1a6c921c3ba2aea11717c990e3b163f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a6c921c3ba2aea11717c990e3b163f6_JaffaCakes118
Size

4.0MB
MD5

1a6c921c3ba2aea11717c990e3b163f6
SHA1

7f9f0a420a8addf198dd15cc63630dbe9dc66201
SHA256

ddfe770e05445f79d82d156bf0c0ab915a6b85c32d7e0d9aceead1fb652f5455
SHA512

6f0df412f33eb11a27fd50e7e9d4c802b5a129c2e77a4bedb89791cf31a30da445e7d7312a4ecb79cd30daf99d48ed14ce8dc0b98e069eb72d4b3ca05f7498ce
SSDEEP

98304:hbtcdq3J8kgcrEonhWQ/MJIupvggaLygRvI0T:hbK8J39LnJcFpvIBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
1a6c921c3ba2aea11717c990e3b163f6_JaffaCakes118
unpack001/$PLUGINSDIR/FileInfo.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/UNACEV2.DLL
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack001/msvcr80.dll
unpack001/sfx/HaoZip7zCon.sfx
unpack001/sfx/HaoZip7zSetup.sfx

Files

1a6c921c3ba2aea11717c990e3b163f6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FileInfo.dll
.dll windows:4 windows x86 arch:x86

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\program files\nsis\nsis-2.42.6-unicode-src\plugins\FileInfo.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

SetLastError
lstrcpynW
GlobalFree
lstrcpyW
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
WriteFile
InitializeCriticalSection
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW

user32

wsprintfW

Exports

Exports

GetSpecialBuild

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/option.ini
7zNew.data
.7z
HaoZip.chm
.chm
HaoZip.dll
.dll windows:4 windows x86 arch:x86

e1e86448340e57208e6fd9ec5c3e9bad

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e1:29:78:43:e0:fb:3d:d1:95:e0:78:77:f5:d3:e1:be:e2:f9:38:db
Signer

Actual PE Digest

e1:29:78:43:e0:fb:3d:d1:95:e0:78:77:f5:d3:e1:be:e2:f9:38:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZip.Dll.pdb

Imports

gdiplus

GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipLoadImageFromStream
GdipCreateBitmapFromScan0
GdipGraphicsClear
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdiplusShutdown
GdipGetImageWidth
GdipDisposeImage
GdipGetImageHeight
GdipAlloc
GdipFree
GdipCloneImage
GdiplusStartup
GdipCreateFromHDC
GdipCreateBitmapFromGdiDib
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipLoadImageFromFile

wininet

InternetOpenUrlW
InternetWriteFile
HttpSendRequestExW
HttpEndRequestW
InternetConnectW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
InternetSetOptionW
InternetOpenW
InternetCloseHandle
InternetCrackUrlW

kernel32

CreateSemaphoreW
SetEvent
FindNextFileW
FindClose
FindFirstFileW
GetCurrentProcessId
WideCharToMultiByte
GetACP
InterlockedExchangeAdd
CreateDirectoryW
RemoveDirectoryW
SystemTimeToFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetSystemTime
SetEndOfFile
SetFileTime
SetFilePointer
GetFileSize
LocalFree
FormatMessageW
ReleaseMutex
CreateMutexW
GetFileTime
ResumeThread
ResetEvent
GetFullPathNameW
GetCurrentDirectoryW
GetLongPathNameW
GetTempFileNameW
SearchPathW
GetTempPathW
SetCurrentDirectoryW
GetWindowsDirectoryW
GetSystemDirectoryW
WinExec
OpenSemaphoreW
ReleaseSemaphore
WritePrivateProfileStringW
TerminateProcess
LocalAlloc
FreeResource
GlobalSize
GetVolumeInformationW
ReadProcessMemory
WriteProcessMemory
VirtualFreeEx
VirtualAllocEx
GetComputerNameW
CreateEventW
WaitForMultipleObjects
DeleteFileW
FileTimeToLocalFileTime
SetFileAttributesW
WaitForSingleObject
CopyFileW
SystemTimeToTzSpecificLocalTime
MoveFileW
lstrcpyW
lstrlenA
MoveFileExW
GetFileAttributesW
GetDriveTypeW
GlobalFree
LockResource
GlobalMemoryStatus
GetSystemInfo
GetProcessTimes
GetLocalTime
DeviceIoControl
SetPriorityClass
FindFirstChangeNotificationW
FindCloseChangeNotification
GetLogicalDriveStringsW
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
CompareFileTime
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetExitCodeProcess
CreateProcessW
CreatePipe
GetStartupInfoW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetThreadLocale
GetLocaleInfoA
GetVersionExA
InterlockedCompareExchange
OpenProcess
GetVersionExW
GetSystemDefaultLangID
ExpandEnvironmentStringsW
ReadFile
UpdateResourceW
FileTimeToSystemTime
EndUpdateResourceW
EnumResourceLanguagesW
EnumSystemCodePagesW
GetCPInfoExW
FindResourceExW
EnumResourceTypesW
EnumResourceNamesW
GetStdHandle
WriteFile
LoadLibraryW
CompareStringW
CreateFileW
CloseHandle
Sleep
GetCommandLineW
SetLastError
SetErrorMode
GlobalLock
GlobalAlloc
GlobalUnlock
GetCurrentProcess
LoadLibraryA
GetProcAddress
lstrcmpW
FlushInstructionCache
MulDiv
GetTickCount
InterlockedExchange
LoadResource
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
InterlockedDecrement
LeaveCriticalSection
FreeLibrary
EnterCriticalSection
LoadLibraryExW
GetModuleFileNameW
SizeofResource
FindResourceW
RaiseException
GetCurrentThreadId
GetLastError
GetModuleHandleW
lstrlenW
lstrcmpiW
InterlockedIncrement
ExpandEnvironmentStringsA
BeginUpdateResourceW
GetPrivateProfileStringW

user32

RegisterClipboardFormatW
UpdateWindow
SetRectEmpty
SetWindowPlacement
SetWindowRgn
IsClipboardFormatAvailable
CreateIconIndirect
GetMenuState
GetMessageA
GetCapture
SwitchToThisWindow
IsWindowUnicode
GetCursorPos
DispatchMessageA
MsgWaitForMultipleObjects
PtInRect
CheckMenuRadioItem
EnableMenuItem
CreateMenu
DrawTextExW
EnumWindows
LoadAcceleratorsW
LoadMenuW
LoadImageW
PostThreadMessageW
GetWindowThreadProcessId
PostQuitMessage
IsMenu
AppendMenuW
MonitorFromPoint
DeleteMenu
GetMonitorInfoW
TrackPopupMenu
LoadIconW
ShowScrollBar
SetTimer
KillTimer
GetMenuItemCount
TrackPopupMenuEx
OffsetRect
DrawFocusRect
DestroyIcon
DrawStateW
GetSubMenu
DrawFrameControl
InsertMenuItemW
DrawIconEx
DestroyMenu
CreatePopupMenu
GetMenuItemInfoW
InflateRect
GetSystemMetrics
GetClassLongW
SetPropW
GetPropW
DrawTextW
SendDlgItemMessageW
GetDlgItemInt
SetDlgItemInt
MessageBeep
EndDialog
GetMessageW
SetRect
GetSystemMenu
IsWindowEnabled
IsWindowVisible
SetActiveWindow
GetKeyState
IsDialogMessageW
wsprintfW
SetForegroundWindow
BringWindowToTop
IsIconic
FindWindowExW
SystemParametersInfoW
GetWindowRect
MapWindowPoints
EnableWindow
RemovePropW
CheckMenuItem
LoadBitmapW
CopyRect
GetWindowDC
WindowFromPoint
IsZoomed
SetScrollPos
GetScrollRange
GetScrollPos
GetIconInfo
GetMenu
AdjustWindowRectEx
DrawEdge
CharNextW
DefWindowProcW
CreateAcceleratorTableW
FillRect
MoveWindow
GetParent
ReleaseCapture
GetDesktopWindow
GetDlgCtrlID
MessageBoxW
GetActiveWindow
LoadStringW
DialogBoxParamW
DispatchMessageW
ShowWindow
PeekMessageW
CreateDialogParamW
TranslateMessage
IsChild
GetSysColor
SetCursor
GetClassNameW
InvalidateRect
RegisterWindowMessageW
ReleaseDC
GetWindowLongW
SetWindowPos
DestroyAcceleratorTable
GetDC
GetWindow
SetFocus
EndPaint
GetWindowTextLengthW
RegisterClassExW
SetWindowTextW
GetFocus
BeginPaint
ScreenToClient
SendMessageW
RedrawWindow
PostMessageW
InvalidateRgn
CallWindowProcW
CreateWindowExW
ClientToScreen
SetWindowLongW
UnregisterClassA
GetClipboardData
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
ExitWindowsEx
RemoveMenu
LoadStringA
CheckDlgButton
CheckRadioButton
SetDlgItemTextW
SendMessageTimeoutW
GetTopWindow
GetMenuDefaultItem
SetScrollRange
SetMenuItemInfoW
CopyIcon
SetScrollInfo
GetScrollInfo
GetSysColorBrush
ScrollWindowEx
SetLayeredWindowAttributes
ShowCursor
GetWindowTextW
DestroyWindow
LoadCursorW
GetClassInfoExW
GetDlgItem
IsWindow
SetCapture
GetClientRect

gdi32

CombineRgn
SetViewportOrgEx
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
GetTextExtentPoint32W
StretchBlt
SetBkMode
SetTextColor
CreateFontIndirectW
ExtTextOutW
SetBkColor
CreateSolidBrush
DeleteDC
DeleteObject
CreateCompatibleDC
GetObjectW
CreateCompatibleBitmap
AngleArc
SetDCPenColor
GetStockObject
BeginPath
GetBkColor
SelectObject
BitBlt
GetTextMetricsW
GetDIBits
CreateDIBSection
CreatePen
MoveToEx
GetCurrentObject
LineTo
GetBkMode
FillPath
TextOutW
EndPath
PathToRegion
GetDeviceCaps

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW

advapi32

OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
RegOpenKeyExA
RegQueryValueExA
AdjustTokenPrivileges
RegDeleteValueW
RegOpenCurrentUser
RegEnumKeyW
LookupPrivilegeValueW

shell32

DragAcceptFiles
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHBindToParent
ord644
ord645
ord4
ord2
ShellExecuteW
DragQueryFileW
DragFinish
SHGetFileInfoW
ord28
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW
SHGetDesktopFolder
SHGetFolderLocation
SHChangeNotify
SHFileOperationW
ord74
FindExecutableW

ole32

OleRun
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoUninitialize
CoInitialize
StringFromGUID2
OleUninitialize
CLSIDFromProgID
CoGetClassObject
OleInitialize
CoCreateGuid
CreateStreamOnHGlobal
OleLockRunning
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString

oleaut32

VariantInit
VarUI4FromStr
SysAllocString
SysStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
OleCreateFontIndirect
SysStringByteLen
VariantClear
LoadTypeLi
LoadRegTypeLi

shlwapi

AssocQueryStringW
StrCmpIW
SHAutoComplete
StrStrW
PathIsRelativeW
StrStrIW
StrCmpW
StrRetToBufW

comctl32

ImageList_Remove
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw
InitCommonControlsEx
PropertySheetW
ImageList_Create
ImageList_Add
ImageList_Destroy
DestroyPropertySheetPage
CreatePropertySheetPageW
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
CreateStatusWindowW
ImageList_LoadImageW
ImageList_SetBkColor

msvcr80

signal
srand
rand
_mktime64
_beginthreadex
vswprintf_s
setvbuf
fseek
iswascii
toupper
ungetc
fsetpos
fgetc
fputc
fwrite
iswpunct
fclose
fflush
fgetpos
ispunct
_wtoi
wcscpy_s
_wcsicmp
towupper
_localtime64
wcsrchr
wcschr
_vswprintf
wcsncpy
_splitpath_s
_stricmp
_vsnwprintf_s
_wrename
_endthreadex
sscanf
swscanf
_itow
_snwprintf
wcsncat
memcmp
_localtime64_s
_CxxThrowException
__CxxFrameHandler3
setlocale
__uncaught_exception
__crtLCMapStringA
__pctype_func
isupper
___lc_codepage_func
___lc_handle_func
_calloc_crt
__crtGetStringTypeW
___mb_cur_max_l_func
fgetwc
fputwc
ungetwc
__crtLCMapStringW
_create_locale
_ui64toa_s
_free_locale
_malloc_crt
islower
_invoke_watson
_errno
wcstombs_s
_wfsopen
_get_osplatform
abort
_time64
memcpy
_wtof
__iob_func
_isatty
_fileno
memset
strlen
__RTDynamicCast
strncpy
memmove
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
memchr
strcspn
sprintf_s
_wchmod
_wfopen_s
fread
feof
localeconv
towlower
_unlock
__dllonexit
_encode_pointer
_lock
_invalid_parameter_noinfo
_purecall
??0exception@std@@QAE@XZ
_onexit
_decode_pointer
?terminate@@YAXXZ
_encoded_null
_initterm
_initterm_e
_amsg_exit
swprintf_s
??2@YAPAXI@Z
_recalloc
malloc
wcsncpy_s
free
memmove_s
memcpy_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??_V@YAXPAX@Z
??3@YAXPAX@Z
_adjust_fdiv
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_fsopen
wcsstr
_wcsupr
_vswprintf_c_l
_wcsnicmp
_waccess
swscanf_s
realloc
strncpy_s
_itow_s
wcstol
__CppXcptFilter

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

GradientFill
TransparentBlt

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

Exports

Exports

BatchRenameUtils
BatchTextReplace
ConsoleMain
HaoZipMain
ImageConvert
ImageViewerCloseEditor
ImageViewerCreate
ImageViewerDestory
ImageViewerInitialize
ImageViewerInitializeLang
ImageViewerInstance
ImageViewerIsClosed
ImageViewerSetInternalFile
ImageViewerSetLogoIcon
ImageViewerSetXmlProfile
ImageViewerShowFileEditor
ImageViewerUpdateSkin
ImageViewerUpdateTitleBar
Initialize
MD5Utils
ModuleFinitialize
ModuleInitialize
UpdateMain

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZip.exe
.exe windows:4 windows x86 arch:x86

b43bf7d8e6bd94cd2265ea8bbd134ef7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:3e:72:9c:ec:12:bc:44:02:14:45:3c:a6:71:07:88:6a:80:c6:e8
Signer

Actual PE Digest

63:3e:72:9c:ec:12:bc:44:02:14:45:3c:a6:71:07:88:6a:80:c6:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZip.pdb

Imports

kernel32

FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleFileNameW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 625KB - Virtual size: 625KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipC.exe
.exe windows:4 windows x86 arch:x86

9eaecb028a956bb2e413034baa4fe968

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:70:7c:54:e7:5f:9d:a8:b2:ad:71:56:34:fb:bb:ab:15:9a:c3:6d
Signer

Actual PE Digest

07:70:7c:54:e7:5f:9d:a8:b2:ad:71:56:34:fb:bb:ab:15:9a:c3:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipC.pdb

Imports

kernel32

FreeLibrary
GetModuleFileNameW
LoadLibraryW
GetProcAddress
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
InterlockedExchange
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime

msvcr80

__pctype_func
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
??3@YAXPAX@Z
free
memmove_s
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??2@YAPAXI@Z
_amsg_exit
memcpy_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
wcscat_s
wprintf
wcsrchr
memset
strlen
__iob_func
_errno
__CxxFrameHandler3
_CxxThrowException
setlocale
??0bad_cast@std@@QAE@ABV01@@Z
___lc_codepage_func
___lc_handle_func
memcpy
_calloc_crt
___mb_cur_max_l_func
fgetwc
fputwc
ungetwc
fflush
setvbuf
ungetc
fgetc
fwrite
fgetpos
fseek
fsetpos
fclose
__crtGetStringTypeW
__crtLCMapStringW
_create_locale
_ui64toa_s
_free_locale
_malloc_crt
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipCompress.dll
.dll windows:4 windows x86 arch:x86

d3f90a25bd3e8993ba0319da6756b23b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5f:1a:76:73:17:f6:78:3a:01:c5:88:19:83:ba:b7:52:b9:b7:97:8b
Signer

Actual PE Digest

5f:1a:76:73:17:f6:78:3a:01:c5:88:19:83:ba:b7:52:b9:b7:97:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipCompress.pdb

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetModuleHandleW
VirtualFree
GetProcAddress
VirtualAlloc
InterlockedExchangeAdd
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
CloseHandle
ResumeThread
Sleep
GetVersionExW
GetLastError
CreateEventW
SetEvent
ReleaseSemaphore
ResetEvent
CreateSemaphoreW
LoadLibraryExW
FreeLibrary
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange

msvcr80

_invalid_parameter_noinfo
??_V@YAXPAX@Z
memmove
free
malloc
strncpy_s
_beginthreadex
exit
_purecall
fflush
strncmp
_fstat64i32
ungetc
fread
_fileno
fwrite
ftell
realloc
fseek
fclose
isdigit
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
??0exception@std@@QAE@XZ
memcpy_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
memcpy
putc
memset

Exports

Exports

CreateCodecs
SetCodePage
SetResFileName

Sections

.text
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipEditor.dll
.dll windows:4 windows x86 arch:x86

85eb30573ac648a09ba1066a9bea6690

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

64:79:3d:e9:d7:39:9d:25:1b:ad:77:ee:62:77:35:00:6a:49:72:28
Signer

Actual PE Digest

64:79:3d:e9:d7:39:9d:25:1b:ad:77:ee:62:77:35:00:6a:49:72:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipEditor.pdb

Imports

kernel32

GetVersionExA
VirtualAlloc
VirtualFree
GetLocaleInfoA
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
LocalFree
FormatMessageW
GetACP
WideCharToMultiByte
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcatW
FreeLibrary
GetProfileStringW
WritePrivateProfileStructW
SetEvent
GlobalAlloc
LoadLibraryExW
LoadLibraryW
GetModuleFileNameW
SizeofResource
GlobalFree
LockResource
GetFullPathNameW
GetLastError
LoadResource
FindResourceW
MultiByteToWideChar
GetPrivateProfileStructW
InterlockedDecrement
GetTickCount
DeleteCriticalSection
InterlockedIncrement
GetFileAttributesW
InitializeCriticalSection
GetLongPathNameW
GetCurrentProcessId
GetTempPathW
GlobalUnlock
GlobalLock
GetLocaleInfoW
GetModuleHandleW
InterlockedExchange
WritePrivateProfileStringW
GetVersionExW
lstrcpynW
GetCurrentDirectoryW
FindClose
ReadFile
lstrcmpiW
WriteFile
FindFirstFileW
GetFileSize
CreateFileW
lstrcmpW
lstrlenW
lstrcpyW
LeaveCriticalSection
CloseHandle
CreateEventW
EnterCriticalSection
GetCurrentThreadId
WaitForSingleObject
RaiseException
SetLastError
FlushInstructionCache
GetCurrentProcess
MulDiv
IsProcessorFeaturePresent

user32

CheckMenuRadioItem
RemoveMenu
AppendMenuW
CharNextW
LoadStringA
IsIconic
CreatePopupMenu
PostQuitMessage
EnableMenuItem
SetForegroundWindow
GetMenuStringW
DeleteMenu
wvsprintfW
GetDlgItemInt
ScreenToClient
GetWindowDC
WindowFromPoint
LoadImageW
DrawFrameControl
GetMessagePos
SwitchToThisWindow
FrameRect
LoadAcceleratorsW
SetDlgItemInt
GetWindowThreadProcessId
OffsetRect
LoadStringW
BringWindowToTop
EndDialog
IsWindowVisible
DialogBoxParamW
PtInRect
IsRectEmpty
SendMessageW
DefWindowProcW
GetDC
UnregisterClassA
MessageBeep
KillTimer
SetParent
IsWindowEnabled
LoadBitmapW
SetMenu
GetKeyboardLayout
UnhookWindowsHookEx
IsMenu
CallNextHookEx
DestroyMenu
wsprintfW
GetClassNameW
SetWindowsHookExW
ClientToScreen
SetMenuItemInfoW
TranslateAcceleratorW
GetMenu
CharLowerW
SetTimer
GetDlgItem
CreateWindowExW
ReleaseDC
GetSystemMetrics
GetClassInfoExW
SetFocus
SetWindowLongW
DrawFocusRect
SetMenuDefaultItem
GetCursorPos
GetMenuItemInfoW
GetCaretPos
ModifyMenuW
GetFocus
TrackPopupMenuEx
GetActiveWindow
GetMonitorInfoW
MonitorFromPoint
GetSubMenu
LoadMenuW
GetWindowTextW
GetMenuItemCount
MessageBoxW
SetWindowTextW
SetDlgItemTextW
RegisterWindowMessageW
CheckRadioButton
GetDlgItemTextW
CheckDlgButton
GetWindow
PostMessageW
DrawTextW
DestroyIcon
MapWindowPoints
LoadIconW
EndPaint
EnableScrollBar
BeginPaint
GetScrollInfo
SystemParametersInfoW
SetScrollRange
LoadCursorW
GetScrollRange
SetCursor
SetScrollPos
GetScrollPos
GetKeyState
IsWindow
IsDialogMessageW
SetRectEmpty
EndDeferWindowPos
EnableWindow
SetRect
GetWindowTextLengthW
DeferWindowPos
BeginDeferWindowPos
UpdateWindow
IsDlgButtonChecked
GetSysColor
MsgWaitForMultipleObjects
PeekMessageW
DrawEdge
IsWindowUnicode
DestroyWindow
CallWindowProcW
GetWindowLongW
GetMessageW
GetMessageA
CreateDialogParamW
TranslateMessage
DispatchMessageW
InflateRect
DispatchMessageA
CopyRect
GetSysColorBrush
RegisterClassExW
FillRect
ShowWindow
SetWindowPos
GetParent
GetWindowRect
SetCapture
ReleaseCapture
MoveWindow
GetCapture
InvalidateRect
GetClientRect
InsertMenuW

gdi32

ResetDCW
PatBlt
OffsetWindowOrgEx
CreatePatternBrush
GetEnhMetaFileHeader
CreateBitmap
DeleteEnhMetaFile
SetBrushOrgEx
SetViewportOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
GetObjectW
EndDoc
AbortDoc
StartDocW
Rectangle
CombineRgn
RestoreDC
CreateRectRgnIndirect
SaveDC
SelectClipRgn
EnumFontsW
EndPage
StartPage
PlayEnhMetaFile
CreateDIBSection
TextOutW
CreateDCW
GetTextMetricsW
CreatePen
CreatePolygonRgn
LineTo
MoveToEx
FrameRgn
FillRgn
SetBkMode
DPtoLP
GetDeviceCaps
CreateFontIndirectW
SetBkColor
SetTextColor
CreateSolidBrush
GetTextColor
GetBkColor
ExtTextOutW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SelectObject
DeleteDC
GetTextExtentPoint32W
GetStockObject
DeleteObject

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterW

comdlg32

PageSetupDlgW
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
ChooseColorW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW

shell32

DragFinish
DragQueryFileW
DragAcceptFiles

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

VarUI4FromStr
OleTranslateColor

comctl32

ImageList_GetImageCount
ImageList_Draw
ImageList_AddMasked
InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy
CreateStatusWindowW
ImageList_Create

msvcr80

??3@YAXPAX@Z
_resetstkoflw
memset
malloc
wcscpy_s
wcscat_s
_recalloc
memcpy_s
free
wcslen
swprintf_s
abs
memcpy
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
memmove_s
wcsncpy_s
wcscmp
wcsncpy
_purecall
towupper
vswprintf_s
_beginthreadex
_invalid_parameter_noinfo
_vsnwprintf_s
strncpy_s
wcscpy
memmove
??0exception@std@@QAE@XZ
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_errno

Exports

Exports

HaoZip_CloseEditor
HaoZip_GetFormats
HaoZip_GetReadOnly
HaoZip_GetWindowMode
HaoZip_Initialize
HaoZip_SetCodePage
HaoZip_SetConfigDirectory
HaoZip_SetLogoIcon
HaoZip_SetResFileName
HaoZip_ShowEditor
HaoZip_Uninitialize

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipExt.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9bbef990795c8a5e60db9dad3fc26e17

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:cc:e5:a3:69:63:21:61:2e:7b:8c:63:1d:eb:e4:34:e6:e3:2e:38
Signer

Actual PE Digest

cb:cc:e5:a3:69:63:21:61:2e:7b:8c:63:1d:eb:e4:34:e6:e3:2e:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipExt.pdb

Imports

kernel32

CreateDirectoryW
DeleteFileW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
GetACP
InterlockedExchangeAdd
WaitForSingleObject
GetCurrentThreadId
ResumeThread
Sleep
LocalFree
FormatMessageW
GetTempFileNameW
SetFileTime
GetLongPathNameW
GetFullPathNameW
GetTempPathW
SetEndOfFile
WriteFile
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateEventW
GetPrivateProfileStringW
FlushInstructionCache
SetLastError
GetCurrentProcessId
lstrcpynW
ExpandEnvironmentStringsA
CreateMutexW
ReleaseMutex
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetThreadLocale
GetLocaleInfoA
GetVersionExA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GlobalLock
lstrcpynA
lstrlenW
GlobalUnlock
WideCharToMultiByte
InterlockedIncrement
DeleteCriticalSection
CloseHandle
GetVersion
LoadLibraryExW
GetModuleFileNameW
RaiseException
lstrcmpiW
FindResourceW
DisableThreadLibraryCalls
GetLastError
FreeLibrary
MultiByteToWideChar
SizeofResource
InitializeCriticalSection
LoadResource
LeaveCriticalSection
GetModuleHandleW
EnterCriticalSection
GetVersionExW
GetProcAddress
GetCurrentProcess
GetProcessHeap
HeapAlloc
LoadLibraryW
HeapFree
GetSystemDefaultLangID
OpenProcess
ReadFile
CreateFileW
SetFilePointer
GetFileAttributesW
InterlockedDecrement

user32

InsertMenuItemW
DestroyMenu
CreatePopupMenu
DestroyIcon
UnregisterClassA
IsWindow
GetClientRect
SetDlgItemTextW
BeginPaint
SendMessageW
SetWindowPos
GetWindowLongW
GetWindow
GetParent
SystemParametersInfoW
MapWindowPoints
GetWindowRect
GetActiveWindow
wsprintfW
SetRect
GetDesktopWindow
ReleaseDC
GetDC
GetIconInfo
MessageBoxW
LoadStringW
DialogBoxParamW
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
SetWindowLongW
DefWindowProcW
EndDialog
SetWindowTextW
GetDlgItem
InvalidateRect
SetPropW
GetPropW
EnableWindow
CallWindowProcW
FillRect
IsMenu
GetMenuItemCount
GetMenuInfo
LoadImageW
IsWindowEnabled
KillTimer
SetTimer
ShowWindow
CharNextW
DrawIconEx
SetMenuItemInfoW
GetMenuItemInfoW
CreateIconIndirect
EndPaint

gdi32

BeginPath
MoveToEx
PathToRegion
CreateSolidBrush
GetBkColor
FillPath
SetBkMode
TextOutW
EndPath
CreatePen
LineTo
GetStockObject
SetTextColor
CreateCompatibleBitmap
ExtTextOutW
SelectObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetDIBits
SetBkColor
DeleteObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW
ShellExecuteExW
SHFileOperationW

ole32

CoTaskMemFree
CoCreateInstance
ReleaseStgMedium
CoTaskMemAlloc
StringFromGUID2
CoCreateGuid
CoTaskMemRealloc

oleaut32

VarUI4FromStr

msvcr80

__RTDynamicCast
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
_CxxThrowException
_wtoi
swprintf_s
_beginthreadex
towlower
_vsnwprintf_s
towupper
wcschr
_errno
_splitpath_s
_stricmp
_wcsnicmp
memmove
_wtof
malloc
wcscpy_s
wcscat_s
_purecall
free
_recalloc
??_V@YAXPAX@Z
wcsncpy_s
memmove_s
memset
memcpy_s
memcpy
??2@YAPAXI@Z
wcslen
_invalid_parameter_noinfo
strlen
??0exception@std@@QAE@ABV01@@Z
sprintf
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??3@YAXPAX@Z

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage

msimg32

TransparentBlt

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipExt64.dll
.dll regsvr32 windows:4 windows x64 arch:x64

402a4e295134c8323052ce0eb3616f34

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:db:81:a0:56:3c:d1:ea:73:5f:a8:b3:09:9c:6f:25:48:93:59:b9
Signer

Actual PE Digest

7e:db:81:a0:56:3c:d1:ea:73:5f:a8:b3:09:9c:6f:25:48:93:59:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\x64\release\pdb\HaoZipExt64.pdb

Imports

kernel32

MultiByteToWideChar
GetVersionExW
HeapFree
GetProcAddress
GetProcessHeap
LoadLibraryW
HeapAlloc
GetSystemDefaultLangID
OpenProcess
SetFilePointer
ReadFile
CreateFileW
GetFileAttributesW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetACP
GetTempFileNameW
GetLongPathNameW
GetTempPathW
GetFullPathNameW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WaitForSingleObject
CreateEventW
GetLastError
LoadLibraryExW
GetPrivateProfileStringW
ReleaseMutex
CreateMutexW
GetThreadLocale
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RaiseException
GetModuleFileNameW
LoadResource
DisableThreadLibraryCalls
GetModuleHandleW
FreeLibrary
lstrcmpiW
InitializeCriticalSection
FindResourceW
EnterCriticalSection
LeaveCriticalSection
GetVersion
SizeofResource
lstrcpynW
GlobalUnlock
GlobalLock
CloseHandle
WideCharToMultiByte
lstrlenW
lstrcpynA
DeleteCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
HeapSetInformation
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapSize
Sleep
FlsAlloc
TlsSetValue
SetLastError
FlsFree
TlsFree
FlsGetValue
GetModuleHandleA
RtlVirtualUnwind
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
GetSystemTimeAsFileTime
GetVersionExA
GetCommandLineA
FlsSetValue
GetCurrentThreadId
HeapReAlloc
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

DrawIconEx
IsMenu
GetMenuItemInfoW
GetMenuInfo
InsertMenuItemW
UnregisterClassA
CreatePopupMenu
DestroyMenu
SetMenuItemInfoW
LoadStringW
ReleaseDC
GetIconInfo
GetDC
GetDesktopWindow
SetRect
wsprintfW
CharNextW
CreateIconIndirect
LoadImageW
GetMenuItemCount
DestroyIcon

gdi32

SelectObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetDIBits
SetBkColor
CreateCompatibleBitmap
ExtTextOutW
DeleteObject

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW

shell32

DragQueryFileW
SHGetPathFromIDListW
ShellExecuteExW
SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteW

ole32

CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

VarUI4FromStr

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipFormats.dll
.dll windows:4 windows x86 arch:x86

8d6dff1fe9e849ab0bfcb245dd28da70

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:7e:00:57:29:67:02:2a:dd:5c:31:89:36:65:45:d8:02:fd:47:8f
Signer

Actual PE Digest

75:7e:00:57:29:67:02:2a:dd:5c:31:89:36:65:45:d8:02:fd:47:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipFormats.pdb

Imports

kernel32

GetFullPathNameW
GetLongPathNameW
CreateFileW
SetCurrentDirectoryW
SetFileAttributesW
MoveFileW
RemoveDirectoryW
lstrlenW
GetTempFileNameW
GetTempPathW
SetFileTime
FindClose
FindNextFileW
FindFirstFileW
GetVersionExW
GetModuleHandleW
WaitForMultipleObjects
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
ReadFile
Sleep
GetStartupInfoW
CreateProcessW
CreatePipe
CreateFileA
WriteFile
GetFileType
SetFilePointer
SetEndOfFile
GetStdHandle
DeleteFileW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
SystemTimeToFileTime
FormatMessageW
LocalFree
GetProcAddress
GetDriveTypeA
GetDiskFreeSpaceA
GetFileAttributesA
IsDBCSLeadByte
GetCPInfo
GetCurrentProcess
SetConsoleMode
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
FindNextFileA
FindFirstFileA
DeleteCriticalSection
GetSystemInfo
CreateSemaphoreW
ResetEvent
ReleaseSemaphore
SetEvent
CreateEventW
GetFileSize
ResumeThread
GetCurrentDirectoryW
GetWindowsDirectoryW
CreateDirectoryW
CloseHandle
GetLastError
GetFileAttributesW
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetACP
VirtualAlloc
VirtualFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DosDateTimeToFileTime
FileTimeToDosDateTime
InterlockedExchangeAdd
LoadLibraryW
LoadLibraryExW
FreeLibrary
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange

user32

OemToCharA
CharToOemA
CharLowerA
OemToCharBuffA
OemToCharBuffW
CharUpperA

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

msvcr80

_time64
towlower
towupper
_vsnwprintf_s
wcschr
wcslen
strlen
_purecall
memcpy
memset
memcmp
__RTDynamicCast
memchr
atoi
strcmp
wcsncpy
free
wcscpy_s
vsprintf
wcscmp
malloc
wcscpy
strcpy
realloc
sprintf
strncpy
rename
remove
toupper
putchar
strchr
strcat
abs
wcspbrk
strrchr
strpbrk
wcsrchr
wcscat
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
srand
_errno
??_V@YAXPAX@Z
memmove
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
??2@YAPAXI@Z
memcpy_s
??3@YAXPAX@Z
memmove_s
_beginthreadex
rand

Exports

Exports

CreateArchiveInfoObjects
SetCodePage
SetResFileName
SetWorkDirectory

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipImage.dll
.dll windows:4 windows x86 arch:x86

9340299e20a7db5790cce88ca3aeae36

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7d:67:8d:85:2e:92:ea:16:05:ac:9c:cc:e7:f2:f8:cb:b6:1c:ec:55
Signer

Actual PE Digest

7d:67:8d:85:2e:92:ea:16:05:ac:9c:cc:e7:f2:f8:cb:b6:1c:ec:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipImage.pdb

Imports

kernel32

GetCurrentProcess
lstrlenA
ExitProcess
FreeLibrary
GetModuleFileNameW
LoadLibraryW
LoadLibraryExW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
FindResourceW
lstrlenW
GetFullPathNameW
FindClose
FindFirstFileW
GetModuleHandleW
GetProcAddress
GlobalAlloc
GlobalMemoryStatus
SetFileAttributesW
CreateDirectoryW
DeleteFileW
InterlockedExchangeAdd
GetFileAttributesW
GetLastError
LocalFree
FormatMessageW
GlobalFree
GlobalUnlock
GlobalLock

user32

OpenClipboard
EmptyClipboard
LoadStringW
SetClipboardData
GetWindow
SystemParametersInfoW
GetParent
GetClientRect
MapWindowPoints
CloseClipboard
FillRect
GetSysColor
ReleaseDC
GetDC
GetWindowRect
SetWindowPos
GetWindowLongW

gdi32

SaveDC
RealizePalette
StretchDIBits
RestoreDC
SetDIBitsToDevice
CreateDIBSection
SetWindowOrgEx
DPtoLP
GetMapMode
LPtoDP
SetMapMode
GetClipBox
BitBlt
CreatePen
GetObjectW
ExtTextOutW
MoveToEx
CreateCompatibleBitmap
ExtSelectClipRgn
SetBkColor
CreateSolidBrush
LineTo
EndDoc
GetStockObject
CreateDCW
StartPage
EndPage
GetDeviceCaps
StartDocW
CreateCompatibleDC
SelectObject
DeleteDC
CreateRectRgnIndirect
CreatePalette
SelectPalette
DeleteEnhMetaFile
SetEnhMetaFileBits
PlayEnhMetaFile
SetWinMetaFileBits
GetEnhMetaFilePaletteEntries
SetStretchBltMode
GetDIBits
DeleteObject
GetEnhMetaFileHeader

comdlg32

PageSetupDlgW

msvcr80

_open
_unlink
_write
_setmode
memset
memcpy
_setjmp3
_close
_CIatan2
_CIexp
_CIsqrt
floor
_CIpow
_CIlog
_read
fscanf
_purecall
_invalid_parameter_noinfo
memmove_s
??2@YAPAXI@Z
fgets
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
fputc
feof
fclose
getc
memcpy_s
ftell
ferror
fseek
fwrite
fflush
_wfopen
fread
??_V@YAXPAX@Z
??0exception@std@@QAE@XZ
??8type_info@@QBE_NABV0@@Z
free
malloc
wcsstr
wcschr
towlower
towupper
_vsnwprintf_s
_errno
rand
memmove
ldiv
_wcsnicmp
calloc
strncpy
longjmp
strncmp
realloc
sprintf
wcsrchr
_swab
ceil
qsort
isprint
printf
abort
fprintf
strrchr
vsprintf
tmpnam
_lseek
isspace
isdigit
strchr
atoi
atof
__iob_func
isalpha
vfprintf
strtok
memchr
exit
getenv
sscanf
_mktime64
_strnicmp
perror
_gmtime64
fopen
putc
isupper
strstr
_stricmp
tmpfile
_getcwd
fgetc
frexp
modf
_snprintf
bsearch
_CxxThrowException
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
__CxxLongjmpUnwind

gdiplus

GdipCreateBitmapFromGdiDib
GdipImageGetFrameDimensionsList
GdipGetImageWidth
GdipGetImageThumbnail
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCloneBitmapArea
GdipImageRotateFlip
GdipImageGetFrameDimensionsCount
GdipDrawImageRect
GdipGetImageHeight
GdipGetImageEncodersSize
GdipAlloc
GdipDrawImageRectI
GdipFree
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipCloneImage
GdipGetPropertyItem
GdipImageGetFrameCount
GdipCreateBitmapFromHBITMAP
GdipImageSelectActiveFrame
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetPropertyItemSize
GdipGraphicsClear
GdipGetImageEncoders

ws2_32

htonl
ntohs
htons

Exports

Exports

CreateImageConvertObject
CreateImageViewObject
SetCodePage
SetResFileName
png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_name
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 879KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipImgConvert.exe
.exe windows:4 windows x86 arch:x86

082d28a1fe88670b4f51ff2f19f53cda

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:fd:10:39:a5:c3:49:35:93:aa:f9:fb:07:bb:5e:70:5c:58:9e:50
Signer

Actual PE Digest

71:fd:10:39:a5:c3:49:35:93:aa:f9:fb:07:bb:5e:70:5c:58:9e:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\build_temp\Win32\compile\Release\HaoZipImgConvert\HaoZipImgConvert.pdb

Imports

kernel32

GetModuleHandleW
GetProcAddress
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetFileAttributesW
lstrlenA
MultiByteToWideChar
lstrcpyW
GetModuleFileNameW
GetCurrentDirectoryW
lstrlenW
GetFullPathNameW
Sleep
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedExchange

user32

LoadIconW
GetDesktopWindow

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder

ole32

CoTaskMemFree

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
strlen
??0exception@std@@QAE@XZ
memcpy_s
??2@YAPAXI@Z
memmove_s
??_V@YAXPAX@Z
_invalid_parameter_noinfo
towupper
wcschr
towlower
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
memset

shlwapi

StrStrW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipImgViewer.exe
.exe windows:4 windows x86 arch:x86

bf5a23ec11ffb72023bd2d720f889c8f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f0:f8:c4:57:f3:0c:fc:e9:5b:5a:86:c4:ba:39:ad:dc:c5:b9:1a:c7
Signer

Actual PE Digest

f0:f8:c4:57:f3:0c:fc:e9:5b:5a:86:c4:ba:39:ad:dc:c5:b9:1a:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\build_temp\Win32\compile\Release\HaoZipImgViewer\HaoZipImgViewer.pdb

Imports

kernel32

LoadLibraryW
FreeLibrary
GetProcAddress
lstrlenW
GetFullPathNameW
GetModuleFileNameW
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
Sleep

user32

LoadIconW

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
__CxxFrameHandler3
_CxxThrowException
wcschr
??_V@YAXPAX@Z
towupper
towlower
memcpy_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
??2@YAPAXI@Z
memmove_s
_invalid_parameter_noinfo
memset

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipLoader.exe
.exe windows:4 windows x86 arch:x86

d5c265df4707f8493e7113203d7cf8b5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a8:ca:11:82:53:36:35:52:96:54:aa:cc:41:b9:c6:27:b5:67:0c:76
Signer

Actual PE Digest

a8:ca:11:82:53:36:35:52:96:54:aa:cc:41:b9:c6:27:b5:67:0c:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipLoader.pdb

Imports

kernel32

GetSystemDefaultLangID
LoadLibraryW
FreeLibrary
GetProcAddress
GetModuleHandleW
CloseHandle
OpenProcess
GetVersionExW
GetCurrentProcess
GetFileAttributesW
CreateDirectoryW
SetFileAttributesW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
LoadLibraryExW
GetModuleFileNameW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetFullPathNameW
lstrlenW
GetTempFileNameW
GetPrivateProfileStringW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

LoadStringW
MessageBoxW

shell32

SHFileOperationW
SHGetPathFromIDListW
SHGetSpecialFolderLocation

ole32

CoTaskMemFree

msvcr80

memset
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
memcpy
_initterm_e
_invalid_parameter_noinfo
memcpy_s
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
wcslen
??2@YAPAXI@Z
strlen
memmove_s
??_V@YAXPAX@Z
_stricmp
_splitpath_s
towlower
towupper
wcschr
malloc
free
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipLoader64.exe
.exe windows:4 windows x64 arch:x64

4f15241ff17f368da85a76a151a5ac12

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

aa:54:a7:7b:51:9b:67:9b:dc:c4:cc:02:d9:c0:0c:a4:21:24:99:5c
Signer

Actual PE Digest

aa:54:a7:7b:51:9b:67:9b:dc:c4:cc:02:d9:c0:0c:a4:21:24:99:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

f:\haozip2.4\build\rczip\bin\x64\release\pdb\HaoZipLoader64.pdb

Imports

shlwapi

PathAppendW
PathFileExistsW
PathRemoveFileSpecW
StrCmpIW

kernel32

FlsGetValue
LCMapStringW
LoadLibraryW
GetCommandLineW
GetModuleFileNameW
GetProcAddress
FreeLibrary
LCMapStringA
GetStringTypeW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FlsSetValue
TlsFree
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
HeapSize
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA

shell32

CommandLineToArgvW

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipMd5.exe
.exe windows:4 windows x86 arch:x86

1499f9ca3e4eb835cd29dc0813bdf704

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f2:23:fe:9d:61:4d:e2:0b:ec:3e:1c:a8:f3:bf:7b:a0:cf:03:c7:c5
Signer

Actual PE Digest

f2:23:fe:9d:61:4d:e2:0b:ec:3e:1c:a8:f3:bf:7b:a0:cf:03:c7:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\build_temp\Win32\compile\Release\HaoZipMd5\HaoZipMd5.pdb

Imports

kernel32

GetModuleHandleW
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleFileNameW
GetCurrentDirectoryW
GetFullPathNameW
lstrlenW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

LoadIconW
GetDesktopWindow

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
_configthreadlocale
_initterm_e
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towlower
towupper
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipRename.exe
.exe windows:4 windows x86 arch:x86

1499f9ca3e4eb835cd29dc0813bdf704

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

76:90:21:30:9c:ff:e2:8a:7e:33:3d:a0:97:ea:09:08:19:29:60:aa
Signer

Actual PE Digest

76:90:21:30:9c:ff:e2:8a:7e:33:3d:a0:97:ea:09:08:19:29:60:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\build_temp\Win32\compile\Release\HaoZipRename\HaoZipRename.pdb

Imports

kernel32

GetModuleHandleW
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleFileNameW
GetCurrentDirectoryW
GetFullPathNameW
lstrlenW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

LoadIconW
GetDesktopWindow

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
_configthreadlocale
_initterm_e
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towlower
towupper
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipReplace.exe
.exe windows:4 windows x86 arch:x86

1499f9ca3e4eb835cd29dc0813bdf704

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

92:8e:95:9e:e5:14:42:33:00:a1:5f:2c:e6:f6:00:93:86:7f:e4:a6
Signer

Actual PE Digest

92:8e:95:9e:e5:14:42:33:00:a1:5f:2c:e6:f6:00:93:86:7f:e4:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\build_temp\Win32\compile\Release\HaoZipReplace\HaoZipReplace.pdb

Imports

kernel32

GetModuleHandleW
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentProcess
GetModuleFileNameW
GetCurrentDirectoryW
GetFullPathNameW
lstrlenW
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange

user32

LoadIconW
GetDesktopWindow

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
memset
_configthreadlocale
_initterm_e
memcpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
strlen
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??_V@YAXPAX@Z
wcschr
towlower
towupper
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipScan.exe
.exe windows:4 windows x86 arch:x86

0f95cc3b596bed58b8ddef32cfa430e1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

89:7d:2f:bb:74:46:0f:b1:0e:a0:38:2e:34:3d:82:ac:73:e4:97:ff
Signer

Actual PE Digest

89:7d:2f:bb:74:46:0f:b1:0e:a0:38:2e:34:3d:82:ac:73:e4:97:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipScan.pdb

Imports

kernel32

WaitForMultipleObjects
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryW
FreeLibrary
ResumeThread
Sleep
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
CreateMutexW
GetLastError
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
ResetEvent
SetEvent
CreateEventW
InterlockedExchangeAdd
MapViewOfFile
UnmapViewOfFile
OpenFileMappingW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
strlen
_beginthreadex
_CxxThrowException
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
memset
memcpy
wcslen
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
memmove_s
??3@YAXPAX@Z
memcpy_s

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HaoZipShell.dll
.dll windows:4 windows x86 arch:x86

eec0baa5786b5d3de6752040b265b543

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

12:1d:f2:f4:3c:4f:1a:a1:68:e0:04:30:bb:92:30:d3:ac:77:46:6f
Signer

Actual PE Digest

12:1d:f2:f4:3c:4f:1a:a1:68:e0:04:30:bb:92:30:d3:ac:77:46:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipShell.pdb

Imports

kernel32

lstrlenW
ReadFile
CreateFileW
SetFilePointer
GetFileAttributesW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
RemoveDirectoryW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FindFirstFileW
FindClose
FindNextFileW
LoadLibraryExW
GetModuleFileNameW
GetFullPathNameW
GetTempFileNameW
GetLastError
GetCurrentDirectoryW
GetFileSize
FindResourceW
ReleaseMutex
CreateMutexW
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcess
GetVersionExW
GetModuleHandleW
OpenProcess
GetProcAddress
FreeLibrary
LoadLibraryW
CloseHandle

user32

LoadStringW
wsprintfW

advapi32

RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegOpenCurrentUser
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHChangeNotify
SHFileOperationW
SHGetSpecialFolderLocation
ShellExecuteExW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

msvcr80

_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
memset
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
memcpy_s
memmove_s
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
wcslen
??3@YAXPAX@Z
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_stricmp
_splitpath_s
??_V@YAXPAX@Z
realloc
malloc
wcschr
towlower
towupper
_vsnwprintf_s
_errno
memcpy
_CxxThrowException
__CxxFrameHandler3

shlwapi

SHDeleteKeyW

Exports

Exports

CheckUpdate
Initialize
Install
Install02
Register
SetResFileName
Uninstall
Update
UpdateIcons
UpdateLang
Upgrade

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUI.dll
.dll windows:4 windows x86 arch:x86

f010beace0e0666486863ff88f4651e2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:da:26:1d:2e:de:4a:8b:0f:d9:54:fd:34:d8:09:ff:88:c3:12:87
Signer

Actual PE Digest

16:da:26:1d:2e:de:4a:8b:0f:d9:54:fd:34:d8:09:ff:88:c3:12:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\DirectUI\DirectUI\SVNServer\build_temp\Win32\release_unicode\HaoZipUI\HaoZipUI.pdb

Imports

kernel32

GetVersionExA
GetThreadLocale
InterlockedCompareExchange
GetACP
InterlockedExchange
HeapFree
GetProcessHeap
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLocalTime
FileTimeToSystemTime
GetFileInformationByHandle
GetFileSize
EnterCriticalSection
FileTimeToDosDateTime
SystemTimeToFileTime
GetFileType
SetFilePointer
ReadFile
LockResource
FreeResource
CopyFileW
DeleteFileW
SetProcessWorkingSetSize
GetCurrentProcess
CreateEventW
GetTickCount
WideCharToMultiByte
lstrlenA
GetTempPathW
GetCurrentDirectoryW
UnmapViewOfFile
RaiseException
GetLastError
MultiByteToWideChar
DisableThreadLibraryCalls
lstrcmpiW
SizeofResource
LoadLibraryExW
LoadResource
GetModuleHandleW
FindResourceW
InterlockedIncrement
GetVersionExW
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
FreeLibrary
IsBadReadPtr
LoadLibraryW
CreateFileW
CloseHandle
GlobalLock
WriteFile
GlobalAlloc
GlobalFree
GlobalUnlock
InterlockedDecrement
lstrlenW
GetModuleFileNameW
LeaveCriticalSection
GetLocaleInfoA

user32

UnregisterClassA
UpdateWindow
EnableWindow
CopyRect
LoadCursorW
SetCursor
MessageBoxW
GetCapture
CloseWindow
SetWindowTextW
RedrawWindow
SetWindowPos
GetWindowTextW
KillTimer
GetParent
MoveWindow
SetTimer
GetDlgCtrlID
GetActiveWindow
ReleaseDC
GetDlgItem
SetParent
SendMessageW
SetActiveWindow
IsWindowEnabled
BringWindowToTop
LockWindowUpdate
CharNextW
GetWindow
SetWindowLongW
ShowWindow
DestroyWindow
IsWindowVisible
GetWindowRect
GetWindowTextLengthW
GetClientRect
InvalidateRect
IsZoomed
CreateWindowExW
SetCapture
GetWindowLongW
GetDC
DrawIconEx
AppendMenuW
GetIconInfo
PostMessageW
IsWindow
RemovePropW
SetPropW
SetRectEmpty
EndPaint
GetDesktopWindow
GetClassNameW
GetPropW
IsRectEmpty
GetSystemMenu
SetWindowRgn
OffsetRect
GetCursorPos
EqualRect
GetSystemMetrics
ScreenToClient
DefWindowProcW
BeginDeferWindowPos
MonitorFromWindow
GetTopWindow
DestroyCursor
UpdateLayeredWindow
GetMonitorInfoW
ReleaseCapture
PtInRect
SystemParametersInfoW
BeginPaint
ClientToScreen
EndDeferWindowPos
InflateRect
IntersectRect
EnableMenuItem
GetKeyState
GetSysColor
UnionRect
DrawTextW
GetMenuItemCount
SetRect
ModifyMenuW
IsMenu
DeleteMenu
GetMenuItemInfoW
GetClassLongW
InsertMenuW
GetMenuItemID
CreatePopupMenu
DestroyMenu
LoadImageW
CallNextHookEx
SetWindowsHookExW
TrackPopupMenuEx
MonitorFromPoint
UnhookWindowsHookEx
RemoveMenu
GetForegroundWindow
LoadMenuW
DeferWindowPos
GetMessagePos
GetWindowDC
IsIconic
GetDoubleClickTime
TrackPopupMenu
DestroyIcon
GetFocus
GetAsyncKeyState
CallWindowProcW
GetSubMenu
GetMenuStringW
SetFocus

gdi32

PtInRegion
GetClipBox
CreateRectRgn
CreatePatternBrush
CreateRectRgnIndirect
SetRectRgn
OffsetRgn
CreateCompatibleDC
SelectClipRgn
SetViewportOrgEx
ExtCreateRegion
LineTo
SetBkMode
GetRegionData
SetTextColor
PolyDraw
MoveToEx
GetWindowOrgEx
CreatePen
WidenPath
CreateCompatibleBitmap
BeginPath
GetPath
CreateFontIndirectW
FillPath
CreateSolidBrush
EndPath
CreateICW
SetBkColor
ExtTextOutW
SetDIBits
CreateDIBSection
SetWindowOrgEx
CombineRgn
PatBlt
CreateBitmap
DeleteObject
GetDeviceCaps
SelectObject
CreateDCW
RealizePalette
SelectPalette
BitBlt
GetObjectW
DeleteDC
GetStockObject
PolyBezierTo
GetCurrentObject
GetDIBits

advapi32

RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegQueryInfoKeyW

shell32

ShellExecuteW

ole32

CoCreateGuid
CoFreeUnusedLibraries
CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CLSIDFromString

oleaut32

SafeArrayGetUBound
VarUI4FromStr
VariantCopy
SysStringByteLen
SysAllocStringLen
VarBstrCat
SysAllocStringByteLen
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayDestroy
SafeArrayGetLBound
SysAllocString
SafeArrayCreate
OleTranslateColor
SysFreeString
VariantInit
VariantClear
SysStringLen
LoadTypeLi
LoadRegTypeLi
VariantChangeType

comctl32

ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_GetIcon
_TrackMouseEvent
ImageList_Destroy

msimg32

AlphaBlend

gdiplus

GdipCloneBitmapAreaI
GdipFillPieI
GdipCreateTexture
GdipCreateHICONFromBitmap
GdipDrawImageI
GdipCreateStringFormat
GdipSetStringFormatHotkeyPrefix
GdipGetImageHeight
GdipGetStringFormatFlags
GdipGetImageGraphicsContext
GdipSetCompositingQuality
GdipCreateBitmapFromStream
GdipSetStringFormatFlags
GdipCreateFontFromLogfontW
GdipCreateHBITMAPFromBitmap
GdipSetStringFormatLineAlign
GdipCreateBitmapFromScan0
GdipSetSmoothingMode
GdipMeasureString
GdipBitmapUnlockBits
GdipDeleteFont
GdipBitmapLockBits
GdipDrawString
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipCreateBitmapFromFile
GdipSetTextRenderingHint
GdipGetImageWidth
GdipSetInterpolationMode
GdipSetStringFormatTrimming
GdipCreateLineBrushFromRectWithAngleI
GdipCreateBitmapFromHICON
GdipDrawImageRectI
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipCreateSolidFill
GdipFillRectangleI
GdipCloneBrush
GdipAlloc
GdipFree
GdipCreateFromHDC
GdipDeleteBrush

msvcr80

strcpy_s
fread
strcat_s
_wfopen_s
fwrite
ftell
wcscpy_s
strncpy_s
wcscat_s
wcsncpy_s
malloc
_resetstkoflw
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
calloc
memcpy_s
_recalloc
_invalid_parameter_noinfo
memmove_s
_purecall
free
??2@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
_stricmp
vsprintf_s
fseek
swprintf_s
strstr
_waccess
_wcsicmp
__RTDynamicCast
vswprintf_s
_wtoi
atoi
wcstoul
wcschr
_mktime64
_tzset
_wcsnicmp
toupper
strchr
sprintf_s
atof
memset
__CxxFrameHandler3
_CxxThrowException
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
fclose
floor
memcpy

rpcrt4

UuidFromStringW

Exports

Exports

CloseSkin
OpenSkin

Sections

.text
Size: 638KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HaoZipUpdate.exe
.exe windows:4 windows x86 arch:x86

b43bf7d8e6bd94cd2265ea8bbd134ef7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:eb:53:1a:0b:86:9e:f3:e5:8f:1c:16:20:66:17:f2:8c:34:d0:e6
Signer

Actual PE Digest

7f:eb:53:1a:0b:86:9e:f3:e5:8f:1c:16:20:66:17:f2:8c:34:d0:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\pdb\HaoZipUpdate.pdb

Imports

kernel32

FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleFileNameW
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Microsoft.VC80.CRT.manifest
RarNew.data
.rar
TarNew.data
UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
lstrlenW
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/un.option.ini
ZipNew.data
lang/HaoZipLang_chs.dll
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

17/11/2006, 00:00

Not After

30/12/2020, 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

16/05/2011, 00:00

Not After

15/05/2012, 23:59

Subject

CN=上海瑞创网络科技股份有限公司,O=上海瑞创网络科技股份有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9c:65:80:e4:a7:d1:21:50:be:d8:5b:ce:89:ea:3c:72:82:75:ef:18
Signer

Actual PE Digest

9c:65:80:e4:a7:d1:21:50:be:d8:5b:ce:89:ea:3c:72:82:75:ef:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\haozip2.4\build\rczip\bin\win32\release\lang\pdb\HaoZipLang_chs.pdb

Sections

.rdata
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sfx/HaoZip7zCon.sfx
.exe windows:4 windows x86 arch:x86

5e5afa6c48ba9ff1f2fc6c8131512e31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\Win32\release\pdb\HaoZip7zCon.pdb

Imports

kernel32

GetCommandLineW
SetFileApisToOEM
FindFirstFileW
FindClose
WideCharToMultiByte
GetACP
MultiByteToWideChar
InterlockedExchangeAdd
GetVersionExW
GetModuleHandleW
FindResourceW
GetLastError
FreeLibrary
LoadLibraryW
GetProcAddress
CreateThread
ExitThread
ResetEvent
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
SetConsoleCtrlHandler
GetCPInfo
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
LoadLibraryA
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
FormatMessageW
LocalFree
GetFileAttributesW
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseMutex
CreateMutexW
WaitForSingleObject
SetFileAttributesW
CreateDirectoryW
DeleteFileW
CreateFileW
SetFileTime
lstrlenW
GetFullPathNameW
MoveFileW
GetFileSize
SetEndOfFile
WaitForMultipleObjects
CreateEventW
SetEvent
ResumeThread

user32

LoadStringW

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sfx/HaoZip7zSetup.sfx
.exe windows:4 windows x86 arch:x86

76ff84ab9bc3205bf672693e1378c426

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\haozip2.4\build\rczip\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHBrowseForFolderW

kernel32

SetCurrentDirectoryW
CreateProcessW
CloseHandle
GetCurrentDirectoryW
LocalFree
SetFileApisToOEM
GetCurrentThread
SetThreadPriority
GetLastError
SetPriorityClass
GetEnvironmentVariableW
GetCurrentProcess
GetCommandLineW
GetFileAttributesW
FormatMessageW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
InterlockedExchangeAdd
FindFirstFileW
FindClose
FindNextFileW
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
CreateFileW
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
GetFileSize
ReadFile
GetCurrentThreadId
ResumeThread
Sleep
GetACP
MultiByteToWideChar
WideCharToMultiByte
MoveFileW
lstrlenW
GetTempPathW
GetWindowsDirectoryW
GetFullPathNameW
GetTempFileNameW
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
FindResourceW
FileTimeToSystemTime
ExpandEnvironmentStringsW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
HeapReAlloc
VirtualAlloc
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetModuleFileNameW
GetLongPathNameW
WaitForMultipleObjects
CreateEventW
SetEvent
ResetEvent
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError

user32

GetActiveWindow
LoadStringW
GetDesktopWindow
GetMessageW
IsDialogMessageW
CreateDialogParamW
PostQuitMessage
DispatchMessageW
EnableWindow
LoadIconW
TranslateMessage
SetTimer
KillTimer
DestroyIcon
IsWindow
SendMessageW
MessageBoxW
ShowWindow
PostMessageW
DialogBoxParamW
GetSystemMetrics
GetWindowRect
SetWindowPos
EndDialog
GetWindowTextW
SetWindowTextW
GetDlgItem
IsWindowVisible
ScreenToClient

gdi32

DeleteObject
CreateSolidBrush

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW
RegSetValueExW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitializeEx

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
skins/HaoZip.dui
.zip
objects.xml
.xml
skins/HaoZip.skn
.zip
21.png
Actual size.png
Add_large.png
Add_large_Mouseover.png
Add_small.png
Add_small_Mouseover.png
Adressbar_list.png
Appropriate size.png
Back2.png
Back_Btn.png
Back_Btn2.png
Bottom_Bg.png
Button.png
Caption_Btn.png
.png
Clockwise.png
Close.png
Counterclockwise.png
Delete.png
Detailpane_bg.png
Download_Bg.png
Enlarge.png
Forward2.png
Forward_Btn.png
Forward_Btn2.png
Hand.png
HaoPicIconForm.png
HaoPicInfoForm.CloseBtn.png
HaoPicInfoForm.png
HaoZip.skn
Left_Border.png
Left_Border_photoview.png
Menubar_Btn_Hot.png
Menubar_Btn_Press.png
Narrow.png
Open.png
PageBtn.png
Play_Btn.png
ProgressBar.png
RCHaoClients.png
RCHaoClients2.png
RCHaoFileTreeView.png
RCHaoNavigateBar.BackBtn.png
RCHaoNavigateBar.ForwardBtn.png
Right_Border.png
Right_Border_photoview.png
Sidebar_Infopane_Btn
Sidebar_Infopane_Btn1.png
Sidebar_Infopane_Btn2.png
Skin_Close_Btn.png
Skin_Download_Btn.png
Skin_Preview_Highlight_Large.png
Skin_Preview_Highlight_Small.png
Skin_Recommend_Preview.png
Skin_preview_large.png
Skin_preview_small.png
Skin_recommend_bg.png
Skinpanel_Bg.png
.png
Stop.png
Stop_Btn.png
View_D (2).png
View_H (2).png
View_L (2).png
View_M (2).png
View_N (2).png
View_Right.png
adressbar.png
bg.png
border.png
checkbox.png
close_sidebar.png
convert.png
copy.png
edit.png
folder-bg.png
foot.png
foot3.png
haozip_skin_config.txt
haozip_skin_description.txt
haozip_skin_preview.png
.png
haozip_skin_preview_bg.png
.png
head.png
hide.png
hide2.png
info-bg.png
info_icon.png
installed.png
list-btn.png
main_splitter.png
menubar.png
objects.xml
.xml
open_bg.png
page_btn.png
play.png
print.png
prop.xml
scan_bg.png
scan_close_hot.png
scan_close_normal.png
scan_inf.png
.png
scan_pass.png
.png
scan_running.png
sep.png
shareres.xml
.xml
show.png
show2.png
size-contrl.png
skin_btn.png
slide 2.png
splitter1.png
splitter2.png
thumb.png
toolbar-small.png
toolbar.png
toolicon_Bg.png
up.png
skins/HaoZip.xml
.xml
好压免责声明.txt
好压更新日志.txt

Sharing

General

Malware Config

Signatures

Files

b729b61eb1515fcf7b3e511e4e66258b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 1.5MB

.rsrc Size: 18KB - Virtual size: 17KB

f6e384a477f8efc14029bba8fca9bd0f

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 176B

.reloc Size: 5KB - Virtual size: 4KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

6c41c5e4d44f55745b925cc4e42b7fab

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 899B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 574B

e1e86448340e57208e6fd9ec5c3e9bad

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 1.5MB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 176B

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 899B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 574B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

e1:29:78:43:e0:fb:3d:d1:95:e0:78:77:f5:d3:e1:be:e2:f9:38:db
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 412KB - Virtual size: 411KB

.data
Size: 57KB - Virtual size: 73KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 157KB - Virtual size: 156KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

33:65:50:08:79:ad:73:e2:30:b9:e0:1d:0d:7f:ac:91
Certificate

74:63:f5:d8:a2:57:12:84:72:01:be:f3:4d:27:08:f4
Certificate

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

63:3e:72:9c:ec:12:bc:44:02:14:45:3c:a6:71:07:88:6a:80:c6:e8
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 625KB - Virtual size: 625KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate