpyW
SetEvent
FreeLibrary
SizeofResource
WritePrivateProfileStringW
GetModuleFileNameW
GetTempPathW
GetCurrentDirectoryW
ExpandEnvironmentStringsW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetLastError
SetLastError
GetModuleHandleW
GetCurrentProcessId
FindFirstFileW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
FindNextFileW
FindClose
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
Sleep
IsDBCSLeadByte
LoadLibraryW
GetProcAddress
FindResourceW
LoadResource
LockResource
GetConsoleOutputCP

user32

SetScrollInfo
SetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
PeekMessageW
UnhookWindowsHookEx
GetWindowTextLengthW
SetWindowPos
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
ScrollWindow
GetMenuStringW
GetScrollInfo
GetMenuItemCount
RemoveMenu
AdjustWindowRectEx
IsChild
GetForegroundWindow
RegisterClipboardFormatW
DrawIcon
SetWindowRgn
OffsetRect
GetSubMenu
LoadIconW
PostThreadMessageW
UpdateWindow
SetTimer
MapWindowPoints
WindowFromPoint
KillTimer
DrawIconEx
DestroyIcon
ReleaseCapture
SetCapture
ScreenToClient
CheckMenuItem
AppendMenuW
PtInRect
IsRectEmpty
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
SetActiveWindow
GetLastActivePopup
RemovePropW
GetPropW
SetPropW
GetClassLongW
EqualRect
CopyRect
FillRect
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetMenuItemID
LoadMenuW
SendMessageW
PostMessageW
GetWindowRect
GetClientRect
InvalidateRect
GetFocus
GetCapture
WinHelpW
GetMenuState
SendDlgItemMessageA
GetParent
SetRectEmpty
EnableWindow
GetWindowLongW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
IsWindowEnabled
SetFocus
GetWindow
IsWindow
GetKeyState
InflateRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetSystemMetrics
ChildWindowFromPointEx
ReleaseDC
GetDC
GetClassNameW
MapVirtualKeyW
UnhookWinEvent
MessageBoxW
SetWinEventHook
LoadBitmapW
GetSysColor
CreatePopupMenu
RegisterWindowMessageW
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ClientToScreen
BeginPaint
EndPaint
GetKeyNameTextW
GetWindowThreadProcessId
TranslateAcceleratorW
GetDesktopWindow
BringWindowToTop
InsertMenuItemW
LoadAcceleratorsW
SetCursor
ReuseDDElParam
UnpackDDElParam
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
CopyAcceleratorTableW
SetRect
InvalidateRgn
CharNextW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperW
PostQuitMessage
ShowOwnedPopups
MapDialogRect
LockWindowUpdate
GetNextDlgGroupItem
MessageBeep
IsClipboardFormatAvailable
UnionRect
SetParent
InsertMenuW
SetMenuDefaultItem
ValidateRect
IsWindowVisible
RedrawWindow
OpenClipboard
SetForegroundWindow
ShowWindow
CloseClipboard
SetClipboardData
SetWindowContextHelpId
EmptyClipboard
PrintWindow
CreateMenu
GetClipboardData
GetDoubleClickTime
DestroyCursor
MapVirtualKeyExW
IsCharLowerW
GetWindowRgn
CharUpperBuffW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CreateAcceleratorTableW
SubtractRect
WaitMessage
GetMenuDefaultItem
IsMenu
GetSystemMenu
DeleteMenu
UnregisterClassW
GetSysColorBrush
LoadCursorW
DestroyAcceleratorTable
IsZoomed
DrawEdge
DrawFrameControl
SetCursorPos
CopyIcon
EnableScrollBar
FrameRect
DrawFocusRect
GetIconInfo
SetClassLongW
DrawStateW
CopyImage
LoadImageW
GetUpdateRect
GetWindowDC
GetAsyncKeyState
TrackPopupMenu
GetCursorPos
GetWindowTextW
EnumChildWindows

gdi32

SetROP2
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetBkMode
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
SaveDC
GetRgnBox
GetBkColor
GetTextColor
CreateEllipticRgn
LPtoDP
GetTextMetricsW
RestoreDC
GetClipBox
GetDCOrgEx
CreateFontIndirectW
CopyMetaFileW
CreateBitmap
SetBkColor
SetTextColor
DeleteObject
GetTextExtentPoint32W
GetTextFaceW
CreateRectRgn
CreateDIBSection
SelectObject
CreateDCW
GetDeviceCaps
DeleteDC
GetStockObject
SetDCBrushColor
Ellipse
GetDIBits
RealizePalette
SetPixel
EnumFontFamiliesW
GetTextCharsetInfo
CreateDIBitmap
Polyline
CreatePolygonRgn
Polygon
CreateRoundRectRgn
OffsetRgn
Rectangle
RoundRect
SetDIBColorTable
FrameRgn
FillRgn
GetPaletteEntries
CreatePalette
PtInRegion
GetBoundsRect
SetPaletteEntries
ExtFloodFill
GetNearestPaletteIndex
GetSystemPaletteEntries
SetPixelV
GetViewportOrgEx
GetWindowOrgEx
EnumFontFamiliesExW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StretchBlt
GetMapMode
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
DPtoLP
SetPolyFillMode
BitBlt

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

GetFileSecurityW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueW
RegDeleteValueW
RegCloseKey
SetFileSecurityW
RegQueryValueW
RegEnumKeyW

shell32

SHAppBarMessage
SHBrowseForFolderW
ExtractIconW
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetFileInfoW
SHGetSpecialFolderPathW
ShellExecuteW

comctl32

ImageList_GetIconSize
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIcon
ImageList_DrawEx
ImageList_GetImageCount

shlwapi

PathFindFileNameW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrStrIW
PathFileExistsW
SHDeleteKeyW
UrlUnescapeW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
OleFlushClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CreateStreamOnHGlobal
CLSIDFromString
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleDuplicateData
StringFromCLSID
CoTaskMemAlloc
ReleaseStgMedium
CoInitialize
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoRegisterMessageFilter
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator

oleaut32

VarUdateFromDate
LoadTypeLi
OleCreateFontIndirect
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocStringLen
VariantCopy
SysAllocString
SysFreeString
VariantClear

urlmon

UrlMkSetSessionOption
URLDownloadToFileW

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdiplusStartup
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipCloneImage
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdiplusShutdown

wininet

InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
InternetOpenUrlW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
FindFirstUrlCacheEntryW

winmm

PlaySoundW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
��9.61��52pojie��/��9.exe
.exe windows:4 windows x86 arch:x86

13f2c51465f152c72f1f074648f2bd8c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

07/01/2013, 00:00

Not After

07/01/2015, 23:59

Subject

CN=福州创意嘉和软件有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=技术中心,O=福州创意嘉和软件有限公司,L=FuZhou,ST=FuJian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:0a:7c:df:de:d7:6a:be:10:af:17:73:30:1d:8e:b1:3c:55:32:10
Signer

Actual PE Digest

87:0a:7c:df:de:d7:6a:be:10:af:17:73:30:1d:8e:b1:3c:55:32:10

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2805
ord960
ord6314
ord4179
ord6389
ord5445
ord6012
ord5775
ord2603
ord3180
ord3183
ord3176
ord3508
ord3652
ord703
ord773
ord2448
ord3903
ord5834
ord2044
ord3495
ord2233
ord3920
ord2094
ord3089
ord2754
ord2380
ord283
ord2243
ord2860
ord2089
ord793
ord3499
ord6270
ord1175
ord2614
ord5572
ord2919
ord772
ord3701
ord500
ord1862
ord6142
ord5606
ord2859
ord3573
ord3693
ord2567
ord5788
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6194
ord2405
ord2408
ord5860
ord3986
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord940
ord5787
ord4133
ord4297
ord1621
ord5856
ord536
ord2753
ord1195
ord472
ord6379
ord1228
ord467
ord809
ord556
ord5053
ord4774
ord613
ord289
ord2122
ord6358
ord1088
ord4259
ord4715
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord3700
ord498
ord771
ord2109
ord1008
ord3177
ord2765
ord765
ord5808
ord1075
ord5204
ord3229
ord923
ord3226
ord4203
ord859
ord4034
ord3005
ord2086
ord2116
ord3398
ord3733
ord810
ord4125
ord3287
ord2097
ord2123
ord6008
ord4000
ord926
ord3914
ord668
ord2770
ord356
ord501
ord4224
ord3698
ord3719
ord2358
ord2298
ord2450
ord4538
ord6449
ord2727
ord6467
ord2730
ord2729
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord6283
ord6282
ord4480
ord2784
ord816
ord562
ord1945
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord5260
ord4432
ord813
ord560
ord4273
ord4723
ord4508
ord2884
ord5101
ord2101
ord3351
ord4152
ord2382
ord2445
ord5852
ord3072
ord4413
ord326
ord4696
ord3058
ord3065
ord6336
ord2510
ord5243
ord1746
ord5577
ord3172
ord5653
ord2399
ord4387
ord3454
ord3198
ord6175
ord4623
ord4426
ord6080
ord4823
ord1825
ord4238
ord652
ord559
ord338
ord812
ord4858
ord4420
ord699
ord700
ord398
ord397
ord5862
ord6144
ord798
ord1997
ord6407
ord5194
ord533
ord2127
ord2391
ord2880
ord2383
ord2455
ord603
ord957
ord2458
ord6289
ord1083
ord879
ord273
ord404
ord3832
ord968
ord1648
ord1238
ord1572
ord2740
ord4216
ord5054
ord6605
ord4724
ord5105
ord5805
ord6803
ord3803
ord1847
ord411
ord709
ord3797
ord6876
ord4695
ord5939
ord2003
ord5730
ord2184
ord4214
ord3107
ord5616
ord988
ord3444
ord3193
ord4162
ord3353
ord4622
ord6451
ord3659
ord5197
ord3948
ord2185
ord2258
ord1081
ord913
ord715
ord3939
ord415
ord4189
ord4278
ord925
ord5597
ord5601
ord5632
ord5620
ord6928
ord4889
ord4963
ord4960
ord1725
ord517
ord784
ord1920
ord4262
ord6131
ord6216
ord777
ord2078
ord4317
ord6272
ord4287
ord6377
ord3994
ord5600
ord403
ord5622
ord2080
ord4614
ord4613
ord4464
ord2535
ord3755
ord5766
ord6874
ord5146
ord3752
ord6663
ord5037
ord1176
ord4243
ord2558
ord1642
ord2100
ord6007
ord6453
ord2645
ord3620
ord1871
ord5821
ord3662
ord414
ord713
ord1270
ord1232
ord6458
ord2652
ord1669
ord3754
ord6128
ord2634
ord6141
ord5859
ord4045
ord5610
ord2827
ord4333
ord2814
ord3810
ord5651
ord350
ord6153
ord5645
ord5583
ord6385
ord2393
ord3790
ord6929
ord6392
ord6222
ord2289
ord4124
ord2463
ord1651
ord5148
ord4694
ord3579
ord614
ord1206
ord2623
ord290
ord1223
ord6354
ord5500
ord5689
ord6462
ord2299
ord1158
ord3337
ord2820
ord6442
ord2542
ord5740
ord4953
ord3286
ord6380
ord5594
ord4400
ord3630
ord682
ord2639
ord3021
ord6762
ord1802
ord1934
ord1935
ord6662
ord1980
ord1770
ord1601
ord3185
ord3181
ord2781
ord2776
ord2152
ord5781
ord6119
ord861
ord857
ord850
ord853
ord465
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord815
ord561
ord4046
ord2145
ord2144
ord6225
ord5231
ord5247
ord2132
ord4601
ord1106
ord5301
ord986
ord520
ord4159
ord6117
ord617
ord1989
ord296
ord1205
ord1134
ord824
ord5435
ord1683
ord1673
ord2628
ord5980
ord2641
ord4122
ord6214
ord6196
ord4298
ord5948
ord3088
ord3875
ord3872
ord3871
ord6198
ord4286
ord4283
ord3137
ord3796

msvcrt

rewind
fread
free
fgets
fopen
fseek
fgetc
fclose
fputc
rand
time
srand
__CxxFrameHandler
sscanf
clock
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
atoi
__p__fmode
__set_app_type
_getch
ftell
atol
_purecall
_mbsicoll
_mbsnbcmp
_ismbcprint
_ismbcalnum
_ismbcalpha
_ismbcdigit
_mbctolower
_mbctoupper
_makepath
_mbslen
ceil
_endthread
_beginthread
_CIpow
setlocale
malloc
wcscpy
wcslen
_ftol
memmove
strncpy
fwrite
fprintf
tmpnam
floor
strstr
_stricmp
sprintf
_splitpath
_itoa
strncmp
isprint
isalnum
isspace
_stat
strtoul
isdigit
isalpha
strchr
strrchr
islower
exit
__p___argv
__p___argc
strtod
freopen
_iob
toupper
_mbschr
tolower
_ismbcspace
_mbspbrk
_mbsnbicmp
_mbscmp
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_CxxThrowException
strpbrk
_mbsicmp
_tempnam
??8type_info@@QBEHABV0@@Z
strtol
_strdup
realloc
calloc
_mbsnbcpy
qsort
printf
isxdigit
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln
__getmainargs
_setmbcp
__mb_cur_max
_isctype
_pctype
isupper
_mbstok
_beginthreadex
_mbsstr
mbstowcs
_wcslwr
wcsstr
_strnicmp
longjmp
_setjmp3
abort
_controlfp

kernel32

lstrcatA
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
lstrcpynA
GetProcessHeap
HeapAlloc
HeapFree
CreateThread
GetExitCodeThread
MulDiv
ResetEvent
CopyFileExA
GetProcAddress
SetEvent
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
IsDBCSLeadByte
GetPrivateProfileSectionNamesA
WinExec
GetPrivateProfileSectionA
WritePrivateProfileSectionA
MoveFileA
Sleep
SuspendThread
ResumeThread
TerminateThread
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
CreateFileA
WriteFile
CloseHandle
FindFirstFileA
FindNextFileA
GetLastError
FormatMessageA
LocalAlloc
LocalFree
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetVersion
GetVersionExA
lstrcmpA
GetPrivateProfileStringA
CopyFileA
GetFileAttributesA
WritePrivateProfileStringA
InterlockedDecrement
GetTempFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetPrivateProfileIntA
DeleteCriticalSection
CreateProcessA
WaitForSingleObject
GetTempPathA
CreateDirectoryA
DeleteFileA
IsBadReadPtr
SetFileAttributesA
MoveFileExA
GetTickCount
GetModuleFileNameA
GlobalSize
GlobalReAlloc
GetDateFormatA
GetLocaleInfoA
SearchPathA
SetThreadPriority
GetTimeFormatA
SetLastError
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
SetUnhandledExceptionFilter
Module32Next
Module32First
CreateToolhelp32Snapshot
SystemTimeToFileTime
GetFileSizeEx
SleepEx
FileTimeToSystemTime
GetFileInformationByHandle
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
LCMapStringA
TerminateProcess
VirtualFree
VirtualQuery
GetSystemInfo
GetStringTypeExA
GetUserDefaultLCID
InterlockedCompareExchange
FlushInstructionCache
VirtualAlloc
DeviceIoControl
WriteProfileStringA
GetProfileStringA
FindClose
GetCurrentProcessId
EndUpdateResourceA
BeginUpdateResourceA
SizeofResource
FindResourceExA
LoadLibraryExA
ReadFile
SetFilePointer
UpdateResourceA
InterlockedIncrement
UnmapViewOfFile
MapViewOfFile
CreateMutexA
CreateFileMappingA
VirtualProtect
IsBadCodePtr
GetCurrentThreadId
EnumResourceTypesA
EnumResourceNamesA
EnumResourceLanguagesA
SetPriorityClass
GetCurrentProcess
GetFileAttributesExA
IsDebuggerPresent
InterlockedExchange
Beep
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
PulseEvent
WaitForMultipleObjects
GetACP
GlobalFree
GetFileSize
GetCurrentThread
OutputDebugStringA
ReadProcessMemory
OpenProcess
ReleaseMutex
GetStartupInfoA
CreateEventA
InitializeCriticalSection

user32

LoadImageA
GetDC
DrawTextA
ReleaseDC
DrawIconEx
SystemParametersInfoA
CopyRect
FillRect
DrawEdge
SetRect
GetMenuItemInfoA
GetMenuStringA
ClientToScreen
SetForegroundWindow
GetSysColor
GetWindowTextA
EnumWindows
SetRectEmpty
InflateRect
GetClassNameA
GetAsyncKeyState
InvalidateRect
DestroyIcon
IsIconic
LoadIconA
LoadMenuA
GetSubMenu
EnableWindow
SendMessageA
GetKeyState
GetParent
RedrawWindow
IsWindow
GetSystemMetrics
GetWindowLongA
SetWindowLongA
KillTimer
SetTimer
PostMessageA
GetDesktopWindow
OffsetRect
SetWindowRgn
IsWindowVisible
GetClientRect
GetWindowRect
LoadCursorA
wsprintfA
FindWindowExA
TrackPopupMenu
ScreenToClient
GetCursorPos
MessageBoxA
MoveWindow
UpdateWindow
IsRectEmpty
DrawFrameControl
GetDlgCtrlID
ReleaseCapture
DispatchMessageA
GetMessageA
PtInRect
SetCapture
GetCapture
SetParent
SetMenuDefaultItem
GetWindow
IsChild
GetFocus
CreateWindowExA
DestroyWindow
EnableMenuItem
EqualRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
DefWindowProcA
GetClassInfoA
IntersectRect
GetMessagePos
InvertRect
ClipCursor
CopyIcon
IsClipboardFormatAvailable
SetFocus
SetWindowContextHelpId
PostQuitMessage
CreateMenu
GetDlgItem
LockWindowUpdate
ChildWindowFromPointEx
PostThreadMessageA
GetSystemMenu
GetPropA
InsertMenuA
RegisterHotKey
MapWindowPoints
MapVirtualKeyA
GetWindowThreadProcessId
UnregisterHotKey
CheckMenuItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
CallWindowProcA
IsZoomed
TrackMouseEvent
SetWindowPos
EnumDisplaySettingsA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
ShowWindow
TranslateMessage
PeekMessageA
DrawIcon
GetGUIThreadInfo
GetForegroundWindow
SetCursorPos
GetSysColorBrush
LoadBitmapA
RemoveMenu
DeleteMenu
RegisterWindowMessageA
ValidateRect
GetUpdateRect
UnionRect
BringWindowToTop
SetClassLongA
SetScrollPos
EnableScrollBar
ShowScrollBar
IsWindowEnabled
GetClassLongA
MessageBeep
HideCaret
CopyImage
GetNextDlgGroupItem
SetMenu
GetTopWindow
DestroyAcceleratorTable
DestroyMenu
GetMenuDefaultItem
CharUpperA
GetMenu
RegisterClipboardFormatA
GetWindowPlacement
GetScrollPos
ShowCaret
CreateCaret
DestroyCaret
SetCaretPos
GetTabbedTextExtentA
GetCaretPos
WinHelpA
WaitMessage
GetLastActivePopup
SubtractRect
CreateAcceleratorTableA
CopyAcceleratorTableA
LoadAcceleratorsA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
GetScrollInfo
CharUpperBuffA
IsCharLowerA
GetKeyNameTextA
MapVirtualKeyExA
EnumChildWindows
GetWindowRgn
GetDoubleClickTime
TranslateAcceleratorA
SendInput
UnregisterClassA
RegisterClassA
EndDialog
SetWindowTextA
LoadStringA
TabbedTextOutA
GrayStringA
DestroyCursor
IsMenu
GetNextDlgTabItem
SetCursor
GetActiveWindow
WindowFromPoint
DrawFocusRect
FrameRect
ModifyMenuA
GetMenuItemCount
GetMenuState
GetMenuItemID
CreatePopupMenu
DrawStateA
CreateIconIndirect
GetWindowDC
GetIconInfo
AppendMenuA

gdi32

GetBkColor
GetTextMetricsA
LPtoDP
DPtoLP
CreateFontA
GetClipBox
CreateBitmap
SetBkColor
CreateHatchBrush
Rectangle
ExtTextOutA
TextOutA
RectVisible
PtVisible
PatBlt
GetPixel
SetPixel
CreateDIBSection
BitBlt
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreatePen
GetBkMode
GetDeviceCaps
GetCurrentObject
SelectObject
CreateSolidBrush
SetTextColor
GetStockObject
GetObjectA
CreateFontIndirectA
DeleteObject
CreateCompatibleDC
StretchBlt
CreateRoundRectRgn
SetBkMode
CreateRectRgn
FrameRgn
FillRgn
OffsetRgn
CombineRgn
CreatePolygonRgn
GetTextColor
CreateRectRgnIndirect
RoundRect
GetDIBits
CreateDCA
CreateCompatibleBitmap
CreatePatternBrush
Polygon
Escape
GetNearestColor
GetBrushOrgEx
SetBrushOrgEx
SetDIBits
SetPixelV
SetPaletteEntries
ExtFloodFill
GetSystemPaletteEntries
GetNearestPaletteIndex
GetBoundsRect
PtInRegion
CreatePalette
GetPaletteEntries
GetRgnBox
SetRectRgn
SelectPalette
RealizePalette
GetDCOrgEx
GetObjectType
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesA
CreateEllipticRgn
Polyline

advapi32

RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
RegEnumValueA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
OpenSCManagerA
RegDeleteValueA
RegQueryValueA

shell32

SHAppBarMessage
Shell_NotifyIconA
SHGetSpecialFolderPathA
SHGetFileInfoA
DragQueryFileA
DragFinish
ExtractIconExA
SHFileOperationA
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
FindExecutableA
ExtractIconA
ShellExecuteA
SHGetMalloc

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_GetIconSize
_TrackMouseEvent
ImageList_Remove
ImageList_Replace
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
ImageList_Destroy
ImageList_GetBkColor

ole32

StringFromCLSID
CoFreeUnusedLibraries
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromString
CoInitializeEx
OleUninitialize
CoTaskMemFree
StgCreateDocfileOnILockBytes
OleRun
CoCreateInstance
CLSIDFromProgID
StgCreateDocfile
ProgIDFromCLSID

oleaut32

VariantClear
VariantInit
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VariantCopy
SysAllocStringLen
LoadTypeLi
SysStringLen
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector
GetErrorInfo
SysFreeString

urlmon

URLDownloadToFileA

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_7bad_exception@std@@6B@
??1bad_exception@std@@UAE@XZ
??0bad_exception@std@@QAE@ABV01@@Z
??1logic_error@std@@UAE@XZ
?what@runtime_error@std@@UBEPBDXZ
?_Doraise@runtime_error@std@@MBEXXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IID@Z
??Nstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0runtime_error@std@@QAE@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1locale@std@@QAE@XZ
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??_7runtime_error@std@@6B@
??0runtime_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??1runtime_error@std@@UAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??_7logic_error@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?what@logic_error@std@@UBEPBDXZ
?_Xlen@std@@YAXXZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7out_of_range@std@@6B@
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
??0ios_base@std@@IAE@XZ

gdiplus

GdipDisposeImage
GdipAlloc
GdiplusShutdown
GdipGetImageThumbnail
GdipGetImageHeight
GdipGetImageWidth
GdipCreateBitmapFromFile
GdiplusStartup
GdipCloneImage
GdipFree
GdipCreateHBITMAPFromBitmap

winmm

timeGetTime
PlaySoundA

wininet

InternetSetOptionA
DeleteUrlCacheEntry

shlwapi

PathFileExistsA
SHDeleteKeyA
PathFindExtensionA

ws2_32

htons
ntohs
inet_addr
WSAConnect
WSASend
WSAEnumNetworkEvents
WSARecv
shutdown
WSAEventSelect
WSAWaitForMultipleEvents
closesocket
WSASocketA
inet_ntoa
ntohl
setsockopt
gethostbyname
WSAGetLastError
WSAStartup
htonl

syntconv

ConvertScriptString

uxtheme

SetThemeAppProperties

refs

ord5
ord4

rpcrt4

UuidCreate
UuidToStringA
RpcStringFreeA

imagehlp

ImageNtHeader
MakeSureDirectoryPathExists

dinput8

DirectInput8Create

msimg32

GradientFill
TransparentBlt

comdlg32

GetOpenFileNameA
GetFileTitleA

olepro32

ord251

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 836KB - Virtual size: 833KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e630a52e99cba1c17ccb05f90aaddfb1

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

3c:bc:e2:de:50:f1:13:0c:81:e6:46:c1:79:33:12:72Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

syntconv

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 124KB - Virtual size: 120KB

278ce3f6bca07a736fa9bba94f7a89b1

Headers

File Characteristics

Imports

msvbvm60

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 118KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

2839cb0ebb031fc4407ca6c9690cb465

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78Certificate

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

f7:f6:1e:58:a5:06:c7:68:f7:51:18:ad:e0:0c:4e:27:14:05:de:85Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

3c:bc:e2:de:50:f1:13:0c:81:e6:46:c1:79:33:12:72
Certificate

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 124KB - Virtual size: 120KB

.text
Size: 120KB - Virtual size: 118KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

f7:f6:1e:58:a5:06:c7:68:f7:51:18:ad:e0:0c:4e:27:14:05:de:85
Signer

.text
Size: 243KB - Virtual size: 242KB

.rdata
Size: 88KB - Virtual size: 88KB

.data
Size: 14KB - Virtual size: 37KB

.pdata
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 12KB - Virtual size: 11KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

2d:af:fb:7a:20:58:8a:40:87:11:b7:98:fd:3d:fc:f8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

99:81:c0:82:8b:1c:c1:93:ce:07:e3:c1:8f:45:0a:cb:6b:16:14:17
Signer

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 20KB - Virtual size: 17KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

61:0e:7d:a7:00:00:00:00:00:48
Certificate

07:16:79:f2:31:8b:3f:8a:bf:35:d8:e9:f0:71:c6:c1:69:48:39:b7
Signer