Decrypt
Encrypt
Overview
overview
7Static
static
31764d4cc22...18.exe
windows7-x64
31764d4cc22...18.exe
windows10-2004-x64
3$PLUGINSDI...64.dll
windows7-x64
3$PLUGINSDI...64.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ew.dll
windows7-x64
3$PLUGINSDI...ew.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$TEMP/KWMU...te.exe
windows7-x64
7$TEMP/KWMU...te.exe
windows10-2004-x64
7$PLUGINSDI...64.dll
windows7-x64
3$PLUGINSDI...64.dll
windows10-2004-x64
3$PLUGINSDI...ew.dll
windows7-x64
3$PLUGINSDI...ew.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/inetc.dll
windows7-x64
3$PLUGINSDIR/inetc.dll
windows10-2004-x64
3$TEMP/soba...wo.exe
windows7-x64
3$TEMP/soba...wo.exe
windows10-2004-x64
3$PROGRAM_F...er.exe
windows7-x64
1$PROGRAM_F...er.exe
windows10-2004-x64
1$PROGRAM_F...ar.dll
windows7-x64
7$PROGRAM_F...ar.dll
windows10-2004-x64
7$PROGRAM_F...rX.dll
windows7-x64
7$PROGRAM_F...rX.dll
windows10-2004-x64
7Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
1764d4cc2235589a40c9349cc89c47ed_JaffaCakes118.exe
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1764d4cc2235589a40c9349cc89c47ed_JaffaCakes118.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Base64.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Base64.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/KuWoNsis_new.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/KuWoNsis_new.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral13
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20240611-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral14
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral15
Sample
$TEMP/KWMUSIC/DownloadUpdate.exe
Resource
win7-20240508-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral16
Sample
$TEMP/KWMUSIC/DownloadUpdate.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral17
Sample
$PLUGINSDIR/Base64.dll
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral18
Sample
$PLUGINSDIR/Base64.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral19
Sample
$PLUGINSDIR/KuWoNsis_new.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral20
Sample
$PLUGINSDIR/KuWoNsis_new.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral21
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral22
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral23
Sample
$PLUGINSDIR/inetc.dll
Resource
win7-20231129-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral24
Sample
$PLUGINSDIR/inetc.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral25
Sample
$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral26
Sample
$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral27
Sample
$PROGRAM_FILES/Baidu/ASBarBroker.exe
Resource
win7-20240611-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral28
Sample
$PROGRAM_FILES/Baidu/ASBarBroker.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral29
Sample
$PROGRAM_FILES/Baidu/AddressBar.dll
Resource
win7-20240508-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral30
Sample
$PROGRAM_FILES/Baidu/AddressBar.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral31
Sample
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll
Resource
win7-20240221-en
windows7-x64
7 signatures
150 seconds
General
-
Target
1764d4cc2235589a40c9349cc89c47ed_JaffaCakes118
-
Size
2.4MB
-
MD5
1764d4cc2235589a40c9349cc89c47ed
-
SHA1
537e695f1062e4390a1aac04c4bc7e77fea16d56
-
SHA256
c3227fa2db0c6834e9fb31ff6692e4d8b1080cc402daea2ee45552a1ae2d02d6
-
SHA512
f8b61463abe22c4205fc1a5924f517577fa8ded0b306cb075e02330508ef3322a52b4b1df6acc602880293f998fae6ae0fdc2d7d2d0ad5511658047ce96ea1fa
-
SSDEEP
49152:EWyVTZSJrqJwpSPLCI7NM9O7zXlmka5IoPJ61d7a79JOr:HYgrsKSDzsOvR0J611a79u
Score
3/10
Malware Config
Signatures
-
Unsigned PE 10 IoCs
Checks for missing Authenticode signature.
resource 1764d4cc2235589a40c9349cc89c47ed_JaffaCakes118 unpack001/$PLUGINSDIR/Base64.dll unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/KillProcDLL.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/inetc.dll unpack002/$PLUGINSDIR/Base64.dll unpack002/$PLUGINSDIR/System.dll unpack002/$PLUGINSDIR/inetc.dll unpack001/bin/KwDataDef.dll -
NSIS installer 3 IoCs
resource yara_rule sample nsis_installer_1 static1/unpack001/$TEMP/KWMUSIC/DownloadUpdate.exe nsis_installer_1 static1/unpack001/$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe nsis_installer_1
Files
-
1764d4cc2235589a40c9349cc89c47ed_JaffaCakes118.exe windows:4 windows x86 arch:x86
237a51742fed62d237b6f1b75452402f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
user32
ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA
gdi32
SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 440KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$1
-
$APPDATA/kuwo/Conf/p2pconf/setup.xml.xml
-
$PLUGINSDIR/Base64.dll.dll windows:4 windows x86 arch:x86
472def3d6dc5d4ffe27376a831b4d49b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW
Exports
Exports
Sections
.text Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
57354bdeea3dfae6e948101add87501a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc
user32
GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA
gdi32
SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
Exports
Exports
dialog
initDialog
show
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 954B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/KillProcDLL.dll.dll windows:4 windows x86 arch:x86
815c88741b87a0210c457b00b57bf9c6
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
Exports
Exports
KillProc
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/KuWoNsis_new.dll.dll windows:4 windows x86 arch:x86
c1c7e2e49a726b988d79dc6456f258fb
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
d9:05:0b:ab:e3:0f:fb:91:0a:91:cd:a2:18:27:92:0e:07:99:24:a2Signer
Actual PE Digestd9:05:0b:ab:e3:0f:fb:91:0a:91:cd:a2:18:27:92:0e:07:99:24:a2Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\KwProjects\NsisPlugin\KuWoNsis\Release\KuWoNsis.pdb
Imports
kernel32
lstrcpyA
lstrcpynA
GlobalAlloc
FindClose
FindFirstFileA
MoveFileExA
DeleteFileA
GlobalFree
GetVersionExA
CreateDirectoryA
MoveFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetLogicalDrives
GetDriveTypeA
CreateFileA
CloseHandle
FindNextFileA
DeviceIoControl
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
Sleep
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
VirtualProtect
GetSystemInfo
VirtualQuery
advapi32
RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA
shell32
SHGetSpecialFolderPathA
Exports
Exports
AddDirAccessRights
AddRegAccessRights
CreateCachePath
DecodePath
GetFileName
GetInstallDate
ModifyCacheFileAsNow
RenameDeletePathAllFiles
XORBase64
Sections
.text Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 494B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/inetc.dll.dll windows:4 windows x86 arch:x86
5d31a4a9e83c0a8e38bab1f57d28402c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
msvcrt
strtoul
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
memset
_mbsstr
_mbschr
strtol
strlen
kernel32
DeleteFileA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
WriteFile
ReadFile
lstrlenA
lstrcmpA
lstrcpynA
GetLastError
CreateFileA
GlobalFree
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
user32
MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
IsWindow
SendMessageA
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowTextA
wininet
HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetCloseHandle
InternetErrorDlg
InternetSetFilePointer
InternetQueryOptionA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile
comctl32
ord17
Exports
Exports
get
head
post
put
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/kwsobar.bmp
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/sobar/KwMusic_sobar.ini
-
$TEMP/KWMUSIC/BindConfig.ini
-
$TEMP/KWMUSIC/DownloadUpdate.exe.exe windows:4 windows x86 arch:x86
237a51742fed62d237b6f1b75452402f
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
84:18:47:6c:93:c4:7c:00:61:d2:02:00:fa:8b:04:83:95:b1:40:2fSigner
Actual PE Digest84:18:47:6c:93:c4:7c:00:61:d2:02:00:fa:8b:04:83:95:b1:40:2fDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA
user32
ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA
gdi32
SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 288KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/Base64.dll.dll windows:4 windows x86 arch:x86
472def3d6dc5d4ffe27376a831b4d49b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW
Exports
Exports
Decrypt
Encrypt
Sections
.text Size: 16KB - Virtual size: 12KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/KuWoNsis_new.dll.dll windows:4 windows x86 arch:x86
29fd838184a64d185951b6564c3a17b4
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
b1:22:b7:18:62:e6:6f:8e:54:df:fb:54:88:00:f2:0f:a2:1d:12:64Signer
Actual PE Digestb1:22:b7:18:62:e6:6f:8e:54:df:fb:54:88:00:f2:0f:a2:1d:12:64Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\KwProjects\NsisPlugin\KuWoNsis\Release\KuWoNsis.pdb
Imports
kernel32
lstrcpyA
lstrcpynA
GlobalAlloc
FindClose
FindFirstFileA
MoveFileExA
DeleteFileA
GlobalFree
GetVersionExA
CreateDirectoryA
MoveFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetLogicalDrives
GetDriveTypeA
CreateFileA
CloseHandle
FindNextFileA
DeviceIoControl
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
HeapFree
OutputDebugStringA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThreadId
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
Sleep
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
VirtualProtect
GetSystemInfo
VirtualQuery
advapi32
RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA
shell32
SHGetSpecialFolderPathA
Exports
Exports
AddDirAccessRights
AddRegAccessRights
CreateCachePath
DecodePath
GetFileName
GetInstallDate
ModifyCacheFileAsNow
RenameDeletePathAllFiles
XORBase64
Sections
.text Size: 60KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 494B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/inetc.dll.dll windows:4 windows x86 arch:x86
5d31a4a9e83c0a8e38bab1f57d28402c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
msvcrt
strtoul
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
memset
_mbsstr
_mbschr
strtol
strlen
kernel32
DeleteFileA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
WriteFile
ReadFile
lstrlenA
lstrcmpA
lstrcpynA
GetLastError
CreateFileA
GlobalFree
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
user32
MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
IsWindow
SendMessageA
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowTextA
wininet
HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetCloseHandle
InternetErrorDlg
InternetSetFilePointer
InternetQueryOptionA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile
comctl32
ord17
Exports
Exports
get
head
post
put
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe.exe windows:4 windows x86 arch:x86
73b73e00f465fa1a2a3bf6377a40219b
Code Sign
04:00:00:00:00:01:20:19:c1:90:66Certificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before18/03/2009, 11:00Not After28/01/2028, 12:00SubjectCN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
01:00:00:00:00:01:25:b0:b4:cc:01Certificate
IssuerCN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSignNot Before21/12/2009, 09:32Not After22/12/2020, 09:32SubjectCN=GlobalSign Time Stamping Authority,O=GlobalSign NV,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
MulDiv
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA
user32
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
FindWindowExA
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/ASBarBroker.exe.exe windows:4 windows x86 arch:x86
8cb73f23fc4ffce04345bba981c347fe
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
psapi
GetModuleFileNameExW
kernel32
OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetProcAddress
LoadLibraryW
GetLongPathNameW
GetCurrentThreadId
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
DebugBreak
GetShortPathNameW
OpenProcess
CreateFileW
DeviceIoControl
GetVersionExW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
lstrlenA
InterlockedIncrement
GetModuleFileNameW
CreateEventW
CreateThread
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
VirtualAllocEx
GetConsoleCP
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
user32
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
CharNextW
PostThreadMessageW
UnregisterClassA
CharLowerBuffW
advapi32
RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
shell32
ShellExecuteExW
SHGetFolderPathW
ole32
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
oleaut32
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
VarUI4FromStr
shlwapi
PathFileExistsW
StrCmpNIW
SHGetValueW
Sections
.text Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/AddressBar.dll.dll regsvr32 windows:4 windows x86 arch:x86
c6079cff13dd538f8c2b93227d9d6d6c
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\cygwin\home\scmpf\compiler_src\pupeng_213326_win32\app\gensoft\bar\address-search\Res\Chinese\Baidudg\AddressBar.pdb
Imports
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
ws2_32
gethostname
WSAStartup
gethostbyname
inet_ntoa
WSACleanup
shlwapi
StrDupW
PathRemoveFileSpecW
StrCmpNW
UrlCanonicalizeW
UrlUnescapeA
StrCmpIW
PathRemoveFileSpecA
PathIsDirectoryA
SHDeleteValueW
PathFileExistsW
StrStrIW
SHGetValueW
StrCpyNW
SHDeleteKeyW
SHSetValueW
dbghelp
ImageDirectoryEntryToData
winmm
timeGetTime
iphlpapi
GetAdaptersInfo
GetNetworkParams
wininet
InternetConnectA
InternetConnectW
HttpOpenRequestA
HttpOpenRequestW
InternetCloseHandle
InternetSetStatusCallbackA
InternetSetStatusCallbackW
HttpSendRequestW
InternetOpenW
InternetQueryOptionW
DeleteUrlCacheEntryW
InternetGetCookieW
InternetCrackUrlW
InternetOpenUrlW
InternetSetOptionW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
GetUrlCacheEntryInfoW
rpcrt4
UuidCreate
setupapi
SetupIterateCabinetW
imm32
ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmGetCompositionWindow
kernel32
GetConsoleCP
GetModuleFileNameA
GetConsoleMode
LoadLibraryA
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
InterlockedDecrement
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
InterlockedIncrement
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
lstrlenA
DebugBreak
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
DisableThreadLibraryCalls
LocalFree
CloseHandle
ResumeThread
SetThreadPriority
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteFileW
GetACP
GetCurrentThreadId
WideCharToMultiByte
GetTickCount
GlobalUnlock
GlobalLock
CreateFileW
DeviceIoControl
GetVersionExW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
SwitchToThread
GetCurrentProcessId
GetCommandLineW
Sleep
GetPrivateProfileIntW
GetPrivateProfileStringW
MoveFileExW
CreateDirectoryW
GetCurrentDirectoryA
GetSystemDirectoryW
GetLongPathNameW
TerminateThread
CopyFileW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
TryEnterCriticalSection
GetLocalTime
CompareStringW
GetWindowsDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
WriteFile
GetTempFileNameW
GetTempPathW
LockResource
GlobalFree
GlobalAlloc
SetErrorMode
GetFileSize
FileTimeToSystemTime
GetShortPathNameW
lstrcatW
lstrcpyW
WritePrivateProfileStringW
FindNextFileW
FindClose
FindFirstFileW
FreeResource
WriteProcessMemory
ReadProcessMemory
VirtualProtect
VirtualQuery
lstrcmpiA
GetFileInformationByHandle
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
LocalAlloc
GetProcessHeap
GlobalReAlloc
GetFileAttributesA
DeleteFileA
AreFileApisANSI
CreateFileA
GetTempPathA
FlushFileBuffers
SetEndOfFile
UnlockFile
LockFile
LockFileEx
GetFullPathNameA
GetFullPathNameW
GetSystemTime
GetSystemTimeAsFileTime
SetCurrentDirectoryA
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
CreateThread
FileTimeToLocalFileTime
GetDriveTypeW
GetDriveTypeA
GetEnvironmentStrings
FindFirstFileA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
HeapDestroy
HeapCreate
FatalAppExitA
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
SetStdHandle
ExitThread
IsDebuggerPresent
GetVersionExA
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
TerminateProcess
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
UnhandledExceptionFilter
RemoveDirectoryW
SetUnhandledExceptionFilter
user32
GetCapture
CreateIconFromResourceEx
CharLowerBuffW
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
GetClassLongW
KillTimer
SetTimer
wsprintfW
RemovePropW
SetPropW
GetPropW
OffsetRect
SetCursor
IsWindowEnabled
GetWindowDC
ScreenToClient
MoveWindow
GetWindowTextLengthW
SetFocus
GetWindow
MapWindowPoints
SetWindowPos
GetDlgItem
EndDialog
MessageBoxW
CharLowerW
FindWindowW
SetWindowTextW
GetActiveWindow
DialogBoxParamW
FindWindowExW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgCtrlID
IsWindowVisible
EnumChildWindows
GetKeyState
GetClassNameW
GetParent
GetWindowThreadProcessId
WindowFromPoint
GetWindowRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
PtInRect
LoadCursorW
IsWindow
ShowWindow
PostMessageW
UpdateWindow
SetRectEmpty
CreateDialogParamW
BeginPaint
EndPaint
RegisterWindowMessageW
InvalidateRect
FillRect
GetClientRect
SystemParametersInfoW
GetWindowTextW
ReleaseDC
GetDC
GetFocus
CharLowerBuffA
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DefWindowProcW
GetWindowLongW
SetWindowLongW
CharNextW
LoadIconW
GetSysColor
DrawFocusRect
LoadStringW
InflateRect
CopyRect
DrawTextW
SendMessageW
DrawIconEx
SetScrollPos
ReleaseCapture
UpdateLayeredWindow
SetRect
GetSystemMetrics
RegisterClassW
SetCapture
DestroyIcon
GetScrollInfo
SetScrollInfo
ShowScrollBar
PeekMessageW
GetDesktopWindow
CharUpperBuffW
CharUpperW
MonitorFromRect
GetMonitorInfoW
GetCursorPos
LoadImageW
UnregisterClassA
CallWindowProcW
gdi32
GetTextExtentPoint32W
CreateFontIndirectW
DeleteDC
SelectObject
TextOutW
DeleteObject
ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
GetDIBits
SetTextColor
SetBkMode
SetBkColor
GetPixel
ExtTextOutW
GetTextExtentPointW
BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontW
GetStockObject
GetCurrentObject
MoveToEx
CreateCompatibleBitmap
LineTo
CreatePen
GetObjectW
CreateSolidBrush
advapi32
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
CryptDuplicateKey
CryptDecrypt
CryptEncrypt
RegOpenKeyW
RegEnumKeyExA
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
CryptDestroyKey
RegQueryValueExW
RegCreateKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
shell32
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
ExtractIconW
SHGetSpecialFolderPathW
DragQueryFileA
ord85
ole32
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
RevokeDragDrop
CoInitialize
CoUninitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize
oleaut32
SysAllocString
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
SysFreeString
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantCopy
SysStringLen
VariantClear
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo
msimg32
AlphaBlend
urlmon
CoInternetGetSession
Exports
Exports
DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RemoveOldVersion
RunOnceUpdate
SVCUninstall
UpdateASBar
_sqlite3_key_interop@12
_sqlite3_rekey_interop@12
Sections
.text Size: 872KB - Virtual size: 872KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 155KB - Virtual size: 154KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll.dll regsvr32 windows:4 windows x86 arch:x86
8468b88eb97c7ed8e903637ad8f51134
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
c:\cygwin\home\scmpf\compiler_src\pupeng_241595_win32\app\gensoft\bar\toolbar\chinese_unicode_release\BaiduBarX.pdb
Imports
setupapi
SetupIterateCabinetW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
imm32
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
shlwapi
PathFindFileNameW
SHDeleteKeyW
SHSetValueW
SHGetValueW
PathRemoveExtensionW
PathFileExistsW
SHDeleteValueW
UrlCombineW
StrCpyW
PathIsDirectoryA
PathRemoveFileSpecA
StrCmpIW
StrStrIW
UrlUnescapeA
UrlCanonicalizeW
StrRetToStrW
StrRetToStrA
UrlEscapeW
SHCopyKeyW
UrlUnescapeW
PathIsDirectoryW
PathRemoveFileSpecW
wininet
InternetQueryOptionW
InternetCrackUrlW
FindFirstUrlCacheGroup
DeleteUrlCacheGroup
FindNextUrlCacheGroup
FindCloseUrlCache
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
InternetOpenUrlW
InternetGetCookieW
HttpSendRequestExW
HttpEndRequestW
InternetGetConnectedState
InternetOpenA
InternetSetOptionA
InternetQueryDataAvailable
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetSetCookieW
DeleteUrlCacheEntryW
HttpQueryInfoW
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlW
InternetConnectA
urlmon
URLDownloadToFileW
CoInternetGetSession
rpcrt4
UuidCreate
iphlpapi
GetNetworkParams
GetAdaptersInfo
ws2_32
gethostbyname
gethostname
kernel32
InterlockedDecrement
lstrlenW
lstrlenA
DebugBreak
OutputDebugStringW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCurrentThreadId
InterlockedIncrement
CreateProcessW
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
CreateFileW
CloseHandle
WriteFile
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
WaitForSingleObject
CreateMutexW
ReleaseMutex
DeleteFileW
ResumeThread
SetThreadPriority
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
FreeLibrary
lstrcmpiW
TryEnterCriticalSection
LoadLibraryExW
MultiByteToWideChar
IsProcessorFeaturePresent
GetVersionExW
LoadLibraryA
CopyFileW
DeviceIoControl
GetSystemDirectoryW
GetPrivateProfileStringW
GetTickCount
GetACP
CompareStringW
GetCurrentProcessId
FindClose
FindNextFileW
FindFirstFileW
TerminateThread
GetExitCodeThread
OpenMutexW
GetFullPathNameW
GlobalFree
MulDiv
RemoveDirectoryW
Sleep
ReadFile
GetFileSize
Thread32Next
SuspendThread
OpenThread
Thread32First
CreateToolhelp32Snapshot
UnmapViewOfFile
SetUnhandledExceptionFilter
MapViewOfFile
CreateFileMappingW
TerminateProcess
OpenProcess
SwitchToThread
GetCommandLineW
GetCurrentProcess
GetPrivateProfileIntW
Process32NextW
Process32FirstW
WritePrivateProfileStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFileAttributesW
lstrcmpW
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableW
GlobalSize
MoveFileExW
SetErrorMode
FreeResource
GetShortPathNameW
InterlockedExchange
ReadProcessMemory
SetFilePointer
lstrcatW
lstrcpyW
GetTempFileNameW
GetSystemTime
VirtualFree
VirtualAlloc
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileAttributesA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
GetStdHandle
GetModuleFileNameA
FatalAppExitA
HeapDestroy
HeapCreate
HeapSize
ExitProcess
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
GetDriveTypeA
GetFullPathNameA
CompareStringA
FlushInstructionCache
InterlockedCompareExchange
ExpandEnvironmentStringsW
GetVersionExA
SetEnvironmentVariableA
DisableThreadLibraryCalls
user32
SetWindowRgn
GetMenuItemRect
RemovePropW
GetPropW
SetPropW
SetMenuItemInfoW
DrawStateW
TrackPopupMenuEx
ModifyMenuW
MessageBeep
FrameRect
GetMessagePos
GetSystemMetrics
LoadBitmapW
PeekMessageW
GetSubMenu
CharLowerBuffA
WaitForInputIdle
CreateIconFromResourceEx
CharNextA
EqualRect
SetActiveWindow
ScrollWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharUpperW
CreateMenu
InsertMenuW
TrackPopupMenu
MonitorFromPoint
RemoveMenu
AppendMenuW
CreatePopupMenu
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
ReleaseCapture
GetSysColor
SetCursor
GetDlgCtrlID
SetFocus
SetCapture
IsWindowEnabled
UpdateWindow
DrawFocusRect
SetRectEmpty
OffsetRect
EnableWindow
RedrawWindow
GetWindowTextLengthW
DrawTextW
DestroyIcon
GetClassLongW
SetClassLongW
MonitorFromRect
GetMonitorInfoW
CopyRect
GetScrollInfo
WindowFromPoint
IsChild
FindWindowW
CharLowerBuffW
ScreenToClient
AdjustWindowRectEx
GetCursorPos
GetWindowThreadProcessId
GetGUIThreadInfo
GetClassNameW
PtInRect
MessageBoxW
MoveWindow
FillRect
GetFocus
ReleaseDC
TranslateMessage
DispatchMessageW
InvalidateRect
GetWindowTextW
SetRect
GetActiveWindow
LoadIconW
IsWindowVisible
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SendMessageW
DialogBoxParamW
DestroyMenu
IsMenu
GetKeyState
CharLowerW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
LoadCursorW
SetScrollInfo
SetScrollPos
GetSysColorBrush
InsertMenuItemW
GetMenuItemInfoW
GetMenuItemCount
EnableMenuItem
DeleteMenu
UpdateLayeredWindow
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
CharUpperBuffW
UnregisterClassA
DrawIconEx
GetMessageW
IsIconic
PostThreadMessageW
FindWindowExW
EnumChildWindows
SendMessageA
GetUpdateRect
ClientToScreen
GetTopWindow
MenuItemFromPoint
GetMenuItemID
RegisterWindowMessageW
IsRectEmpty
GetDlgItemTextW
AdjustWindowRect
GetWindowDC
KillTimer
SetTimer
PostMessageW
CharNextW
EndPaint
BeginPaint
DefWindowProcW
LoadStringW
SetWindowPos
IsWindow
GetDlgItem
ShowWindow
GetDC
SetWindowTextW
GetWindowLongW
SetWindowLongW
CallWindowProcW
EndDialog
CreateDialogParamW
SetDlgItemTextW
EnumWindows
IsDialogMessageW
InflateRect
LoadImageW
GetCapture
gdi32
PatBlt
GetTextColor
Rectangle
CreateRoundRectRgn
FillRgn
CreateRectRgn
CreateFontW
CreateBitmap
ExcludeClipRect
GetDeviceCaps
DPtoLP
GetObjectW
CreatePen
LineTo
MoveToEx
SelectObject
CreateCompatibleBitmap
SetViewportOrgEx
ExtTextOutW
RestoreDC
SaveDC
GetCurrentObject
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
TextOutW
GetPixel
SetTextColor
ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
BitBlt
CreateCompatibleDC
GetClipBox
GetDIBits
DeleteObject
GetStockObject
CreateDIBSection
SetBkColor
SetBkMode
DeleteDC
advapi32
RegQueryValueExW
GetSecurityDescriptorSacl
SetSecurityInfo
EqualSid
GetUserNameW
RegSetKeySecurity
RegEnumKeyW
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetTokenInformation
CopySid
RegCreateKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
CreateProcessAsUserW
SetTokenInformation
GetLengthSid
ConvertStringSidToSidW
DuplicateTokenEx
OpenProcessToken
RegOpenKeyW
shell32
ShellExecuteW
DuplicateIcon
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteExW
ExtractIconW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
DragQueryFileA
ole32
OleInitialize
OleUninitialize
GetHGlobalFromStream
CreateStreamOnHGlobal
OleDraw
RegisterDragDrop
CLSIDFromProgID
RevokeDragDrop
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
ReleaseStgMedium
oleaut32
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarBstrCmp
VariantCopy
LoadTypeLi
SysFreeString
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
CreateErrorInfo
VarBstrCat
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
UnRegisterTypeLi
SysStringLen
SetErrorInfo
VariantChangeType
GetErrorInfo
msimg32
AlphaBlend
Exports
Exports
ClearDefSearch
ClearHomePage
CloseIEUpdate
DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
RunOnceRemove
RunOnceUpdate
SVCUninstall
SetDefSearch
SetHomePageToBaidu
Uninstall
UpdateBaiduToolbar
UpdateBaiduToolbarWithUI
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 287KB - Virtual size: 286KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.Shared Size: 512B - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 638KB - Virtual size: 638KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 86KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BarBroker.exe.exe windows:4 windows x86 arch:x86
5b79acdd9738a352787f0a927feb114d
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
psapi
GetModuleFileNameExW
dbghelp
SymGetOptions
SymSetOptions
StackWalk
SymGetModuleInfo
SymFunctionTableAccess
SymInitialize
SymLoadModule
wininet
InternetCrackUrlW
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
kernel32
GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WaitForSingleObject
WideCharToMultiByte
lstrlenW
RaiseException
GetLastError
InterlockedDecrement
lstrcmpiW
SetEvent
CreateThread
CreateEventW
GetModuleFileNameW
InterlockedIncrement
lstrlenA
DebugBreak
OutputDebugStringW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetCurrentThreadId
GetCommandLineW
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetModuleFileNameA
VirtualQueryEx
UnmapViewOfFile
FlushInstructionCache
GetCurrentProcess
MapViewOfFile
CreateFileMappingW
OpenThread
CreateFileW
DeleteFileW
GetTempPathW
ReadFile
GetFileSize
InterlockedExchange
WriteFile
GlobalFree
GlobalAlloc
GetCurrentProcessId
GetVersionExW
SetFilePointer
GetShortPathNameW
FindClose
FindFirstFileW
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoW
GetFileAttributesA
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
HeapDestroy
GetTimeZoneInformation
CreateFileA
SetEndOfFile
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapCreate
SetLastError
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA
user32
CharLowerBuffW
LoadImageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageW
GetDlgItem
ShowWindow
GetWindowLongW
GetActiveWindow
DestroyWindow
EndDialog
DialogBoxParamW
LoadStringW
SetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
PostThreadMessageW
GetSystemMetrics
UnregisterClassA
advapi32
RegOpenKeyW
RegQueryValueExW
RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
shell32
SHGetFolderPathW
ShellExecuteExW
ole32
CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
oleaut32
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr
shlwapi
PathFileExistsW
StrCmpNIW
Sections
.text Size: 140KB - Virtual size: 138KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/rc.dll.dll windows:4 windows x86 arch:x86
d811d71710ad58776155b7a8da1fa9db
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8dCertificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before31/07/2009, 00:00Not After30/07/2012, 23:59SubjectCN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
Sections
.text Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 316KB - Virtual size: 314KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PROGRAM_FILES/Baidu/conf.xml.xml
-
KwMusic.exe.exe windows:5 windows x86 arch:x86
d37436deaf839aaae619193b8b8393aa
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
75:81:b8:07:5d:d5:a2:60:bc:b4:b9:a0:a7:d1:5c:60:d0:a4:86:8cSigner
Actual PE Digest75:81:b8:07:5d:d5:a2:60:bc:b4:b9:a0:a7:d1:5c:60:d0:a4:86:8cDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
GetPrivateProfileStringA
WritePrivateProfileStringA
FindFirstFileA
FindClose
GetModuleFileNameA
CreateProcessA
FlushFileBuffers
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CreateFileA
user32
MessageBoxA
advapi32
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
shell32
SHGetSpecialFolderPathA
Sections
.text Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 566KB - Virtual size: 565KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/CKuwoPlayer.dll.dll windows:5 windows x86 arch:x86
cc3290c3217d058fcd1a545829056489
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
92:1d:e1:bf:4a:ce:73:d4:68:8c:51:06:5b:00:15:f5:a8:31:80:09Signer
Actual PE Digest92:1d:e1:bf:4a:ce:73:d4:68:8c:51:06:5b:00:15:f5:a8:31:80:09Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\CKuwoPlayer.pdb
Imports
winmm
timeEndPeriod
timeGetDevCaps
timeBeginPeriod
mfc90
ord266
ord1062
ord798
ord1144
ord265
ord1607
ord310
ord601
ord800
ord5997
ord605
ord1278
ord321
ord1243
ord1241
ord1268
ord1180
ord1233
ord2084
ord391
ord1152
ord1277
ord1275
ord1145
ord1075
ord1137
ord322
ord801
ord1087
msvcr90
__clean_type_info_names_internal
_except_handler4_common
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
atoi
atof
strncpy
iswspace
sprintf
_crt_debugger_hook
memset
_msize
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_CIcos
_CIsin
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_vscprintf
vsprintf
tolower
strncmp
fprintf
fopen
fread
fclose
strrchr
_stat64
strstr
_mbsrchr
toupper
memcpy
_snprintf
memmove_s
_CIsqrt
_CIlog10
_stricmp
kernel32
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
GetFileAttributesA
CreateProcessA
WaitForSingleObject
FindNextFileA
FindClose
GetModuleFileNameA
QueryPerformanceCounter
CreateThread
TerminateThread
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetLastError
GetCurrentThreadId
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
GetSystemTimeAsFileTime
GetTickCount
FindFirstFileA
GetCurrentProcessId
user32
CreateWindowExA
GetMessageA
PostMessageA
RegisterClassA
IsChild
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
MessageBoxA
CopyRect
DestroyWindow
GetParent
gdi32
GetStockObject
shlwapi
PathFileExistsA
ole32
CoUninitialize
msvcp90
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?width@ios_base@std@@QAEHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
??7ios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
kwlog
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
kwdatadef
??0SONG_INFO@@QAE@XZ
?Init@SONG_INFO@@QAEXXZ
??1SONG_INFO@@QAE@XZ
kwmodconfig
AfxGetConfigManager
Exports
Exports
CreateKuwoPlayer
GetKuwoPlayerMediaPluginConfig
GetMeidaPluginManagerFactory
ReleaseKuwoPlayer
Sections
.text Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 145KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/CWmpPlayer.dll.dll windows:5 windows x86 arch:x86
ffa030b08ed1f9b091f130d76d941a26
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
4a:63:2d:3c:00:b6:9f:88:e1:a5:76:e4:41:38:38:26:64:fe:9a:1aSigner
Actual PE Digest4a:63:2d:3c:00:b6:9f:88:e1:a5:76:e4:41:38:38:26:64:fe:9a:1aDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\CWmpPlayer.pdb
Imports
mfc90
ord3346
ord796
ord1728
ord2069
ord744
ord3732
ord524
ord4513
ord4529
ord4030
ord2795
ord5139
ord4688
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord2614
ord2620
ord2618
ord2616
ord2633
ord2628
ord2612
ord2635
ord2623
ord2605
ord2607
ord6391
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord5608
ord2139
ord1792
ord1791
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord3277
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4667
ord595
ord3940
ord4281
ord1755
ord1752
ord4331
ord1497
ord4650
ord5585
ord2074
ord5497
ord4589
ord6780
ord2625
ord5647
ord1746
ord3949
ord2592
ord798
ord2470
ord800
msvcr90
_stricmp
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strrchr
memset
_mbsicmp
_mbsstr
_mbsnbcpy
memmove_s
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_strnicmp
kernel32
GetCurrentProcess
GetLastError
lstrlenW
MultiByteToWideChar
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetWindowsDirectoryA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CreateProcessA
user32
ShowWindow
IsWindow
EnableWindow
GetParent
KillTimer
SetTimer
GetClientRect
GetWindowRect
CopyRect
oleaut32
SysFreeString
msvcp90
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
Exports
Exports
?CreateMediaAudioPlayer@@YAPAVIMediaAudioPlayer@@XZ
?CreateMediaVideoPlayer@@YAPAVIMediaVideoPlayer@@XZ
?ReleaseMediaAudioPlayer@@YAXPAVIMediaAudioPlayer@@@Z
?ReleaseMediaVideoPlayer@@YAXPAVIMediaVideoPlayer@@@Z
CreateWmpPlayer
ReleaseWmpPlayer
Sections
.text Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/CoreAVC0.ax.dll regsvr32 windows:4 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4Signer
Actual PE Digest92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Configure
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
. Size: - Virtual size: 788KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 180KB - Virtual size: 212KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
bin/DshowPlayer.dll.dll windows:5 windows x86 arch:x86
51011157c8eff9ae62263977212e0b44
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
7a:99:0c:c7:07:04:d5:a6:dc:15:22:24:76:d3:6d:2a:dd:b6:da:51Signer
Actual PE Digest7a:99:0c:c7:07:04:d5:a6:dc:15:22:24:76:d3:6d:2a:dd:b6:da:51Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\DshowPlayer.pdb
Imports
mfc90
ord4199
ord2087
ord3209
ord5657
ord5659
ord2447
ord800
ord4333
ord4981
ord5663
ord5646
ord6001
ord2766
ord2978
ord3107
ord4714
ord2961
ord3110
ord5813
ord944
ord2759
ord4477
ord4067
ord4057
ord2886
ord4334
ord4890
ord4667
ord3659
ord589
ord4029
ord310
ord2480
ord820
ord5963
ord4392
ord817
ord945
ord6721
ord5533
ord1046
ord4165
ord6018
ord2206
ord2251
ord4733
ord6781
ord4159
ord6783
ord4409
ord4434
ord2769
ord3213
ord305
ord2888
ord316
ord1087
ord801
ord5997
ord1603
ord4197
ord4066
ord6613
ord3178
ord910
ord1611
ord601
ord798
ord793
ord605
ord1278
ord321
ord1243
ord1241
ord1268
ord1180
ord1233
ord2084
ord391
ord1152
ord1277
ord1275
ord1145
ord1075
ord1137
ord322
msvcr90
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CIlog10
strstr
memset
__CxxFrameHandler3
_purecall
?terminate@@YAXXZ
kernel32
FreeLibrary
MultiByteToWideChar
CloseHandle
WaitForSingleObject
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetVersionExA
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
GetLastError
GetModuleFileNameA
GetWindowsDirectoryA
CreateProcessA
user32
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
GetParent
SendMessageA
CallWindowProcA
SetWindowLongA
GetClientRect
GetDC
ReleaseDC
RegisterClassA
gdi32
GetStockObject
shlwapi
PathFileExistsA
ole32
CoUninitialize
CoInitialize
CoCreateInstance
oleaut32
VariantInit
VariantClear
msvcp90
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
kwlog
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
kwmodconfig
AfxGetConfigManager
Exports
Exports
GetDshowPlayer
Sections
.text Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/Encode.exe.exe windows:5 windows x86 arch:x86
da51d131c2d14a263ced57385b829735
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
a7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29Signer
Actual PE Digesta7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
g:\MusicBoxV5\Main\KwResource\bin\release\pdb\Encode.pdb
Imports
kernel32
FreeLibrary
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
RaiseException
RtlUnwind
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
kwlog
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
kwlib
?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetUserID@UserId@KwLib@@YA_NQADH@Z
?GetInstallSRC@UserId@KwLib@@YA_NQADH@Z
?Base64Encode@Base64@KwLib@@YAHPADPBDH1@Z
kwmodconfig
AfxGetConfigManager
Sections
.text Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
bin/KwAni.dll.dll windows:5 windows x86 arch:x86
42f0a66ccc29a28cd542a63f4ad4eb08
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
bb:58:19:30:8c:4a:b4:76:c3:10:37:bf:64:98:70:90:9f:85:ab:e1Signer
Actual PE Digestbb:58:19:30:8c:4a:b4:76:c3:10:37:bf:64:98:70:90:9f:85:ab:e1Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\KwAni.pdb
Imports
kernel32
GetCurrentProcessId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
lstrcpyA
WideCharToMultiByte
FindResourceA
LoadResource
SizeofResource
SetLastError
GetLastError
lstrlenA
MultiByteToWideChar
LocalFree
FormatMessageA
GetModuleFileNameA
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
FreeResource
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedDecrement
FreeLibrary
CompareStringA
GetModuleHandleW
InterlockedIncrement
GlobalGetAtomNameA
lstrcmpA
CloseHandle
GetCurrentThreadId
LoadLibraryA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
GlobalAddAtomA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
VirtualAlloc
VirtualQuery
HeapReAlloc
HeapSize
Sleep
ExitProcess
GetStdHandle
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
WriteProcessMemory
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
lstrcmpiW
LockResource
IsBadCodePtr
GetModuleHandleA
GetProcAddress
IsBadReadPtr
GlobalLock
GlobalUnlock
GlobalFree
TlsAlloc
GlobalAlloc
user32
MapWindowPoints
GetMessagePos
GetMessageTime
GetTopWindow
GetForegroundWindow
GetCapture
WinHelpA
LoadIconA
RegisterWindowMessageA
PostQuitMessage
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
DestroyMenu
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetClassInfoExA
GetDlgItem
GetFocus
GetWindow
GetDlgCtrlID
GetClassNameA
SetWindowTextA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
GetWindowTextA
GetSystemMetrics
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
SetRect
GetLayeredWindowAttributes
GetWindowLongA
DefWindowProcA
GetCursorPos
SetMenu
SetForegroundWindow
SetMenuItemBitmaps
EqualRect
SetCapture
ReleaseCapture
CopyRect
GetUpdateRect
GetClientRect
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ValidateRect
MoveWindow
WindowFromPoint
SetLayeredWindowAttributes
GetWindowRect
GetActiveWindow
ShowWindow
UpdateLayeredWindow
BeginPaint
EndPaint
SetPropA
IsWindow
CallWindowProcA
SendMessageA
SetClassLongA
LoadCursorA
InvalidateRect
TrackMouseEvent
PostMessageA
SetWindowLongA
RegisterClassExA
SetTimer
CreateWindowExA
GetClassLongA
PtInRect
ClientToScreen
IsWindowVisible
ReleaseDC
GetDC
GetDesktopWindow
GetPropA
GetParent
RemovePropA
SetWindowPos
DestroyWindow
ScreenToClient
WindowFromDC
IntersectRect
OffsetRect
GetSubMenu
gdi32
CreateBitmap
GetClipBox
SaveDC
RestoreDC
SetStretchBltMode
SetMapMode
PtVisible
RectVisible
Escape
OffsetViewportOrgEx
SetViewportExtEx
ExtSelectClipRgn
CreateRectRgnIndirect
GetStockObject
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
BitBlt
ExtTextOutA
SetBkColor
CombineRgn
CreateRectRgn
SetDIBitsToDevice
GetObjectA
GetCurrentObject
StretchBlt
CreateFontIndirectA
LineTo
MoveToEx
CreatePen
TextOutA
SetTextColor
SetBkMode
GetBkMode
GetTextExtentPoint32A
GetTextExtentExPointA
ScaleViewportExtEx
RealizePalette
GetDIBits
SetWindowExtEx
ScaleWindowExtEx
SetViewportOrgEx
GetDeviceCaps
shell32
SHCreateDirectoryExA
ShellExecuteA
ole32
CreateStreamOnHGlobal
oleaut32
OleLoadPicture
VariantClear
VariantChangeType
VariantInit
msimg32
TransparentBlt
AlphaBlend
comctl32
InitCommonControlsEx
shlwapi
PathFileExistsA
winmm
timeKillEvent
timeSetEvent
oleacc
CreateStdAccessibleObject
LresultFromObject
dbghelp
ImageDirectoryEntryToData
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
Exports
Exports
KwAni
Sections
.text Size: 478KB - Virtual size: 478KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/KwCommonUI.dll.dll windows:5 windows x86 arch:x86
66de8f1102c5b4f543dc4ac9fa8d8c5a
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate
IssuerOU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=USNot Before21/05/2009, 00:00Not After20/05/2019, 23:59SubjectCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate
IssuerCN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=USNot Before02/12/2009, 00:00Not After02/12/2011, 23:59SubjectCN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
65:ec:07:aa:02:36:94:a1:35:63:28:f3:95:47:cf:3f:00:92:1f:6eSigner
Actual PE Digest65:ec:07:aa:02:36:94:a1:35:63:28:f3:95:47:cf:3f:00:92:1f:6eDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\KwCommonUI.pdb
Imports
mfc90
ord6473
ord3676
ord6057
ord6474
ord6675
ord3965
ord2449
ord321
ord2452
ord2451
ord1303
ord1258
ord6682
ord6676
ord2505
ord6494
ord6153
ord781
ord1222
ord1265
ord320
ord4617
ord3796
ord3506
ord491
ord3126
ord5965
ord4807
ord4792
ord729
ord3049
ord3076
ord2154
ord1368
ord1259
ord4281
ord6464
ord6788
ord2692
ord5482
ord2356
ord5152
ord1220
ord4502
ord6646
ord3940
ord3996
ord799
ord1098
ord1746
ord2795
ord721
ord1867
ord1866
ord1751
ord5745
ord1401
ord1391
ord2342
ord6290
ord6289
ord2359
ord4383
ord6583
ord6556
ord4528
ord6252
ord2895
ord4114
ord6558
ord4515
ord4512
ord2965
ord3728
ord6006
ord6430
ord3418
ord4279
ord6433
ord4282
ord2246
ord2125
ord1744
ord1745
ord3227
ord4890
ord3485
ord474
ord801
ord4296
ord1764
ord1763
ord6597
ord5574
ord5593
ord1879
ord1739
ord4865
ord2638
ord2639
ord2642
ord2641
ord2640
ord5639
ord683
ord4536
ord2194
ord1380
ord4535
ord5382
ord4918
ord5367
ord5064
ord5386
ord5476
ord5224
ord4771
ord5127
ord5215
ord5385
ord4784
ord4783
ord4693
ord5213
ord5369
ord4604
ord4927
ord5393
ord4889
ord4940
ord5392
ord5264
ord4912
ord4775
ord4846
ord5472
ord4972
ord5341
ord4931
ord4930
ord5334
ord4095
ord4851
ord4850
ord5209
ord4608
ord5199
ord4796
ord5403
ord4575
ord4582
ord5001
ord5194
ord4793
ord4808
ord4806
ord4788
ord4791
ord4786
ord5281
ord5278
ord4364
ord3345
ord6390
ord5584
ord3670
ord1444
ord5599
ord2964
ord4679
ord430
ord3819
ord3757
ord1868
ord1869
ord1536
ord3213
ord305
ord6613
ord1611
ord2691
ord1152
ord391
ord1241
ord3987
ord4993
ord1490
ord4507
ord5997
ord5615
ord5309
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord5636
ord4668
ord374
ord639
ord2364
ord3783
ord2896
ord6670
ord2360
ord1720
ord3643
ord4384
ord2283
ord4646
ord777
ord3920
ord2274
ord1668
ord4638
ord3480
ord611
ord404
ord5520
ord3179
ord5753
ord1555
ord5835
ord663
ord2523
ord452
ord3657
ord5926
ord2954
ord2948
ord3636
ord400
ord2084
ord1069
ord5771
ord3856
ord306
ord6802
ord5761
ord3143
ord301
ord6148
ord4477
ord2481
ord945
ord942
ord941
ord2327
ord5963
ord4506
ord2480
ord4392
ord5876
ord4337
ord6791
ord5750
ord1247
ord3579
ord3223
ord2263
ord6077
ord585
ord1724
ord1588
ord2700
ord787
ord6554
ord4437
ord2591
ord1361
ord2130
ord4498
ord2282
ord3568
ord1144
ord6152
ord6493
ord4236
ord1329
ord1108
ord1178
ord3845
ord757
ord3620
ord553
ord4026
ord4386
ord3153
ord4157
ord3151
ord3159
ord6329
ord2590
ord790
ord4757
ord3931
ord586
ord789
ord820
ord1045
ord6760
ord2097
ord4513
ord5063
ord3997
ord333
ord525
ord6078
ord4396
ord5179
ord3678
ord3730
ord4248
ord6291
ord6333
ord3157
ord3148
ord3731
ord1699
ord3056
ord1681
ord5808
ord2753
ord6046
ord6552
ord6043
ord6546
ord4565
ord6549
ord6352
ord6166
ord6084
ord5957
ord6023
ord5846
ord5833
ord6398
ord6157
ord3504
ord693
ord2280
ord4644
ord3244
ord3554
ord654
ord3519
ord4527
ord3612
ord1603
ord3831
ord6079
ord6527
ord6616
ord677
ord2278
ord1771
ord1685
ord4642
ord3277
ord265
ord3815
ord1254
ord300
ord4030
ord3665
ord367
ord2141
ord2469
ord6507
ord636
ord6559
ord2100
ord1691
ord595
ord310
ord436
ord266
ord6557
ord337
ord613
ord6584
ord1116
ord4529
ord2143
ord4116
ord4311
ord6170
ord6048
ord2431
ord2470
ord6071
ord3346
ord6391
ord1755
ord1752
ord4331
ord1497
ord4650
ord2074
ord5497
ord6780
ord4589
ord5647
ord3732
ord5139
ord4688
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord2614
ord2620
ord2618
ord2616
ord2633
ord2628
ord2612
ord2635
ord2623
ord2605
ord2607
ord2625
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord5608
ord2139
ord1792
ord1791
ord1728
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4667
ord3663
ord686
ord796
ord2592
ord3178
ord6074
ord1357
ord3627
ord3477
ord2588
ord3528
ord1358
ord3479
ord2106
ord316
ord2539
ord910
ord1183
ord601
ord3534
ord1137
ord1061
ord1252
ord1087
ord3726
ord798
ord5585
ord4760
ord2587
ord2069
ord590
ord794
ord524
ord744
ord817
ord580
msvcr90
memset
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
_snprintf_s
_stricmp
_time64
_vswprintf_c_l
_beginthreadex
_CIsin
_mbsicmp
fopen
fseek
ftell
fclose
fread
_snprintf
atoi
_mbsstr
strncat_s
ldiv
__RTDynamicCast
malloc
free
_CIcos
memcpy
memmove_s
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
__CxxFrameHandler3
_purecall
strncpy_s
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
kernel32
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
CreateFileMappingA
CreateFileA
GetTickCount
FreeLibrary
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrcatA
Sleep
OutputDebugStringA
HeapFree
GetProcessHeap
HeapAlloc
MulDiv
GlobalReAlloc
GetCurrentDirectoryA
LocalFree
FormatMessageA
GetModuleFileNameA
CloseHandle
FlushFileBuffers
WriteFile
SizeofResource
WaitForSingleObject
ResetEvent
SetEvent
ResumeThread
CreateEventA
VirtualProtect
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FindResourceA
LoadResource
LockResource
FreeResource
GetVersion
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpiA
GetLastError
GetVersionExA
GetProcAddress
GetModuleHandleA
FlushInstructionCache
GetCurrentProcess
LoadLibraryA
SetLastError
user32
IsWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetParent
GetFocus
GetUpdateRect
ScreenToClient
FillRect
DestroyIcon
GetDC
ReleaseDC
DrawIconEx
GetIconInfo
GetSysColor
GetCursorPos
CallNextHookEx
InflateRect
EqualRect
SetWindowsHookExA
ReleaseCapture
LoadCursorA
GetSysColorBrush
RegisterClassExA
EnableWindow
SetCapture
GetCapture
KillTimer
SetTimer
RedrawWindow
InvalidateRect
GetClientRect
SetWindowRgn
PostMessageA
SendMessageA
DrawFrameControl
CopyRect
SetRectEmpty
PtInRect
IsRectEmpty
UnhookWindowsHookEx
ClientToScreen
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
SetCursor
ModifyMenuA
RemoveMenu
GetDesktopWindow
GetMenuItemInfoA
LoadImageA
MessageBoxA
WindowFromPoint
GetNextDlgGroupItem
DrawFocusRect
IsWindowVisible
SetLayeredWindowAttributes
CopyIcon
UpdateWindow
GetMessagePos
MessageBeep
CopyImage
DefWindowProcA
CallWindowProcA
GetWindow
GetClassNameA
GetDlgCtrlID
MoveWindow
AdjustWindowRectEx
EndPaint
BeginPaint
CheckMenuItem
EnableMenuItem
GetWindowDC
EnableScrollBar
GetScrollInfo
GetScrollPos
GetScrollRange
SetScrollInfo
SetScrollPos
SetScrollRange
ShowScrollBar
GetPropA
SetWindowPos
RemovePropA
CreateWindowExA
SetPropA
FrameRect
WindowFromDC
MapWindowPoints
GetKeyState
ChildWindowFromPoint
DestroyWindow
ShowWindow
RegisterClassA
GetAsyncKeyState
SetWindowLongA
GetWindowLongA
SetRect
DrawEdge
LoadBitmapA
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
GetSystemMetrics
InsertMenuA
gdi32
SaveDC
SetStretchBltMode
RestoreDC
Polygon
IntersectClipRect
SetWindowOrgEx
PlayEnhMetaFile
CreatePatternBrush
SetBrushOrgEx
CreateBitmap
UnrealizeObject
CreateFontW
GetTextMetricsA
SetBkColor
GetCurrentObject
RoundRect
GetTextColor
GetTextExtentPointA
CreateICA
ExtCreateRegion
GetDIBits
CreateDIBitmap
CreateHalftonePalette
StretchDIBits
SelectPalette
RealizePalette
CreatePalette
GetTextExtentPoint32W
SetPixel
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
CreateHatchBrush
CreatePen
SetBkMode
SetTextColor
SelectClipRgn
DeleteDC
GetDCOrgEx
GetClipBox
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
CreateRectRgn
CreatePolygonRgn
CombineRgn
EqualRgn
OffsetRgn
CreateCompatibleDC
FrameRgn
StretchBlt
DeleteObject
CreateFontA
BitBlt
CreateDIBSection
GetTextExtentPoint32A
PtVisible
RectVisible
TextOutA
Escape
SelectObject
GetPixel
ExtTextOutA
msimg32
TransparentBlt
advapi32
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
shell32
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragQueryFileA
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
ole32
CreateStreamOnHGlobal
CoCreateInstance
oleaut32
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
VariantClear
SysFreeString
VariantInit
OleLoadPicture
kwlib
?EndWith@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?Format@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?Trim@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1_MUSICINFO@KwLib@@QAE@XZ
?GetFileSize@Dir@KwLib@@YAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?GetFileExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?GetFileNameWithoutExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?QueryMIInfo@MIQuerier@KwLib@@SAKPBDPAU_MUSICINFO@2@@Z
??0_MUSICINFO@KwLib@@QAE@XZ
?Str2Lower@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?FindAllFiles@Dir@KwLib@@YAHAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@1H@Z
?IsDirectory@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ToFileTime@DateTime@Time@KwLib@@QBE_KXZ
??0DateTime@Time@KwLib@@QAE@XZ
?ReadString@REG@KwLib@@YA_NPAUHKEY__@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1AAV45@@Z
msvcp90
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
kwlog
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
kwmusiccore
AfxGetDataManager
kwdatadef
??1CSongInfoBase@@UAE@XZ
??4CSongInfoBase@@UAEABV0@ABV0@@Z
?ChildSaveOldSongInfo@CSongInfoBase@@MAEXAAUSONG_INFO@@@Z
?ChildLoadOldSongInfo@CSongInfoBase@@MAEXAAUSONG_INFO@@@Z
?ChildSave@CSongInfoBase@@MAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CSongInfoBase@@MAEXAAVXmlNode@Xml@KwLib@@@Z
?CreateSongInfo@CSongInfoBase@@UAEPAV1@XZ
?Clone@CSongInfoBase@@UAEPAV1@XZ
??0CSongInfoBase@@QAE@XZ
??0CLocalResource@@QAE@XZ
?SetLocalRes@CSongInfoBase@@QAEXPAVCLocalResource@@@Z
?SetPlaySource@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSongName@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetArtist@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetAlbum@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetLocalRes@CSongInfoBase@@QAEPAVCLocalResource@@XZ
?SetPath@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFileSize@CLocalResource@@QAEXH@Z
?SetSampleRate@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetLength@CLocalResource@@QAEXH@Z
?SetFormat@CLocalResource@@QAEXK@Z
?SetBps@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetStartPos@CLocalResource@@QAEXH@Z
?SetEndPos@CLocalResource@@QAEXH@Z
?SetAddTime@CSongInfoBase@@QAEXJ@Z
?GetArtist@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSongName@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
gdiplus
GdipMeasureString
GdipReleaseDC
GdipCreateBitmapFromHBITMAP
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreatePen1
GdipCreatePen2
GdipDeletePen
GdipDeleteGraphics
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromGraphics
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateLineBrush
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDrawLine
GdipCloneBrush
GdipCloneImage
GdipCreateSolidFill
GdipFillRectangleI
GdipGetImageWidth
GdipGetImageHeight
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateBitmapFromFile
GdipSetImageAttributesColorMatrix
GdipCreateLineBrushFromRect
GdipGetPenFillType
GdipSetPenColor
GdipGetPenColor
GdipSetStringFormatAlign
GdipDrawLineI
GdipDrawArc
GdipFillRectangle
GdipDrawString
GdipDrawImageRect
GdipDrawImageRectRect
GdipCreateFont
GdipSetSolidFillColor
GdipGetGenericFontFamilySansSerif
GdipSetStringFormatLineAlign
GdipLoadImageFromFile
GdipLoadImageFromStream
Exports
Exports
??0BCMenu@@QAE@XZ
??0CAcceptDrag@@QAE@ABV0@@Z
??0CAcceptDrag@@QAE@XZ
??0CBalloonHelp@@QAE@XZ
??0CBaseEditCombox@@QAE@PAVIBaseEditComboxAction@@@Z
??0CBaseHeaderCtrl@@QAE@XZ
??0CBaseListCtrl@@QAE@PAVIListCtrlAction@@H@Z
??0CBaseStatic@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CBaseTreeCtrl@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVITreeCtrlAction@@@Z
??0CBitmapListCtrl@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVIBitmapListAction@@@Z
??0CBufferDC@@QAE@PAVCDC@@ABVCRect@@V2@@Z
??0CCWToolTips@@QAE@XZ
??0CDialogMsg@@QAE@PAVCWnd@@@Z
??0CDib@@IAE@VCSize@@H@Z
??0CDib@@IAE@XZ
??0CDibBitmap@@QAE@XZ
??0CFlashWnd@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CKwFont@@QAE@HPBD@Z
??0CKwFont@@QAE@PAUtagLOGFONTA@@@Z
??0CKwMultLineListCtrl@@QAE@PAVIListCtrlAction@@@Z
??0CMultLineListCtrl@@QAE@XZ
??0CMyButton@@QAE@XZ
??0CMyHTMLView@@QAE@PAVIWebAction@@@Z
??0CPictureEx@@QAE@ABV0@@Z
??0CPictureEx@@QAE@_N@Z
??0CPlayProgress@@QAE@PAVIPlayProgressAction@@@Z
??0CSetDPI@@QAE@XZ
??0CShowMenu@@QAE@KPAVCWnd@@K@Z
??0CShowMenu@@QAE@PAVCWnd@@@Z
??0CSkinButton2@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CSliderWnd@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVISliderCtrlAction@@@Z
??0CTabBar@@QAE@PAVITarbarButtonAction@@@Z
??0CTabControl@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVISkyTabCtrlAction@@@Z
??0CTranslucentButton@@QAE@XZ
??0CTranslucentWnd@@QAE@XZ
??0CWebPage@@QAE@ABV0@@Z
??0CWebPage@@QAE@XZ
??0CWndSliderView@@QAE@XZ
??0CxSkinButton@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CxSkinRCbutton@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CxSkinStatic@@QAE@XZ
??0IAction@@QAE@ABV0@@Z
??0IAction@@QAE@XZ
??0IBaseEditComboxAction@@QAE@ABV0@@Z
??0IBaseEditComboxAction@@QAE@XZ
??0IBitmapListAction@@QAE@ABV0@@Z
??0IBitmapListAction@@QAE@XZ
??0IButtonAction@@QAE@ABV0@@Z
??0IButtonAction@@QAE@XZ
??0IFlashWndAction@@QAE@ABV0@@Z
??0IFlashWndAction@@QAE@XZ
??0IListCtrlAction@@QAE@ABV0@@Z
??0IListCtrlAction@@QAE@XZ
??0IPlayProgressAction@@QAE@ABV0@@Z
??0IPlayProgressAction@@QAE@XZ
??0IRenderListener@@QAE@ABU0@@Z
??0IRenderListener@@QAE@XZ
??0ISkyTabCtrlAction@@QAE@ABV0@@Z
??0ISkyTabCtrlAction@@QAE@XZ
??0ISliderCtrlAction@@QAE@ABV0@@Z
??0ISliderCtrlAction@@QAE@XZ
??0ITarbarButtonAction@@QAE@ABV0@@Z
??0ITarbarButtonAction@@QAE@XZ
??0ITreeCtrlAction@@QAE@ABV0@@Z
??0ITreeCtrlAction@@QAE@XZ
??0IWndObject@@QAE@ABV0@@Z
??0IWndObject@@QAE@XZ
??0IWndPosAttacher@@QAE@ABV0@@Z
??0IWndPosAttacher@@QAE@XZ
??0KwScrollBar@@QAE@PAUHWND__@@@Z
??0SetBaseButton@@QAE@XZ
??0SetBaseEdit@@QAE@XZ
??0SetBaseStatic@@QAE@XZ
??1BCMenu@@UAE@XZ
??1CAcceptDrag@@QAE@XZ
??1CBalloonHelp@@UAE@XZ
??1CBaseEditCombox@@UAE@XZ
??1CBaseHeaderCtrl@@UAE@XZ
??1CBaseListCtrl@@UAE@XZ
??1CBaseStatic@@UAE@XZ
??1CBaseTreeCtrl@@UAE@XZ
??1CBitmapListCtrl@@UAE@XZ
??1CBufferDC@@UAE@XZ
??1CCWToolTips@@UAE@XZ
??1CDialogMsg@@UAE@XZ
??1CDib@@MAE@XZ
??1CDibBitmap@@UAE@XZ
??1CFlashWnd@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CKwFont@@QAE@XZ
??1CKwMultLineListCtrl@@UAE@XZ
??1CMultLineListCtrl@@UAE@XZ
??1CMyButton@@UAE@XZ
??1CMyHTMLView@@UAE@XZ
??1CPictureEx@@UAE@XZ
??1CPlayProgress@@UAE@XZ
??1CSetDPI@@QAE@XZ
??1CShowMenu@@QAE@XZ
??1CSkinButton2@@UAE@XZ
??1CSliderWnd@@UAE@XZ
??1CTabBar@@UAE@XZ
??1CTabControl@@UAE@XZ
??1CTranslucentButton@@UAE@XZ
??1CTranslucentWnd@@UAE@XZ
??1CWebPage@@UAE@XZ
??1CWndSliderView@@UAE@XZ
??1CxSkinButton@@UAE@XZ
??1CxSkinRCbutton@@UAE@XZ
??1CxSkinStatic@@UAE@XZ
??1IAction@@UAE@XZ
??1IBaseEditComboxAction@@UAE@XZ
??1IBitmapListAction@@UAE@XZ
??1IButtonAction@@UAE@XZ
??1IFlashWndAction@@UAE@XZ
??1IListCtrlAction@@UAE@XZ
??1IPlayProgressAction@@UAE@XZ
??1IRenderListener@@UAE@XZ
??1ISkyTabCtrlAction@@UAE@XZ
??1ISliderCtrlAction@@UAE@XZ
??1ITarbarButtonAction@@UAE@XZ
??1ITreeCtrlAction@@UAE@XZ
??1KwScrollBar@@QAE@XZ
??1SetBaseButton@@UAE@XZ
??1SetBaseEdit@@UAE@XZ
??1SetBaseStatic@@UAE@XZ
??4?$BHCallWndRetHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$BHKeybHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$BHMouseHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$_ThunkImpl@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4CAcceptDrag@@QAEAAV0@ABV0@@Z
??4CMakeJpGFile@@QAEAAV0@ABV0@@Z
??4CPictureEx@@QAEAAV0@ABV0@@Z
??4CSetDPI@@QAEAAV0@ABV0@@Z
??4CShowMenu@@QAEAAV0@ABV0@@Z
??4CWebPage@@QAEAAV0@ABV0@@Z
??4IAction@@QAEAAV0@ABV0@@Z
??4IBaseEditComboxAction@@QAEAAV0@ABV0@@Z
??4IBitmapListAction@@QAEAAV0@ABV0@@Z
??4IButtonAction@@QAEAAV0@ABV0@@Z
??4IFlashWndAction@@QAEAAV0@ABV0@@Z
??4IListCtrlAction@@QAEAAV0@ABV0@@Z
??4IPlayProgressAction@@QAEAAV0@ABV0@@Z
??4IRenderListener@@QAEAAU0@ABU0@@Z
??4ISkyTabCtrlAction@@QAEAAV0@ABV0@@Z
??4ISliderCtrlAction@@QAEAAV0@ABV0@@Z
??4ITarbarButtonAction@@QAEAAV0@ABV0@@Z
??4ITreeCtrlAction@@QAEAAV0@ABV0@@Z
??4IWndObject@@QAEAAV0@ABV0@@Z
??4IWndPosAttacher@@QAEAAV0@ABV0@@Z
??4KwScrollBar@@QAEAAV0@ABV0@@Z
??CCBufferDC@@QAEPAV0@XZ
??_7BCMenu@@6B@
??_7CAcceptDrag@@6B@
??_7CBalloonHelp@@6BCWnd@@@
??_7CBalloonHelp@@6BILayoutDataObserver@@@
??_7CBaseEditCombox@@6B@
??_7CBaseHeaderCtrl@@6B@
??_7CBaseListCtrl@@6BCAcceptDrag@@@
??_7CBaseListCtrl@@6BCListCtrl@@@
??_7CBaseStatic@@6B@
??_7CBaseTreeCtrl@@6B@
??_7CBitmapListCtrl@@6B@
??_7CBufferDC@@6B@
??_7CCWToolTips@@6B@
??_7CDialogMsg@@6B@
??_7CDib@@6B@
??_7CDibBitmap@@6B@
??_7CFlashWnd@@6B@
??_7CHyperLink@@6B@
??_7CKwMultLineListCtrl@@6BCAcceptDrag@@@
??_7CKwMultLineListCtrl@@6BCMultLineListCtrl@@@
??_7CMultLineListCtrl@@6B@
??_7CMyButton@@6B@
??_7CMyHTMLView@@6B@
??_7CPictureEx@@6B@
??_7CPlayProgress@@6B@
??_7CSkinButton2@@6B@
??_7CSliderWnd@@6B@
??_7CTabBar@@6B@
??_7CTabControl@@6BCWnd@@@
??_7CTabControl@@6BITabControl@@@
??_7CTranslucentButton@@6B@
??_7CTranslucentWnd@@6B@
??_7CWebPage@@6B@
??_7CWndSliderView@@6B@
??_7CxSkinButton@@6B@
??_7CxSkinRCbutton@@6B@
??_7CxSkinStatic@@6B@
??_7IAction@@6B@
??_7IBaseEditComboxAction@@6B0@@
??_7IBaseEditComboxAction@@6BIAction@@@
??_7IBitmapListAction@@6B0@@
??_7IBitmapListAction@@6BIAction@@@
??_7IButtonAction@@6B0@@
??_7IButtonAction@@6BIAction@@@
??_7IFlashWndAction@@6B0@@
??_7IFlashWndAction@@6BIAction@@@
??_7IListCtrlAction@@6B0@@
??_7IListCtrlAction@@6BIAction@@@
??_7IPlayProgressAction@@6B0@@
??_7IPlayProgressAction@@6BIAction@@@
??_7IRenderListener@@6B@
??_7ISkyTabCtrlAction@@6B0@@
??_7ISkyTabCtrlAction@@6BIAction@@@
??_7ISliderCtrlAction@@6B0@@
??_7ISliderCtrlAction@@6BIAction@@@
??_7ITarbarButtonAction@@6B0@@
??_7ITarbarButtonAction@@6BIAction@@@
??_7ITreeCtrlAction@@6B0@@
??_7ITreeCtrlAction@@6BIAction@@@
??_7IWndObject@@6B@
??_7IWndPosAttacher@@6B@
??_7SetBaseButton@@6B@
??_7SetBaseEdit@@6B@
??_7SetBaseStatic@@6B@
??_8IBaseEditComboxAction@@7B@
??_8IBitmapListAction@@7B@
??_8IButtonAction@@7B@
??_8IFlashWndAction@@7B@
??_8IListCtrlAction@@7B@
??_8IPlayProgressAction@@7B@
??_8ISkyTabCtrlAction@@7B@
??_8ISliderCtrlAction@@7B@
??_8ITarbarButtonAction@@7B@
??_8ITreeCtrlAction@@7B@
??_DIBaseEditComboxAction@@QAEXXZ
??_DIBitmapListAction@@QAEXXZ
??_DIButtonAction@@QAEXXZ
??_DIFlashWndAction@@QAEXXZ
??_DIListCtrlAction@@QAEXXZ
??_DIPlayProgressAction@@QAEXXZ
??_DISkyTabCtrlAction@@QAEXXZ
??_DISliderCtrlAction@@QAEXXZ
??_DITarbarButtonAction@@QAEXXZ
??_DITreeCtrlAction@@QAEXXZ
??_FCBaseStatic@@QAEXXZ
??_FCDialogMsg@@QAEXXZ
??_FCKwFont@@QAEXXZ
??_FCMyHTMLView@@QAEXXZ
??_FCPictureEx@@QAEXXZ
?AddBitmapToImageList@BCMenu@@QAEHPAVCImageList@@I@Z
?AddButton@CTabBar@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?AddButton@CTabBar@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?AddColumn@CBaseListCtrl@@QAEXPAVColumnInfo@@@Z
?AddComboxColumn@CBaseEditCombox@@QAEXH@Z
?AddComboxRow@CBaseEditCombox@@QAEXH@Z
?AddFromToolBar@BCMenu@@QAEXPAVCToolBar@@H@Z
?AddPrepDrawPoint@CPictureEx@@QAEXVCRect@@@Z
?AddToGlobalImageList@BCMenu@@IAEHPAVCImageList@@HH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCBitmap@@@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCImageList@@H@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WH@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WPAVCBitmap@@@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WPAVCImageList@@H@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIH@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIPAVCImageList@@H@Z
?AppendODMenuW@BCMenu@@QAEHPA_WIIH@Z
?AppendODMenuW@BCMenu@@QAEHPA_WIIPAVCImageList@@H@Z
?AppendODPopupMenuA@BCMenu@@QAEPAV1@PBD@Z
?AppendODPopupMenuW@BCMenu@@QAEPAV1@PA_W@Z
?Attach@CSetDPI@@QAEXPAUHINSTANCE__@@PAUHWND__@@HN@Z
?AttachHostWnd@IWndPosAttacher@@QAEXPAUHWND__@@@Z
?AttachMapFile2@CDib@@IAEHPAXIPAUCutRect@1@H@Z
?AttachMapFile2@CDib@@IAEHPBDPAUCutRect@1@H@Z
?AttachMapFile@CDib@@IAEHPBDH@Z
?AttachMemory@CDib@@QAEHPAXH0@Z
?BeginEditItem@CBaseTreeCtrl@@QAEXXZ
?BrowserFolder@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAUHWND__@@ABV12@H@Z
?ButtonCount@CTabBar@@QBEHXZ
?ButtonHitTest@CWndSliderView@@QAEHABVCPoint@@@Z
?Button_OnClick@IButtonAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CalcClientSize@CBalloonHelp@@IAE?AVCSize@@XZ
?CalcContentSize@CBalloonHelp@@IAE?AVCSize@@PAVCDC@@@Z
?CalcHeaderSize@CBalloonHelp@@IAE?AVCSize@@PAVCDC@@@Z
?CalcWindowSize@CBalloonHelp@@IAE?AVCSize@@XZ
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@000PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@00PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@ABVCStringArray@@PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVCComVariant@3@@Z
?CallWndRetProc@CBalloonHelp@@AAEJHIJ@Z
?CanDraw3DImageList@BCMenu@@IAEHH@Z
?CcutBitmap@CDib@@IAEHPADPAUCutRect@1@PAPAVCMemFile@@@Z
?ChangeItemShowBmpIndex@CMultLineListCtrl@@QAEXHHHH@Z
?ChangeItmeBmpMouseTrack@CMultLineListCtrl@@QAEXHH_N@Z
?CheckBox_Check@CDialogMsg@@UAEXXZ
?CheckBox_Checked@CDialogMsg@@UAEXXZ
?CheckBox_UnChecked@CDialogMsg@@UAEXXZ
?CheckItem@CShowMenu@@QAEXK@Z
?ClearAllColumn@CBaseListCtrl@@AAEXXZ
?ClearButton@CTabBar@@AAEXXZ
?ClearData@CBaseTreeCtrl@@AAEXXZ
?ClearData@CTabControl@@QAEXXZ
?ClearPrepDrawPoint@CPictureEx@@QAEXXZ
?ClearRowFont@CBaseListCtrl@@QAEXH@Z
?ClickTabItem@CTabControl@@UAEXH@Z
?ColorBitmap@BCMenu@@IAEXPAVCDC@@AAVCBitmap@@VCSize@@2KKH@Z
?Compress@CDib@@IAEHPAVCDC@@H@Z
?ComputeMetrics@CDib@@AAEXXZ
?ComputePaletteSize@CDib@@AAEXH@Z
?ConvertGB2312ToUnicode@CMakeJpGFile@@CAXPADPA_WH@Z
?CopyToMapFile@CDib@@IAEHPBD@Z
?Create32Bitmap@CBufferDC@@QAEPAUHBITMAP__@@HH@Z
?Create@CBalloonHelp@@QAEHABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0ABVCPoint@@IPAVCWnd@@V23@IPAUHICON__@@PAVCFont@@5I@Z
?Create@CMyHTMLView@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?Create@CTabControl@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?Create@CxSkinButton@@UAEHPBDKABUtagRECT@@PAVCWnd@@I@Z
?Create@CxSkinStatic@@UAEHPBDKABUtagRECT@@PAVCWnd@@I@Z
?CreateBitmap@CDib@@IAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateBitmap@CDibBitmap@@QAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateContrl@CBaseListCtrl@@QAEXIPAVCWnd@@@Z
?CreateContrl@CKwMultLineListCtrl@@UAEXIPAVCWnd@@@Z
?CreateControlSite@CMyHTMLView@@UAEHPAVCOleControlContainer@@PAPAVCOleControlSite@@IABU_GUID@@@Z
?CreateList@CMultLineListCtrl@@QAEHAAVCRect@@PAUHWND__@@H@Z
?CreateObject@CDib@@SGPAVCObject@@XZ
?CreateObject@CMyHTMLView@@SGPAVCObject@@XZ
?CreateObject@CWndSliderView@@SGPAVCObject@@XZ
?CreatePopupMenu@CShowMenu@@QAEXXZ
?CreateRegionFromDib@CxSkinButton@@QAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateRgnFromBitmap@CBaseStatic@@IAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateRgnFromBitmap@CDibBitmap@@QAEPAUHRGN__@@KPAVCDC@@@Z
?CreateRgnFromBitmap@CDibBitmap@@QAEPAUHRGN__@@KPAVCWnd@@@Z
?CreateRgnFromBitmap@CxSkinButton@@QAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateSection@CDib@@IAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateView@CWndSliderView@@QAEHABUWND_SLIDER_DATA@@H@Z
?CtlColor@CBaseStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CxSkinStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseButton@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseEdit@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?Ctrol_a_z_KeyDown@CBaseListCtrl@@AAEHF@Z
?DarkenColor@BCMenu@@SAKKN@Z
?DefWindowProcA@CWndSliderView@@MAEJIIJ@Z
?DelButton@CTabBar@@QAEHH@Z
?DelColumn@CBaseListCtrl@@QAEHH@Z
?DeleteAllColumn@CMultLineListCtrl@@UAEXXZ
?DeleteAllItem@CMultLineListCtrl@@UAEXXZ
?DeleteItem@CShowMenu@@QAEXK@Z
?DeleteItem@CShowMenu@@QAEXPBD@Z
?DeleteMenu@BCMenu@@QAEHII@Z
?DeleteMenu@BCMenu@@QAEHPADW4BC_Seperator@@@Z
?DeleteMenu@BCMenu@@QAEHPA_WW4BC_Seperator@@@Z
?DeleteMenuList@BCMenu@@IAEXXZ
?DeletePopupItem@CShowMenu@@QAEXH@Z
?DeleteToolTip@CSkinButton2@@QAEXXZ
?Destroy@KwScrollBar@@QAEXXZ
?DestroyImage@CTranslucentWnd@@QAEXI@Z
?DestroyImageList@CTranslucentWnd@@QAEXXZ
?DestroyMenu@BCMenu@@UAEHXZ
?DestroyWindow@CHyperLink@@UAEHXZ
?DestroyWindow@CxSkinButton@@UAEHXZ
?Detach@CSetDPI@@QAEXXZ
?DetachHostWnd@IWndPosAttacher@@QAEXXZ
?DetachMapFile@CDib@@AAEXXZ
?DisableButton@CTabBar@@QAEXH@Z
?DisableItem@CShowMenu@@QAEXK@Z
?DitherBlt2@BCMenu@@IAEXPAVCDC@@HHHHAAVCBitmap@@HHK@Z
?DitherBlt3@BCMenu@@IAEXPAVCDC@@HHHHAAVCBitmap@@K@Z
?DitherBlt@BCMenu@@IAEXPAUHDC__@@HHHHPAUHBITMAP__@@HHK@Z
?DoDataExchange@CDialogMsg@@MAEXPAVCDataExchange@@@Z
?DragBegin@CAcceptDrag@@QAEXPAVCWnd@@V?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@V?$vector@HV?$allocator@H@std@@@4@H@Z
?DragCancel@CAcceptDrag@@QAEXXZ
?DragDrop@CAcceptDrag@@QAEXXZ
?DragFromOtherCancel@CAcceptDrag@@UAEXXZ
?DragFromOtherCancel@CBaseListCtrl@@MAEXXZ
?DragFromOtherFinished@CAcceptDrag@@UAEXXZ
?DragFromOtherFinished@CBaseListCtrl@@MAEXXZ
?DragFromOtherFinished@CKwMultLineListCtrl@@MAEXXZ
?DragFromOtherMoving@CAcceptDrag@@UAEXXZ
?DragFromOtherMoving@CBaseListCtrl@@MAEXXZ
?DragFromOtherMoving@CKwMultLineListCtrl@@MAEXXZ
?DragFromSelfFinished@CAcceptDrag@@UAEXXZ
?DragFromSelfFinished@CBaseListCtrl@@MAEXXZ
?DragFromSelfFinished@CKwMultLineListCtrl@@MAEXXZ
?DragFromSelfMoving@CAcceptDrag@@UAEXXZ
?DragFromSelfMoving@CBaseListCtrl@@MAEXXZ
?DragFromSelfMoving@CKwMultLineListCtrl@@MAEXXZ
?DragMovingProcess@CAcceptDrag@@QAEXXZ
?Draw3DCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@HPAUHBITMAP__@@@Z
?Draw@CDib@@IAEHPAVCDC@@VCPoint@@VCSize@@HKW4DrawMode@1@@Z
?Draw@CDibBitmap@@QAEHPAVCDC@@HHHHHHHH@Z
?Draw@CDibBitmap@@QAEHPAVCDC@@HKH@Z
?Draw@CMyButton@@IAEXXZ
?Draw@CPictureEx@@QAEHXZ
?DrawBar@CPlayProgress@@QAEXPAVCDC@@@Z
?DrawBar@CSliderWnd@@QAEXPAVCDC@@@Z
?DrawBitmap@CBaseStatic@@IAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@H@Z
?DrawBitmap@CxSkinButton@@QAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@H@Z
?DrawBmpBar@CPlayProgress@@AAEXPAVCDC@@@Z
?DrawCheckMark@BCMenu@@IAEXPAVCDC@@HHKH@Z
?DrawClientArea@CBalloonHelp@@MAEXPAVCDC@@@Z
?DrawContent@CBalloonHelp@@MAE?AVCSize@@PAVCDC@@H_N@Z
?DrawFrame@CSkinButton2@@AAEXAAVGraphics@Gdiplus@@AAVCRect@@@Z
?DrawGifPicture@CBaseListCtrl@@AAEXPAVCDC@@HH@Z
?DrawHeader@CBalloonHelp@@MAE?AVCSize@@PAVCDC@@_N@Z
?DrawImage@CBaseListCtrl@@AAEXPAVCDibBitmap@@ABVCRect@@PAVCDC@@@Z
?DrawImage@CSkinButton2@@AAEXAAVGraphics@Gdiplus@@W4BTN_DRAW_HUE@1@@Z
?DrawImageColumn@CBaseListCtrl@@AAEXPAVCDC@@HHABVCRect@@H@Z
?DrawImageList@CDibBitmap@@QAEHPAVCDC@@HUtagPOINT@@H@Z
?DrawItem@BCMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CBaseListCtrl@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CMyButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CSkinButton2@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CxSkinButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItemBmp@CMultLineListCtrl@@UAEXHHH@Z
?DrawItem_Win9xNT2000@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem_WinXP@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawMultiLine@CCWToolTips@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@VCRect@@AAVCDC@@@Z
?DrawNonClientArea@CBalloonHelp@@MAEXPAVCDC@@@Z
?DrawPreview@CMyButton@@IAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?DrawPreview@CMyButton@@IAEXAAV?$vector@KV?$allocator@K@std@@@std@@H@Z
?DrawProgressCol@CBaseListCtrl@@AAEXPAVCDC@@HH@Z
?DrawRadioDot@BCMenu@@IAEXPAVCDC@@HHK@Z
?DrawStrechFromCenter@CDibBitmap@@QAEHPAVCDC@@@Z
?DrawTextColumn@CBaseListCtrl@@AAEXPAVCDC@@HHABVCRect@@H@Z
?DrawTransParent@CDib@@QAEIPAVCDC@@VCRect@@1K@Z
?DrawXPCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@PAUHBITMAP__@@AAKH@Z
?EditCombox_ButtonClick@IBaseEditComboxAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?EditCombox_GetComboxText@IBaseEditComboxAction@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
?EditCombox_GetText@IBaseEditComboxAction@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?EditCombox_IsTips@IBaseEditComboxAction@@UAE_NXZ
?EditCombox_OnConfirm@IBaseEditComboxAction@@UAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV23@@Z
?EditCombox_OnKillFocus@IBaseEditComboxAction@@UAEXXZ
?EditCombox_OnSetFocus@IBaseEditComboxAction@@UAEXXZ
?EditCombox_PressDownKey@IBaseEditComboxAction@@UAEXXZ
?EditCombox_SelectItem@IBaseEditComboxAction@@UAEXHHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?EditCombox_TextChange@IBaseEditComboxAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Empty@CDib@@QAEXXZ
?EnableButton@CTabBar@@QAEXH@Z
?EnableToolTip@CBaseStatic@@QAEX_N@Z
?EnalbeHScroll@CBaseStatic@@QAEX_N@Z
?EndEditItem@CBaseTreeCtrl@@QAEXXZ
?FillWithBitmap@CBaseStatic@@IAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@@Z
?FillWithBitmap@CxSkinButton@@QAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@@Z
?FindAnotherMenuOption@BCMenu@@IAEPAV1@HAAHAAV?$CArray@PAVBCMenu@@PAV1@@@AAV?$CArray@HAAH@@@Z
?FindKeyboardShortcut@BCMenu@@SAJIIPAVCMenu@@@Z
?FindMenuItem@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuList@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuOption@BCMenu@@IAEPAV1@HAAH@Z
?FindMenuOption@BCMenu@@IAEPAVBCMenuData@@PA_W@Z
?FlashWnd_LDBClick@IFlashWndAction@@UAEXIJ@Z
?GetAction@CBaseListCtrl@@QAEPAVIListCtrlAction@@XZ
?GetAction@IWndObject@@UAEPAVIAction@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetActiveView@CWndSliderView@@QBEHXZ
?GetAnchorPoint@CBalloonHelp@@IAE?AVCPoint@@XZ
?GetAnchorScreenBounds@CBalloonHelp@@IAEXAAVCRect@@@Z
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBKCol@CTabControl@@UAEKXZ
?GetBKColor@CSkinButton2@@QBEKXZ
?GetBalloonQuadrant@CBalloonHelp@@IAE?AW4BALLOON_QUADRANT@1@XZ
?GetBitmapFromImageList@BCMenu@@IAEHPAVCDC@@PAVCImageList@@HAAVCBitmap@@@Z
?GetBitmapHeight@CBaseStatic@@IAEHPAVCDibBitmap@@@Z
?GetBitmapHeight@CxSkinButton@@QAEHPAVCDibBitmap@@@Z
?GetBitmapWidth@CBaseStatic@@IAEHPAVCDibBitmap@@@Z
?GetBitmapWidth@CxSkinButton@@QAEHPAVCDibBitmap@@@Z
?GetBkColor@CPictureEx@@QBEKXZ
?GetBmpRect@CMultLineListCtrl@@UAEXHHHAAVCRect@@@Z
?GetBotton@CMultLineListCtrl@@ABEHXZ
?GetBrush@CTranslucentButton@@QAEAAVSolidBrush@Gdiplus@@XZ
?GetBtnName@CTranslucentButton@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetButton@CWndSliderView@@QBEPAVCSliderButton@@H@Z
?GetButtonRect@CTabBar@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVCRect@@@Z
?GetButtonRect@CWndSliderView@@QBE?AVCRect@@H@Z
?GetButtonRect@CWndSliderView@@QBE?AVCRect@@HABV2@@Z
?GetButtonSize@CBaseEditCombox@@ABE?AU?$pair@HH@std@@XZ
?GetButtonTitle@CWndSliderView@@QAEXHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetCheck@CDialogMsg@@QAEHXZ
?GetCheck@CSkinButton2@@QBEHXZ
?GetCheck@CxSkinRCbutton@@QAEHXZ
?GetClassAtom@CBalloonHelp@@KAGH@Z
?GetClickEdit@CBaseListCtrl@@QBEHXZ
?GetColFont@CTabControl@@UAEKXZ
?GetColHoverBK@CTabControl@@UAEKXZ
?GetColHoverFont@CTabControl@@UAEKXZ
?GetColTabSel@CTabControl@@UAEKXZ
?GetColumnText@CMultLineListCtrl@@UAEXHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetCtrlKeySelected@CMultLineListCtrl@@AAEPAV?$vector@IV?$allocator@I@std@@@std@@AAH@Z
?GetData@CTabControl@@UAEPAVCTabControlData@@XZ
?GetDimensions@CDib@@QAE?AVCSize@@XZ
?GetDisableOldStyle@BCMenu@@QAEHXZ
?GetDisabledBitmap@BCMenu@@IAEXAAVCBitmap@@K@Z
?GetDrawList@CMultLineListCtrl@@QBEPAVCDrawList@@XZ
?GetEditLeftSize@CBaseEditCombox@@ABEHXZ
?GetEditMiddleSize@CBaseEditCombox@@ABEHXZ
?GetEditRightSize@CBaseEditCombox@@ABEHXZ
?GetEditState@CBaseListCtrl@@QBE?AW4EditState@@XZ
?GetFadedBitmap@BCMenu@@IAEXAAVCBitmap@@@Z
?GetFirstSelectedItemPosition@CMultLineListCtrl@@UAEPAU__POSITION@@XZ
?GetFont@CKwFont@@QAEPAVCFont@@XZ
?GetFont@CTranslucentButton@@QAEPAVFont@Gdiplus@@XZ
?GetFormat@CTranslucentButton@@QAEAAVStringFormat@Gdiplus@@XZ
?GetFrameCount@CPictureEx@@QBEHXZ
?GetGroupId@CxSkinRCbutton@@QAEHXZ
?GetHeadHwnd@CMultLineListCtrl@@UBEPAUHWND__@@XZ
?GetHeadWnd@CMultLineListCtrl@@QBEPAVCHeadCtrol@@XZ
?GetHeight@CDibBitmap@@QAEHXZ
?GetHoverColour@CHyperLink@@QBEKXZ
Sections
.text Size: 440KB - Virtual size: 440KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 178KB - Virtual size: 177KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bin/KwDataDef.dll.dll windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\Projects\5021sp1-snprintf_s修复版-new\KwResource\bin\release\pdb\KwDataDef.pdb
Sections
.text Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
readme.txt