26d77ea501f12e823c56860d69b70531_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26d77ea501f12e823c56860d69b70531_JaffaCakes118
Size

10.7MB
MD5

26d77ea501f12e823c56860d69b70531
SHA1

6a4f8f062c96979ceeafe4f738c98ec8348c1a54
SHA256

675b8b751755c24a8ef69bf8a73e8c1662acc5dc304dca6482014917b0ff4da9
SHA512

be0037621498112f4a4a4405fe4ab19e109dbe1849be16c6f9ab75b5739c009f61f6de3b98b5be5d6a8745f9784db94599a6a9bd43078aa1415f239d3b5f07c6
SSDEEP

196608:HLNUbxt047XRJPxW4788tog6LTLHIeyZCqECie3z2r3NGeG+/le94hWdrG9OQ9U/:rOt9JPxW47Pto1vrIeG5ENeD2DNGepeH

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/Kernel/TvKoo/KooPlayer.ocx	acprotect
static1/unpack002/Kernel/uusee/updateC2.ocx	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/Kernel/TvKoo/KooPlayer.ocx	upx
static1/unpack002/Kernel/uusee/updateC2.ocx	upx

Unsigned PE 55 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9ptv_V1_Setup.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/9ptv.exe
unpack002/Kernel/PPStream/PSNetwork.dll
unpack002/Kernel/PPStream/PowerList.ocx
unpack002/Kernel/PPStream/PowerPlayer.dll
unpack002/Kernel/PPStream/pp2play.dll
unpack002/Kernel/PPStream/vodnet.dll
unpack002/Kernel/PPStream/vodres.dll
unpack002/Kernel/QQLive/P2PPlayer.dll
unpack002/Kernel/QQLive/QQLive.dll
unpack002/Kernel/QQLive/QQLive.ocx
unpack002/Kernel/QQLive/QQLiveSrcDec.dll
unpack002/Kernel/QQLive/TNProxy.dll
unpack002/Kernel/QQLive/TRadio.ocx
unpack002/Kernel/QQLive/TVChannel.dll
unpack002/Kernel/QQLive/VCodec.dll
unpack002/Kernel/feidian/MMCShell.dll
unpack002/Kernel/itv/pCastCtl.dll
unpack004/$PLUGINSDIR/System.dll
unpack004/$PLUGINSDIR/cmpver.dll
unpack002/Kernel/ppmate/ppmate-2.3.1.62.exe
unpack005/$PLUGINSDIR/InstallOptions.dll
unpack005/$PLUGINSDIR/LangDLL.dll
unpack005/$PLUGINSDIR/System.dll
unpack005/PSNetwork.dll
unpack005/PowerPlayer.dll
unpack005/RecordPlan.exe
unpack005/Recorder.dll
unpack005/SopCore.ocx
unpack005/TVUAx.dll
unpack005/dllcheck.exe
unpack005/libeay32.dll
unpack005/libexpatw.dll
unpack005/msvcp71.dll
unpack005/msvcr71.dll
unpack005/neo.exe
unpack005/plugin/CheckOS.dll
unpack005/ppamnet.exe
unpack005/sopcastsession.dll
unpack005/ssleay32.dll
unpack005/tvuplayersession.dll
unpack005/uninst.exe
unpack006/$PLUGINSDIR/LangDLL.dll
unpack002/Kernel/sopcast/SopCore.ocx
unpack002/Kernel/tvants/TvantsX.ocx
unpack002/Kernel/tvants/riched20.dll
unpack002/Kernel/tvu/libeay32.dll
unpack002/Kernel/tvu/libexpatw.dll
unpack002/Kernel/tvu/msvcp71.dll
unpack002/Kernel/tvu/msvcr71.dll
unpack002/Kernel/tvu/ssleay32.dll
unpack002/Kernel/uusee/updateC2.ocx
unpack007/out.upx
unpack002/uninst.exe

NSIS installer 5 IoCs

installer

resource	yara_rule
static1/unpack001/9ptv_V1_Setup.exe	nsis_installer_1
static1/unpack002/Kernel/pplive/synalivesetup_1.8.7_ie.exe	nsis_installer_1
static1/unpack002/Kernel/ppmate/ppmate-2.3.1.62.exe	nsis_installer_1
static1/unpack005/uninst.exe	nsis_installer_1
static1/unpack002/uninst.exe	nsis_installer_1

Files

26d77ea501f12e823c56860d69b70531_JaffaCakes118
.rar
9ptv_V1_Setup.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
9ptv.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 621KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Kernel/PPStream/PSNetwork.dll
.dll windows:4 windows x86 arch:x86

a3344bd04f51a952af24e10e4b973774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1669
ord2642
ord5572
ord2915
ord4277
ord4278
ord2763
ord1228
ord6283
ord3721
ord3619
ord809
ord795
ord2614
ord556
ord3663
ord3626
ord2414
ord4275
ord5875
ord2864
ord1088
ord2122
ord1641
ord3797
ord6358
ord6197
ord2859
ord6880
ord926
ord2860
ord6663
ord4774
ord4402
ord3640
ord693
ord4243
ord3301
ord3910
ord6605
ord2754
ord6696
ord3293
ord6282
ord538
ord6569
ord1085
ord5601
ord802
ord542
ord922
ord6905
ord6007
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord2546
ord291
ord4129
ord5683
ord5710
ord5681
ord6874
ord539
ord1175
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord2725
ord771
ord2528
ord1008
ord497
ord1948
ord5303
ord4699
ord5715
ord817
ord565
ord2726
ord4226
ord6215
ord2086
ord5450
ord6394
ord5440
ord6383
ord283
ord5678
ord5789
ord5787
ord5873
ord6172
ord5736
ord3573
ord3089
ord4224
ord2652
ord6334
ord3874
ord3092
ord858
ord1768
ord5280
ord470
ord755
ord4234
ord2301
ord324
ord567
ord6467
ord1168
ord1146
ord641
ord656
ord3610
ord4424
ord3402
ord4837
ord5290
ord1776
ord6055
ord3597
ord4853
ord4376
ord6199
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord2370
ord4202
ord6877
ord4171
ord6311
ord2764
ord3097
ord6453
ord3998
ord6907
ord939
ord5953
ord2379
ord4710
ord3996
ord4258
ord2302
ord489
ord768
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4835
ord3798
ord5287
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4854
ord4377
ord5265
ord4358
ord4948
ord4976
ord4742
ord4905
ord5160
ord5162
ord5161
ord1907
ord940
ord356
ord535
ord941
ord2770
ord2781
ord4058
ord3181
ord3178
ord3310
ord668
ord2818
ord540
ord3811
ord2820
ord537
ord800
ord860
ord823
ord2824
ord825

msvcrt

_mbschr
_mbsncmp
_mbclen
_mbsstr
_mbsnbcmp
_mbccpy
strncpy
atof
_stricmp
_strcmpi
_vsnprintf
_except_handler3
fopen
fwrite
fflush
fclose
_mbsicmp
sscanf
_mbsrchr
??8type_info@@QBEHABV0@@Z
_CxxThrowException
_ftol
toupper
vsprintf
strcpy
exit
_endthreadex
_beginthreadex
strstr
_mbscmp
memset
memcmp
memcpy
atoi
sprintf
strlen
time
srand
rand
__CxxFrameHandler
_purecall
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
_strnicmp

kernel32

GetVersionExA
DeviceIoControl
lstrcmpA
LockFile
WriteFile
UnlockFile
ReadFile
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
GetFileAttributesA
GlobalFree
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
LocalAlloc
lstrcpyA
ResetEvent
SetEvent
WaitForSingleObject
InterlockedIncrement
CreateFileA
CloseHandle
WideCharToMultiByte
CreateEventA
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GetLastError
InterlockedExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetPrivateProfileIntA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetCurrentThreadId
SetUnhandledExceptionFilter
VirtualQuery
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
IsBadReadPtr
MultiByteToWideChar
InterlockedDecrement
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
CreateProcessA
LoadLibraryExA
GetProcAddress
lstrcpynA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemInfo
GlobalMemoryStatus
GetModuleHandleA
OpenFile
GetACP
CopyFileA
lstrcmpiA
SetFileTime
SystemTimeToFileTime
GetSystemTime
QueryPerformanceCounter
GetExitCodeThread
lstrlenW
QueryPerformanceFrequency

user32

SendMessageA
SetTimer
EnableWindow
GetWindowLongA
SetWindowLongA
GetMessagePos
RegisterWindowMessageA
FillRect
MessageBeep
PostThreadMessageA
GetMenuItemCount
GetMenuItemID
LoadMenuA
GetSubMenu
PostMessageA
SetWindowPos
GetCursorPos
ScreenToClient
UpdateWindow
SendDlgItemMessageA
SetDlgItemTextA
ShowWindow
SetForegroundWindow
LoadCursorA
CopyIcon
GetWindowRect
GetDC
ReleaseDC
InflateRect
InvalidateRect
IsWindow
SetCursor
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
DestroyCursor
GetSysColor
wsprintfA
GetParent
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconA
IsIconic
KillTimer
IsWindowVisible
MessageBoxA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

gdi32

GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
GetUserNameA

shell32

SHGetSpecialFolderPathA
ExtractIconA
ShellExecuteA

ole32

StringFromCLSID
CoCreateGuid
CoTaskMemFree

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
?_Xran@std@@YAXXZ

ws2_32

gethostbyname
inet_addr
recv
send
sendto
setsockopt
recvfrom
WSAStartup
gethostname
getpeername
ntohs
shutdown
WSACreateEvent
WSAEventSelect
WSACloseEvent
WSASocketA
connect
socket
htons
bind
getsockname
WSACleanup
listen
WSASetEvent
WSAWaitForMultipleEvents
WSAGetLastError
WSASetLastError
WSARecv
WSAResetEvent
accept
closesocket
WSASend
inet_ntoa
WSAEnumNetworkEvents

wininet

InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetSetCookieA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

??0CPSNetwork@@QAE@ABV0@@Z
??0CPSNetwork@@QAE@XZ
??1CPSNetwork@@UAE@XZ
??4CPSNetwork@@QAEAAV0@ABV0@@Z
??_7CPSNetwork@@6B@
?Connect@CPSNetwork@@QAEHXZ
?Disconnect@CPSNetwork@@QAEXXZ
?GetCacheTime@CPSNetwork@@QAEHXZ
?GetChannelName@CPSNetwork@@QAEPBDXZ
?GetChannelOnlineCount@CPSNetwork@@QAEKXZ
?GetComment@CPSNetwork@@QAEPBDH@Z
?GetHttpURL@CPSNetwork@@QAEPBDH@Z
?GetMsg@CPSNetwork@@QAEHAAKPAD@Z
?GetPercent@CPSNetwork@@QAEHAAK0@Z
?GetStatus@CPSNetwork@@QAE?AW4PLAY_STATUS@@XZ
?GetStreamingType@CPSNetwork@@QAE?AW4STREAMING_TYPE@@XZ
?Save@CPSNetwork@@QAEHPBD@Z
?SetLogLevel@CPSNetwork@@QAEHH@Z
?SetParam@CPSNetwork@@QAEXPBD0@Z
?ShowPropertyDlg@CPSNetwork@@QAEXH@Z
FIO_Create

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/PPStream/PowerList.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

e4197e66afe241c7aa26e2bdac468c14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord640
ord5785
ord1640
ord323
ord6907
ord4224
ord665
ord1979
ord5442
ord3318
ord5186
ord354
ord939
ord6467
ord668
ord1980
ord3181
ord2781
ord2770
ord356
ord6905
ord2763
ord5450
ord6394
ord5440
ord6383
ord5572
ord2915
ord4407
ord3742
ord818
ord1270
ord1232
ord4275
ord2152
ord755
ord470
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3571
ord6194
ord1641
ord3706
ord3573
ord6197
ord6379
ord1844
ord4400
ord682
ord3089
ord2393
ord2862
ord1265
ord6909
ord6720
ord3797
ord6199
ord2614
ord4160
ord3402
ord3619
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord3874
ord6358
ord703
ord404
ord603
ord273
ord275
ord816
ord3908
ord562
ord940
ord923
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord4622
ord3670
ord561
ord1134
ord3952
ord1205
ord2724
ord6354
ord1216
ord1227
ord1877
ord4249
ord2486
ord2687
ord4006
ord2727
ord2730
ord2729
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord1226
ord1210
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord3640
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2876
ord2998
ord6320
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord4534
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord3946
ord423
ord5314
ord5333
ord2541
ord4949
ord801
ord3996
ord5861
ord541
ord4202
ord2100
ord4459
ord4299
ord5033
ord4502
ord6030
ord6385
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord5265
ord4376
ord4853
ord4998
ord4713
ord2514
ord6052
ord1775
ord6371
ord5286
ord4438
ord3279
ord4625
ord4425
ord449
ord746
ord2278
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord3699
ord489
ord2370
ord2302
ord4234
ord4710
ord924
ord1132
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord6453
ord768
ord860
ord941
ord497
ord1008
ord2528
ord771
ord1146
ord1644
ord2863
ord2864
ord3815
ord5981
ord2795
ord6270
ord2438
ord3654
ord2584
ord4220
ord2859
ord5875
ord2754
ord472
ord5788
ord4297
ord4133
ord2414
ord2567
ord6605
ord6880
ord3301
ord3663
ord3626
ord2860
ord1168
ord1669
ord3754
ord2652
ord2379
ord6696
ord6242
ord289
ord5789
ord613
ord3910
ord3286
ord3293
ord2380
ord2818
ord540
ord2817
ord6877
ord800
ord537
ord2764
ord4129
ord858
ord6648
ord6282
ord535
ord6283
ord4243
ord567
ord5649
ord693
ord5241
ord4402
ord1776
ord4078
ord6055
ord3370
ord5277
ord5261
ord2582
ord825
ord4639
ord823
ord1131

msvcrt

abs
strncpy
strcpy
_mbscmp
atol
exit
_endthreadex
_beginthreadex
memset
atoi
sprintf
time
strlen
__CxxFrameHandler
_stricmp
memcpy
_access
strcat
_ftol
strstr
free
malloc
_purecall
strcmp
rand
srand
fclose
fflush
fwrite
fopen
atof
_mbsicmp
memmove
toupper
wcsncpy
strchr
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
fseek
ftell
fread
strtoul
wcslen
_mbsstr

kernel32

GlobalFree
GetSystemTime
CreateProcessA
GetWindowsDirectoryA
FindResourceA
LoadResource
SizeofResource
LockResource
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetModuleFileNameA
Sleep
CreateDirectoryA
lstrcatA
GetACP
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileA
lstrcmpiA
LoadLibraryA
GetProcAddress
FreeLibrary
LocalFree
LocalAlloc
lstrcpyA
SetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetExitCodeThread
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
MulDiv

user32

CopyImage
IsWindow
IsRectEmpty
SetRect
SendMessageA
SetWindowPos
GetCursorPos
PostMessageA
ScreenToClient
CharLowerA
ShowWindow
SetForegroundWindow
CopyRect
ReleaseDC
GetDC
PtInRect
GetWindowLongA
SetWindowLongA
MessageBoxA
CopyIcon
RedrawWindow
DestroyCursor
GetSysColor
GetMenuItemInfoA
GetMenuStringW
GetMenuItemID
ModifyMenuA
SetPropA
SetCapture
GetCapture
ReleaseCapture
GetClipCursor
ClipCursor
SetCursor
GrayStringA
ClientToScreen
DrawTextA
TabbedTextOutA
InvertRect
SetRectEmpty
FillRect
SetWindowRgn
GetClientRect
InflateRect
GetClassInfoA
DefWindowProcA
LoadCursorA
IsWindowVisible
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetWindowRect
CheckMenuItem
GetMenuItemCount
GetPropA
GetParent
EnableMenuItem
DeleteMenu
GetSubMenu
LoadMenuA
SendMessageTimeoutA
GetSystemMetrics
SetTimer
KillTimer
InvalidateRect
EnableWindow

gdi32

GetDeviceCaps
CreateFontIndirectA
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePolygonRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
GetCurrentObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SelectObject
GetTextColor
GetTextExtentPoint32A
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegSetValueA
RegOpenKeyExA
RegQueryValueA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCreateKeyA
RegOpenKeyA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc

comctl32

_TrackMouseEvent
ImageList_GetImageInfo

ole32

CoCreateInstance
CreateStreamOnHGlobal

olepro32

ord251

oleaut32

LoadRegTypeLi

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Xran@std@@YAXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

socket
bind
closesocket
getsockname
htons
sendto
recvfrom
ntohs
inet_addr
gethostbyname
WSAStartup
WSACleanup
inet_ntoa

rasapi32

RasGetConnectStatusA
RasEnumConnectionsA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/PPStream/PowerPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

06e01a42c4bf4f2c9424ffc3ef36f001

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2393
ord1567
ord268
ord4160
ord3619
ord809
ord556
ord1088
ord2122
ord3797
ord6358
ord941
ord1200
ord926
ord2860
ord6385
ord6930
ord5450
ord6394
ord5440
ord6383
ord6379
ord772
ord6142
ord500
ord5860
ord3986
ord5606
ord939
ord4284
ord5873
ord5834
ord2841
ord2448
ord2044
ord2107
ord6467
ord5861
ord6883
ord6648
ord4278
ord6663
ord703
ord404
ord603
ord273
ord275
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3571
ord640
ord5785
ord1640
ord323
ord816
ord3908
ord562
ord1233
ord5575
ord6194
ord6378
ord3815
ord5981
ord6442
ord4204
ord6928
ord2652
ord4224
ord1669
ord2795
ord5710
ord3716
ord790
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord4622
ord3670
ord561
ord1134
ord3952
ord1205
ord2724
ord6354
ord1216
ord1227
ord6010
ord4202
ord1877
ord4249
ord2486
ord2687
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord4006
ord2727
ord2730
ord2729
ord1226
ord1210
ord5572
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2915
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord4534
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord3946
ord423
ord5332
ord5328
ord5331
ord5314
ord5333
ord2541
ord4949
ord2998
ord4459
ord5033
ord4502
ord6030
ord6876
ord2956
ord1601
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord4713
ord6371
ord5286
ord4438
ord3279
ord4625
ord449
ord746
ord2278
ord6311
ord4171
ord2753
ord3546
ord4317
ord2243
ord5788
ord472
ord5787
ord6646
ord6334
ord2450
ord4133
ord4297
ord3005
ord4033
ord433
ord1132
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1979
ord665
ord924
ord922
ord1641
ord641
ord795
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord3092
ord2575
ord2078
ord6111
ord289
ord613
ord539
ord6143
ord4476
ord2764
ord6199
ord6605
ord4287
ord2688
ord801
ord541
ord283
ord3742
ord2086
ord4299
ord6880
ord2614
ord6778
ord6453
ord1168
ord2567
ord3874
ord2380
ord4275
ord609
ord3574
ord4396
ord4023
ord6282
ord6283
ord5683
ord4277
ord4129
ord5875
ord5789
ord2754
ord6172
ord2859
ord5768
ord2864
ord4034
ord535
ord1949
ord818
ord2135
ord823
ord1146
ord1644
ord2863
ord6270
ord2379
ord2438
ord3654
ord2584
ord4220
ord470
ord755
ord4710
ord6215
ord2642
ord6380
ord6197
ord4234
ord2302
ord2370
ord2414
ord3663
ord3626
ord825
ord324
ord567
ord540
ord860
ord858
ord800
ord537
ord6877
ord2818
ord354
ord5186
ord3318
ord2919
ord2876
ord5442
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord3573
ord3721
ord4424
ord3402
ord5290
ord1776
ord2439
ord6055
ord1131

msvcrt

strstr
_mbsicmp
abs
fopen
fwrite
fflush
fclose
sprintf
time
strcmp
memset
atoi
strlen
_ftol
_stricmp
__CxxFrameHandler
_mbsstr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_beginthreadex
_endthreadex
exit
memcpy
strcpy
_access
toupper
memcmp
wcsncpy
pow
atol
strcat
strchr
_mbsrchr
strncpy
strncmp
memmove
_mbscmp
strrchr
wcstol
wcscmp
wcslen
rand
srand
strtoul
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ

kernel32

CopyFileA
OpenFile
GetCurrentProcess
GetCurrentProcessId
GetSystemTime
OpenProcess
GetExitCodeProcess
TerminateProcess
WinExec
lstrcpynA
GetProcAddress
CreateDirectoryA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
MulDiv
GlobalFree
CreateEventA
FindResourceA
LoadResource
SizeofResource
LockResource
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetVersionExA
DeviceIoControl
InterlockedDecrement
GetLastError
CreateFileA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
LocalFree
LocalAlloc
ResetEvent
SetEvent
WaitForSingleObject
EnterCriticalSection
GetExitCodeThread
DeleteCriticalSection
InitializeCriticalSection
CreateProcessA
CloseHandle
lstrcpyA
GetPrivateProfileStringA
GetTickCount
Sleep
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenA
lstrcatA
lstrlenW

user32

InsertMenuItemA
GetMenuState
MessageBoxA
GetMenuStringA
RegisterClassA
DefWindowProcA
GetClassInfoA
CharLowerA
mouse_event
DispatchMessageA
InvalidateRect
IsWindow
GetDC
GetMessageA
ReleaseDC
PostThreadMessageA
GetCapture
CreatePopupMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
DeleteMenu
InsertMenuA
GetPropA
RemoveMenu
GetDesktopWindow
SetRectEmpty
SetParent
MonitorFromWindow
GetMonitorInfoA
ShowCursor
GrayStringA
TabbedTextOutA
wsprintfA
ShowWindow
SetForegroundWindow
LoadCursorA
CopyIcon
SetWindowLongA
ReleaseCapture
RedrawWindow
DestroyCursor
GetMenuItemCount
GetMenuItemInfoA
GetMenuStringW
GetMenuItemID
ModifyMenuA
IsWindowVisible
UpdateWindow
CopyRect
GetSystemMetrics
GetParent
ClientToScreen
KillTimer
SetTimer
PostMessageA
SetRect
ScreenToClient
PtInRect
SetCursor
LoadMenuA
GetSubMenu
GetCursorPos
GetClientRect
TranslateMessage
EnableWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DrawTextA
FillRect
GetSysColor
GetWindowRect
SetPropA
SystemParametersInfoA
GetWindowLongA
SendMessageA
SetCapture
InflateRect
FrameRect

gdi32

SetBkColor
GetViewportExtEx
GetWindowExtEx
SetMapMode
GetMapMode
PtVisible
RectVisible
CreateBitmap
ExtTextOutA
Escape
GetNearestColor
Rectangle
GetTextMetricsA
GetObjectA
CreateFontIndirectA
StretchBlt
CreateRectRgnIndirect
CombineRgn
FillRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
SelectObject
PatBlt
DeleteObject
SetTextColor
SetBkMode
LPtoDP
TextOutA
CreateSolidBrush
DPtoLP

advapi32

RegSetValueA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

olepro32

ord251

oleaut32

SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
LoadRegTypeLi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

psnetwork

??1CPSNetwork@@UAE@XZ
??0CPSNetwork@@QAE@XZ
?GetComment@CPSNetwork@@QAEPBDH@Z
?SetParam@CPSNetwork@@QAEXPBD0@Z
?GetStatus@CPSNetwork@@QAE?AW4PLAY_STATUS@@XZ
?ShowPropertyDlg@CPSNetwork@@QAEXH@Z
?GetChannelName@CPSNetwork@@QAEPBDXZ
?GetPercent@CPSNetwork@@QAEHAAK0@Z
?Save@CPSNetwork@@QAEHPBD@Z
?GetStreamingType@CPSNetwork@@QAE?AW4STREAMING_TYPE@@XZ
?Connect@CPSNetwork@@QAEHXZ
?Disconnect@CPSNetwork@@QAEXXZ
?GetHttpURL@CPSNetwork@@QAEPBDH@Z

ws2_32

WSACleanup
inet_ntoa
WSAStartup

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/PPStream/pp2play.dll
.dll windows:4 windows x86 arch:x86

cdeb4e547b30d83e656862b3f73c5cac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
InterlockedExchange
SetStdHandle
LCMapStringW
GetOEMCP
GetCPInfo
SetFilePointer
GetStringTypeW
GetStringTypeA
FlushFileBuffers
IsBadCodePtr
GetVersionExA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
GetModuleHandleA
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
ExitProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
GetACP
LCMapStringA
GetLastError
WideCharToMultiByte
WritePrivateProfileStringA
GetPrivateProfileIntA
GetLocaleInfoA
GetSystemDefaultLCID
lstrlenA
MultiByteToWideChar
InterlockedDecrement
LeaveCriticalSection
InterlockedIncrement
Sleep
FreeLibrary
DeleteCriticalSection
TlsSetValue
GetCurrentThreadId
GetVersion
GetCommandLineA
HeapFree
HeapAlloc
RaiseException
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
GetProcAddress
IsBadReadPtr
ReadFile

user32

InvalidateRect
GetDC
ReleaseDC
RegisterClassA
DeleteMenu
EnableMenuItem
GetMenuItemCount
wsprintfA
CheckMenuItem
DestroyMenu
CreatePopupMenu
InsertMenuA
AppendMenuA
TrackPopupMenu
RemoveMenu
GetCursorPos
PtInRect
LoadCursorA
SetCursor
BeginPaint
EndPaint
DefWindowProcA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
SetMenu
GetMenu
GetMessageA
DispatchMessageA
TranslateMessage
KillTimer
SetTimer
SetFocus
DestroyWindow
GetSystemMetrics
BringWindowToTop
SetParent
GetWindowLongA
GetWindowTextA
SetWindowTextA
GetParent
GetDesktopWindow
GetWindowRect
SetWindowPos
SendMessageA
PostMessageA
UpdateWindow
ShowWindow
CreateWindowExA
SetWindowLongA
SetRect
MonitorFromWindow
EnumDisplayMonitors
GetClientRect
GetMonitorInfoA
IsWindow

gdi32

SetStretchBltMode
StretchBlt
CreateCompatibleDC
GetDIBits
DeleteDC
DeleteObject
CreateCompatibleBitmap
GetObjectA
GetStockObject
SelectObject
Rectangle

ole32

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoInitializeEx
CoUninitialize

oleaut32

SysFreeString

Exports

Exports

PP2Play_Init
PP2Play_Uninit

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/PPStream/vodnet.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1504a57db48fa8579af570f370745657

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\PPStream-Vod-Work\XSearchNew\ppsvod\PPStreamVod\Release\PPStreamVod.pdb

Imports

kernel32

FindResourceExA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitThread
TerminateProcess
GetFileType
VirtualAlloc
VirtualQuery
GetCommandLineA
HeapReAlloc
SetStdHandle
HeapSize
SetErrorMode
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetTimeZoneInformation
UnhandledExceptionFilter
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
RaiseException
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
FlushFileBuffers
FileTimeToLocalFileTime
MulDiv
GlobalAlloc
FormatMessageA
GlobalLock
GlobalUnlock
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GlobalFree
VirtualProtect
FileTimeToSystemTime
CompareStringW
CompareStringA
GetVersion
OpenFile
GetModuleHandleA
GlobalMemoryStatus
HeapCreate
HeapAlloc
HeapDestroy
Sleep
GetProcessHeap
HeapFree
GetSystemInfo
lstrcpynA
GetFileTime
LoadLibraryA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
CreateDirectoryA
LoadLibraryExA
GetProcAddress
FreeLibrary
DeviceIoControl
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
LockFile
WriteFile
UnlockFile
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
GetFileAttributesA
CreateThread
lstrcpyA
LocalFree
LocalAlloc
ResetEvent
WaitForSingleObject
SetEvent
GetExitCodeThread
MultiByteToWideChar
GetPrivateProfileStringA
InterlockedIncrement
GetModuleFileNameA
SetLastError
CreateEventA
GetLastError
DeleteFileA
RemoveDirectoryA
GetPrivateProfileIntA
WritePrivateProfileStringA
CloseHandle
lstrcmpiA
InterlockedDecrement
lstrlenA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTickCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetUnhandledExceptionFilter
InitializeCriticalSection

user32

LoadCursorA
GetSysColorBrush
DestroyMenu
ValidateRect
SetCursor
PostQuitMessage
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ReleaseDC
GetDC
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
MapDialogRect
ShowWindow
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
CreateWindowExA
TranslateMessage
CharUpperA
GetSystemMetrics
GetWindowLongA
GetCursorPos
GetSysColor
SetWindowPos
ScreenToClient
GetWindowRect
GetMessageA
wsprintfA
IsWindow
PostMessageA
GetParent
PeekMessageA
DispatchMessageA
MessageBoxA
PostThreadMessageA
SetWindowLongA
SendMessageA
EnableWindow
SetTimer
IsWindowVisible
SendDlgItemMessageA

gdi32

TextOutA
EnumFontFamiliesExA
PtVisible
DeleteObject
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RectVisible
GetObjectA
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Destroy

shlwapi

UrlUnescapeA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

ws2_32

inet_ntoa
WSAGetLastError
inet_addr
setsockopt
shutdown
send
recv
WSASocketA
sendto
WSACleanup
recvfrom
WSAStartup
__WSAFDIsSet
select
ioctlsocket
getpeername
closesocket
WSASetEvent
WSACloseEvent
WSAEventSelect
WSASend
WSASetLastError
WSACreateEvent
accept
WSAEnumNetworkEvents
WSAResetEvent
WSARecv
WSAWaitForMultipleEvents
listen
ntohs
getsockname
bind
htons
socket
connect
gethostbyname
gethostname

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemFree

oleaut32

VariantInit
VariantChangeType
VariantClear
SysFreeString
SysAllocString

wininet

InternetReadFile
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetOpenUrlA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetSetCookieA

winmm

timeSetEvent
timeKillEvent
timeGetTime

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

CreateVodInstance
DestroyVodInstance
Disconnect
DllRegisterServer
DllUnregisterServer
EventNotify
GetChannelName
GetChannelOnlineCount
GetHttpURL
GetPlayingURL
GetStatus
GetStreamingType
PlayURL
PlayURLForTest
SetEchoSvr
SetParam
ShowPropertyDlg
StopFile

Sections

.text
Size: 624KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/PPStream/vodres.dll
.dll regsvr32 windows:4 windows x86 arch:x86

804c22578279ca55187cf7717deca65f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
lstrlenA
GetTickCount
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDriveStringsA
GetPrivateProfileIntA
RemoveDirectoryA
FindClose
GetLastError
FindNextFileA
FindFirstFileA
DeleteFileA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetExitCodeThread
SetEvent
WaitForSingleObject
ResetEvent
OutputDebugStringA
lstrcpyA
ResumeThread
CreateThread
GetFileAttributesA
SetEndOfFile
SetFilePointer
GetSystemInfo
ReadFile
UnlockFile
WriteFile
LockFile
GetModuleFileNameA
CreateFileA
_llseek
Sleep
GetCurrentThreadId
MultiByteToWideChar
HeapAlloc
GetProcessHeap
lstrcpynA
UnmapViewOfFile
FlushViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
OpenEventA
CreateEventA
CompareStringW
CompareStringA
FlushFileBuffers
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
QueryPerformanceCounter
IsValidCodePage
SetEnvironmentVariableA
IsValidLocale
GetModuleHandleA
GetCurrentProcessId
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
lstrcmpiA
GetCurrentProcess
VirtualProtectEx
WriteProcessMemory
VirtualQuery
GetProcAddress
Module32Next
Module32First
CreateToolhelp32Snapshot
GetFileSize
CloseHandle
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
ExitThread
ExitProcess
TerminateProcess
GetFileType
HeapFree
GetCommandLineA
GetVersionExA
LCMapStringA
LCMapStringW
GetCPInfo
HeapReAlloc
HeapSize
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
VirtualProtect
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

PostThreadMessageA
GetParent
wsprintfA
GetMessageA
IsWindow
PostMessageA

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
CryptReleaseContext

imagehlp

ImageDirectoryEntryToData

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

CFA
CFW
CH
DllRegisterServer
DllUnregisterServer
GFS
GOR
GetDelayTmCnt
InitialRootDir
OF
RF
RFE
RegMessageRecv
SFP
SFPE
SetQuitFlag
WF
WFE

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/P2PPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a972765d4f7da0ffccb4375291449098

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapAlloc
GetCommandLineA
RtlUnwind
HeapFree
TerminateProcess
HeapSize
ExitProcess
HeapReAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetTimeZoneInformation
GetACP
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WritePrivateProfileStringA
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileAttributesA
GetFileTime
GetFileSize
FileTimeToSystemTime
GetTickCount
FileTimeToLocalFileTime
GetShortPathNameA
GetVolumeInformationA
GetFullPathNameA
FindFirstFileA
FindClose
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
MulDiv
GetLastError
SetLastError
lstrcpynA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrlenW
GlobalFree
FormatMessageA
LocalFree
WideCharToMultiByte
InterlockedDecrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
lstrcmpA
GetCurrentThread
InterlockedIncrement
MultiByteToWideChar
GetThreadLocale
LoadLibraryA
SetUnhandledExceptionFilter
VirtualAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
lstrlenA
GetEnvironmentVariableA
SetStdHandle

user32

RegisterClipboardFormatA
CreateDialogIndirectParamA
EndDialog
PostThreadMessageA
LoadStringA
SetRect
CopyAcceleratorTableA
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
DestroyMenu
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
GetDesktopWindow
ClientToScreen
PtInRect
GetClassNameA
UnregisterClassA
DestroyIcon
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
CharNextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MessageBeep
IsDialogMessageA
LoadIconA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetNextDlgGroupItem
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
CharUpperA
MoveWindow
SetWindowTextA
PeekMessageA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
wsprintfA
IsWindow
EnableWindow
GetFocus
EnableMenuItem

gdi32

GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
SelectObject
SaveDC
RestoreDC
DeleteObject
GetStockObject
DeleteDC
GetBkColor
GetTextColor
GetDeviceCaps
GetObjectA
SetBkColor
CreateBitmap
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyExA

shell32

ExtractIconA

comctl32

ord17

oledlg

ord8

ole32

OleInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoGetClassObject
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
StgCreateDocfileOnILockBytes
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringByteLen
SysStringLen
VariantCopy
SysAllocString
VariantClear
VariantChangeType
SysAllocStringLen
SysStringByteLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/QQLive.dll
.dll regsvr32 windows:4 windows x86 arch:x86

200367198fe9ec3c2938c49f3afed75b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
ResetEvent
GetTickCount
CreateSemaphoreA
ReleaseSemaphore
Sleep
WaitForMultipleObjects
GetProcAddress
LoadLibraryA
FreeLibrary
CreateThread
GetLocalTime
ReleaseMutex
CreateMutexA
DisableThreadLibraryCalls
HeapDestroy
lstrcpyA
WaitForSingleObject
SetEvent
WideCharToMultiByte
lstrlenW
GetShortPathNameA
GetModuleHandleA
TerminateThread
GetCurrentThreadId
DeleteFileA
GetPrivateProfileStringA
GetSystemTime
CreateDirectoryA
FindClose
FindFirstFileA
CloseHandle
GetPrivateProfileIntA
lstrlenA
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrcatA
MultiByteToWideChar
GetUserDefaultLCID
RtlUnwind
SetHandleCount
ReadFile
SetUnhandledExceptionFilter
HeapSize
SetLastError
SetEnvironmentVariableA
GetLocaleInfoW
SetEndOfFile
CreateFileA
IsBadCodePtr
IsBadReadPtr
VirtualAlloc
IsBadWritePtr
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
SetStdHandle
GetEnvironmentStringsW
InitializeCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
SetFilePointer
GetStartupInfoA
GetFileType
GetStdHandle
TlsFree
TlsAlloc
WriteFile
UnhandledExceptionFilter
HeapAlloc
HeapFree
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetLastError
TerminateProcess
InterlockedExchange
CompareStringW
RaiseException
ExitProcess
GetCurrentProcess
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetVersion
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineA
HeapReAlloc

user32

ReleaseDC
GetDC
CharNextA
PostMessageA
MessageBoxA

gdi32

DeleteDC
DeleteObject
SelectObject
CreateFontIndirectA
CreateCompatibleDC
GetDIBits
ExtTextOutA
CreateDIBitmap
GetTextExtentPoint32A
SetDIBitsToDevice

ole32

CoCreateInstance
CoLoadLibrary
CoFreeLibrary

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString

ws2_32

sendto
recvfrom
WSACleanup
WSAStartup
gethostname
gethostbyname
inet_addr
send
recv
WSAGetLastError
getpeername
accept
select
__WSAFDIsSet
ioctlsocket
socket
bind
listen
htons
htonl
ntohs
ntohl
inet_ntoa
closesocket
setsockopt
shutdown
connect

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseCommLib

Sections

.text
Size: 544KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/QQLive.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

0298f8d4265383da1c838571cb552377

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa
WSACleanup
inet_addr
ntohl
gethostname
WSAStartup
gethostbyname

mfc42

ord3147
ord3259
ord2982
ord3136
ord5714
ord4465
ord2985
ord3081
ord3262
ord3401
ord3830
ord3831
ord2976
ord3079
ord4080
ord4622
ord4424
ord3670
ord561
ord3825
ord6354
ord1216
ord1168
ord6467
ord1227
ord1877
ord1134
ord2486
ord2687
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord743
ord446
ord1177
ord1226
ord4249
ord2439
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord1210
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord2876
ord2998
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord2137
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord4648
ord6055
ord4078
ord1776
ord4407
ord5241
ord2384
ord5307
ord5289
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord800
ord723
ord3946
ord540
ord423
ord5322
ord5339
ord5334
ord5328
ord5332
ord2541
ord4949
ord641
ord2514
ord324
ord4459
ord4502
ord4006
ord2727
ord2730
ord2729
ord2379
ord4299
ord5033
ord2795
ord858
ord1892
ord4698
ord1212
ord4570
ord4672
ord4843
ord5011
ord5265
ord4376
ord4853
ord4998
ord4713
ord6052
ord1775
ord2385
ord6371
ord5286
ord4438
ord3279
ord4625
ord4425
ord746
ord449
ord2278
ord941
ord4278
ord6663
ord535
ord3742
ord3663
ord6374
ord3402
ord4627
ord3721
ord3619
ord3626
ord795
ord818
ord860
ord567
ord2414
ord1270
ord1232
ord4275
ord2688
ord2864
ord2380
ord6215
ord2244
ord2116
ord2135
ord5575
ord4480
ord3089
ord6199
ord2818
ord6453
ord3920
ord4129
ord2784
ord665
ord1979
ord5186
ord354
ord4033
ord433
ord1949
ord4034
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord3952
ord2724
ord815
ord823
ord825
ord5163
ord6370
ord2954
ord4252
ord1255
ord1578
ord1176
ord269
ord826
ord342
ord1131
ord1132
ord1116
ord1243
ord1575
ord1577
ord1182
ord600
ord1253
ord1570
ord1197

msvcrt

strlen
memset
__CxxFrameHandler
memcpy
sprintf
fwrite
rename
fopen
fclose
_splitpath
strcat
srand
_adjust_fdiv
strcpy
fprintf
sscanf
malloc
_initterm
free
_onexit
__dllonexit
??1type_info@@UAE@XZ
_ftol
strchr
atol
atoi
strstr
time
isdigit
_vsnprintf
rand
_fstat
_fileno

kernel32

DeleteFileA
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
GetTickCount
OpenEventA
OutputDebugStringA
lstrlenA
GetModuleFileNameA
LocalFree
MultiByteToWideChar
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
lstrcpyA
SetEvent
GetLocalTime

user32

SystemParametersInfoA
DefWindowProcA
SetTimer
PostMessageA
SendMessageA
CopyRect
SetRectEmpty
GetClassInfoA
LoadCursorA
EnableWindow
wsprintfA
KillTimer

gdi32

DeleteObject
CreateSolidBrush

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

ole32

OleInitialize
CoFreeLibrary
CoLoadLibrary

oleaut32

LoadRegTypeLi

winmm

mixerGetControlDetailsA
mixerClose
mixerOpen
mixerGetLineInfoA
mixerGetNumDevs
mixerSetControlDetails
mixerGetLineControlsA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/QQLiveSrcDec.dll
.dll regsvr32 windows:4 windows x86 arch:x86

2eb4f7046a577b1ce2ecff21f5ea5685

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl
WSAStartup
WSACleanup
closesocket
recv
send
connect
inet_addr
socket
WSAGetLastError
htons

kernel32

RaiseException
GetProcAddress
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
LeaveCriticalSection
DeleteCriticalSection
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
CreateThread
WideCharToMultiByte
GetACP
CreateSemaphoreA
InitializeCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
ResetEvent
GetCurrentProcess
GetCurrentThreadId
SetEvent
VirtualAlloc
VirtualFree
InterlockedExchange
FreeLibrary
LoadLibraryA
GetModuleHandleA
Sleep
ReleaseSemaphore
WriteFile
SetFilePointer
GetStringTypeA
GetLastError
GetVersionExA
GetCommandLineA
GetVersion
GetEnvironmentStrings
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
SetLastError
TlsFree
SetHandleCount
RtlUnwind
HeapFree
HeapAlloc
GetFileType
GetStartupInfoA
GetStdHandle
GetOEMCP
TlsSetValue
TlsAlloc
HeapCreate
HeapReAlloc
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
IsBadWritePtr
ExitProcess
TerminateProcess

user32

SetRectEmpty
wsprintfA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegSetValueA
RegSetValueExA
RegCreateKeyA

ole32

StringFromGUID2
CoLoadLibrary
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
P2PMediaStreamIoctl

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/TNProxy.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cd70e39e6e438786ef4a72074fe055fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
InterlockedDecrement
HeapFree
FreeEnvironmentStringsW
ExitThread
GetTimeZoneInformation
SetEnvironmentVariableA
InterlockedExchange
CompareStringA
GetLocaleInfoW
GetStringTypeW
Sleep
CloseHandle
TlsGetValue
TlsAlloc
TlsFree
TlsSetValue
GetTickCount
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetLastError
TerminateProcess
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
SetFilePointer
ReadFile
GetCurrentProcess
RtlUnwind
WideCharToMultiByte
GetCommandLineA
GetVersion
RaiseException
CreateThread
GetCurrentThreadId
GetStringTypeA
HeapCreate
GetSystemTime
GetLocalTime
HeapAlloc
InterlockedIncrement
ExitProcess
HeapReAlloc
SetLastError
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
CompareStringW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
GetCPInfo
VirtualFree
WriteFile
UnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
IsValidLocale
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
FlushFileBuffers

ws2_32

htonl
inet_addr
htons
ntohs
ntohl
setsockopt
listen
bind
WSAGetLastError
connect
inet_ntoa
__WSAFDIsSet
select
getpeername
recv
accept
ioctlsocket
gethostbyname
gethostname
closesocket
socket
send
sendto
recvfrom
WSACleanup
WSAStartup

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetGetConnectedState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 508KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/TRadio.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

dd27a8fc8270628e2b7a039bf349b8db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

socket
closesocket
bind
recvfrom
sendto
select
WSAGetLastError
ntohl
ntohs
WSAResetEvent
inet_ntoa
WSACleanup
WSACreateEvent
WSAStartup
WSAAsyncSelect
htonl
setsockopt
WSACloseEvent
WSASetEvent
inet_addr
htons

kernel32

CreateFileA
ReadFile
DuplicateHandle
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
GetCurrentProcess
WriteFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetShortPathNameA
GlobalSize
WritePrivateProfileStringA
FindResourceExA
CopyFileA
GetFileTime
GetProfileIntA
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
ExitProcess
TerminateProcess
HeapSize
SizeofResource
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
SetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
CreateThread
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
lstrlenA
OutputDebugStringA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetLastError
lstrcpynA
MulDiv
SetLastError
GetUserDefaultLCID
IsDBCSLeadByte
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
lstrlenW
GlobalLock
GlobalAlloc
lstrcmpA
GetCurrentThread
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetProcAddress
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
SetHandleCount
GetFileAttributesA
GetFileSize
HeapReAlloc

user32

InvalidateRect
GetDesktopWindow
DestroyMenu
CreateMenu
IsRectEmpty
RegisterClipboardFormatA
PtInRect
SetCapture
ReleaseCapture
GetDC
ReleaseDC
SetRectEmpty
TabbedTextOutA
DrawTextA
GrayStringA
SetRect
GetClassNameA
ClientToScreen
GetWindowDC
CreateDialogIndirectParamA
EndDialog
EnumChildWindows
LockWindowUpdate
DestroyIcon
UnregisterClassA
LoadStringA
GetSysColorBrush
InsertMenuA
GetMenuStringA
CharUpperA
AppendMenuA
RemoveMenu
DrawEdge
InflateRect
GetDCEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
IsWindowEnabled
SetCursor
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
GetTabbedTextExtentA
GetDialogBaseUnits
SetParent
IsDialogMessageA
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
wsprintfA
MoveWindow
FillRect
EnableWindow
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorA
IsWindow
GetClassInfoA
GetParent
KillTimer
SetWindowTextA
CopyRect
SetTimer
PostMessageA
SetWindowsHookExA

gdi32

RectVisible
TextOutA
ExtTextOutA
Escape
SaveDC
PtVisible
SetMapMode
SelectObject
SetBkMode
SetROP2
CombineRgn
SetViewportOrgEx
CreateMetaFileA
DeleteDC
CloseMetaFile
DeleteMetaFile
LPtoDP
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
RestoreDC
MoveToEx
GetCurrentPositionEx
DeleteObject
CreateRectRgn
ScaleWindowExtEx
CreatePen
CreateSolidBrush
CreatePatternBrush
CopyMetaFileA
CreateDCA
GetTextMetricsA
GetTextExtentPoint32A
GetTextAlign
CreateFontIndirectA
EnumFontFamiliesExA
PatBlt
UnrealizeObject
Rectangle
SetRectRgn
CreateRectRgnIndirect
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
SelectClipRgn
OffsetViewportOrgEx
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegEnumValueA
RegOpenKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA

shell32

ExtractIconA

comctl32

ord17

ole32

OleDuplicateData
StringFromGUID2
CoCreateInstance
IIDFromString
CoDisconnectObject
OleLoadFromStream
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
CoRegisterClassObject
ReadFmtUserTypeStg
StringFromCLSID
ReadClassStm
CreateOleAdviseHolder
CoTaskMemFree
OleSaveToStream
ReleaseStgMedium
CreateDataAdviseHolder
OleDestroyMenuDescriptor
CreateDataCache
CoTaskMemAlloc
OleCreateMenuDescriptor
CoRevokeClassObject

olepro32

ord250
ord252
ord251
ord253

oleaut32

VariantClear
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysFreeString
VariantInit
LoadRegTypeLi
VariantChangeType
SysAllocString
VariantCopy
SysAllocStringLen
SysAllocStringByteLen
SysStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/TVChannel.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a3e31be2f7962d46237211d249faa5d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5290
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4353
ord3798
ord818
ord1232
ord1168
ord567
ord825
ord4275
ord4033
ord800
ord537
ord2152
ord433
ord823
ord5575
ord2379
ord540
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4424
ord3742
ord5307
ord6374
ord5714
ord4622
ord3738
ord561
ord815
ord5500
ord1132
ord6467
ord1131
ord6354
ord1799
ord614
ord1206
ord2623
ord290
ord6055
ord4226
ord2486
ord4003
ord1601
ord860
ord1158
ord3258
ord2233
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord2033
ord2727
ord2730
ord2729
ord5431
ord3348
ord4351
ord2989
ord3579
ord2625
ord297
ord619
ord1114
ord3237
ord1226
ord539
ord1214
ord2988
ord1113
ord2464
ord2393
ord1656
ord434
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord5289
ord4079
ord4698
ord1223
ord1253
ord1255
ord1197
ord600
ord826
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord269
ord1578
ord1570
ord1243

msvcrt

_strcmpi
??1type_info@@UAE@XZ
_ftol
free
__CxxFrameHandler
_adjust_fdiv
_initterm
malloc
_onexit
__dllonexit

kernel32

LocalFree
lstrlenA
LocalAlloc

user32

SetTimer
wsprintfA
EnableWindow
IsWindow
GetClassInfoA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyA
RegOpenKeyA

ole32

StringFromGUID2

oleaut32

VariantInit

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/VCodec.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7bb281f2034c5cb2d33ce586943ce4e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
RtlUnwind

msvcrt

__CxxFrameHandler
_ftol
fclose
??2@YAPAXI@Z
fwrite
fseek
fopen
sprintf
free
??3@YAXPAX@Z
calloc
floor
_errno
_initterm
_adjust_fdiv
malloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/QQLive/busy.gif
.gif
Kernel/QQLive/loading.gif
.gif
Kernel/QQLive/notAllowd.gif
.gif
Kernel/TvKoo/KooPlayer.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:00:1d:d8:c5:a2:48:57:e4:7d:69:88:9a:88:17:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

30/01/2008, 23:59

Subject

CN=Chengdu Koos Information Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=CEO,O=Chengdu Koos Information Technology Co.\,Ltd,L=Chengdu,ST=sichuan,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:4f:25:31:f2:a9:cb:de:e7:41:71:ff:66:cd:43:50:31:82:ff:10
Signer

Actual PE Digest

7b:4f:25:31:f2:a9:cb:de:e7:41:71:ff:66:cd:43:50:31:82:ff:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 268KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Kernel/feidian/MMCShell.dll
.dll regsvr32 windows:4 windows x86 arch:x86

abdec4344d6726d98047f8f6b7fa642f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetShortPathNameA
GetModuleHandleA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
IsDBCSLeadByte
HeapDestroy
GetLocalTime
SetThreadPriority
CreateThread
GetFileTime
GetTickCount
HeapReAlloc
HeapFree
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SetFilePointer
GetStringTypeA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapCreate
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
Thread32Next
GetCurrentDirectoryA
CreateProcessA
GetCurrentProcess
FlushInstructionCache
lstrcpyA
MulDiv
lstrcmpA
Sleep
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
GetCurrentThreadId
ReadFile
ReleaseMutex
lstrcatA
GetTempPathA
GetTempFileNameA
FormatMessageA
LocalFree
GetStringTypeExA
DebugBreak
InterlockedIncrement
InterlockedDecrement
GetThreadLocale
CompareStringA
lstrcpynA
lstrcmpiA
lstrlenA
TlsSetValue
FlushFileBuffers
WaitForMultipleObjects
TerminateProcess
DeleteFileA
TlsGetValue
CreateFileA
WriteFile
lstrlenW
WideCharToMultiByte
WaitForSingleObject
GetSystemTime
SystemTimeToFileTime
CreateMutexA
CreateEventA
OutputDebugStringA
SetEvent
EnterCriticalSection
ResetEvent
LeaveCriticalSection
GetStringTypeW
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
SetLastError
GetLastError

user32

EqualRect
OffsetRect
DestroyWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CharUpperA
GetDesktopWindow
SetParent
MoveWindow
GetDC
IsRectEmpty
IntersectRect
CopyRect
ShowWindow
ScreenToClient
GetCursorPos
GetForegroundWindow
SetForegroundWindow
GetWindow
PostMessageA
LoadStringA
wvsprintfA
CharNextA
wsprintfA
SendMessageTimeoutA
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
FillRect
EndPaint
GetClientRect
GetMenu
AdjustWindowRectEx
SetWindowPos
CreateWindowExA
GetWindowLongA
SetWindowLongA
KillTimer
ClientToScreen
GetWindowRect
PtInRect
GetParent
SetCapture
SystemParametersInfoA
SetTimer
BeginPaint
LoadBitmapA
DefWindowProcA
IsWindow
SendMessageA
PostThreadMessageA
EnableWindow
SetWindowRgn
IsWindowEnabled
DrawTextA
GetClassNameA
EnumChildWindows
UpdateWindow
InvalidateRect
GetWindowRgn
GetCapture
ReleaseCapture
GetDlgCtrlID
CallWindowProcA
EnumThreadWindows
UnregisterClassA
GetClassInfoA
SetRect
SetCursor
RedrawWindow
RegisterWindowMessageA
SetFocus
GetFocus
IsChild
UnionRect
GetMessageA
GetKeyState

gdi32

BitBlt
StretchBlt
SetStretchBltMode
CreateCompatibleBitmap
CreateCompatibleDC
OffsetRgn
FillRgn
CombineRgn
CreateDCA
SetBkMode
Polyline
CreatePen
GetObjectA
ExtCreateRegion
CreateDIBSection
CreateBitmap
LPtoDP
SetWindowOrgEx
SetViewportOrgEx
DPtoLP
CreateFontIndirectA
SelectObject
GetTextColor
GetBkColor
SetBkColor
SetTextColor
GetClipRgn
ExtSelectClipRgn
GetStockObject
DeleteDC
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
GetMapMode
SetMapMode
GetDeviceCaps
RestoreDC
SaveDC
CreateRectRgn
CreateSolidBrush
DeleteObject
PtInRegion

advapi32

OpenServiceA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
EnumServicesStatusA
ControlService
QueryServiceStatus
StartServiceA
CloseServiceHandle
RegCloseKey
OpenSCManagerA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA

shell32

SHGetSpecialFolderPathA

ole32

CoLockObjectExternal
CoGetMalloc
CoReleaseMarshalData
CLSIDFromProgID
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
WriteClassStm
OleSaveToStream
OleLoadFromStream
CreateOleAdviseHolder
CoCreateInstance
CoUnmarshalInterface
CLSIDFromString

oleaut32

SysStringLen
SysAllocStringLen
SysAllocString
VariantClear
SysFreeString
LoadRegTypeLi
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
OleCreatePropertyFrame
RegisterTypeLi
LoadTypeLi
VarUI4FromStr

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Draw
_TrackMouseEvent
ImageList_Destroy
ImageList_GetIconSize

msimg32

TransparentBlt

ws2_32

ntohl
inet_addr
WSACleanup
WSAStartup
closesocket
WSAGetLastError
WSASetLastError
recv
shutdown
send
connect
gethostbyname
htons
socket
__WSAFDIsSet
select
ioctlsocket
setsockopt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

HttpAddRequestHeadersA
HttpSendRequestA
InternetOpenA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetSetOptionA
InternetOpenUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shrdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/itv/pCastCtl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b0517ebfd5dbd69335fc4ff43a95a0b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
VirtualQuery
IsBadWritePtr
GetFileAttributesA
FindClose
FindFirstFileA
CreateDirectoryA
DeleteFileA
GetTempFileNameA
IsBadCodePtr
OpenProcess
ReadProcessMemory
HeapFree
GetProcessHeap
GlobalFree
DeviceIoControl
SetConsoleTitleA
AllocConsole
FreeConsole
GetStdHandle
LocalFree
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
TlsSetValue
CreateMutexA
TlsAlloc
RaiseException
TlsGetValue
ReleaseMutex
SetThreadContext
GetThreadContext
SuspendThread
GlobalReAlloc
ResetEvent
InterlockedExchange
SetThreadPriority
GetTickCount
DebugBreak
ReadFile
GetFileSize
IsBadReadPtr
OutputDebugStringA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
QueryPerformanceCounter
SetEndOfFile
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
GetCPInfo
GetOEMCP
HeapSize
TlsFree
GetSystemInfo
VirtualAlloc
GetTimeZoneInformation
GetCommandLineA
ExitThread
TerminateProcess
ExitProcess
HeapReAlloc
HeapAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
GetCurrentThread
DuplicateHandle
GetCurrentProcessId
SetUnhandledExceptionFilter
GetACP
ReleaseSemaphore
CompareStringA
lstrcmpA
CreateSemaphoreA
CreateThread
GetTempPathA
WinExec
CreateEventA
SetEvent
TerminateThread
ResumeThread
WaitForSingleObject
GetExitCodeThread
LockResource
CreateFileA
WriteFile
CloseHandle
GetCurrentThreadId
GetModuleHandleA
GetShortPathNameA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
GetCurrentProcess
FlushInstructionCache
DisableThreadLibraryCalls
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
lstrcpyA
HeapDestroy
EnterCriticalSection
IsDBCSLeadByte
InterlockedDecrement
InterlockedIncrement
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
lstrcmpiA
lstrlenA
lstrcpynA
GetLastError
SetLastError
LeaveCriticalSection
GetModuleFileNameA
DeleteCriticalSection
GetVersionExA
InitializeCriticalSection

user32

PostThreadMessageA
MsgWaitForMultipleObjects
PeekMessageA
LoadImageA
MoveWindow
SetLastErrorEx
CharLowerBuffA
DispatchMessageA
SetParent
GetSystemMetrics
SetWindowPlacement
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetForegroundWindow
SetRect
TranslateMessage
CharUpperBuffA
wvsprintfA
EndDialog
GetWindowLongA
SetWindowTextA
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
wsprintfA
KillTimer
SetWindowLongA
SetTimer
CharNextA
PtInRect
UnionRect
ReleaseDC
GetDC
DefWindowProcA
CallWindowProcA
DestroyWindow
IsWindow
GetKeyState
SetWindowRgn
OffsetRect
EqualRect
SetClassLongA
RegisterWindowMessageA
MessageBeep
CreateAcceleratorTableA
GetWindowTextLengthA
GetWindowTextA
DrawTextA
IsWindowEnabled
DrawFocusRect
GetDlgCtrlID
SetCursor
GetCapture
UpdateWindow
DestroyCursor
GetAsyncKeyState
GetClassNameA
RedrawWindow
InvalidateRgn
GetDesktopWindow
GetSysColor
GetActiveWindow
SetMenuItemInfoA
IntersectRect
InvalidateRect
RegisterClassExA
LoadCursorA
GetClassInfoExA
CreateWindowExA
ShowWindow
SetFocus
IsChild
GetFocus
EndPaint
BeginPaint
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
SendMessageA
PostMessageA
IsWindowVisible
MessageBoxA
LoadMenuA
EnableMenuItem
DestroyMenu
SetRectEmpty
DialogBoxParamA
GetSubMenu
FillRect
TrackPopupMenuEx
LoadStringA

gdi32

CreateDIBSection
ExtCreateRegion
SetROP2
GetRgnBox
SelectClipRgn
PtInRegion
CreateRectRgnIndirect
OffsetRgn
CreateRectRgn
CombineRgn
RestoreDC
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SelectObject
CreateSolidBrush
GetObjectA
GetStockObject
SetTextColor
SetBkMode
CreateFontIndirectA
TextOutA
SetBkColor
GetTextExtentPoint32A
ExcludeClipRect
LineTo
MoveToEx
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
GetDeviceCaps
CreatePen
CreateDCA

advapi32

RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

StringFromCLSID
OleRun
StringFromGUID2
CoTaskMemFree
CoCreateGuid
StringFromIID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoInitializeEx
OleSaveToStream
WriteClassStm
OleLoadFromStream
CoInitialize
CoUninitialize
CreateDataAdviseHolder
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
VariantClear
DispCallFunc
LoadRegTypeLi
SysStringLen
OleCreatePropertyFrame
SysAllocStringLen
OleTranslateColor
VariantChangeType
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantInit
GetErrorInfo

ws2_32

send
socket
inet_addr
gethostbyname
htons
inet_ntoa
ioctlsocket
connect
WSAGetLastError
recv
WSAStartup
closesocket
WSACleanup
sendto
ntohl
ntohs
select

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

_TrackMouseEvent
ImageList_Draw
ImageList_GetImageCount
ImageList_Destroy
ImageList_LoadImageA
ord17

urlmon

URLDownloadToFileA

Exports

Exports

CreatePcastSession
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleasePcastSession

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/pplive/synalivesetup_1.8.7_ie.exe
.exe windows:4 windows x86 arch:x86

9c523d8653da5455667e3f82274f2f88

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c8:15:5a:82:57:a4:12:7c:d9:05:d9:1e:b5:2b:b9:39:09:e1:9e:ea
Signer

Actual PE Digest

c8:15:5a:82:57:a4:12:7c:d9:05:d9:1e:b5:2b:b9:39:09:e1:9e:ea

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
lstrcmpiA
CopyFileA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCurrentProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ERoc.dll
.dll windows:4 windows x86 arch:x86

e43bbcb8f87ee846306b634ce05db32f

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dc:ca:28:a8:d7:3d:cf:d7:63:19:a6:42:d1:ba:45:67:f9:e3:7c:30
Signer

Actual PE Digest

dc:ca:28:a8:d7:3d:cf:d7:63:19:a6:42:d1:ba:45:67:f9:e3:7c:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
GetCurrentThread
GetCurrentProcess
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
Module32Next
GetLongPathNameA
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetLocalTime
GetLastError
lstrcatA
lstrcpyA
VirtualQuery
GetModuleFileNameA
FindFirstFileA
AllocConsole
GetConsoleTitleA
lstrcpynA
WaitForMultipleObjects
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
GetTickCount
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
ResetEvent
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
Sleep
InterlockedExchange
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
FlushFileBuffers
WriteFile
FatalAppExitA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
SetFilePointer
InterlockedDecrement
InterlockedIncrement
CreateFileA
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
SetConsoleCtrlHandler
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

user32

MessageBoxA

shlwapi

PathAppendA
PathRemoveFileSpecA
PathFindFileNameA
PathCombineA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

TS_XXXX

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KOM.dll
.dll windows:4 windows x86 arch:x86

cbc91b0b3146001c961a5b05f81618b8

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

81:9b:14:b3:60:ef:7d:11:c5:c1:05:f2:e5:94:8a:51:8f:8b:e1:9d
Signer

Actual PE Digest

81:9b:14:b3:60:ef:7d:11:c5:c1:05:f2:e5:94:8a:51:8f:8b:e1:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetLastError
LoadLibraryA
GetModuleFileNameA
VirtualQuery
GetVersion
GetCurrentProcessId
GetCommandLineA
GetTickCount
CreateEventA
CloseHandle
GetLocalTime
lstrcpyA
OutputDebugStringA
SetEvent
CreateThread
ResetEvent
TerminateThread
WaitForSingleObject

ole32

CoCreateGuid

msvcp60

??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
??1_Lockit@std@@QAE@XZ

msvcrt

_onexit
??2@YAPAXI@Z
__CxxFrameHandler
memmove
sprintf
fclose
fflush
vfprintf
fprintf
fopen
_except_handler3
free
__dllonexit
_adjust_fdiv
_initterm
malloc

ws2_32

gethostname
gethostbyname

rpcrt4

UuidToStringA

shlwapi

StrStrIA
PathIsRelativeA
PathAppendA
PathRemoveFileSpecA

Exports

Exports

TS_0001
TS_0002
TS_0003
TS_0004
TS_0005
TS_0006
TS_0007
TS_0008
TS_0009

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/MIR.dll
.dll windows:4 windows x86 arch:x86

a9717fb0d05edd8309962b74c6ef524d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

29:05:d5:7c:a9:ae:46:cf:1a:3a:b0:fa:12:fe:fc:9f:01:64:1c:79
Signer

Actual PE Digest

29:05:d5:7c:a9:ae:46:cf:1a:3a:b0:fa:12:fe:fc:9f:01:64:1c:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp60

??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0runtime_error@std@@QAE@ABV01@@Z
??0overflow_error@std@@QAE@ABV01@@Z
??1overflow_error@std@@UAE@XZ
??_7overflow_error@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?_Xran@std@@YAXXZ
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z

ws2_32

inet_ntoa
ntohs
WSAGetLastError
htons

msvcrt

??0exception@@QAE@ABQBD@Z
_ftol
strstr
free
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
sprintf
_vsnprintf
strncpy
memmove
srand
rand
_CxxThrowException
_snprintf
_purecall
??2@YAPAXI@Z
__CxxFrameHandler

kernel32

VirtualQuery
GetTickCount
QueryPerformanceCounter
GetModuleFileNameA
UnmapViewOfFile
GetProcAddress
LoadLibraryA
GetLastError
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
FreeLibrary
GetVersionExA
GetPrivateProfileIntA
WritePrivateProfileStringA
CloseHandle

user32

wsprintfA
PostMessageA

Exports

Exports

TS_XXXX

Sections

.text
Size: 340KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PCP.dll
.dll windows:4 windows x86 arch:x86

f7da0542502914a50a6e3fc6a88c6309

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c8:c2:4e:46:5d:85:a6:08:09:31:e0:19:34:f4:6a:cb:6a:89:d8:6b
Signer

Actual PE Digest

c8:c2:4e:46:5d:85:a6:08:09:31:e0:19:34:f4:6a:cb:6a:89:d8:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord561
ord825
ord1199
ord1247
ord6467
ord823
ord5810
ord5481
ord2031
ord4863
ord5796
ord5478
ord1971
ord966
ord3570
ord278
ord605
ord2077
ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord2985
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord3742
ord818
ord6442
ord567
ord4275
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord1116
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4353
ord4274

msvcrt

malloc
free
srand
_snprintf
fclose
_errno
memmove
sprintf
_vsnprintf
_purecall
vfprintf
vprintf
fflush
__CxxFrameHandler
_fsopen
fgets
fwrite
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??0exception@@QAE@XZ
_beginthreadex
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
rand
??1exception@@UAE@XZ

kernel32

WriteFile
GetLastError
ReadFile
CreateFileA
CloseHandle
FreeLibrary
GetModuleFileNameA
GetProcAddress
VirtualQuery
OutputDebugStringA
GetLocalTime
FlushFileBuffers
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTickCount
WaitForSingleObject
CreateEventA
SetEvent
GetExitCodeThread
TerminateThread
LocalFree
LocalAlloc
SetFilePointer

user32

PostMessageA
EnableWindow
SetTimer
KillTimer

wsock32

connect
closesocket
ntohs
ioctlsocket
inet_addr
gethostname
gethostbyname
htons
getsockname
WSAGetLastError
socket
recv
send
setsockopt

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathAppendA
PathRenameExtensionA

rpcrt4

UuidCreate
UuidFromStringA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

PCP_CleanUp
PCP_Detect
PCP_Join
PCP_Leave
PCP_List
PCP_Set
PCP_StartUp
PCP_Stats

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/PPF.dll
.dll windows:4 windows x86 arch:x86

cc4aabc887f145bdbc613594d25ce8a3

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

73:55:0d:cc:12:ad:33:a8:35:e3:76:40:48:dc:cc:e4:aa:0e:ac:7b
Signer

Actual PE Digest

73:55:0d:cc:12:ad:33:a8:35:e3:76:40:48:dc:cc:e4:aa:0e:ac:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pcp

ord3
ord1
ord5
ord7
ord8
ord6
ord2

rpcrt4

UuidFromStringA

ws2_32

gethostname
inet_ntoa
inet_addr
gethostbyname
recv
connect
closesocket
socket
htons
send
setsockopt

shlwapi

PathFindFileNameA

mfc42

ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3742
ord818
ord5163
ord2152
ord1233
ord567
ord4204
ord800
ord537
ord2379
ord665
ord858
ord922
ord353
ord535
ord1187
ord939
ord2818
ord540
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord4275
ord823
ord825
ord834
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord1270

msvcrt

_adjust_fdiv
malloc
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_EH_prolog
_iob
tolower
strchr
strncmp
isspace
isalnum
fputs
memchr
fputc
fprintf
atof
_purecall
_snprintf
_mbsnicmp
_itoa
_mbscspn
_CxxThrowException
isalpha
localtime
vprintf
_beginthreadex
memmove
_strdup
free
fread
strncpy
fwrite
_mkdir
_mbscmp
exit
atoi
time
srand
isdigit
printf
sprintf
_findfirst
_findnext
_findclose
__CxxFrameHandler
_i64toa
sscanf
_ftol
fopen
fseek
ftell
fclose
_unlink
rand
_mbsspn

kernel32

LocalAlloc
GetProcAddress
LoadLibraryA
GetSystemTime
Sleep
CloseHandle
RemoveDirectoryA
SetEndOfFile
SetFilePointer
CreateFileA
GetPrivateProfileStringA
CreateMutexA
OutputDebugStringA
GetLastError
FormatMessageA
LocalFree
WritePrivateProfileStringA
GetExitCodeThread
DeleteFileA
GetTickCount
GetPrivateProfileIntA
lstrlenA
WaitForSingleObject
CreateEventA
SetEvent
TerminateThread

user32

SetTimer
wsprintfA
EnableWindow
TranslateMessage
DispatchMessageA
PostMessageA
CharNextA
GetMessageA
SendMessageA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ole32

CoCreateGuid

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
?_Init@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEXPBDIH@Z
?_Mode@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEHH@Z
??_7?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1ios_base@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

Exports

Exports

RD_XXXX

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/TEN.dll
.dll windows:4 windows x86 arch:x86

69630f4e49cba917c47d520250bf1ff5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

24:fc:a6:e4:3b:13:a0:ea:9d:30:3a:37:92:16:64:43:ee:ac:b6:f5
Signer

Actual PE Digest

24:fc:a6:e4:3b:13:a0:ea:9d:30:3a:37:92:16:64:43:ee:ac:b6:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
CloseHandle
EnterCriticalSection
GetTickCount
GetModuleFileNameA
GetLocalTime
GetLastError
CreateThread
CancelIo
TerminateThread
GetVersionExA
GetModuleHandleA
CreateEventA
WaitForSingleObject
SetEvent
WaitForMultipleObjects
CreateIoCompletionPort
GetSystemInfo
PostQueuedCompletionStatus
SetConsoleTitleA
GetQueuedCompletionStatus
GetProcAddress
LoadLibraryA
VirtualQuery
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
HeapCreate
GetCurrentProcessId
SetEndOfFile
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
ReadFile
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapDestroy
HeapSize
Sleep
InterlockedExchange
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc

user32

PeekMessageA
PostThreadMessageA
DestroyWindow
RegisterClassExA
CreateWindowExA
GetMessageA

iphlpapi

GetIfTable
GetIpAddrTable
SetTcpEntry

ws2_32

WSAEnumNetworkEvents
WSACancelAsyncRequest
WSACleanup
WSAStartup
WSACloseEvent
getsockname
shutdown
closesocket
getpeername
listen
WSAWaitForMultipleEvents
gethostbyname
WSAEventSelect
connect
WSAGetLastError
WSASocketA
setsockopt
htons
htonl
bind
inet_addr
WSASetLastError
WSACreateEvent
WSAAsyncGetHostByName
WSARecv
WSASendTo
WSARecvFrom
WSAGetOverlappedResult
WSAAccept
WSASend

shlwapi

PathRemoveFileSpecA

Exports

Exports

TS_XXXX

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/cmpver.dll
.dll windows:4 windows x86 arch:x86

71a33d9638f070315c658f06153bf2d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalAlloc
GlobalFree

msvcrt

strtoul
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

CompareVersion

Sections

.text
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/tpi.dll
.dll windows:4 windows x86 arch:x86

90547e4eb5ec31263ac362ca3152bc21

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:d5:13:d1:17:51:9f:61:79:0d:16:19:1e:61:be:e1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

22/09/2006, 00:00

Not After

24/09/2007, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=technology department,O=Synacast Corp.,L=shanghai,ST=shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8b:04:8b:b8:cd:d1:1c:ba:1e:0b:24:c7:db:5d:0a:6b:23:6a:8d:fb
Signer

Actual PE Digest

8b:04:8b:b8:cd:d1:1c:ba:1e:0b:24:c7:db:5d:0a:6b:23:6a:8d:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl

kernel32

GetEnvironmentVariableA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Exports

Exports

Locate

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 824KB - Virtual size: 822KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/ppmate/ppmate-2.3.1.62.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/PPMate/PPMate/channels.xml
.xml
$APPDATA/PPMate/PPMate/vod.xml
.xml
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b3d296ff6f7abb1319ee006fcc6c4d98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

GetDlgCtrlID
CloseClipboard
GetClipboardData
MapWindowPoints
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
OpenClipboard

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Recommend.dll
.dll windows:4 windows x86 arch:x86

74f0d593ff70ca142fb80601822bebfb

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

90:53:80:ad:d4:79:56:29:12:58:d5:48:ea:e7:3f:4e:43:90:3e:3a
Signer

Actual PE Digest

90:53:80:ad:d4:79:56:29:12:58:d5:48:ea:e7:3f:4e:43:90:3e:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Project\StromCodec\release\StromCodec.pdb

Imports

kernel32

GetTempFileNameA
SetLastError
RaiseException
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetTempPathA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
RtlUnwind
FindResourceExA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
Sleep
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
IsValidCodePage
GetOEMCP
GetCPInfo
FlushInstructionCache
GetCurrentProcess
LoadResource
LockResource
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
lstrlenA
FreeLibrary
LoadLibraryExA
lstrcpyA
GetModuleHandleA
WinExec
CloseHandle
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
SizeofResource
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
GetSystemTimeAsFileTime
GetLastError
FindResourceA
MulDiv
WriteFile
CreateFileA
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DeleteCriticalSection
InitializeCriticalSection
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetProcAddress

user32

FillRect
CopyIcon
DestroyIcon
SystemParametersInfoA
GetSystemMetrics
CreateIconIndirect
SendMessageA
ReleaseDC
GetDC
GetIconInfo
LoadCursorA
LoadStringA
GetSysColor
DestroyCursor
SetCursor
SetForegroundWindow
DialogBoxParamA
GetActiveWindow
ScreenToClient
BringWindowToTop
GetCursorPos
UnregisterClassA
GetWindow
GetWindowLongA
GetParent
GetClientRect
MapWindowPoints
GetWindowRect
SetWindowPos
EndPaint
BeginPaint
GetDlgItem
EndDialog
SetWindowTextA
SetWindowLongA
SetTimer
LoadImageA

gdi32

TextOutA
GetTextExtentPoint32A
SetTextJustification
GetTextMetricsA
SetBkColor
SetBkMode
CreateFontIndirectA
GetDeviceCaps
SetTextColor
CreateCompatibleBitmap
CreateSolidBrush
StretchBlt
CreateBitmap
GetObjectA
LineTo
MoveToEx
CreatePen
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
DeleteDC

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysAllocStringLen

comctl32

ord17
ImageList_GetImageCount
ImageList_GetIcon

urlmon

URLDownloadToFileA

Exports

Exports

FUNCTION001
FUNCTION002
FUNCTION003

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/GAL.dll
.dll windows:4 windows x86 arch:x86

34cdb0d333236a9df55e2e9e73b8b4c5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

57:8d:17:93:40:1a:34:8a:16:51:df:fe:e7:7c:1f:57:d4:14:fe:a7
Signer

Actual PE Digest

57:8d:17:93:40:1a:34:8a:16:51:df:fe:e7:7c:1f:57:d4:14:fe:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

UuidToStringA

ws2_32

gethostbyname
htons
closesocket
socket
bind
ioctlsocket
WSAGetLastError
sendto
recvfrom
connect
send
inet_addr

shlwapi

PathRemoveFileSpecA
PathAppendA

ole32

CoCreateGuid

kernel32

TlsFree
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
CloseHandle
DeviceIoControl
CreateFileA
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualQuery
CreateThread
CreateEventA
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
TerminateThread
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
GetTickCount
GetLocalTime
GetVersion
Sleep
WritePrivateProfileStructA
GetPrivateProfileStructA
GetSystemDirectoryA
RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
RaiseException
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
SetStdHandle
FlushFileBuffers
GetCPInfo

Exports

Exports

TS_XXXX

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/KOM.dll
.dll windows:4 windows x86 arch:x86

6f28788c82f7564f3e3a292c5f997368

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:ff:49:97:44:77:10:a5:92:d0:b6:15:78:1f:ca:1c:1e:39:e8:66
Signer

Actual PE Digest

b6:ff:49:97:44:77:10:a5:92:d0:b6:15:78:1f:ca:1c:1e:39:e8:66

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetLastError
LoadLibraryA
GetModuleFileNameA
VirtualQuery
GetVersion
GetCurrentProcessId
GetCommandLineA
GetTickCount
CreateEventA
CloseHandle
GetLocalTime
OutputDebugStringA
lstrcpyA
SetEvent
CreateThread
ResetEvent
TerminateThread
WaitForSingleObject
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
LCMapStringW
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
RaiseException
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
FlushFileBuffers
WriteFile
FatalAppExitA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
SetEnvironmentVariableA

ole32

CoCreateGuid

ws2_32

gethostbyname
gethostname

rpcrt4

UuidToStringA

shlwapi

StrStrIA
PathIsRelativeA
PathAppendA
PathRemoveFileSpecA

Exports

Exports

TS_0001
TS_0002
TS_0003
TS_0004
TS_0005
TS_0006
TS_0007
TS_0008
TS_0009

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/MUL.DLL
.dll windows:4 windows x86 arch:x86

9aaeceb8f6d61aa7caf74c2a192e81c3

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

36:45:c6:83:f2:29:83:54:f1:d4:e1:44:fc:97:47:37:78:d7:6b:3c
Signer

Actual PE Digest

36:45:c6:83:f2:29:83:54:f1:d4:e1:44:fc:97:47:37:78:d7:6b:3c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualQuery
GetCurrentProcessId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
Sleep
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
CloseHandle
HeapSize

ws2_32

htons
inet_addr

rpcrt4

UuidToStringA

Exports

Exports

TS_XXXX

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/eroc.dll
.dll windows:4 windows x86 arch:x86

e43bbcb8f87ee846306b634ce05db32f

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dc:ca:28:a8:d7:3d:cf:d7:63:19:a6:42:d1:ba:45:67:f9:e3:7c:30
Signer

Actual PE Digest

dc:ca:28:a8:d7:3d:cf:d7:63:19:a6:42:d1:ba:45:67:f9:e3:7c:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
GetCurrentThread
GetCurrentProcess
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
CloseHandle
Module32Next
GetLongPathNameA
Module32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetLocalTime
GetLastError
lstrcatA
lstrcpyA
VirtualQuery
GetModuleFileNameA
FindFirstFileA
AllocConsole
GetConsoleTitleA
lstrcpynA
WaitForMultipleObjects
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
GetTickCount
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
ResetEvent
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
Sleep
InterlockedExchange
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
FlushFileBuffers
WriteFile
FatalAppExitA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
SetFilePointer
InterlockedDecrement
InterlockedIncrement
CreateFileA
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
SetConsoleCtrlHandler
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

user32

MessageBoxA

shlwapi

PathAppendA
PathRemoveFileSpecA
PathFindFileNameA
PathCombineA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

TS_XXXX

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/mir.dll
.dll windows:4 windows x86 arch:x86

18bef7d3203bb9e669b2d8f2f067884e

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

26:77:b1:fd:5a:aa:ba:8b:09:31:65:69:cf:60:68:92:47:24:f3:89
Signer

Actual PE Digest

26:77:b1:fd:5a:aa:ba:8b:09:31:65:69:cf:60:68:92:47:24:f3:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohs
htonl
inet_addr
gethostbyname
inet_ntoa
WSAGetLastError
socket
htons
bind
gethostname
closesocket

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIID@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

rpcrt4

UuidFromStringA
UuidCreate

msvcrt

vfprintf
fflush
fwrite
free
__dllonexit
_onexit
_initterm
malloc
_adjust_fdiv
_fsopen
_errno
fclose
_ftol
memmove
sprintf
_snprintf
wcslen
__CxxFrameHandler
??2@YAPAXI@Z
_purecall
fgets

ole32

CoUninitialize
CoInitialize

wmvcore

WMCreateProfileManager
WMCreateWriterNetworkSink
WMCreateWriter

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathAppendA
PathRenameExtensionA

kernel32

GetTickCount
WritePrivateProfileStructA
WritePrivateProfileStringA
UnmapViewOfFile
MapViewOfFile
CloseHandle
OpenFileMappingA
CreateFileMappingA
GetLastError
FreeLibrary
GetModuleFileNameA
GetProcAddress
LoadLibraryA
Sleep
HeapReAlloc
WriteFile
HeapFree
GetProcessHeap
HeapAlloc
GetPrivateProfileIntA
OutputDebugStringA
VirtualQuery
GetPrivateProfileStructA

user32

PostMessageA
wsprintfA

Exports

Exports

TS_XXXX

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/PP/ten.dll
.dll windows:4 windows x86 arch:x86

69630f4e49cba917c47d520250bf1ff5

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

24:fc:a6:e4:3b:13:a0:ea:9d:30:3a:37:92:16:64:43:ee:ac:b6:f5
Signer

Actual PE Digest

24:fc:a6:e4:3b:13:a0:ea:9d:30:3a:37:92:16:64:43:ee:ac:b6:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
CloseHandle
EnterCriticalSection
GetTickCount
GetModuleFileNameA
GetLocalTime
GetLastError
CreateThread
CancelIo
TerminateThread
GetVersionExA
GetModuleHandleA
CreateEventA
WaitForSingleObject
SetEvent
WaitForMultipleObjects
CreateIoCompletionPort
GetSystemInfo
PostQueuedCompletionStatus
SetConsoleTitleA
GetQueuedCompletionStatus
GetProcAddress
LoadLibraryA
VirtualQuery
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
HeapCreate
GetCurrentProcessId
SetEndOfFile
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
ReadFile
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapDestroy
HeapSize
Sleep
InterlockedExchange
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc

user32

PeekMessageA
PostThreadMessageA
DestroyWindow
RegisterClassExA
CreateWindowExA
GetMessageA

iphlpapi

GetIfTable
GetIpAddrTable
SetTcpEntry

ws2_32

WSAEnumNetworkEvents
WSACancelAsyncRequest
WSACleanup
WSAStartup
WSACloseEvent
getsockname
shutdown
closesocket
getpeername
listen
WSAWaitForMultipleEvents
gethostbyname
WSAEventSelect
connect
WSAGetLastError
WSASocketA
setsockopt
htons
htonl
bind
inet_addr
WSASetLastError
WSACreateEvent
WSAAsyncGetHostByName
WSARecv
WSASendTo
WSARecvFrom
WSAGetOverlappedResult
WSAAccept
WSASend

shlwapi

PathRemoveFileSpecA

Exports

Exports

TS_XXXX

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/SynacastEWA.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

b2e71a5cc96a2e6a148e590ffbf7e021

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:91:1a:1e:59:7d:3b:0c:04:b7:21:4d:a1:fc:62:c7:a5:1d:05
Signer

Actual PE Digest

0d:d0:91:1a:1e:59:7d:3b:0c:04:b7:21:4d:a1:fc:62:c7:a5:1d:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord927
ord922
ord6868
ord940
ord5261
ord4370
ord4847
ord4992
ord2506
ord6048
ord1767
ord5276
ord4419
ord3592
ord641
ord324
ord4229
ord5491
ord4704
ord4037
ord3211
ord4273
ord6654
ord2127
ord2294
ord2756
ord5571
ord433
ord2680
ord465
ord4124
ord6237
ord6195
ord3087
ord541
ord801
ord2559
ord6375
ord925
ord2855
ord2078
ord4219
ord2057
ord6139
ord6874
ord802
ord542
ord1131
ord6565
ord6655
ord3491
ord5618
ord4199
ord6638
ord6107
ord6330
ord690
ord1980
ord5351
ord5804
ord1075
ord5198
ord3224
ord1225
ord389
ord815
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord3396
ord4616
ord3665
ord561
ord3947
ord2716
ord6350
ord1213
ord6466
ord1224
ord1085
ord5597
ord3452
ord6038
ord1869
ord4244
ord2478
ord2679
ord6360
ord3321
ord6361
ord4466
ord5494
ord3273
ord3348
ord3676
ord446
ord743
ord1174
ord4001
ord3253
ord2719
ord2722
ord2721
ord1223
ord1207
ord2431
ord1686
ord5614
ord994
ord4336
ord4681
ord4633
ord5670
ord2148
ord4850
ord4914
ord5998
ord2129
ord1955
ord5207
ord2948
ord3863
ord5144
ord4699
ord4701
ord2871
ord2993
ord5645
ord4108
ord4655
ord4654
ord4762
ord4644
ord4897
ord4542
ord4515
ord4588
ord4982
ord4919
ord4924
ord4929
ord4653
ord4903
ord4902
ord4662
ord4661
ord4660
ord4642
ord4683
ord5017
ord4648
ord4637
ord4348
ord4774
ord4643
ord4631
ord4630
ord5054
ord4578
ord4365
ord4355
ord4350
ord4733
ord4401
ord4732
ord4403
ord4597
ord5002
ord4409
ord4986
ord4973
ord2480
ord3399
ord4533
ord4528
ord2949
ord2376
ord6366
ord2978
ord3143
ord3255
ord4460
ord2981
ord3075
ord4076
ord4618
ord5821
ord861
ord3941
ord423
ord5310
ord5330
ord2533
ord4943
ord1594
ord537
ord6026
ord4453
ord5027
ord4496
ord2787
ord6374
ord6376
ord6266
ord4197
ord1884
ord4247
ord1209
ord4564
ord4666
ord4837
ord5005
ord4707
ord6367
ord5282
ord4432
ord3274
ord4619
ord449
ord746
ord2270
ord1863
ord4524
ord5681
ord3269
ord3574
ord439
ord736
ord3231
ord4517
ord4078
ord1937
ord4522
ord4536
ord4538
ord4519
ord2745
ord4142
ord5142
ord816
ord6213
ord562
ord2706
ord1941
ord4029
ord3614
ord713
ord6137
ord414
ord3701
ord5777
ord5855
ord5446
ord6390
ord5436
ord6379
ord1921
ord942
ord5568
ord2910
ord6279
ord6278
ord665
ord1971
ord5180
ord354
ord937
ord834
ord3805
ord5438
ord3313
ord924
ord668
ord1972
ord833
ord3306
ord3176
ord4053
ord2773
ord2762
ord356
ord4028
ord384
ord686
ord772
ord3696
ord500
ord1854
ord4215
ord2576
ord3649
ord2430
ord6138
ord2858
ord5602
ord3568
ord3688
ord2755
ord4272
ord5784
ord2606
ord2088
ord2400
ord5856
ord1172
ord807
ord2915
ord2004
ord4158
ord2112
ord554
ord1637
ord941
ord5783
ord4128
ord4292
ord2444
ord1192
ord1129
ord1115
ord1173
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord600
ord826
ord269
ord609
ord567
ord3397
ord2114
ord1088
ord6354
ord2854
ord2566
ord2371
ord4270
ord809
ord556
ord3567
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord5237
ord4390
ord5679
ord5706
ord858
ord6865
ord6770
ord535
ord538
ord4155
ord289
ord613
ord5871
ord3871
ord5047
ord4279
ord3569
ord2567
ord6597
ord1165
ord1230
ord818
ord3737
ord540
ord2810
ord800
ord823
ord4294
ord6211
ord3792
ord6871
ord790
ord3711
ord6451
ord3084
ord2859
ord5977
ord6193
ord6017
ord6190
ord2746
ord3591
ord5860
ord6057
ord5567
ord5575
ord5732
ord5674
ord5790
ord5785
ord5869
ord6168
ord6185
ord4324
ord6182
ord5752
ord6188
ord5755
ord2966
ord470
ord755
ord795
ord723
ord3716
ord1768
ord4073
ord6051
ord1143
ord825
ord1634
ord2397
ord2406
ord3658
ord3621
ord323
ord1633
ord5781
ord640
ord4735
ord3566
ord1128

msvcrt

_wtoi
strcmp
islower
toupper
atoi
time
strlen
wcscpy
wcsncpy
wcslen
_ftol
abs
_EH_prolog
__CxxFrameHandler
memset
wcstoul
strcpy
memcmp
_snprintf
wcscmp
fclose
fputws
swprintf
_wfopen
_wtol
wcscat
_wcsicmp
fgetws
memcpy
_vsnwprintf
_wcsnicmp
rand
srand
sprintf
memmove
free
wcstok
_wsplitpath
wcsncmp
malloc
_purecall
fprintf
fread
ftell
_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
_wcsdup
tolower
strchr
strncmp
isspace
isalnum
isalpha
fputs
fputc
fopen
fseek

kernel32

LocalFree
lstrcmpiW
FindResourceW
LoadResource
LockResource
GetCPInfo
GetVersion
GetVersionExW
lstrcpyW
lstrcatW
GetLocalTime
CopyFileW
SystemTimeToFileTime
SetFileTime
SystemTimeToTzSpecificLocalTime
GetPrivateProfileStringA
WritePrivateProfileStringW
GetTickCount
VirtualQuery
GetCurrentThreadId
SetEvent
GetPrivateProfileIntW
OutputDebugStringW
GetWindowsDirectoryW
GetLastError
FreeLibrary
GlobalLock
GlobalUnlock
GetPrivateProfileStringW
CreateDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetModuleFileNameW
SetCurrentDirectoryW
LoadLibraryW
GetProcAddress
GetCurrentProcessId
DeleteFileW
CreateEventW
lstrlenW
WideCharToMultiByte
Sleep
GetACP
lstrlenA
MultiByteToWideChar
CreateThread
WaitForSingleObject
TerminateThread
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc

user32

GetSysColorBrush
GetMenuStringW
CreateMenu
GrayStringW
CreatePopupMenu
GetMenuItemID
ModifyMenuW
AppendMenuW
GetSystemMetrics
GetDesktopWindow
GetWindowRect
ReleaseDC
GetDC
SetCursor
OffsetRect
GetCursorPos
DrawTextW
TabbedTextOutW
GetKeyState
LoadCursorW
ScreenToClient
ClientToScreen
GetParent
PostMessageW
SetCapture
GetClientRect
ReleaseCapture
DrawFocusRect
EnableWindow
InvalidateRect
SendMessageW
DestroyMenu
DestroyCursor
DrawIconEx
DrawEdge
GetMenuItemInfoW
PeekMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetMessagePos
MessageBeep
GetWindow
RedrawWindow
GetMenuItemCount
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
RegisterClipboardFormatW
IsWindowVisible
SystemParametersInfoW
SetForegroundWindow
mouse_event
UpdateWindow
SetRect
SetRectEmpty
KillTimer
SetTimer
CopyIcon
IsWindow
IsChild
LoadImageW
GetSysColor
FillRect
DrawStateW
InflateRect
GetSubMenu
TrackPopupMenuEx
LoadBitmapW
PtInRect
CopyRect
DestroyIcon
GetWindowLongW
GetNextDlgTabItem
GetActiveWindow
WindowFromPoint
SubtractRect

gdi32

DeleteDC
SetTextColor
SetBkColor
SelectObject
SetPixel
GetTextExtentPoint32W
CreateDIBSection
MaskBlt
CreateFontIndirectW
CreateRectRgnIndirect
DeleteObject
SelectPalette
SetMapMode
SetBitmapDimensionEx
CreateDCW
GetDeviceCaps
GetBkMode
CreatePen
CreateSolidBrush
Ellipse
PatBlt
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateBitmap
GetPixel
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
CreateCompatibleBitmap
BitBlt
StretchBlt
RealizePalette
CreateCompatibleDC
GetObjectW

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryInfoKeyW

shell32

ShellExecuteW
ShellExecuteExW

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_GetIcon
ImageList_AddMasked
ImageList_ReplaceIcon
_TrackMouseEvent

ole32

CoCreateGuid
StringFromGUID2
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

LoadRegTypeLi
VariantClear

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

shlwapi

PathFileExistsW
PathAppendW
StrStrIA
StrStrIW
PathStripPathW
PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW

winmm

PlaySoundW

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPADD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??1_Lockit@std@@QAE@XZ
?resize@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXI@Z
??8std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGII@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Tidy@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@AAEX_N@Z
?assign@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBGI@Z
?_C@?1??_Nullstr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@CAPBGXZ@4GB
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

rpcrt4

UuidFromStringA
UuidToStringA

ws2_32

inet_addr
inet_ntoa
gethostname
gethostbyname

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

InternetTimeToSystemTimeA
DeleteUrlCacheEntryW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES_COMMON/Synacast/SynaLive/common.dll
.dll windows:4 windows x86 arch:x86

4af413a6eee4fec07c0985b05516f3f9

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

57:64:6e:2b:55:00:23:d4:90:53:4a:55:3e:ab:0d:0a
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2009, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:c9:83:68:62:49:9c:49:6b:a8:b5:36:8c:4f:21:d1
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

23/09/2005, 00:00

Not After

23/09/2006, 23:59

Subject

CN=Synacast Corp.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Synacast Corp.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b7:9d:e9:fe:26:0a:b0:a9:e6:7a:19:85:83:0e:ae:f0:35:41:c2:ef
Signer

Actual PE Digest

b7:9d:e9:fe:26:0a:b0:a9:e6:7a:19:85:83:0e:ae:f0:35:41:c2:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord3948
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4616
ord4418
ord3733
ord561
ord825
ord815
ord823
ord3579
ord543
ord803
ord698
ord800
ord861
ord2388
ord540
ord668
ord3176
ord2773
ord2762
ord356
ord858
ord925
ord1165
ord6466
ord911
ord398
ord913
ord4182
ord6279
ord6278
ord4273
ord2755
ord5461
ord798
ord5444
ord532
ord3432
ord4184
ord5588
ord6868
ord1173
ord1568
ord1570
ord1179
ord342
ord1240
ord1194
ord1563
ord1248
ord1250
ord1571
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord396
ord4269
ord600
ord826
ord269
ord1115

msvcrt

__CxxFrameHandler
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_wtol
wcscmp

kernel32

LocalFree
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc

shlwapi

PathRemoveFileSpecW

Exports

Exports

GetLanguageResW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 798B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PPMPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1dd112e6bba26fbbacc4e10b0f05d82c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

26:97:43:73:11:26:92:61:d1:bc:f3:b0:46:3d:f6:ca:b9:73:11:f1
Signer

Actual PE Digest

26:97:43:73:11:26:92:61:d1:bc:f3:b0:46:3d:f6:ca:b9:73:11:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
FindClose
FindFirstFileA
CreateDirectoryA
DeviceIoControl
GetStdHandle
DeleteFileA
GetTempFileNameA
GetTempPathA
VirtualQuery
IsBadWritePtr
IsBadReadPtr
TlsAlloc
TlsSetValue
RaiseException
TlsGetValue
GetCurrentProcessId
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
ReadFile
CreateFileA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
HeapCreate
GetEnvironmentVariableA
GetStartupInfoA
GetFileType
SetHandleCount
GetOEMCP
GetCPInfo
HeapSize
TerminateProcess
ExitProcess
SetLastError
TlsFree
GetVersion
GetCommandLineA
ExitThread
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
WriteFile
InterlockedExchange
CreateThread
VirtualFree
VirtualAlloc
VirtualProtect
GlobalReAlloc
GlobalFree
CreateProcessA
SetEvent
GetExitCodeThread
TerminateThread
CreateEventA
WaitForSingleObject
CloseHandle
Sleep
DeleteCriticalSection
HeapDestroy
LoadLibraryA
GetProcAddress
InitializeCriticalSection
DisableThreadLibraryCalls
IsDBCSLeadByte
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
GetModuleHandleA
GetShortPathNameA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrcmpA
InterlockedIncrement
OutputDebugStringA
DebugBreak
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
GetTickCount
lstrcpyA
SetEnvironmentVariableA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
lstrcatA
WinExec
FreeLibrary
lstrcmpiA
lstrlenA
lstrcpynA
GetModuleFileNameA
GetACP
SetStdHandle
GetVersionExA

user32

PostThreadMessageA
GetSystemMetrics
SetWindowPlacement
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetForegroundWindow
MoveWindow
UnregisterClassA
FindWindowExA
LoadImageA
PostMessageA
DrawTextA
SetCursor
MessageBeep
GetSubMenu
LoadMenuA
GetAsyncKeyState
CheckMenuItem
CheckMenuRadioItem
EnableMenuItem
IsMenu
TrackPopupMenuEx
DestroyMenu
IntersectRect
EqualRect
OffsetRect
UnionRect
CreateWindowExA
GetDlgItem
InvalidateRgn
CreateAcceleratorTableA
SetRect
wsprintfA
DefWindowProcA
DestroyWindow
SendMessageA
IsWindow
LoadCursorA
GetClientRect
SetTimer
KillTimer
SetWindowRgn
SetCapture
ReleaseCapture
EndPaint
BeginPaint
ScreenToClient
GetCursorPos
ReleaseDC
GetDC
SetWindowLongA
GetWindowLongA
CallWindowProcA
ShowWindow
SetWindowPos
SetParent
SetClassLongA
DestroyCursor
FillRect
SystemParametersInfoA
DispatchMessageA
SetLastErrorEx
TranslateMessage
GetMessageA
LoadIconA
PtInRect
ClientToScreen
InvalidateRect
GetWindowRect
GetActiveWindow
IsWindowVisible
TranslateAcceleratorA
LoadAcceleratorsA
RegisterClassExA
GetClassInfoExA
RegisterWindowMessageA
GetWindow
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
wvsprintfA
GetDesktopWindow
GetParent
GetClassNameA
RedrawWindow
GetFocus
IsChild
CharNextA
LoadStringA
GetSysColor
SetFocus

gdi32

SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA
CombineRgn
CreateRectRgn
OffsetRgn
PtInRegion
SelectClipRgn
GetRgnBox
SetBkMode
SetTextColor
GetTextExtentPoint32A
LineTo
MoveToEx
SetROP2
CreatePen
CreateMetaFileA
CreateDIBSection
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetStockObject
GetObjectA
DeleteObject
DeleteDC
SelectObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
ExtCreateRegion
GetDeviceCaps
CreateSolidBrush

advapi32

RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

GetHGlobalFromStream
CoFreeUnusedLibraries
CoUninitialize
CoCreateGuid
StringFromIID
OleLoadFromStream
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleSaveToStream
WriteClassStm
CoTaskMemRealloc
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize

oleaut32

LoadTypeLi
OleCreatePictureIndirect
DispCallFunc
SysAllocStringByteLen
OleCreatePropertyFrame
SysStringByteLen
VariantChangeType
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

ws2_32

WSAStartup
WSACleanup
inet_addr
gethostbyname
htons
inet_ntoa
ioctlsocket
connect
closesocket
socket
WSAGetLastError
recv
send
select

comctl32

ImageList_Draw
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_Destroy
ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PSNetwork.dll
.dll windows:4 windows x86 arch:x86

a3344bd04f51a952af24e10e4b973774

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1669
ord2642
ord5572
ord2915
ord4277
ord4278
ord2763
ord1228
ord6283
ord3721
ord3619
ord809
ord795
ord2614
ord556
ord3663
ord3626
ord2414
ord4275
ord5875
ord2864
ord1088
ord2122
ord1641
ord3797
ord6358
ord6197
ord2859
ord6880
ord926
ord2860
ord6663
ord4774
ord4402
ord3640
ord693
ord4243
ord3301
ord3910
ord6605
ord2754
ord6696
ord3293
ord6282
ord538
ord6569
ord1085
ord5601
ord802
ord542
ord922
ord6905
ord6007
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord2546
ord291
ord4129
ord5683
ord5710
ord5681
ord6874
ord539
ord1175
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord2725
ord771
ord2528
ord1008
ord497
ord1948
ord5303
ord4699
ord5715
ord817
ord565
ord2726
ord4226
ord6215
ord2086
ord5450
ord6394
ord5440
ord6383
ord283
ord5678
ord5789
ord5787
ord5873
ord6172
ord5736
ord3573
ord3089
ord4224
ord2652
ord6334
ord3874
ord3092
ord858
ord1768
ord5280
ord470
ord755
ord4234
ord2301
ord324
ord567
ord6467
ord1168
ord1146
ord641
ord656
ord3610
ord4424
ord3402
ord4837
ord5290
ord1776
ord6055
ord3597
ord4853
ord4376
ord6199
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord2370
ord4202
ord6877
ord4171
ord6311
ord2764
ord3097
ord6453
ord3998
ord6907
ord939
ord5953
ord2379
ord4710
ord3996
ord4258
ord2302
ord489
ord768
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4835
ord3798
ord5287
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4854
ord4377
ord5265
ord4358
ord4948
ord4976
ord4742
ord4905
ord5160
ord5162
ord5161
ord1907
ord940
ord356
ord535
ord941
ord2770
ord2781
ord4058
ord3181
ord3178
ord3310
ord668
ord2818
ord540
ord3811
ord2820
ord537
ord800
ord860
ord823
ord2824
ord825

msvcrt

_mbschr
_mbsncmp
_mbclen
_mbsstr
_mbsnbcmp
_mbccpy
strncpy
atof
_stricmp
_strcmpi
_vsnprintf
_except_handler3
fopen
fwrite
fflush
fclose
_mbsicmp
sscanf
_mbsrchr
??8type_info@@QBEHABV0@@Z
_CxxThrowException
_ftol
toupper
vsprintf
strcpy
exit
_endthreadex
_beginthreadex
strstr
_mbscmp
memset
memcmp
memcpy
atoi
sprintf
strlen
time
srand
rand
__CxxFrameHandler
_purecall
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
_strnicmp

kernel32

GetVersionExA
DeviceIoControl
lstrcmpA
LockFile
WriteFile
UnlockFile
ReadFile
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
GetFileAttributesA
GlobalFree
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
LocalFree
LocalAlloc
lstrcpyA
ResetEvent
SetEvent
WaitForSingleObject
InterlockedIncrement
CreateFileA
CloseHandle
WideCharToMultiByte
CreateEventA
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GetLastError
InterlockedExchange
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
GetPrivateProfileIntA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetCurrentThreadId
SetUnhandledExceptionFilter
VirtualQuery
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
IsBadReadPtr
MultiByteToWideChar
InterlockedDecrement
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
CreateProcessA
LoadLibraryExA
GetProcAddress
lstrcpynA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetSystemInfo
GlobalMemoryStatus
GetModuleHandleA
OpenFile
GetACP
CopyFileA
lstrcmpiA
SetFileTime
SystemTimeToFileTime
GetSystemTime
QueryPerformanceCounter
GetExitCodeThread
lstrlenW
QueryPerformanceFrequency

user32

SendMessageA
SetTimer
EnableWindow
GetWindowLongA
SetWindowLongA
GetMessagePos
RegisterWindowMessageA
FillRect
MessageBeep
PostThreadMessageA
GetMenuItemCount
GetMenuItemID
LoadMenuA
GetSubMenu
PostMessageA
SetWindowPos
GetCursorPos
ScreenToClient
UpdateWindow
SendDlgItemMessageA
SetDlgItemTextA
ShowWindow
SetForegroundWindow
LoadCursorA
CopyIcon
GetWindowRect
GetDC
ReleaseDC
InflateRect
InvalidateRect
IsWindow
SetCursor
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
DestroyCursor
GetSysColor
wsprintfA
GetParent
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconA
IsIconic
KillTimer
IsWindowVisible
MessageBoxA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard

gdi32

GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
GetUserNameA

shell32

SHGetSpecialFolderPathA
ExtractIconA
ShellExecuteA

ole32

StringFromCLSID
CoCreateGuid
CoTaskMemFree

msvcp60

??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??9std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
?_Xran@std@@YAXXZ

ws2_32

gethostbyname
inet_addr
recv
send
sendto
setsockopt
recvfrom
WSAStartup
gethostname
getpeername
ntohs
shutdown
WSACreateEvent
WSAEventSelect
WSACloseEvent
WSASocketA
connect
socket
htons
bind
getsockname
WSACleanup
listen
WSASetEvent
WSAWaitForMultipleEvents
WSAGetLastError
WSASetLastError
WSARecv
WSAResetEvent
accept
closesocket
WSASend
inet_ntoa
WSAEnumNetworkEvents

wininet

InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetSetCookieA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

??0CPSNetwork@@QAE@ABV0@@Z
??0CPSNetwork@@QAE@XZ
??1CPSNetwork@@UAE@XZ
??4CPSNetwork@@QAEAAV0@ABV0@@Z
??_7CPSNetwork@@6B@
?Connect@CPSNetwork@@QAEHXZ
?Disconnect@CPSNetwork@@QAEXXZ
?GetCacheTime@CPSNetwork@@QAEHXZ
?GetChannelName@CPSNetwork@@QAEPBDXZ
?GetChannelOnlineCount@CPSNetwork@@QAEKXZ
?GetComment@CPSNetwork@@QAEPBDH@Z
?GetHttpURL@CPSNetwork@@QAEPBDH@Z
?GetMsg@CPSNetwork@@QAEHAAKPAD@Z
?GetPercent@CPSNetwork@@QAEHAAK0@Z
?GetStatus@CPSNetwork@@QAE?AW4PLAY_STATUS@@XZ
?GetStreamingType@CPSNetwork@@QAE?AW4STREAMING_TYPE@@XZ
?Save@CPSNetwork@@QAEHPBD@Z
?SetLogLevel@CPSNetwork@@QAEHH@Z
?SetParam@CPSNetwork@@QAEXPBD0@Z
?ShowPropertyDlg@CPSNetwork@@QAEXH@Z
FIO_Create

Sections

.text
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PowerPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8bbbf96729d8bcdd493e812559e69a20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2915
ord2393
ord1567
ord268
ord4160
ord3619
ord809
ord556
ord1088
ord2122
ord3797
ord6358
ord941
ord1200
ord926
ord2860
ord6385
ord6930
ord5450
ord6394
ord5440
ord6383
ord6379
ord772
ord6142
ord500
ord5860
ord3986
ord5606
ord939
ord4284
ord5873
ord5834
ord2841
ord2448
ord2044
ord2107
ord6467
ord5861
ord6883
ord6648
ord4278
ord6663
ord703
ord404
ord603
ord273
ord275
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3571
ord640
ord5785
ord1640
ord323
ord816
ord3908
ord562
ord1233
ord5575
ord6194
ord6378
ord3815
ord5981
ord6442
ord4204
ord6928
ord2652
ord4224
ord1669
ord2795
ord5710
ord3716
ord790
ord815
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3401
ord4622
ord3670
ord561
ord1134
ord3952
ord1205
ord2724
ord6354
ord1216
ord1227
ord6010
ord4202
ord1877
ord4249
ord2486
ord2687
ord6364
ord3326
ord6365
ord4472
ord5498
ord3278
ord3353
ord3681
ord446
ord743
ord1177
ord4006
ord2727
ord2730
ord2729
ord1226
ord1210
ord5572
ord1693
ord5618
ord994
ord4342
ord4687
ord4639
ord5674
ord2156
ord4856
ord4920
ord6002
ord2137
ord1963
ord5213
ord2953
ord3868
ord5150
ord4705
ord4707
ord3092
ord5649
ord4113
ord4661
ord4660
ord4768
ord4650
ord4903
ord4548
ord4521
ord4594
ord4988
ord4925
ord4930
ord4935
ord4659
ord4909
ord4908
ord4668
ord4667
ord4666
ord4648
ord4689
ord5023
ord4654
ord4643
ord4354
ord4780
ord4649
ord4637
ord4636
ord5060
ord4584
ord4371
ord4361
ord4356
ord4739
ord4741
ord4738
ord4409
ord4603
ord5008
ord4415
ord4992
ord4979
ord2488
ord3404
ord4539
ord4534
ord2954
ord2384
ord6370
ord2983
ord3148
ord3260
ord4466
ord2986
ord3080
ord4081
ord4624
ord5825
ord723
ord3946
ord423
ord5332
ord5328
ord5331
ord5314
ord5333
ord2541
ord4949
ord2998
ord4459
ord5033
ord4502
ord6030
ord6876
ord2956
ord1601
ord1892
ord4252
ord1212
ord4570
ord4672
ord4843
ord5011
ord4713
ord6371
ord5286
ord4438
ord3279
ord4625
ord449
ord746
ord2278
ord6311
ord4171
ord2753
ord3546
ord4317
ord2243
ord5788
ord472
ord5787
ord6646
ord6334
ord2450
ord4133
ord4297
ord3005
ord4033
ord433
ord1132
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord1979
ord665
ord924
ord922
ord1641
ord641
ord795
ord3573
ord3721
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord3402
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord2575
ord2078
ord6111
ord289
ord613
ord539
ord6143
ord4476
ord2764
ord6199
ord6605
ord4287
ord2688
ord801
ord541
ord283
ord3742
ord2086
ord4299
ord6880
ord2614
ord6778
ord6453
ord1168
ord2567
ord3874
ord2380
ord4275
ord609
ord3574
ord4396
ord4023
ord6282
ord6283
ord5683
ord4277
ord4129
ord5875
ord5789
ord2754
ord6172
ord2859
ord5768
ord2864
ord4034
ord535
ord1949
ord818
ord2135
ord823
ord1146
ord1644
ord2863
ord6270
ord2379
ord2438
ord3654
ord2584
ord4220
ord470
ord755
ord4710
ord6215
ord2642
ord6380
ord6197
ord4234
ord2302
ord2370
ord2414
ord3663
ord3626
ord825
ord324
ord567
ord540
ord860
ord858
ord800
ord537
ord6877
ord2818
ord354
ord5186
ord3318
ord2919
ord2876
ord5442
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3597
ord4425
ord5280
ord1775
ord6052
ord2514
ord4998
ord4853
ord4376
ord2439
ord5265
ord1131

msvcrt

strstr
_mbsicmp
abs
fopen
fwrite
fflush
fclose
sprintf
time
strcmp
memset
atoi
strlen
_ftol
_stricmp
__CxxFrameHandler
_mbsstr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_beginthreadex
_endthreadex
exit
memcpy
strcpy
_access
toupper
memcmp
wcsncpy
pow
atol
strcat
strchr
_mbsrchr
strncpy
strncmp
memmove
_mbscmp
strrchr
wcstol
wcscmp
wcslen
rand
srand
strtoul
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ

kernel32

CopyFileA
OpenFile
GetCurrentProcess
GetCurrentProcessId
GetSystemTime
OpenProcess
GetExitCodeProcess
TerminateProcess
WinExec
lstrcpynA
GetProcAddress
CreateDirectoryA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResumeThread
MulDiv
GlobalFree
CreateEventA
FindResourceA
LoadResource
SizeofResource
LockResource
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetVersionExA
DeviceIoControl
InterlockedDecrement
GetLastError
CreateFileA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
LocalFree
LocalAlloc
ResetEvent
SetEvent
WaitForSingleObject
EnterCriticalSection
GetExitCodeThread
DeleteCriticalSection
InitializeCriticalSection
CreateProcessA
CloseHandle
lstrcpyA
GetPrivateProfileStringA
GetTickCount
Sleep
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrlenA
lstrcatA
lstrlenW

user32

InsertMenuItemA
GetMenuState
MessageBoxA
GetMenuStringA
RegisterClassA
DefWindowProcA
GetClassInfoA
CharLowerA
mouse_event
DispatchMessageA
InvalidateRect
IsWindow
GetDC
GetMessageA
ReleaseDC
PostThreadMessageA
GetCapture
CreatePopupMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
DeleteMenu
InsertMenuA
GetPropA
RemoveMenu
GetDesktopWindow
SetRectEmpty
SetParent
MonitorFromWindow
GetMonitorInfoA
ShowCursor
GrayStringA
TabbedTextOutA
wsprintfA
ShowWindow
SetForegroundWindow
LoadCursorA
CopyIcon
SetWindowLongA
ReleaseCapture
RedrawWindow
DestroyCursor
GetMenuItemCount
GetMenuItemInfoA
GetMenuStringW
GetMenuItemID
ModifyMenuA
IsWindowVisible
UpdateWindow
CopyRect
GetSystemMetrics
GetParent
ClientToScreen
KillTimer
SetTimer
PostMessageA
SetRect
ScreenToClient
PtInRect
SetCursor
LoadMenuA
GetSubMenu
GetCursorPos
GetClientRect
TranslateMessage
EnableWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DrawTextA
FillRect
GetSysColor
GetWindowRect
SetPropA
SystemParametersInfoA
GetWindowLongA
SendMessageA
SetCapture
InflateRect
FrameRect

gdi32

SetBkColor
GetViewportExtEx
GetWindowExtEx
SetMapMode
GetMapMode
PtVisible
RectVisible
CreateBitmap
ExtTextOutA
Escape
GetNearestColor
Rectangle
GetTextMetricsA
GetObjectA
CreateFontIndirectA
StretchBlt
CreateRectRgnIndirect
CombineRgn
FillRgn
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
SelectObject
PatBlt
DeleteObject
SetTextColor
SetBkMode
LPtoDP
TextOutA
CreateSolidBrush
DPtoLP

advapi32

RegSetValueA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA
ShellExecuteExA

comctl32

_TrackMouseEvent

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

olepro32

ord251

oleaut32

SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
SysFreeString
VariantClear
SysAllocStringLen
SysAllocString
LoadRegTypeLi

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

psnetwork

??1CPSNetwork@@UAE@XZ
??0CPSNetwork@@QAE@XZ
?GetComment@CPSNetwork@@QAEPBDH@Z
?SetParam@CPSNetwork@@QAEXPBD0@Z
?GetStatus@CPSNetwork@@QAE?AW4PLAY_STATUS@@XZ
?ShowPropertyDlg@CPSNetwork@@QAEXH@Z
?GetChannelName@CPSNetwork@@QAEPBDXZ
?GetPercent@CPSNetwork@@QAEHAAK0@Z
?Save@CPSNetwork@@QAEHPBD@Z
?GetStreamingType@CPSNetwork@@QAE?AW4STREAMING_TYPE@@XZ
?Connect@CPSNetwork@@QAEHXZ
?Disconnect@CPSNetwork@@QAEXXZ
?GetHttpURL@CPSNetwork@@QAEPBDH@Z

ws2_32

WSACleanup
inet_ntoa
WSAStartup

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RecordPlan.exe
.exe windows:4 windows x86 arch:x86

0c002c2c1c5729e7133e586d5b77fd73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
DeleteFileA
Sleep
TerminateThread
GetCommandLineA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
CompareStringW
SetEndOfFile
SetConsoleCtrlHandler
LoadLibraryA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetFilePointer
CreateFileA
ReadFile
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
CreateFileMappingA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetProcAddress
HeapCreate
GetVersionExA
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
FatalAppExitA
GetOEMCP
GetCPInfo
GetStringTypeW
GetStringTypeA
HeapSize
TerminateProcess
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
ExitProcess
GetVersion
GetStartupInfoA
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
GetLastError
CloseHandle
CreateEventA
CreateThread
GetModuleHandleA
FreeLibrary
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
CompareStringA
lstrcpyA
lstrcmpiA
EnterCriticalSection
LeaveCriticalSection
lstrcpynA
GetLocaleInfoW
MapViewOfFile
SetEvent
UnmapViewOfFile
GetCurrentThreadId
lstrlenW
MultiByteToWideChar
GetACP
WideCharToMultiByte
InterlockedIncrement
OutputDebugStringA
DebugBreak
lstrlenA
InterlockedDecrement
FreeEnvironmentStringsA
GetModuleFileNameA

user32

EndPaint
BeginPaint
CreateDialogParamA
SetCursor
GetCursorPos
SetMenuDefaultItem
GetSubMenu
IsMenu
GetDlgCtrlID
FillRect
SetWindowTextA
GetDlgItem
EndDialog
SetWindowLongA
DrawFocusRect
GetFocus
CallWindowProcA
SetTimer
PostMessageA
wvsprintfA
CharNextA
ChildWindowFromPoint
RegisterWindowMessageA
InvalidateRect
PtInRect
SetFocus
SetCapture
GetCapture
ReleaseCapture
UpdateWindow
SetRectEmpty
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
ReleaseDC
GetDC
DrawTextA
OffsetRect
IsWindow
CreateWindowExA
GetClassNameA
GetWindowTextLengthA
GetWindowTextA
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetWindowLongA
GetParent
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
DestroyIcon
DestroyMenu
EnableWindow
IsWindowVisible
MessageBoxA
LoadMenuA
IsWindowEnabled
TrackPopupMenu
SetForegroundWindow
BringWindowToTop
GetActiveWindow
DialogBoxParamA
DestroyWindow
PostQuitMessage
ShowWindow
GetWindowRect
ScreenToClient
GetSystemMetrics
LoadImageA
SendMessageA
SetWindowPos
IsDialogMessageA
LoadStringA
GetSysColor

gdi32

CreateFontIndirectA
SetBkColor
RestoreDC
CreateSolidBrush
GetObjectA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SelectObject
DeleteDC
DeleteObject
SetTextColor
SetBkMode
LineTo
MoveToEx
SaveDC
ExtTextOutA
CreatePen

advapi32

RegCreateKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

recorder

CreateRecorder

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Recorder.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4316aaef3652b911b4a625e3bab765b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
CreateThread
FlushInstructionCache
GetCurrentProcess
FreeLibrary
OutputDebugStringA
GetProcAddress
LoadLibraryA
HeapDestroy
DisableThreadLibraryCalls
MultiByteToWideChar
lstrcpyA
lstrlenA
lstrcatA
lstrlenW
GetModuleFileNameA
WideCharToMultiByte
WaitForSingleObject
SetEvent
Sleep
CreateEventA
GetDiskFreeSpaceExA
IsBadWritePtr
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetThreadLocale
SetThreadLocale
SetProcessWorkingSetSize
GetVersionExA
CreateProcessA
LocalFree
FormatMessageA
DeleteFileA
GetDriveTypeA
GetLogicalDrives
GetFileType
ReadFile
GetFileSize
SetFilePointer
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedExchange
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetConsoleCtrlHandler
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetStdHandle
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
CreateFileA
WriteFile
CloseHandle
GetLastError
GetCurrentThreadId
EnterCriticalSection
GetModuleHandleA
LeaveCriticalSection
DeleteCriticalSection
GetVersion
InitializeCriticalSection
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
RaiseException
GetEnvironmentVariableA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
FatalAppExitA
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
HeapAlloc
GetLocalTime
GetSystemTime
InterlockedIncrement
InterlockedDecrement
RtlUnwind

user32

SendMessageA
FindWindowExA
SystemParametersInfoA
ScreenToClient
CharNextA
PostMessageA
SetWindowTextA
GetWindowRect
SetWindowPos
GetClassInfoExA
LoadCursorA
wsprintfA
MoveWindow
CallWindowProcA
CreateWindowExA
SetWindowLongA
DestroyWindow
GetWindowLongA
DefWindowProcA
SetDlgItemTextA
RegisterClassExA

advapi32

RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderPathA
SHBrowseForFolderA

ole32

CoCreateGuid
CoCreateInstance

oleaut32

LoadTypeLi
SysAllocString
SysFreeString
RegisterTypeLi

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

ws2_32

htonl
bind
WSACancelAsyncRequest
closesocket
WSAGetLastError
recv
send
WSAAsyncGetHostByName
htons
getpeername
getsockname
shutdown
inet_addr
WSASetLastError
socket
WSAAsyncSelect
gethostname
gethostbyname
select
setsockopt
getsockopt
ioctlsocket
accept
listen
connect

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

CreateRecorder
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SopCore.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

74cde3a886ed38bb98935593d4cc654a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SoP Solution\SopCast\ActiveX\SopCore.pdb

Imports

ws2_32

gethostbyaddr
WSACleanup
shutdown
accept
setsockopt
getpeername
getsockname
WSASendTo
ioctlsocket
gethostbyname
__WSAFDIsSet
ntohs
select
sendto
WSARecvFrom
getsockopt
WSASetLastError
inet_addr
htonl
bind
WSAStartup
socket
htons
connect
ntohl
WSAGetLastError
closesocket
send
listen
recv

kernel32

CompareStringW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetFileType
GetStdHandle
FindNextFileA
FindFirstFileA
GetCurrentProcessId
GlobalMemoryStatus
QueryPerformanceCounter
FlushConsoleInputBuffer
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCommandLineA
ExitThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetTimeZoneInformation
SetConsoleCtrlHandler
CompareStringA
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetOEMCP
GetCPInfo
SetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateMutexA
CreateThread
GetDiskFreeSpaceW
GetTempFileNameW
GlobalGetAtomNameW
lstrcpyA
GetProfileIntW
GetTickCount
GetFileTime
GetFileAttributesW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
LocalLock
LocalUnlock
FindResourceExW
FileTimeToLocalFileTime
GetShortPathNameW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpiW
InterlockedIncrement
GetCurrentThread
lstrcmpiA
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
InterlockedDecrement
SetLastError
lstrcpynW
GetWindowsDirectoryW
LoadLibraryW
GetLastError
FreeLibrary
FindFirstFileW
FindClose
CreateDirectoryW
WaitForSingleObject
Sleep
MoveFileW
lstrcatW
WinExec
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcpyW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetDriveTypeA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
WriteConsoleA
SetUnhandledExceptionFilter

user32

GetProcessWindowStation
MessageBoxA
TranslateAcceleratorW
PostThreadMessageW
GetDCEx
GetTabbedTextExtentW
IsClipboardFormatAvailable
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableW
CharUpperW
DeleteMenu
CharNextW
GetDialogBaseUnits
GetSysColorBrush
SystemParametersInfoW
GetMenuItemInfoW
LockWindowUpdate
EnumChildWindows
SetRect
SetRectEmpty
SetCapture
InvalidateRgn
ReleaseCapture
RegisterClipboardFormatW
IsRectEmpty
CreateMenu
DrawEdge
SetParent
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
UnregisterClassA
GetMessageW
TranslateMessage
ValidateRect
GetDesktopWindow
CreateDialogIndirectParamW
EndDialog
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetUserObjectInformationW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
PeekMessageW
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
UnregisterClassW
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
EndPaint
BeginPaint
GetWindowDC
UnhookWindowsHookEx
FindWindowExW
CopyIcon
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetForegroundWindow
GetWindow
CharUpperA
CharLowerW
CharLowerA
GetSystemMenu
UnionRect
UnpackDDElParam
ReuseDDElParam
GetWindowTextW
wsprintfW
RedrawWindow
KillTimer
SetTimer
LoadMenuW
LoadImageW
GetSubMenu
TrackPopupMenuEx
DestroyMenu
GetWindowLongW
WindowFromPoint
GetNextDlgTabItem
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
GetPropW
SetMenu
GetActiveWindow
GetWindowRect
DrawFocusRect
FrameRect
OffsetRect
InflateRect
CopyRect
GetIconInfo
CreateIconIndirect
DrawStateW
DestroyIcon
SendMessageW
GetClientRect
LoadBitmapW
PtInRect
GetSysColor
SetCursor
EnableWindow
IsWindow
LoadCursorW
GetParent
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
PostMessageW
FillRect
DestroyCursor
DispatchMessageW
MsgWaitForMultipleObjects

gdi32

ExtCreatePen
CreateHatchBrush
GetDCOrgEx
CopyMetaFileW
CreateDCW
PatBlt
SetRectRgn
CombineRgn
SetArcDirection
GetMapMode
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
OffsetRgn
GetViewportOrgEx
GetBkColor
GetTextColor
GetRgnBox
GetTextAlign
EnumFontFamiliesExW
GetCharWidthW
UnrealizeObject
CreatePen
EndPage
SetAbortProc
AbortDoc
EndDoc
StretchDIBits
GetBitmapBits
GetObjectA
CreateDCA
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
LPtoDP
GetTextMetricsW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetWindowExtEx
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
StartPage
DPtoLP
SetBkMode
RestoreDC
SaveDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateRectRgn
CreateFontW
CreateRectRgnIndirect
Rectangle
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleBitmap
GetPixel
SetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
DeleteObject
GetStockObject
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectW
GetTextExtentPoint32W
SetColorAdjustment

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW
PageSetupDlgW
FindTextW
ReplaceTextW

winspool.drv

OpenPrinterW
GetJobW
ClosePrinter
DocumentPropertiesW

advapi32

DeregisterEventSource
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
IsTextUnicode
RegSetValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyW
RegCreateKeyExW
RegSetValueExW
RegisterEventSourceA
ReportEventA
RegCloseKey
GetFileSecurityW
SetFileSecurityW
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW
ExtractIconW
SHGetFileInfoW
DragFinish
ShellExecuteExW

comctl32

_TrackMouseEvent
ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterClassObject
CreateILockBytesOnHGlobal
CoCreateInstance
CoTaskMemFree
SetConvertStg
CreateStreamOnHGlobal
ReadClassStm
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
StringFromCLSID
CoTreatAsClass
OleRun
CLSIDFromProgID
CLSIDFromString
StgCreateDocfileOnILockBytes
CoRevokeClassObject
StringFromGUID2
CreateDataCache
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateDataAdviseHolder
OleSaveToStream
CreateOleAdviseHolder
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleLoadFromStream

oleaut32

LoadRegTypeLi
OleLoadPicture
OleCreateFontIndirect
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDecFromStr
VarBstrFromDec
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreatePropertyFrame
OleTranslateColor
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocString
OleCreatePictureIndirect
SysAllocStringLen

urlmon

CreateURLMoniker
IsAsyncMoniker
CreateAsyncBindCtx
RegisterBindStatusCallback

winmm

timeSetEvent
timeKillEvent
PlaySoundW

wininet

InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TVUAx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

865d2257a426cf79da02ecf1476deed3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\home\luntbuild\work\app-winrd\products\winrd\prj\TVUAx\Release\TVUAx.pdb

Imports

ws2_32

WSARecvFrom
WSASendTo
__WSAFDIsSet
getsockname
getpeername
WSAGetLastError
accept
listen
gethostname
ntohs
send
recv
sendto
recvfrom
shutdown
inet_addr
ntohl
closesocket
bind
htons
htonl
socket
WSACleanup
setsockopt
gethostbyname
WSAStartup
select
connect
ioctlsocket
inet_ntoa

kernel32

lstrcpyA
GetModuleFileNameA
lstrcatA
InterlockedIncrement
InterlockedDecrement
HeapFree
GetProcessHeap
GetModuleHandleA
lstrcpynA
IsDBCSLeadByte
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GetCurrentThreadId
FindResourceExA
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcmpA
LocalFree
TlsSetValue
TlsAlloc
TlsGetValue
CreateThread
CreateMutexA
ReleaseMutex
OutputDebugStringA
GetTickCount
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
CompareStringW
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
GetCPInfo
GetOEMCP
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
TlsFree
SetLastError
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
GetTimeZoneInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
ExitProcess
ResumeThread
ExitThread
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventA
Sleep
SetEvent
CloseHandle
TerminateThread
WaitForSingleObject
RaiseException
SetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LCMapStringA
LCMapStringW
SetFilePointer
FlushFileBuffers
SetStdHandle

user32

GetDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
SendMessageA
CharNextA
DefWindowProcA
DestroyWindow
MessageBoxA
IsWindow
PostMessageA
UnregisterClassA
DestroyCursor
SetRectEmpty
UpdateWindow
ScreenToClient
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
SetCursor
GetDlgCtrlID
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowTextA
GetWindowTextLengthA
CreateCursor
GetClassNameA
SetWindowTextA
GetDlgItem
MapWindowPoints
GetWindowRect
GetWindow
EndDialog
GetDlgItemTextA
RegisterWindowMessageA
InvalidateRgn
GetDesktopWindow
DestroyAcceleratorTable
RedrawWindow
CreateAcceleratorTableA
FindWindowA
BringWindowToTop
IsWindowVisible
IsZoomed
PostQuitMessage
ReleaseDC
GetActiveWindow
DialogBoxParamA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DrawTextA
InflateRect
FillRect
CopyRect
GetKeyState
InvalidateRect
ShowWindow
SetFocus
IsChild
GetFocus
GetParent
CreateWindowExA
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
LoadBitmapA
SystemParametersInfoA
BeginPaint
GetClientRect
EndPaint
MoveWindow

gdi32

SetMapMode
LPtoDP
CreateDCA
DeleteObject
BitBlt
CreateCompatibleDC
SetTextColor
GetStockObject
SetViewportOrgEx
GetObjectA
SelectClipRgn
CreateRectRgn
GetClipRgn
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleBitmap
DeleteDC
GetDeviceCaps
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
CreateRectRgnIndirect
SelectObject
SetBkMode
DeleteMetaFile

advapi32

RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA

ole32

OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
StringFromCLSID
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleSaveToStream

oleaut32

SysAllocStringLen
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
OleCreatePropertyFrame
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
SysFreeString
UnRegisterTypeLi
LoadTypeLi
SysAllocString

libexpatw

ord52
ord31
ord53
ord18
ord25
ord21
ord16

libeay32

ord2254

ssleay32

ord21
ord141
ord12
ord110
ord74
ord183
ord6
ord43
ord86
ord87
ord75
ord58
ord78
ord108
ord96
ord77
ord48
ord8
ord142

shlwapi

PathFindExtensionA

comctl32

_TrackMouseEvent

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dllcheck.exe
.exe windows:4 windows x86 arch:x86

7bc47012256ec9788e27c7c27c1ce1c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetProcAddress
LoadLibraryA
FreeLibrary
GetACP
DebugBreak
OutputDebugStringA
CloseHandle
GetLongPathNameA
InterlockedIncrement
DuplicateHandle
GetLastError
LocalFree
GetWindowsDirectoryA
InterlockedDecrement
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
TerminateProcess
GetCurrentThreadId
GetOEMCP
GetCPInfo
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
OpenProcess
WaitForSingleObject
WriteFile
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

GetWindowThreadProcessId
SendMessageA
IsWindow
EndDialog
CharNextA
wvsprintfA
LoadStringA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetSystemMetrics
LoadImageA
GetDlgItem
SetWindowTextA
SetDlgItemTextA
EnumWindows
IsWindowVisible
GetWindowTextA
SetWindowLongA
DefWindowProcA
MessageBoxA
GetActiveWindow
DialogBoxParamA
DestroyWindow
FindWindowA

advapi32

SetEntriesInAclA
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
SetSecurityInfo

shell32

SHGetFileInfoA

ole32

CoInitialize
CoUninitialize

comctl32

ImageList_ReplaceIcon
ImageList_Remove
ImageList_Create
InitCommonControlsEx

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
kankansession.dll
.dll regsvr32 windows:4 windows x86 arch:x86

79a70bd459052bd14ed6ea8b542750cd

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d5:97:bc:e5:4d:19:d0:bc:b6:16:da:39:68:1a:3a:69:bd:04:8c:7a
Signer

Actual PE Digest

d5:97:bc:e5:4d:19:d0:bc:b6:16:da:39:68:1a:3a:69:bd:04:8c:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetModuleFileNameA
WaitForSingleObject
SetEvent
DeleteFileA
Sleep
CreateEventA
CloseHandle
GetDiskFreeSpaceExA
IsBadWritePtr
GetFileType
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
CreateThread
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersionExA
GetVersion
CreateDirectoryA
VirtualProtect
InterlockedExchange
RaiseException
DisableThreadLibraryCalls
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrcmpA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
lstrlenW
OutputDebugStringA
MultiByteToWideChar
GetPrivateProfileStringA
InitializeCriticalSection
GetLastError
GetModuleHandleA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEnvironmentVariableA
GetLocalTime
GetSystemTime
RtlUnwind

user32

SetWindowLongA
CreateWindowExA
RegisterClassExA
DefWindowProcA
GetWindowLongA
DestroyWindow
PostMessageA
MessageBoxA
CallWindowProcA
GetSysColor
SetFocus
GetWindow
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
wsprintfA
LoadCursorA
GetClassInfoExA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
RegisterWindowMessageA
SetWindowTextA
GetWindowTextLengthA
CharNextA
ShowWindow
SetTimer
GetWindowTextA
SetWindowPos
KillTimer

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoGetClassObject
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

oleaut32

SysAllocString
SysAllocStringLen
LoadRegTypeLi
SysStringLen
VariantClear
OleCreateFontIndirect
RegisterTypeLi
LoadTypeLi
SysFreeString

ws2_32

WSAStartup
ioctlsocket
accept
WSAAsyncSelect
shutdown
sendto
connect
WSAAsyncGetHostByName
send
recv
WSAGetLastError
closesocket
WSACancelAsyncRequest
bind
htonl
htons
inet_addr
WSASetLastError
socket
inet_ntoa
gethostbyname
gethostname
select

Exports

Exports

CreateKankanSession
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseKankanSession

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:4 windows x86 arch:x86

9a8fb143a010f07506356c42d6154f05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

msvcr71

_write
_fileno
_stat
_chmod
_getch
strstr
_read
sprintf
wcsstr
_vsnprintf
vfprintf
_iob
abort
free
realloc
malloc
memchr
time
localtime
gmtime
strncpy
_errno
memmove
isxdigit
isdigit
fprintf
_getpid
fputs
fclose
fread
fwrite
fflush
fopen
_setmode
ftell
fseek
fgets
atoi
perror
qsort
strcmp
getenv
strerror
strchr
isalnum
isspace
strncmp
strtoul
strrchr
tolower
isupper
sscanf
exit
strtol
signal
printf
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit

kernel32

SetLastError
LoadLibraryA
FreeLibrary
FindClose
GetProcAddress
GetTickCount
GetThreadTimes
GetCurrentThread
ExitProcess
GetFileType
GetVersion
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
CloseHandle
GetVersionExA
FlushConsoleInputBuffer
GetModuleHandleA
GetCurrentThreadId
FindNextFileA
GetLastError
FindFirstFileA
GetStdHandle

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_cipher
BIO_set_ex_data
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number
CONF_get_section
CONF_get_string
CONF_imodule_get_flags
CONF_imodule_get_module
CONF_imodule_get_name
CONF_imodule_get_usr_data
CONF_imodule_get_value
CONF_imodule_set_flags
CONF_imodule_set_usr_data
CONF_load
CONF_load_bio
CONF_load_fp
CONF_module_add
CONF_module_get_usr_data
CONF_module_set_usr_data
CONF_modules_finish
CONF_modules_free
CONF_modules_load
CONF_modules_load_file

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libexpatw.dll
.dll windows:4 windows x86 arch:x86

16adaa296932ee15ea6dacef0485a6a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo

Exports

Exports

XML_DefaultCurrent
XML_ErrorString
XML_ExpatVersion
XML_ExpatVersionInfo
XML_ExternalEntityParserCreate
XML_FreeContentModel
XML_GetBase
XML_GetBuffer
XML_GetCurrentByteCount
XML_GetCurrentByteIndex
XML_GetCurrentColumnNumber
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_GetFeatureList
XML_GetIdAttributeIndex
XML_GetInputContext
XML_GetParsingStatus
XML_GetSpecifiedAttributeCount
XML_MemFree
XML_MemMalloc
XML_MemRealloc
XML_Parse
XML_ParseBuffer
XML_ParserCreate
XML_ParserCreateNS
XML_ParserCreate_MM
XML_ParserFree
XML_ParserReset
XML_ResumeParser
XML_SetAttlistDeclHandler
XML_SetBase
XML_SetCdataSectionHandler
XML_SetCharacterDataHandler
XML_SetCommentHandler
XML_SetDefaultHandler
XML_SetDefaultHandlerExpand
XML_SetDoctypeDeclHandler
XML_SetElementDeclHandler
XML_SetElementHandler
XML_SetEncoding
XML_SetEndCdataSectionHandler
XML_SetEndDoctypeDeclHandler
XML_SetEndElementHandler
XML_SetEndNamespaceDeclHandler
XML_SetEntityDeclHandler
XML_SetExternalEntityRefHandler
XML_SetExternalEntityRefHandlerArg
XML_SetNamespaceDeclHandler
XML_SetNotStandaloneHandler
XML_SetNotationDeclHandler
XML_SetParamEntityParsing
XML_SetProcessingInstructionHandler
XML_SetReturnNSTriplet
XML_SetSkippedEntityHandler
XML_SetStartCdataSectionHandler
XML_SetStartDoctypeDeclHandler
XML_SetStartElementHandler
XML_SetStartNamespaceDeclHandler
XML_SetUnknownEncodingHandler
XML_SetUnparsedEntityDeclHandler
XML_SetUserData
XML_SetXmlDeclHandler
XML_StopParser
XML_UseForeignDTD
XML_UseParserAsHandlerArg

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
neo.cfg
neo.exe
.exe windows:4 windows x86 arch:x86

9371cba96844262f81d7122e29d74c30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeSetEvent
timeKillEvent
timeGetTime
timeGetDevCaps
timeBeginPeriod

ws2_32

getsockopt
WSASetLastError
shutdown
closesocket
accept
listen
WSASend
recv
connect
WSAGetLastError
htonl
gethostbyaddr
WSACleanup
send
select
WSAResetEvent
WSACreateEvent
setsockopt
recvfrom
sendto
WSAStartup
socket
bind
getsockname
inet_addr
gethostname
gethostbyname
inet_ntoa
htons
ioctlsocket
ntohl
WSAAsyncSelect
WSAEventSelect

kernel32

FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
lstrcpyA
Sleep
FreeLibrary
LoadLibraryA
GetModuleFileNameA
GetLastError
lstrlenA
CreateMutexA
ReleaseMutex
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalMemoryStatus
GetTickCount
InterlockedExchange
MulDiv
GlobalAlloc
GlobalFree
GlobalSize
CreateProcessA
CreateThread
ResumeThread
WaitForSingleObject
TryEnterCriticalSection
CreateEventA
SetEvent
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
WritePrivateProfileStringA
GetCommandLineA
GetCurrentProcessId
lstrcatA
GetSystemDirectoryA
DeleteFileA
GetCurrentThreadId
GetLocalTime
CreateFileA
FreeEnvironmentStringsW
GetFileSize
ReadFile
WriteFile
FlushFileBuffers
SetThreadPriority
GetFileAttributesA
ExitThread
TlsSetValue
PeekNamedPipe
GetFileInformationByHandle
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
ExitProcess
GetStartupInfoA
HeapFree
RaiseException
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
TerminateProcess
GetVersion
GetExitCodeThread
RemoveDirectoryA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetDriveTypeA
MoveFileA
CreateDirectoryA
CompareStringA
SetFileAttributesA
GetSystemInfo
CompareStringW
GetCurrentProcess
HeapSize
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
SetStdHandle
SetEndOfFile
IsValidLocale
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetCPInfo
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
SetFileTime
LocalFileTimeToFileTime
SetFilePointer
SystemTimeToFileTime

user32

DialogBoxParamA
SetForegroundWindow
GetCursorPos
PtInRect
EnumChildWindows
IsWindow
GetClassNameA
CreateDialogParamA
wsprintfA
UpdateWindow
LoadIconA
LoadCursorA
LoadMenuA
PostQuitMessage
LoadAcceleratorsA
RegisterHotKey
RegisterWindowMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
UnregisterHotKey
DestroyMenu
PeekMessageA
RegisterClassA
UnregisterClassA
DestroyIcon
FindWindowA
InsertMenuA
DeleteMenu
DrawMenuBar
RegisterClassExA
SetMenu
GetDlgItem
SetFocus
SendMessageA
MessageBoxA
LoadStringA
GetWindowRgn
ReleaseDC
GetDC
BeginPaint
EndPaint
DestroyWindow
GetSubMenu
TrackPopupMenu
CreateWindowExA
SetWindowRgn
CheckDlgButton
SetTimer
MoveWindow
KillTimer
DefWindowProcA
GetAsyncKeyState
PostMessageA
GetWindowTextA
EndDialog
SetWindowTextA
IsDlgButtonChecked
GetMenuItemInfoA
CheckMenuItem
GetWindowLongA
SetWindowLongA
ShowWindow
SetWindowPos
LoadBitmapA
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
GetWindowThreadProcessId
EnumWindows
EnableWindow

gdi32

CreateRectRgn
CreateFontA
DeleteDC
TextOutA
SetBkMode
BitBlt
GetPixel
SetBkColor
GetStockObject
CreateSolidBrush
GetTextExtentPoint32A
RoundRect
Rectangle
CombineRgn
DeleteObject
GetObjectA
CreateCompatibleDC
SelectObject
SelectClipRgn

comdlg32

GetOpenFileNameA

advapi32

SetSecurityDescriptorDacl
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetGetConnectedState

Exports

Exports

??0NeoByteStream@@QAE@ABV0@@Z
??0NeoByteStream@@QAE@PAEKK@Z
??1NeoByteStream@@UAE@XZ
??4NeoByteStream@@QAEAAV0@ABV0@@Z
??5NeoByteStream@@QAEAAV0@AAD@Z
??5NeoByteStream@@QAEAAV0@AAE@Z
??5NeoByteStream@@QAEAAV0@AAF@Z
??5NeoByteStream@@QAEAAV0@AAG@Z
??5NeoByteStream@@QAEAAV0@AAJ@Z
??5NeoByteStream@@QAEAAV0@AAK@Z
??5NeoByteStream@@QAEAAV0@AAM@Z
??5NeoByteStream@@QAEAAV0@AAN@Z
??5NeoByteStream@@QAEAAV0@AAPAD@Z
??6NeoByteStream@@QAEAAV0@D@Z
??6NeoByteStream@@QAEAAV0@E@Z
??6NeoByteStream@@QAEAAV0@F@Z
??6NeoByteStream@@QAEAAV0@G@Z
??6NeoByteStream@@QAEAAV0@J@Z
??6NeoByteStream@@QAEAAV0@K@Z
??6NeoByteStream@@QAEAAV0@M@Z
??6NeoByteStream@@QAEAAV0@N@Z
??6NeoByteStream@@QAEAAV0@PAD@Z
??6NeoByteStream@@QAEAAV0@QBD@Z
??_7NeoByteStream@@6B@
??_FNeoByteStream@@QAEXXZ
?Attach@NeoByteStream@@QAEXPAEKK@Z
?Init@NeoByteStream@@SAXXZ
?Read@NeoByteStream@@QAEXPAXK@Z
?ReadString@NeoByteStream@@QAEPADG@Z
?ReadString@NeoByteStream@@QAEXPADG@Z
?Seek@NeoByteStream@@QAEKK@Z
?Skip@NeoByteStream@@QAEKJ@Z
?Swap@NeoByteStream@@SAXPAXH@Z
?Tell@NeoByteStream@@QAEKXZ
?UsableBytes@NeoByteStream@@QAEHXZ
?Write@NeoByteStream@@QAEXPAXK@Z
?get_buf@NeoByteStream@@QAEPAEXZ
?is_valid_data@NeoByteStream@@QAE_NXZ
?m_is_little_endian@NeoByteStream@@1EA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 761KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
neotvsession.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bc70f90b43b9c58cc3bd42fec697de8e

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e3:ee:ed:e1:e2:f4:6d:18:d4:68:3a:73:09:76:6f:a1:54:09:d2:fb
Signer

Actual PE Digest

e3:ee:ed:e1:e2:f4:6d:18:d4:68:3a:73:09:76:6f:a1:54:09:d2:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
DeleteFileA
Sleep
GetDiskFreeSpaceExA
IsBadWritePtr
DisableThreadLibraryCalls
HeapDestroy
FreeLibrary
LoadLibraryA
lstrcpyA
MultiByteToWideChar
lstrlenA
lstrcatA
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedIncrement
InterlockedDecrement
lstrcmpA
FlushInstructionCache
GetCurrentProcess
GetFileType
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
CreateThread
TerminateThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersionExA
CreateProcessA
GetVersion
CreateDirectoryA
CreateEventA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
GetLocalTime
GetSystemTime
RtlUnwind
SuspendThread
OpenEventA
CreateFileMappingA
OpenFileMappingA
OutputDebugStringA
GetProcAddress
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetExitCodeThread
WaitForSingleObject
CloseHandle
InitializeCriticalSection
SetEvent
GetLastError
GetModuleHandleA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RaiseException
GetThreadContext
SetThreadContext
ResumeThread
VirtualProtectEx
SetLastError
InterlockedExchange

user32

KillTimer
SetWindowPos
GetWindowTextA
SetTimer
GetWindowThreadProcessId
FindWindowA
CharNextA
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
GetWindow
SetWindowTextA
GetWindowTextLengthA
CallWindowProcA
PostMessageA
SetFocus
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
wsprintfA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
SetWindowLongA
DestroyWindow
GetWindowLongA
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetSysColor

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VariantClear
OleCreateFontIndirect
SysAllocStringLen
LoadRegTypeLi

ws2_32

ioctlsocket
accept
WSAAsyncSelect
shutdown
connect
WSAAsyncGetHostByName
recv
WSAGetLastError
closesocket
WSACancelAsyncRequest
bind
htonl
htons
inet_addr
WSASetLastError
socket
WSAStartup
sendto
inet_ntoa
gethostbyname
gethostname
select
send

Exports

Exports

CreateXunLeiSession
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseXunLeiSession

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
network.dll
.dll windows:4 windows x86 arch:x86

9923d316153c9a8d1f74cc1e8cfc6950

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d3:09:bc:bb:54:64:41:fa:3b:bb:58:a5:5e:17:88:74:da:1e:b5:76
Signer

Actual PE Digest

d3:09:bc:bb:54:64:41:fa:3b:bb:58:a5:5e:17:88:74:da:1e:b5:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
ResetEvent
WaitForSingleObject
CreateThread
GetModuleFileNameA
GetTickCount
OpenFileMappingA
CreateFileMappingA
OpenEventA
GetLastError
CreateEventA
CloseHandle
UnmapViewOfFile
MapViewOfFile
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetModuleHandleA
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
HeapAlloc
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
SetFilePointer
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers

ws2_32

WSARecvFrom
recvfrom
WSARecv
recv
closesocket
getpeername

Exports

Exports

GetLocalDownloadSpeed
GetRemoteDownloadSpeed
Reset
StartMeasure
StopMeasure

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/CheckOS.dll
.dll windows:4 windows x86 arch:x86

0bd51211f1803ff41ceed9ab8c00dbdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
Sleep
SetThreadAffinityMask
GetCurrentThread
GetProcessAffinityMask
GetCurrentProcess
LoadLibraryA
CloseHandle
FreeLibrary
OpenProcess
GetPrivateProfileStringA
SetLastError
lstrcpyA
GetSystemDirectoryA
GetFileAttributesA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
DeleteFileA
WideCharToMultiByte
FindClose
FindFirstFileA
CreateDirectoryA
MultiByteToWideChar
GetStdHandle
WriteFile
OutputDebugStringA
GetTempFileNameA
GetTempPathA
CompareStringW
CompareStringA
SetEndOfFile
SetThreadLocale
GetVersionExA
GetModuleHandleA
GetProcAddress
GetSystemInfo
lstrcatA
lstrcmpiA
lstrlenA
QueryPerformanceCounter
QueryPerformanceFrequency
LocalAlloc
GetLastError
LocalFree
GetTickCount
lstrcpynA
GetModuleFileNameA
GetThreadLocale
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
VirtualAlloc
ExitProcess
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
HeapReAlloc
InterlockedIncrement
InterlockedDecrement
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
HeapFree
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection

user32

GetSystemMetrics
wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

ole32

IIDFromString
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
SysFreeString
VariantInit
VariantClear

ws2_32

closesocket
recv
shutdown
getsockname
ntohs
WSACleanup
gethostbyname
gethostbyaddr
connect
inet_addr
htons
socket
WSAStartup
send
select
ioctlsocket
WSAGetLastError
inet_ntoa

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Exports

Exports

CreatePlugin

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ppamnet.exe
.exe windows:4 windows x86 arch:x86

d0cdedceec699f9cb64fa91302c86a22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
SetLastError
CloseHandle
IsBadCodePtr
OpenProcess
GetLastError
GetModuleHandleA
GetVersionExA
IsBadWritePtr
GetModuleFileNameA
CreateFileA
GetCurrentProcessId
ReadProcessMemory
GetCurrentProcess
lstrlenA
GetCurrentThread
IsBadReadPtr
HeapFree
GetProcessHeap
SetUnhandledExceptionFilter
RaiseException
DeleteFileA
GetPrivateProfileStringA
GetFileAttributesA
CreateThread
WriteFile
SetProcessWorkingSetSize
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
CreateProcessA
FindNextFileA
FindFirstFileA
GetCommandLineA
GetTickCount
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
ReadFile
GetThreadLocale
GetVersion
Sleep
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetFileType
SetFilePointer
lstrcatA
GetPrivateProfileIntA
SetEnvironmentVariableA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
FlushFileBuffers
HeapSize
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetLocaleInfoW
ExitProcess
OutputDebugStringA
GetTempPathA
GetTempFileNameA
FreeLibrary
lstrcpynA
LoadLibraryA
GetStartupInfoA
HeapAlloc
HeapReAlloc
GetLocalTime
GetSystemTime
RtlUnwind
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
CreateDirectoryA
GetProcAddress

user32

PostMessageA
SendMessageA
IsWindow
PostQuitMessage
DestroyWindow
IsDialogMessageA
SetTimer
LoadImageA
GetSystemMetrics
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
GetWindowLongA
KillTimer
CreateDialogParamA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
SetLastErrorEx
wsprintfA
SetWindowLongA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoUninitialize

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

comctl32

InitCommonControlsEx

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ppdoctor.exe
.exe windows:4 windows x86 arch:x86

462eabe3a4afd28bcef939ab08a6b8b4

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d5:ca:c0:6a:61:eb:ff:25:1d:e6:be:50:55:39:5f:5c:a4:0f:04:7c
Signer

Actual PE Digest

d5:ca:c0:6a:61:eb:ff:25:1d:e6:be:50:55:39:5f:5c:a4:0f:04:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
LockResource
LoadResource
FindResourceA
MulDiv
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
GetVersionExA
GetStdHandle
WriteFile
GetLastError
DuplicateHandle
CreateMutexA
TlsAlloc
TlsSetValue
UnmapViewOfFile
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
ReleaseMutex
RaiseException
TlsGetValue
MapViewOfFile
CreateFileMappingA
HeapDestroy
SetStdHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
SetFilePointer
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
TerminateProcess
SetLastError
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
RtlUnwind
HeapFree
HeapAlloc
InitializeCriticalSection
SetThreadLocale
FreeLibrary
LoadLibraryA
GetProcAddress
FindFirstFileA
FindNextFileA
FindClose
SetEvent
GetThreadLocale
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
lstrcatA
WaitForSingleObject
CloseHandle
GetExitCodeThread
TerminateThread
CreateEventA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalAddAtomA
CompareStringA
lstrcmpiA
lstrlenA
lstrcpyA
GetCurrentProcess
FlushInstructionCache

user32

BeginDeferWindowPos
EndDeferWindowPos
GetClassLongA
SetPropA
GetDialogBaseUnits
SetRect
GetClassInfoA
CallWindowProcA
DeferWindowPos
SetWindowPos
MapWindowPoints
GetClientRect
CopyRect
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
BeginPaint
EndPaint
DestroyWindow
InvalidateRect
PtInRect
UpdateWindow
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
DefWindowProcA
SetRectEmpty
SetDlgItemTextA
GetActiveWindow
DialogBoxParamA
DestroyCursor
EnableWindow
wsprintfA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadIconA
DrawTextA
CreateWindowExA
ReleaseDC
GetClassNameA
CreateCursor
SendMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsWindow
GetDC
OffsetRect
CharNextA
EndDialog
GetDlgItem
SetWindowLongA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
SetCursor

gdi32

GetObjectA
CreateFontIndirectA
SelectObject
GetStockObject
DeleteDC
DeleteObject
SetTextColor
SetBkMode
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectW
GetDeviceCaps
DPtoLP

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

comctl32

_TrackMouseEvent
InitCommonControlsEx

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pplivesession.dll
.dll windows:4 windows x86 arch:x86

49732021d5d66ecf1993daccd8d373cf

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

75:5d:10:b5:7b:65:b4:d3:21:ec:48:df:44:21:b5:eb:32:7c:1d:7d
Signer

Actual PE Digest

75:5d:10:b5:7b:65:b4:d3:21:ec:48:df:44:21:b5:eb:32:7c:1d:7d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CreateEventA
CloseHandle
GetDiskFreeSpaceExA
IsBadWritePtr
DeleteFileA
GetFileType
GetLastError
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
CreateThread
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetThreadLocale
SetThreadLocale
SetProcessWorkingSetSize
GetVersionExA
CreateProcessA
LocalFree
FormatMessageA
GetVersion
GetDriveTypeA
GetLogicalDrives
GetFileAttributesA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
CreateDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateMutexA
TlsAlloc
TlsFree
ReleaseMutex
TlsSetValue
TlsGetValue
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
ResetEvent
UnmapViewOfFile
OpenEventA
InterlockedExchange
MapViewOfFile
CreateFileMappingA
SetEvent
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocaleInfoW
SetEnvironmentVariableA
SetEndOfFile
SetConsoleCtrlHandler
SetStdHandle
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
FlushFileBuffers
SetUnhandledExceptionFilter
GetOEMCP
GetACP
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetCurrentThread
HeapSize
TerminateProcess
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
FatalAppExitA
ExitProcess
HeapReAlloc
GetCommandLineA
HeapAlloc
RaiseException
HeapFree
GetLocalTime
WaitForSingleObject
WideCharToMultiByte
GetPrivateProfileStringW
GetCurrentThreadId
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
lstrlenW
lstrcmpA
GetModuleHandleA
InterlockedIncrement
OutputDebugStringA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
MultiByteToWideChar
InitializeCriticalSection
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
OpenFileMappingA
GetSystemTime
RtlUnwind
VirtualQuery
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualProtect
PeekNamedPipe

user32

SetWindowTextA
SetWindowLongA
GetWindowLongA
GetSysColor
SendMessageA
GetDlgItem
CallWindowProcA
EndPaint
FillRect
GetClientRect
BeginPaint
ReleaseDC
GetDC
SetFocus
GetWindow
GetFocus
SetWindowPos
GetClassNameA
GetParent
IsWindow
DestroyWindow
RedrawWindow
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
CreateWindowExA
wsprintfA
MessageBoxW
SetTimer
KillTimer
PostMessageA
FindWindowExA
SystemParametersInfoA
ScreenToClient
MoveWindow
GetWindowTextLengthA
SetDlgItemTextA
GetWindowRect
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
IsChild
GetWindowTextA

gdi32

GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

ole32

CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoCreateGuid
CoGetClassObject
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize

oleaut32

SysStringLen
SysAllocStringLen
VariantClear
VariantInit
CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
SysAllocString
OleCreateFontIndirect
SysFreeString
LoadRegTypeLi

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

WSAStartup
getsockopt
ioctlsocket
accept
WSAAsyncSelect
shutdown
getpeername
connect
WSAAsyncGetHostByName
send
WSAGetLastError
closesocket
WSACancelAsyncRequest
WSACleanup
WSASetLastError
socket
gethostname
gethostbyname
inet_ntoa
inet_addr
htons
sendto
select
recv
getsockname
listen
ntohs
bind
getservbyname
gethostbyaddr
getprotobyname
recvfrom
ntohl
WSARecv
WSASend
htonl
setsockopt

Exports

Exports

CreatePPLiveSession
ReleasePPLiveSession

Sections

.text
Size: 572KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ppmate.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a0944c2fb20de2459834c2cabd2598a1

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

47:ff:38:d1:74:50:0f:6c:11:c6:b5:c1:af:d5:31:95:66:35:d3:59
Signer

Actual PE Digest

47:ff:38:d1:74:50:0f:6c:11:c6:b5:c1:af:d5:31:95:66:35:d3:59

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
WaitForSingleObject
CreateThread
CreateEventA
TerminateThread
CloseHandle
SetEvent
OutputDebugStringA
GetVersionExA
GetTickCount
GetFileAttributesA
GetFileType
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalFree
DeviceIoControl
GetCurrentProcessId
LocalFree
FormatMessageA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDiskFreeSpaceExA
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetPrivateProfileStringA
GetSystemDirectoryA
CreateMutexA
TlsAlloc
TlsFree
GetCurrentProcess
TlsSetValue
TlsGetValue
SetLastError
InterlockedExchange
GetLocaleInfoW
SetEnvironmentVariableA
SetEndOfFile
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
FlushFileBuffers
GetOEMCP
GetACP
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
HeapSize
TerminateProcess
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetCommandLineA
FlushInstructionCache
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
DeleteCriticalSection
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
GetLastError
LoadLibraryExA
GetModuleFileNameA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
GetVersion
DisableThreadLibraryCalls
DeleteFileA
ReleaseMutex
GetLocalTime
GetSystemTime
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind

user32

RegisterClassExA
CreateWindowExA
CallWindowProcA
GetWindowLongA
SetWindowLongA
GetFocus
SetFocus
GetParent
ShowWindow
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
ReleaseDC
GetDC
InvalidateRect
EndPaint
GetClientRect
BeginPaint
PeekMessageA
PostMessageA
PostThreadMessageA
FindWindowA
SendMessageA
IsChild
UnionRect
PtInRect
GetKeyState
DefWindowProcA
CharNextA
IsWindow
DestroyWindow
GetClassInfoExA
LoadCursorA
wsprintfA

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
GetDeviceCaps
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
Rectangle
SetTextAlign
TextOutA
CreateDCA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegCreateKeyA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

CoCreateGuid
CoUninitialize
CoInitialize
CreateOleAdviseHolder
OleLoadFromStream
CreateDataAdviseHolder
OleSaveToStream
WriteClassStm
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
RegisterTypeLi
LoadTypeLi
VariantInit
SysAllocStringLen
OleCreatePropertyFrame
SysStringLen
SysFreeString
VarUI4FromStr
SysAllocString
LoadRegTypeLi

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA

ws2_32

shutdown
sendto
send
recvfrom
recv
accept
listen
bind
closesocket
socket
setsockopt
getsockname
inet_addr
gethostbyname
ntohs
htons
htonl
ioctlsocket
select
__WSAFDIsSet
WSAGetLastError
inet_ntoa
WSAStartup
WSACleanup
WSASend
WSARecv
ntohl
getpeername
WSASetLastError
connect

Exports

Exports

CreatePPMate
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleasePPMate

Sections

.text
Size: 512KB - Virtual size: 508KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ppmate.exe
.exe windows:4 windows x86 arch:x86

93dfe6a28611c7ae00a6530619585981

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b6:60:22:f0:a6:e7:b1:9b:98:45:b9:3a:a9:ae:12:b3:51:26:a3:1d
Signer

Actual PE Digest

b6:60:22:f0:a6:e7:b1:9b:98:45:b9:3a:a9:ae:12:b3:51:26:a3:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

IsBadReadPtr
HeapFree
GetProcessHeap
SetUnhandledExceptionFilter
RaiseException
lstrcpynW
TerminateProcess
GetSystemDefaultLCID
SetProcessWorkingSetSize
SetThreadLocale
DebugBreak
MulDiv
FindNextFileA
FindFirstFileA
HeapDestroy
WideCharToMultiByte
GetDriveTypeA
CreateSemaphoreA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
TerminateThread
GetPrivateProfileStringA
GlobalFree
DeviceIoControl
CreateDirectoryA
WriteFile
GetFileAttributesA
CreateProcessA
GetSystemTimeAsFileTime
ReadFile
GetFileType
GetStdHandle
GetCurrentThread
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
FlushFileBuffers
SetFilePointer
TlsGetValue
TlsAlloc
TlsSetValue
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
HeapSize
CompareStringW
GetCPInfo
LCMapStringW
LCMapStringA
GetVersion
GetCommandLineA
GetStartupInfoA
HeapReAlloc
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
InterlockedExchange
Sleep
ReadProcessMemory
GetCurrentProcessId
CreateFileA
IsBadWritePtr
GetVersionExA
GetModuleHandleA
GetLastError
OpenProcess
IsBadCodePtr
SetLastError
lstrcatA
ExitProcess
OutputDebugStringA
GetTempPathA
GetTempFileNameA
FreeLibrary
lstrcpynA
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
lstrcmpA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
CompareStringA
lstrcmpiA
CreateThread
CloseHandle
GetTickCount
DeleteFileA
lstrcpyA
GetModuleFileNameA
lstrlenA
InterlockedIncrement
InterlockedDecrement
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
SetEnvironmentVariableA
SetEndOfFile
SetHandleCount
GetLocaleInfoW

user32

ModifyMenuA
InflateRect
DrawEdge
CallNextHookEx
PeekMessageA
IsRectEmpty
DrawFrameControl
DispatchMessageA
TranslateMessage
GetMessageA
ClientToScreen
CheckDlgButton
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetDlgItemTextA
ExitWindowsEx
SetWindowRgn
GetMessagePos
WindowFromPoint
GetSysColorBrush
FrameRect
TrackPopupMenuEx
GetKeyState
wvsprintfA
SetWindowsHookExA
UnhookWindowsHookEx
CharLowerA
MessageBeep
GetWindowThreadProcessId
GetMenuItemCount
UnionRect
GetWindowDC
GetActiveWindow
DialogBoxParamA
OpenIcon
EnumChildWindows
UnregisterHotKey
MoveWindow
DestroyAcceleratorTable
KillTimer
SetMenu
RegisterHotKey
LoadAcceleratorsA
SetTimer
MessageBoxA
DestroyIcon
DestroyMenu
IsZoomed
DrawAnimatedRects
SetWindowTextA
GetDlgItem
SetWindowPos
BringWindowToTop
IsWindowVisible
IsIconic
FlashWindow
SetParent
SetActiveWindow
CheckMenuItem
TrackPopupMenu
LoadMenuA
LoadImageA
ShowWindow
TranslateAcceleratorA
SetRect
GetSystemMetrics
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
IsMenu
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetWindowLongA
GetParent
EndDialog
SetRectEmpty
FindWindowA
DefWindowProcA
DestroyCursor
IsWindow
SendMessageA
PostMessageA
PostQuitMessage
LoadStringW
GetSubMenu
SetForegroundWindow
SetLastErrorEx
InvalidateRgn
wsprintfA
CreateAcceleratorTableA
GetDesktopWindow
RedrawWindow
IsChild
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CallWindowProcA
LoadStringA
IsWindowEnabled
GetSysColor
GetFocus
DrawFocusRect
FillRect
GetDlgCtrlID
CreateWindowExA
DrawTextA
ReleaseDC
EnableWindow
ScreenToClient
GetClassNameA
SetWindowLongA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDC
OffsetRect
CharNextA
EndPaint
DestroyWindow
BeginPaint
InvalidateRect
PtInRect
SetCursor
UpdateWindow
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos

gdi32

SetBrushOrgEx
PatBlt
LPtoDP
CreatePatternBrush
SetMapMode
SetWindowOrgEx
StretchBlt
GetDeviceCaps
CreateSolidBrush
SetBkColor
ExtTextOutA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetBkMode
SetTextColor
DeleteDC
GetStockObject
CreateBitmap
CreatePen
MoveToEx
LineTo
DPtoLP
CreateDIBSection
CreateICA
GetDIBits
SelectObject
GetMapMode
DeleteObject
GetObjectA
CreateFontIndirectA
ExtCreateRegion

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
Shell_NotifyIconA
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHAppBarMessage
ShellExecuteA

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
OleLockRunning
CoTaskMemAlloc
OleUninitialize
CLSIDFromString
OleInitialize
CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
StringFromCLSID

oleaut32

SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
DispCallFunc
SysStringLen
LoadRegTypeLi

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetImageCount
InitCommonControlsEx
PropertySheetA
ImageList_Draw
ImageList_LoadImageA
ord17
_TrackMouseEvent
ImageList_GetIconSize

urlmon

URLDownloadToFileA

Sections

.text
Size: 360KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ppmlist.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a1ea292d68f9e799e94df30330c01a75

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

60:54:8b:c1:fd:95:82:57:dc:47:d2:b2:34:6e:d7:be:a2:68:55:11
Signer

Actual PE Digest

60:54:8b:c1:fd:95:82:57:dc:47:d2:b2:34:6e:d7:be:a2:68:55:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
SetEvent
GetTempFileNameW
LocalFree
GetLocaleInfoW
SetEnvironmentVariableA
SetEndOfFile
LoadLibraryA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
CreateEventW
VirtualFree
HeapCreate
GetEnvironmentVariableA
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
GetModuleHandleA
HeapSize
TerminateProcess
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
RaiseException
RtlUnwind
InterlockedExchange
GetTempPathW
SetThreadPriority
GetTickCount
GetCurrentProcessId
OpenProcess
VirtualQueryEx
VirtualProtectEx
DebugBreak
GetVersionExA
GetWindowsDirectoryW
WinExec
CreateFileA
CreateDirectoryA
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
GetSystemTimeAsFileTime
GetExitCodeThread
TerminateThread
CreateThread
GlobalReAlloc
GetFileSize
WriteFile
GetFileAttributesW
GetVersionExW
SetThreadLocale
FindFirstFileW
FindNextFileW
CopyFileW
DeleteFileW
CreateProcessW
GetVersion
GetThreadLocale
CreateFileW
ReadFile
CloseHandle
OutputDebugStringW
lstrcmpW
GlobalHandle
GlobalFree
FreeResource
GlobalAlloc
GlobalLock
GlobalUnlock
LockResource
InterlockedIncrement
LoadLibraryW
GetProcAddress
lstrcatW
lstrcpyW
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
DisableThreadLibraryCalls
lstrcmpiW
LoadLibraryExW
GetLastError
FindResourceW
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
GetPrivateProfileIntW
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
MulDiv
lstrcpynW
GetTimeZoneInformation
Sleep
lstrlenA
MultiByteToWideChar
GetPrivateProfileStringW
lstrlenW
WideCharToMultiByte
VirtualAlloc

user32

TranslateMessage
EndDialog
ClientToScreen
DestroyCursor
GetSystemMetrics
KillTimer
LoadBitmapW
GetMenuItemCount
SetTimer
GetSubMenu
GetMessageW
CheckMenuItem
TrackPopupMenu
DestroyMenu
GetActiveWindow
DialogBoxParamW
MessageBoxW
PostMessageW
LoadMenuW
MessageBeep
GetDlgItemInt
SendMessageW
SetDlgItemInt
GetDesktopWindow
EnableWindow
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetWindowRect
GetWindow
GetParent
GetWindowLongW
DefWindowProcW
SetWindowTextW
GetWindowTextW
ReleaseDC
GetDC
SetWindowLongW
CallWindowProcW
InvalidateRect
CreateWindowExW
DrawIconEx
DrawTextW
GetIconInfo
CreateIconIndirect
DestroyIcon
CopyIcon
SetRectEmpty
GetDlgCtrlID
wvsprintfW
IsWindowEnabled
ChildWindowFromPoint
WindowFromPoint
IsRectEmpty
CopyRect
GetWindowDC
PostThreadMessageW
DispatchMessageW
FillRect
BeginPaint
SetCursor
LoadCursorW
TrackMouseEvent
ScreenToClient
GetCursorPos
ShowWindow
MoveWindow
PtInRect
EndPaint
RegisterClassExW
wsprintfW
GetClassInfoExW
LoadImageW
SetRect
ShowScrollBar
CharNextW
DestroyWindow
EnumChildWindows
GetDialogBaseUnits
LoadStringW
InvalidateRgn
SetCapture
ReleaseCapture
CreateAcceleratorTableW
GetClassNameW
RedrawWindow
GetWindowTextLengthW
RegisterWindowMessageW
CreateDialogIndirectParamW
GetSysColor
IsChild
GetNextDlgTabItem
IsDialogMessageW
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
GetKeyState
SetFocus
IsWindow
GetFocus

gdi32

BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
TextOutW
CombineRgn
CreateRectRgn
OffsetRgn
PtInRegion
SelectClipRgn
GetRgnBox
GetTextExtentPoint32W
CreateMetaFileW
ExtCreateRegion
CreateDIBSection
StretchBlt
CreateBitmap
SetTextJustification
FrameRgn
FillRgn
CreatePolygonRgn
CreateRoundRectRgn
ExtTextOutW
SetWindowExtEx
CloseMetaFile
DeleteObject
CreateFontIndirectW
DPtoLP
GetDeviceCaps
SelectObject
SetTextColor
SetBkMode
CreateSolidBrush
LineTo
MoveToEx
RestoreDC
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateDCW
GetTextExtentPointW
GetTextMetricsW
Rectangle
GetStockObject
SetBkColor
GetObjectW
CreateRectRgnIndirect
CreatePen
DeleteMetaFile

advapi32

RegOpenKeyExA
RegCreateKeyExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyW
RegOpenKeyW
RegQueryValueW
RegDeleteKeyW
RegQueryValueExA
RegCreateKeyA
RegSetValueExA

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

CoInitialize
StringFromGUID2
GetHGlobalFromStream
OleLockRunning
StringFromCLSID
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
CreateDataAdviseHolder
OleSaveToStream
WriteClassStm
OleRegGetMiscStatus
CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
OleRun

oleaut32

VariantInit
GetErrorInfo
VariantCopy
DispCallFunc
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
LoadRegTypeLi
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
OleTranslateColor
LoadTypeLi
SysAllocString
RegisterTypeLi
VarUI4FromStr
VariantClear
SysFreeString

wininet

InternetCloseHandle
InternetReadFile
InternetOpenA
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetOpenUrlW
InternetOpenUrlA

ws2_32

inet_addr
WSAStartup
htons
socket
closesocket
recv
select
send
connect

comctl32

ord17
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
_TrackMouseEvent
ImageList_LoadImageW

urlmon

URLDownloadToFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ppstreamsession.dll
.dll windows:4 windows x86 arch:x86

155389df29ac066fea2486418dc21303

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1e:83:18:8a:59:39:ca:2b:c9:90:0f:43:a7:01:27:e8:d6:dd:5e:4b
Signer

Actual PE Digest

1e:83:18:8a:59:39:ca:2b:c9:90:0f:43:a7:01:27:e8:d6:dd:5e:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
SetEvent
DeleteFileA
CreateEventA
CloseHandle
GetDiskFreeSpaceExA
IsBadWritePtr
GetFileType
GetLastError
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
GetModuleHandleA
CreateThread
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetThreadLocale
SetThreadLocale
SetProcessWorkingSetSize
GetVersionExA
CreateProcessA
LocalFree
FormatMessageA
GetVersion
GetDriveTypeA
GetLogicalDrives
GetFileAttributesA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
CreateDirectoryA
GetPrivateProfileIntA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetConsoleCtrlHandler
SetStdHandle
WideCharToMultiByte
GetStringTypeA
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
IsBadCodePtr
IsBadReadPtr
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
FatalAppExitA
ExitProcess
RaiseException
GetCommandLineA
HeapFree
GetLocalTime
GetSystemTime
RtlUnwind
OutputDebugStringA
Sleep
GetPrivateProfileStringA
SetUnhandledExceptionFilter
GetCurrentThreadId
InterlockedDecrement
GetCurrentProcess
FlushInstructionCache
lstrlenW
InterlockedIncrement
lstrcmpA
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
GetStringTypeW
InterlockedExchange
VirtualQuery
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualProtect
SetLastError

user32

ScreenToClient
LoadCursorA
GetClassInfoExA
RegisterWindowMessageA
DefWindowProcA
GetWindow
SetWindowLongA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetWindowLongA
GetSysColor
SendMessageA
GetDlgItem
CallWindowProcA
EndPaint
FillRect
GetClientRect
BeginPaint
ReleaseDC
GetDC
SetFocus
IsChild
GetFocus
SetWindowPos
GetClassNameA
GetParent
IsWindow
DestroyWindow
RedrawWindow
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
CreateWindowExA
wsprintfA
MessageBoxA
ShowWindow
KillTimer
SetTimer
PostMessageA
FindWindowExA
SystemParametersInfoA
MoveWindow
SetDlgItemTextA
GetWindowRect
RegisterClassExA

gdi32

GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHBrowseForFolderA

ole32

CoCreateGuid
CoGetClassObject
OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize

oleaut32

VariantInit
CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
VariantClear
LoadRegTypeLi
SysAllocString
SysFreeString

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

ws2_32

getsockopt
ioctlsocket
accept
listen
WSAAsyncSelect
shutdown
getsockname
connect
WSAAsyncGetHostByName
send
setsockopt
WSAGetLastError
WSACancelAsyncRequest
bind
htonl
WSASetLastError
socket
gethostname
gethostbyname
inet_addr
htons
sendto
select
getpeername
inet_ntoa
ntohs
WSARecv
closesocket
recv

Exports

Exports

CreatePPStreamSession
ReleasePPStreamSession

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sopcastsession.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fd93e48d9cf1ca335bcb8b2172de8bd0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
DeleteFileA
Sleep
CreateEventA
CloseHandle
GetDiskFreeSpaceExA
IsBadWritePtr
DisableThreadLibraryCalls
HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetModuleFileNameA
GetFileType
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
CreateThread
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersionExA
LocalFree
GetVersion
CreateDirectoryA
InterlockedExchange
RaiseException
SetEnvironmentVariableA
WaitForSingleObject
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
GetLocalTime
GetSystemTime
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrcmpA
InterlockedIncrement
lstrlenW
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
GetPrivateProfileStringA
GetLastError
GetModuleHandleA
InitializeCriticalSection
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
RtlUnwind
VirtualProtect
SetLastError

user32

SetWindowLongA
CreateWindowExA
RegisterClassExA
GetWindowTextA
SetWindowPos
KillTimer
SetTimer
CallWindowProcA
GetSysColor
SetFocus
GetWindow
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
wsprintfA
LoadCursorA
GetClassInfoExA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
RegisterWindowMessageA
SetWindowTextA
GetWindowTextLengthA
CharNextA
DefWindowProcA
GetWindowLongA
DestroyWindow
PostMessageA
MessageBoxA
ShowWindow

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID
CLSIDFromString
CoTaskMemAlloc
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromCLSID
CoTaskMemFree
CoGetClassObject
CoCreateInstance

oleaut32

VariantInit
SysStringLen
CreateErrorInfo
VariantChangeType
LoadRegTypeLi
SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
RegisterTypeLi
LoadTypeLi
OleCreateFontIndirect

ws2_32

WSAAsyncSelect
shutdown
connect
WSAAsyncGetHostByName
send
accept
WSAGetLastError
closesocket
WSACancelAsyncRequest
bind
htonl
htons
inet_addr
WSASetLastError
socket
ioctlsocket
sendto
inet_ntoa
gethostbyname
gethostname
select
recv

Exports

Exports

CreateSopCastSession
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseSopCastSession

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssleay32.dll
.dll windows:4 windows x86 arch:x86

ec3469e6569d715ba5e5e1375e9767e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord1654
ord903
ord252
ord2206
ord857
ord176
ord641
ord2821
ord281
ord290
ord654
ord181
ord188
ord269
ord3109
ord2630
ord910
ord2411
ord754
ord490
ord222
ord167
ord168
ord169
ord85
ord52
ord2201
ord289
ord493
ord911
ord464
ord3245
ord354
ord2936
ord3244
ord323
ord3067
ord2894
ord961
ord89
ord109
ord202
ord3239
ord866
ord110
ord3422
ord2929
ord3644
ord3570
ord2578
ord111
ord3010
ord3480
ord2924
ord3459
ord3512
ord3608
ord3575
ord3663
ord123
ord201
ord118
ord3666
ord219
ord498
ord285
ord635
ord912
ord909
ord3724
ord313
ord495
ord120
ord151
ord3178
ord3695
ord3550
ord3418
ord203
ord128
ord31
ord830
ord727
ord2760
ord282
ord572
ord3719
ord216
ord206
ord497
ord3682
ord2877
ord3711
ord205
ord486
ord484
ord763
ord577
ord907
ord87
ord481
ord3729
ord333
ord2915
ord256
ord1096
ord1097
ord2589
ord1145
ord1144
ord1081
ord2292
ord622
ord627
ord657
ord653
ord1653
ord2784
ord965
ord964
ord2572
ord2747
ord3704
ord3758
ord3767
ord3647
ord3766
ord3365
ord3460
ord3454
ord3754
ord3394
ord187
ord897
ord3414
ord3495
ord67
ord65
ord53
ord78
ord98
ord3559
ord3399
ord636
ord914
ord626
ord890
ord1004
ord3527
ord364
ord1010
ord2051
ord58
ord66
ord630
ord628
ord1041
ord1007
ord1005
ord1027
ord3378
ord3437
ord316
ord629
ord892
ord74
ord248
ord1655
ord575
ord1025
ord246
ord1100
ord679
ord2524
ord3595
ord1023
ord3505
ord401
ord93
ord3396
ord3657
ord887
ord889
ord891
ord315
ord1147
ord189
ord314
ord956
ord280
ord2181
ord399
ord748
ord279
ord283
ord400
ord751
ord750
ord774
ord3205
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3623
ord32
ord718
ord7
ord716
ord703
ord680
ord86
ord88
ord1101
ord293
ord322
ord2996
ord3155
ord2927
ord325
ord329
ord318
ord304
ord292
ord299
ord955
ord2252
ord91
ord247
ord904
ord901
ord623
ord905

msvcr71

_iob
_errno
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
strncmp
memmove
time
fprintf

kernel32

GetLastError
DisableThreadLibraryCalls
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sessions
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_msg_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_cmp
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_hash
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tvuplayersession.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cc8c4f99ec1bd6abad69c5c27a4c5ae6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
DeleteFileA
Sleep
CreateEventA
CloseHandle
GetDiskFreeSpaceExA
IsBadWritePtr
DisableThreadLibraryCalls
HeapDestroy
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetModuleFileNameA
GetFileType
CreateFileA
ReadFile
WriteFile
GetFileSize
SetFilePointer
CreateThread
TerminateThread
GetExitCodeThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetVersionExA
LocalFree
GetVersion
CreateDirectoryA
InterlockedExchange
RaiseException
SetEnvironmentVariableA
WaitForSingleObject
CompareStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapSize
HeapAlloc
HeapReAlloc
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
GetLocalTime
GetSystemTime
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrcmpA
InterlockedIncrement
lstrlenW
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
GetPrivateProfileStringA
GetLastError
GetModuleHandleA
InitializeCriticalSection
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
RtlUnwind
VirtualProtect
SetLastError

user32

SetWindowLongA
CreateWindowExA
ShowWindow
GetWindowTextA
SetWindowPos
KillTimer
SetTimer
CallWindowProcA
GetSysColor
SetFocus
GetWindow
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
IsWindow
RedrawWindow
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
wsprintfA
LoadCursorA
GetClassInfoExA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
RegisterWindowMessageA
SetWindowTextA
GetWindowTextLengthA
CharNextA
RegisterClassExA
DefWindowProcA
GetWindowLongA
DestroyWindow
PostMessageA
MessageBoxA

gdi32

GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetDeviceCaps
GetStockObject

shell32

Shell_NotifyIconA

ole32

CLSIDFromString
CoTaskMemAlloc
OleLockRunning
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromProgID
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
GetErrorInfo
SysStringLen
LoadRegTypeLi
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
RegisterTypeLi
LoadTypeLi
SysFreeString

ws2_32

WSAAsyncSelect
shutdown
connect
WSAAsyncGetHostByName
send
accept
WSAGetLastError
closesocket
WSACancelAsyncRequest
bind
htonl
htons
inet_addr
WSASetLastError
socket
ioctlsocket
sendto
inet_ntoa
gethostbyname
gethostname
select
recv

Exports

Exports

CreateTvuPlayerSession
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseTvuPlayerSession

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe
.exe windows:4 windows x86 arch:x86

4a9446e5cc2412c6405cea69dddb93be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

2db813254ea8b4d2a92d703ecb659f39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
version.ini
xpsp2tcppatch.exe
.exe windows:4 windows x86 arch:x86

52208d004a89bc8f2b0dc87d13a97979

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:34:08:e0:c7:05:f6:b7:53:b1:c8:71:d0:d6:81:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/01/2007, 00:00

Not After

31/01/2008, 23:59

Subject

CN=Beijing Tianchuang Shijie Technologies Co.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Department of Broadband,O=Beijing Tianchuang Shijie Technologies Co.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7f:3a:b2:bd:ef:b2:40:58:b5:58:1a:fb:8d:33:90:29:72:5a:76:16
Signer

Actual PE Digest

7f:3a:b2:bd:ef:b2:40:58:b5:58:1a:fb:8d:33:90:29:72:5a:76:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetVersionExA
GetFileAttributesA
lstrlenA
CloseHandle
GetFileSize
CreateFileA
ReadFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
DeleteFileA
CopyFileA
GetThreadLocale
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrcpyA
FlushFileBuffers
LCMapStringW
LCMapStringA
Sleep
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
lstrcpynA
IsBadCodePtr
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
RtlUnwind
RaiseException
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
TerminateProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
InterlockedExchange

user32

wsprintfA
DestroyWindow
DialogBoxParamA
GetActiveWindow
DefWindowProcA
EndDialog
GetDlgItem
SetWindowTextA
SendMessageA
SetWindowLongA
GetWindowTextA
MessageBoxA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetSystemMetrics
LoadImageA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imagehlp

ImageNtHeader
CheckSumMappedFile

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Kernel/sopcast/SopCore.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

74cde3a886ed38bb98935593d4cc654a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\SoP Solution\SopCast\ActiveX\SopCore.pdb

Imports

ws2_32

gethostbyaddr
WSACleanup
shutdown
accept
setsockopt
getpeername
getsockname
WSASendTo
ioctlsocket
gethostbyname
__WSAFDIsSet
ntohs
select
sendto
WSARecvFrom
getsockopt
WSASetLastError
inet_addr
htonl
bind
WSAStartup
socket
htons
connect
ntohl
WSAGetLastError
closesocket
send
listen
recv

kernel32

CompareStringW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetStringTypeExA
GetFileType
GetStdHandle
FindNextFileA
FindFirstFileA
GetCurrentProcessId
GlobalMemoryStatus
QueryPerformanceCounter
FlushConsoleInputBuffer
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
GetCommandLineA
ExitThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetTimeZoneInformation
SetConsoleCtrlHandler
CompareStringA
FatalAppExitA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
GetOEMCP
GetCPInfo
SetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetTimeFormatA
GetDateFormatA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
SetEnvironmentVariableW
CreateMutexA
CreateThread
GetDiskFreeSpaceW
GetTempFileNameW
GlobalGetAtomNameW
lstrcpyA
GetProfileIntW
GetTickCount
GetFileTime
GetFileAttributesW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
LocalLock
LocalUnlock
FindResourceExW
FileTimeToLocalFileTime
GetShortPathNameW
CreateFileW
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetUserDefaultLCID
IsDBCSLeadByte
lstrcmpiW
InterlockedIncrement
GetCurrentThread
lstrcmpiA
GetModuleFileNameW
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
CloseHandle
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
FormatMessageW
LocalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
InterlockedDecrement
SetLastError
lstrcpynW
GetWindowsDirectoryW
LoadLibraryW
GetLastError
FreeLibrary
FindFirstFileW
FindClose
CreateDirectoryW
WaitForSingleObject
Sleep
MoveFileW
lstrcatW
WinExec
DeleteFileW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcpyW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetDriveTypeA
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
WriteConsoleA
SetUnhandledExceptionFilter

user32

GetProcessWindowStation
MessageBoxA
TranslateAcceleratorW
PostThreadMessageW
GetDCEx
GetTabbedTextExtentW
IsClipboardFormatAvailable
GetTabbedTextExtentA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableW
CharUpperW
DeleteMenu
CharNextW
GetDialogBaseUnits
GetSysColorBrush
SystemParametersInfoW
GetMenuItemInfoW
LockWindowUpdate
EnumChildWindows
SetRect
SetRectEmpty
SetCapture
InvalidateRgn
ReleaseCapture
RegisterClipboardFormatW
IsRectEmpty
CreateMenu
DrawEdge
SetParent
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
UnregisterClassA
GetMessageW
TranslateMessage
ValidateRect
GetDesktopWindow
CreateDialogIndirectParamW
EndDialog
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
GetMenuStringW
AppendMenuW
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ScrollWindowEx
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetUserObjectInformationW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthW
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
PeekMessageW
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
GetKeyState
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
GetMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
UnregisterClassW
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
EndPaint
BeginPaint
GetWindowDC
UnhookWindowsHookEx
FindWindowExW
CopyIcon
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetForegroundWindow
GetWindow
CharUpperA
CharLowerW
CharLowerA
GetSystemMenu
UnionRect
UnpackDDElParam
ReuseDDElParam
GetWindowTextW
wsprintfW
RedrawWindow
KillTimer
SetTimer
LoadMenuW
LoadImageW
GetSubMenu
TrackPopupMenuEx
DestroyMenu
GetWindowLongW
WindowFromPoint
GetNextDlgTabItem
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
GetPropW
SetMenu
GetActiveWindow
GetWindowRect
DrawFocusRect
FrameRect
OffsetRect
InflateRect
CopyRect
GetIconInfo
CreateIconIndirect
DrawStateW
DestroyIcon
SendMessageW
GetClientRect
LoadBitmapW
PtInRect
GetSysColor
SetCursor
EnableWindow
IsWindow
LoadCursorW
GetParent
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
PostMessageW
FillRect
DestroyCursor
DispatchMessageW
MsgWaitForMultipleObjects

gdi32

ExtCreatePen
CreateHatchBrush
GetDCOrgEx
CopyMetaFileW
CreateDCW
PatBlt
SetRectRgn
CombineRgn
SetArcDirection
GetMapMode
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
OffsetRgn
GetViewportOrgEx
GetBkColor
GetTextColor
GetRgnBox
GetTextAlign
EnumFontFamiliesExW
GetCharWidthW
UnrealizeObject
CreatePen
EndPage
SetAbortProc
AbortDoc
EndDoc
StretchDIBits
GetBitmapBits
GetObjectA
CreateDCA
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
GetDeviceCaps
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
LPtoDP
GetTextMetricsW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetWindowExtEx
GetViewportExtEx
SelectClipPath
GetClipRgn
SelectClipRgn
StartPage
DPtoLP
SetBkMode
RestoreDC
SaveDC
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateRectRgn
CreateFontW
CreateRectRgnIndirect
Rectangle
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleBitmap
GetPixel
SetPixel
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
DeleteObject
GetStockObject
StretchBlt
BitBlt
CreateCompatibleDC
GetObjectW
GetTextExtentPoint32W
SetColorAdjustment

comdlg32

GetFileTitleW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW
PageSetupDlgW
FindTextW
ReplaceTextW

winspool.drv

OpenPrinterW
GetJobW
ClosePrinter
DocumentPropertiesW

advapi32

DeregisterEventSource
RegQueryValueExW
RegOpenKeyExW
RegQueryValueW
IsTextUnicode
RegSetValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyW
RegCreateKeyExW
RegSetValueExW
RegisterEventSourceA
ReportEventA
RegCloseKey
GetFileSecurityW
SetFileSecurityW
RegDeleteValueW

shell32

DragQueryFileW
ShellExecuteW
ExtractIconW
SHGetFileInfoW
DragFinish
ShellExecuteExW

comctl32

_TrackMouseEvent
ord17
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageW
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterClassObject
CreateILockBytesOnHGlobal
CoCreateInstance
CoTaskMemFree
SetConvertStg
CreateStreamOnHGlobal
ReadClassStm
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
StringFromCLSID
CoTreatAsClass
OleRun
CLSIDFromProgID
CLSIDFromString
StgCreateDocfileOnILockBytes
CoRevokeClassObject
StringFromGUID2
CreateDataCache
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateDataAdviseHolder
OleSaveToStream
CreateOleAdviseHolder
CoDisconnectObject
CoGetClassObject
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleLoadFromStream

oleaut32

LoadRegTypeLi
OleLoadPicture
OleCreateFontIndirect
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDecFromStr
VarBstrFromDec
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreatePropertyFrame
OleTranslateColor
LoadTypeLi
RegisterTypeLi
SysStringByteLen
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocString
OleCreatePictureIndirect
SysAllocStringLen

urlmon

CreateURLMoniker
IsAsyncMoniker
CreateAsyncBindCtx
RegisterBindStatusCallback

winmm

timeSetEvent
timeKillEvent
PlaySoundW

wininet

InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvants/Languages/tvantsx_chs.ini
Kernel/tvants/TvantsX.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

6875d19c3a33d2551ac60203561b8a1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\working\tvants\output\releaseunicode\TvantsX.pdb

Imports

kernel32

InterlockedExchange
CompareStringA
FreeLibrary
GlobalFree
GetTickCount
LocalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
Beep
GlobalAlloc
GlobalLock
GlobalUnlock
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetSystemTime
SetLastError
GetThreadLocale
ResumeThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeResource
lstrcmpiA
lstrlenA
InterlockedDecrement
LocalAlloc
GetCurrentThread
ResetEvent
WaitForSingleObject
CloseHandle
GetLocalTime
GetCurrentProcessId
SetEvent
EnumResourceNamesW
SizeofResource
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetLastError
GetVersion
Sleep
MulDiv
LoadResource
LockResource
SetEnvironmentVariableA
GetDriveTypeA
GetCurrentDirectoryA
CreateFileA
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
GetDateFormatA
GetTimeFormatA
LCMapStringA
GetOEMCP
GetACP
VirtualFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
HeapSize
VirtualQuery
GetSystemInfo
VirtualAlloc
CreateThread
ExitThread
ExitProcess
GetProcessHeap
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
RtlUnwind
GetFileTime
GlobalFlags
SetErrorMode
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GlobalReAlloc
TlsGetValue
IsDBCSLeadByte
GetUserDefaultLCID
GlobalSize
InterlockedIncrement
SuspendThread
SetThreadPriority
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GlobalDeleteAtom
GetVersionExA
TlsAlloc
GetStringTypeA
GlobalHandle
LocalReAlloc
TlsFree
FindClose
VirtualProtect
ReadFile
TlsSetValue

advapi32

OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegCloseKey

user32

DestroyIcon
GetSysColor
CopyRect
OffsetRect
FrameRect
DrawFocusRect
ClientToScreen
ScreenToClient
GetActiveWindow
GetCapture
SetCapture
GetParent
WindowFromPoint
DestroyCursor
GetCursorPos
ReleaseCapture
SetCursor
IsWindow
GetWindowThreadProcessId
IsIconic
GetDesktopWindow
SetForegroundWindow
SetWindowPos
GetSubMenu
SetTimer
GetFocus
GetMenuItemCount
GetMenuItemID
IsMenu
GetMenu
EnumChildWindows
UnionRect
SetParent
GetDlgCtrlID
TranslateMessage
MsgWaitForMultipleObjects
GetAsyncKeyState
GetWindow
IsChild
GetDlgItem
MoveWindow
ShowWindow
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
SetFocus
RedrawWindow
IsWindowVisible
InvalidateRect
GetClientRect
GetWindowRect
SetWindowRgn
FillRect
InflateRect
GetSystemMenu
UnregisterClassA
EndDialog
GetNextDlgTabItem
IsWindowEnabled
DestroyWindow
GetSystemMetrics
SetActiveWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPlacement
DeferWindowPos
EqualRect
AdjustWindowRectEx
UpdateWindow
GetKeyState
TrackPopupMenu
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetForegroundWindow
CallNextHookEx
SendDlgItemMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
ValidateRect
ShowOwnedPopups
RemoveMenu
MapDialogRect
SetWindowContextHelpId
DrawEdge
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
InvalidateRgn
DestroyMenu
CreateMenu
LockWindowUpdate
MessageBeep
SetMenu
BringWindowToTop
CreatePopupMenu
ReuseDDElParam
UnpackDDElParam
GetDialogBaseUnits
GetSysColorBrush
GetNextDlgGroupItem
GetTabbedTextExtentA
GetDCEx

gdi32

SetMapMode
SetROP2
SetBkMode
PatBlt
DPtoLP
RestoreDC
SaveDC
StretchBlt
CreateCompatibleBitmap
CreateBitmap
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
GetTextColor
DeleteObject
GetStockObject
GetDeviceCaps
CreateRoundRectRgn
IntersectClipRect
LineTo
MoveToEx
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
Escape
GetBkColor
DeleteMetaFile
CloseMetaFile
LPtoDP
GetClipBox
DeleteDC
SetViewportOrgEx
OffsetViewportOrgEx
UnrealizeObject
Rectangle
GetTextAlign
GetRgnBox
GetMapMode
SetRectRgn
CreateRectRgnIndirect
CombineRgn
CreateSolidBrush
CreatePen
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx

comctl32

ord17

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathIsRelativeW
StrToIntExA
PathFileExistsW

ws2_32

gethostbyname
WSAStartup
closesocket
WSAGetLastError
inet_addr
htonl
inet_ntoa
listen
shutdown
setsockopt
getsockopt
WSAAsyncSelect
accept
ioctlsocket
ntohs
sendto
recv
send
connect
WSASetLastError
getpeername
getsockname
bind
select
socket
htons
WSACleanup
recvfrom
ntohl

ole32

CoUninitialize
CoInitializeSecurity
CoInitialize
CoCreateGuid
CoTaskMemFree
StringFromCLSID
StringFromGUID2
CoRevokeClassObject
ReadFmtUserTypeStg
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CreateDataCache
OleSaveToStream
CoDisconnectObject
ReadClassStm
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateDataAdviseHolder
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
OleLoadFromStream
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
CoCreateInstance
CoRegisterClassObject

oleaut32

SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleLoadPicture
OleCreatePictureIndirect
VariantCopy
OleCreateFontIndirect
OleCreatePropertyFrame
LoadTypeLi
RegisterTypeLi
SysStringLen
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocString
VariantClear
LoadRegTypeLi
SysAllocStringLen
SysFreeString

iphlpapi

GetIpAddrTable
GetTcpTable
GetBestRoute

shell32

DragFinish

winspool.drv

ClosePrinter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 960KB - Virtual size: 958KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvants/riched20.dll
.dll windows:5 windows x86 arch:x86

e1388f5ee2c2170d512b114c86870acd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

riched20.pdb

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
_ftol
memmove

kernel32

SetUnhandledExceptionFilter
InterlockedExchange
RaiseException
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetUserDefaultLCID
GetProfileIntA
LeaveCriticalSection
GetSystemDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LocalLock
Sleep
GetTickCount
IsBadReadPtr
FreeLibrary
GetProcAddress
GetLocaleInfoW
LocalFree
lstrcmpiA
lstrlenA
FormatMessageA
DisableThreadLibraryCalls
InitializeCriticalSection
DeleteCriticalSection
GetSystemDefaultLangID
FindAtomA
GetCurrentThreadId
IsBadWritePtr
GetLastError
ReadFile
WriteFile
CloseHandle
SetFilePointer
IsValidCodePage
GetThreadLocale
GlobalAlloc
GlobalFree
GlobalFlags
GlobalReAlloc
GlobalSize
GlobalLock
GlobalHandle
GlobalUnlock
MulDiv
GetVersionExA
lstrcmpiW
GetACP
LocalAlloc
LocalReAlloc
GetModuleHandleA
GetStringTypeExA
FindAtomW
GetStringTypeExW
CreateFileA
CreateFileW
CompareStringA
CompareStringW
GetProfileSectionA
GetProfileSectionW
LoadLibraryA
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
EnterCriticalSection

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA

user32

SetTimer
KillTimer
ScrollWindowEx
SetForegroundWindow
SetScrollInfo
GetWindow
IsWindow
GetDesktopWindow
SystemParametersInfoW
WindowFromPoint
GetForegroundWindow
IsChild
IsWindowEnabled
GetCapture
GetCaretPos
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardOwner
GetClipboardData
CharUpperW
MessageBoxA
UnregisterClassA
SetCaretPos
EnableScrollBar
wvsprintfA
DefWindowProcA
DefWindowProcW
GetWindowLongA
GetWindowLongW
GetClassLongA
GetClassLongW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorW
SetWindowLongA
SetWindowLongW
PostMessageA
PostMessageW
PeekMessageA
PeekMessageW
RegisterWindowMessageA
PostQuitMessage
MessageBoxW
GetKeyboardLayout
SendMessageA
FindWindowA
SystemParametersInfoA
GetKeyboardLayoutList
CharLowerA
CharLowerBuffW
CharUpperA
CharUpperBuffW
SendMessageW
UnregisterClassW
RegisterClassA
RegisterClassW
GetDoubleClickTime
ShowCaret
HideCaret
CreateCaret
SetScrollPos
SetScrollRange
IsWindowVisible
MapWindowPoints
GetDlgItem
GetFocus
IsIconic
DestroyCaret
WindowFromDC
DestroyMenu
MessageBeep
RegisterClipboardFormatA
GetParent
TrackPopupMenu
SetCapture
GetAsyncKeyState
ReleaseCapture
GetMessageTime
GetMessagePos
IntersectRect
OffsetRect
InvertRect
CopyRect
ActivateKeyboardLayout
IsWindowUnicode
EnableWindow
GetDC
ReleaseDC
CreateWindowExW
CreateWindowExA
SetParent
ClientToScreen
MoveWindow
BeginPaint
FillRect
EndPaint
InflateRect
ShowWindow
InvalidateRect
SetWindowPos
UpdateWindow
GetClientRect
DrawFocusRect
GetCursorPos
ScreenToClient
GetWindowRect
PtInRect
GetKeyState
GetSysColor
DrawFrameControl
GetSystemMetrics
SetCursor
GetCursor
DestroyWindow
ShowScrollBar
SetFocus

gdi32

GetTextMetricsA
CreateFontIndirectW
CreateFontIndirectA
GetCharWidthA
GetCharWidthW
EnumFontFamiliesExW
LPtoDP
GetMapMode
CreatePalette
GetObjectType
Escape
CreatePatternBrush
CreateMetaFileA
CloseMetaFile
EnumMetaFile
SetViewportOrgEx
GetMetaFileBitsEx
CreateBitmap
SetMetaFileBitsEx
CreateSolidBrush
ExtTextOutA
CreateCompatibleBitmap
SetMapMode
GetObjectA
DPtoLP
GetBkMode
TranslateCharsetInfo
GetOutlineTextMetricsA
GetTextCharsetInfo
GetTextMetricsW
CreatePen
MoveToEx
LineTo
BitBlt
SetWindowOrgEx
SetWindowExtEx
GetPixel
ExtTextOutW
GetDeviceCaps
SetTextAlign
DeleteObject
CreateCompatibleDC
StretchBlt
DeleteDC
CreateDIBSection
SetROP2
GetStockObject
Rectangle
GetCurrentObject
SelectObject
SelectPalette
RealizePalette
SaveDC
RestoreDC
SetBkMode
PatBlt
SetBkColor
SetTextColor
IntersectClipRect
GetObjectW
CreateICA
CreateICW
GetTextFaceA
GetTextFaceW
DeleteMetaFile

Exports

Exports

CreateTextServices
IID_IRichEditOle
IID_IRichEditOleCallback
IID_ITextHost
IID_ITextHost2
IID_ITextServices
REExtendedRegisterClass
RichEdit10ANSIWndProc
RichEditANSIWndProc

Sections

.text
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvants/unicows.dll
.dll windows:5 windows x86 arch:x86

628730441f2453f40c61ce661f08e0ca

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:0e:7d:a7:00:00:00:00:00:48
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/10/2003, 05:59

Not After

25/01/2005, 06:09

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a7:a2:13:01:eb:da:5d:60:b9:4a:67:90:6b:06:79:8b:f5:ed:1c:2f
Signer

Actual PE Digest

a7:a2:13:01:eb:da:5d:60:b9:4a:67:90:6b:06:79:8b:f5:ed:1c:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\dnsrv\sdktools\unicows\godot\obj\i386\unicows.pdb

Imports

kernel32

GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileAttributesW
FindClose
IsDBCSLeadByte
GetFullPathNameA
GetFullPathNameW
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNumberFormatA
GetNumberFormatW
GetPrivateProfileIntA
GetPrivateProfileIntW
GetPrivateProfileSectionA
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionNamesW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStructA
GetPrivateProfileStructW
GetProfileIntA
GetProfileIntW
GetProfileSectionA
GetProfileSectionW
GetProfileStringA
GetProfileStringW
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStringTypeExA
GetStringTypeExW
GetSystemDirectoryA
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTimeFormatA
GetTimeFormatW
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
GlobalGetAtomNameA
GlobalGetAtomNameW
IsBadStringPtrW
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LoadLibraryExW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
MoveFileW
OpenEventA
GetDefaultCommConfigW
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenSemaphoreA
OpenSemaphoreW
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
PeekConsoleInputW
QueryDosDeviceA
QueryDosDeviceW
ReadConsoleA
ReadConsoleW
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputW
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
RemoveDirectoryA
RemoveDirectoryW
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetComputerNameA
SetComputerNameW
SetConsoleTitleA
SetConsoleTitleW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetDefaultCommConfigW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileAttributesA
SetFileAttributesW
SetLocaleInfoA
SetLocaleInfoW
SetVolumeLabelA
SetVolumeLabelW
VerLanguageNameA
VerLanguageNameW
WaitNamedPipeA
WaitNamedPipeW
WriteConsoleA
WriteConsoleW
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleOutputA
WriteConsoleOutputW
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WritePrivateProfileSectionA
WritePrivateProfileSectionW
WritePrivateProfileStringA
WritePrivateProfileStringW
WritePrivateProfileStructA
WritePrivateProfileStructW
WriteProfileSectionA
WriteProfileSectionW
WriteProfileStringA
WriteProfileStringW
FindResourceA
IsBadWritePtr
SetErrorMode
GetStringTypeW
FindResourceW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetDefaultCommConfigA
GetDateFormatW
GetDateFormatA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrencyFormatW
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleTitleA
GetComputerNameW
GetComputerNameA
GetAtomNameW
GetAtomNameA
FormatMessageW
FormatMessageA
HeapReAlloc
LocalAlloc
FreeEnvironmentStringsW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindAtomW
FindAtomA
FillConsoleOutputCharacterW
FillConsoleOutputCharacterA
FatalAppExitW
FatalAppExitA
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
EnumTimeFormatsW
EnumTimeFormatsA
EnumSystemLocalesW
EnumSystemLocalesA
EnumSystemCodePagesW
EnumDateFormatsW
EnumDateFormatsA
EnumCalendarInfoW
EnumCalendarInfoA
DeleteFileW
CreateSemaphoreW
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreateNamedPipeW
CreateNamedPipeA
CreateMutexW
CreateMutexA
CreateMailslotW
CreateMailslotA
CreateFileMappingW
CreateFileMappingA
CreateFileW
CreateEventW
CreateEventA
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CompareStringW
CommConfigDialogW
CommConfigDialogA
CallNamedPipeW
CallNamedPipeA
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BuildCommDCBW
BuildCommDCBA
AddAtomW
AddAtomA
InitializeCriticalSection
GetACP
GetOEMCP
DeleteCriticalSection
GetFileAttributesA
LoadLibraryExA
EnumResourceTypesW
EnumResourceNamesW
EnumResourceLanguagesW
lstrlenW
FindResourceExW
SizeofResource
LoadResource
LockResource
FreeResource
GetTempFileNameA
GetTempPathA
DeleteFileA
MoveFileA
_lclose
_lread
_lwrite
_llseek
VirtualQuery
GetSystemInfo
VirtualFree
VirtualAlloc
VirtualProtect
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcessId
GetLastError
EnterCriticalSection
LeaveCriticalSection
CompareStringA
LocalFree
GlobalAddAtomA
lstrcpyA
AreFileApisANSI
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
WideCharToMultiByte
GetCurrentThreadId
lstrcmpA
lstrcmpiA
GetLocaleInfoA
CreateFileA
GetFileSize
CloseHandle
IsDBCSLeadByteEx
LoadLibraryA
InterlockedExchange
FreeLibrary
GetCPInfo
GetVersion
GetModuleHandleA
GetProcAddress
lstrlenA
GetProcessHeap
HeapAlloc
SetLastError
MultiByteToWideChar
OpenEventW
HeapFree
RtlUnwind

user32

TranslateAcceleratorW
TabbedTextOutA
TabbedTextOutW
UnregisterClassA
UnregisterClassW
VkKeyScanExA
VkKeyScanExW
WinHelpA
WinHelpW
wvsprintfW
CharLowerW
CharUpperW
EnumClipboardFormats
GetClipboardData
VkKeyScanW
wsprintfW
IsCharUpperW
IsCharLowerW
IsCharAlphaNumericW
IsCharAlphaW
InsertMenuItemW
InsertMenuItemA
InsertMenuW
InsertMenuA
GrayStringW
GrayStringA
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetTabbedTextExtentW
GetTabbedTextExtentA
GetPropW
GetMessageW
GetMenuStringW
GetMenuStringA
GetMenuItemInfoW
GetMenuItemInfoA
GetKeyNameTextW
GetKeyboardLayout
GetKeyNameTextA
GetKeyboardLayoutNameW
GetKeyboardLayoutNameA
GetDlgItemTextW
GetDlgItemTextA
GetClipboardFormatNameW
GetClipboardFormatNameA
GetClassNameW
GetClassLongW
GetClassLongA
GetClassInfoExW
GetClassInfoExA
GetClassInfoW
GetClassInfoA
FindWindowExW
FindWindowExA
FindWindowW
FindWindowA
EnableWindow
EnumPropsExW
EnumPropsExA
EnumPropsW
EnumPropsA
EnumDisplaySettingsW
EnumDisplaySettingsA
DrawTextExW
DrawTextExA
DrawTextW
DrawTextA
DrawStateW
DrawStateA
DlgDirSelectExW
DlgDirSelectExA
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DlgDirListComboBoxW
DlgDirListComboBoxA
SystemParametersInfoW
DlgDirListA
DispatchMessageW
DialogBoxParamW
DialogBoxParamA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
DdeQueryStringW
DdeQueryStringA
DdeQueryConvInfo
DdeInitializeW
DdeInitializeA
DdeCreateStringHandleW
DdeCreateStringHandleA
DdeConnectList
DdeConnect
CharUpperBuffW
IsCharLowerA
CharToOemBuffW
CharToOemW
CharPrevW
CharNextW
CharLowerBuffW
IsCharUpperA
SystemParametersInfoA
SetWindowTextW
SetWindowTextA
SetWindowsHookExW
SetWindowsHookW
SetWindowsHookA
SetWindowLongW
SetPropW
SetMenuItemInfoW
SetMenuItemInfoA
SetDlgItemTextW
SetDlgItemTextA
SetClassLongW
SetClassLongA
SendNotifyMessageW
SendMessageTimeoutW
SendMessageCallbackW
SendMessageW
SendDlgItemMessageW
RemovePropW
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClipboardFormatA
RegisterClassExW
RegisterClassExA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostMessageW
PeekMessageW
OemToCharBuffW
OemToCharW
ModifyMenuW
ModifyMenuA
MessageBoxIndirectW
MessageBoxIndirectA
MessageBoxExW
MessageBoxW
MapVirtualKeyExW
ChangeMenuW
ChangeMenuA
ChangeDisplaySettingsW
ChangeDisplaySettingsA
CreateWindowExW
CreateWindowExA
CreateMDIWindowW
CreateMDIWindowA
CreateDialogParamW
CreateDialogParamA
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateAcceleratorTableW
CreateAcceleratorTableA
CopyAcceleratorTableW
CopyAcceleratorTableA
CallWindowProcW
CallMsgFilterW
CallMsgFilterA
AppendMenuW
AppendMenuA
GetWindowThreadProcessId
SetWindowLongA
TranslateAcceleratorA
IsDialogMessageA
DispatchMessageA
PeekMessageA
GetMessageA
PostThreadMessageA
PostMessageA
SendNotifyMessageA
SendMessageTimeoutA
SendMessageCallbackA
SendMessageA
DefWindowProcA
CallWindowProcA
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
GetWindowLongA
GetParent
GetDlgItem
DestroyWindow
SetPropA
RemovePropA
GetClassNameA
UnhookWindowsHookEx
SetWindowsHookExA
RegisterWindowMessageA
CallNextHookEx
MapVirtualKeyExA
EnumChildWindows
MapVirtualKeyW
MapVirtualKeyA
LoadStringW
LoadMenuIndirectW
IsDlgButtonChecked
GetPropA
LoadMenuIndirectA
LoadMenuW
LoadMenuA
LoadKeyboardLayoutW
LoadKeyboardLayoutA
LoadImageW
LoadImageA
LoadIconW
LoadIconA
LoadCursorFromFileW
LoadCursorFromFileA
LoadCursorW
LoadCursorA
LoadBitmapW
LoadBitmapA
LoadAcceleratorsW
LoadAcceleratorsA
IsWindowUnicode
IsWindow
DlgDirListW
IsDialogMessageW
IsClipboardFormatAvailable

gdi32

GetEnhMetaFileDescriptionW
GetGlyphOutlineA
GetGlyphOutlineW
GetICMProfileA
GetICMProfileW
GetKerningPairsA
GetKerningPairsW
GetLogColorSpaceA
GetLogColorSpaceW
GetMetaFileA
GetMetaFileW
GetObjectA
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPointA
GetEnhMetaFileDescriptionA
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
PolyTextOutA
PolyTextOutW
RemoveFontResourceA
RemoveFontResourceW
ResetDCA
ResetDCW
SetICMProfileA
SetICMProfileW
StartDocA
StartDocW
TextOutW
UpdateICMRegKeyA
UpdateICMRegKeyW
GetEnhMetaFileW
GetEnhMetaFileA
GetCharacterPlacementW
GetCharacterPlacementA
GetCharWidthFloatW
GetCharWidthFloatA
GetCharWidth32W
GetCharWidthW
GetCharWidthA
GetCharABCWidthsFloatW
GetCharABCWidthsFloatA
GetCharABCWidthsW
GetCharABCWidthsA
ExtTextOutW
ExtTextOutA
EnumICMProfilesW
EnumICMProfilesA
EnumFontsW
EnumFontsA
EnumFontFamiliesExW
EnumFontFamiliesExA
EnumFontFamiliesW
EnumFontFamiliesA
CreateScalableFontResourceW
CreateScalableFontResourceA
CreateMetaFileW
CreateMetaFileA
CreateICW
CreateICA
CreateFontIndirectW
CreateFontIndirectA
CreateFontW
CreateFontA
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDCW
CreateDCA
CreateColorSpaceW
CreateColorSpaceA
CopyMetaFileW
CopyMetaFileA
CopyEnhMetaFileW
CopyEnhMetaFileA
AddFontResourceW
AddFontResourceA
GetFontData
GetTextExtentPointW
TranslateCharsetInfo
GetTextCharset

mpr

WNetGetUniversalNameW
MultinetGetConnectionPerformanceW
WNetAddConnectionA
WNetAddConnectionW
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetCancelConnectionA
WNetCancelConnectionW
WNetCancelConnection2A
WNetCancelConnection2W
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetEnumResourceA
WNetEnumResourceW
WNetGetConnectionA
WNetGetConnectionW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetProviderNameA
WNetUseConnectionW
WNetUseConnectionA
WNetOpenEnumW
WNetOpenEnumA
WNetGetUserW
WNetGetUserA
MultinetGetConnectionPerformanceA
WNetGetUniversalNameA
WNetGetResourceParentW
WNetGetResourceParentA
WNetGetResourceInformationW
WNetGetResourceInformationA
WNetGetProviderNameW

advapi32

RegOpenKeyA
RegEnumValueA
RegUnLoadKeyW
RegUnLoadKeyA
RegSetValueExW
RegSetValueExA
RegSetValueW
RegSetValueA
RegSaveKeyW
RegSaveKeyA
RegReplaceKeyW
RegReplaceKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryValueW
RegQueryValueA
RegQueryMultipleValuesW
RegQueryMultipleValuesA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
RegLoadKeyW
RegLoadKeyA
RegEnumValueW
RegEnumKeyExW
RegEnumKeyExA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegCreateKeyA
RegConnectRegistryW
RegConnectRegistryA
IsTextUnicode
GetUserNameW
GetUserNameA
RegOpenKeyExA

comdlg32

GetOpenFileNameW
GetFileTitleW
GetFileTitleA
FindTextW
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW
FindTextA
ReplaceTextA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgW
GetSaveFileNameW

version

VerQueryValueW
VerQueryValueA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

shell32

SHGetPathFromIDListA
ord180
ord179
SHGetFileInfoA
SHFileOperationA
SHChangeNotify
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteExA
ShellExecuteW
ShellExecuteA
ShellAboutW
ShellAboutA
FindExecutableW
FindExecutableA
ExtractIconExA
DragQueryFileA
DragQueryFileW
ExtractIconW
ExtractIconA

winspool.drv

GetPrinterW
GetPrinterDataW
GetPrinterDriverW
GetPrinterDriverDirectoryA
GetPrinterDriverDirectoryW
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
GetJobW
OpenPrinterW
ResetPrinterA
ResetPrinterW
SetJobA
SetJobW
SetPrinterA
SetPrinterW
SetPrinterDataA
SetPrinterDataW
StartDocPrinterA
EnumPrintProcessorsW
EnumPrintProcessorDatatypesW
EnumPrintersW
EnumPrinterDriversW
EnumPortsW
EnumMonitorsW
DocumentPropertiesW
DocumentPropertiesA
DeviceCapabilitiesW
DeviceCapabilitiesA
DeletePrintProvidorW
DeletePrintProvidorA
DeletePrintProcessorW
DeletePrintProcessorA
DeletePrinterDriverW
DeletePrinterDriverA
DeletePortW
DeletePortA
DeleteMonitorW
DeleteMonitorA
ConfigurePortW
ConfigurePortA
AdvancedDocumentPropertiesW
AdvancedDocumentPropertiesA
AddPrintProvidorW
AddPrintProvidorA
AddPrintProcessorW
AddPrintProcessorA
AddPrinterDriverW
AddPrinterDriverA
AddPrinterW
AddPrinterA
AddPortW
AddPortA
AddMonitorW
AddMonitorA
AddJobW
AddJobA
OpenPrinterA
StartDocPrinterW

oledlg

OleUIUpdateLinksW
OleUIPromptUserW
OleUIPasteSpecialW
OleUIObjectPropertiesW
OleUIInsertObjectW
OleUIEditLinksW
OleUIConvertW
OleUIChangeSourceW
OleUIChangeIconW
OleUIBusyW
ord8
OleUIAddVerbMenuW
ord1
ord6

winmm

waveOutGetErrorTextW
waveOutGetErrorTextA
waveOutGetDevCapsW
waveOutGetDevCapsA
waveInGetErrorTextW
mixerGetControlDetailsW
midiOutGetErrorTextW
midiOutGetErrorTextA
midiOutGetDevCapsW
midiOutGetDevCapsA
midiInGetErrorTextW
midiInGetDevCapsW
midiInGetDevCapsA
mciSendStringW
mciSendStringA
mciSendCommandW
mciGetErrorStringW
mciGetErrorStringA
midiInGetErrorTextA
mciGetDeviceIDW
mciGetDeviceIDA
joyGetDevCapsW
joyGetDevCapsA
auxGetDevCapsW
auxGetDevCapsA
PlaySoundW
PlaySoundA
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenA
mmioOpenW
mmioRenameA
mmioRenameW
mmioStringToFOURCCA
mmioStringToFOURCCW
sndPlaySoundA
sndPlaySoundW
waveInGetDevCapsA
waveInGetDevCapsW
waveInGetErrorTextA
mixerGetDevCapsA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

MCIWndCreateW
MCIWndCreateA
GetSaveFileNamePreviewW
GetOpenFileNamePreviewW

imm32

ImmReleaseContext
ImmGetCompositionStringA
ImmGetContext
ImmGetCompositionStringW

Exports

Exports

AcquireCredentialsHandleW
AddAtomW
AddFontResourceW
AddJobW
AddMonitorW
AddPortW
AddPrintProcessorW
AddPrintProvidorW
AddPrinterDriverW
AddPrinterW
AdvancedDocumentPropertiesW
AppendMenuW
BeginUpdateResourceA
BeginUpdateResourceW
BroadcastSystemMessageW
BuildCommDCBAndTimeoutsW
BuildCommDCBW
CallMsgFilterW
CallNamedPipeW
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuW
CharLowerBuffW
CharLowerW
CharNextW
CharPrevW
CharToOemBuffW
CharToOemW
CharUpperBuffW
CharUpperW
ChooseColorW
ChooseFontW
CommConfigDialogW
CompareStringW
ConfigurePortW
CopyAcceleratorTableW
CopyEnhMetaFileW
CopyFileExW
CopyFileW
CopyMetaFileW
CreateAcceleratorTableW
CreateColorSpaceW
CreateDCW
CreateDialogIndirectParamW
CreateDialogParamW
CreateDirectoryExW
CreateDirectoryW
CreateEnhMetaFileW
CreateEventW
CreateFileMappingW
CreateFileW
CreateFontIndirectW
CreateFontW
CreateICW
CreateMDIWindowW
CreateMailslotW
CreateMetaFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateScalableFontResourceW
CreateSemaphoreW
CreateStdAccessibleProxyW
CreateWaitableTimerW
CreateWindowExW
CryptAcquireContextW
CryptEnumProviderTypesW
CryptEnumProvidersW
CryptGetDefaultProviderW
CryptSetProviderExW
CryptSetProviderW
CryptSignHashW
CryptVerifySignatureW
DdeConnect
DdeConnectList
DdeCreateStringHandleW
DdeInitializeW
DdeQueryConvInfo
DdeQueryStringW
DefDlgProcW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeleteFileW
DeleteMonitorW
DeletePortW
DeletePrintProcessorW
DeletePrintProvidorW
DeletePrinterDriverW
DeviceCapabilitiesW
DialogBoxIndirectParamW
DialogBoxParamW
DispatchMessageW
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExW
DlgDirSelectExW
DocumentPropertiesW
DragQueryFileW
DrawStateW
DrawTextExW
DrawTextW
EnableWindow
EndUpdateResourceA
EndUpdateResourceW
EnumCalendarInfoExW
EnumCalendarInfoW
EnumClipboardFormats
EnumDateFormatsExW
EnumDateFormatsW
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsW
EnumICMProfilesW
EnumMonitorsW
EnumPortsW
EnumPrintProcessorDatatypesW
EnumPrintProcessorsW
EnumPrinterDriversW
EnumPrintersW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumSystemCodePagesW
EnumSystemLocalesW
EnumTimeFormatsW
EnumerateSecurityPackagesW
ExpandEnvironmentStringsW
ExtTextOutW
ExtractIconExW
ExtractIconW
FatalAppExitW
FillConsoleOutputCharacterW
FindAtomW
FindExecutableW
FindFirstChangeNotificationW
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FindTextW
FindWindowExW
FindWindowW
FormatMessageW
FreeContextBuffer
FreeEnvironmentStringsW
GetAltTabInfoW
GetAtomNameW
GetCPInfo
GetCPInfoExW
GetCalendarInfoW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetCharWidth32W
GetCharWidthFloatW
GetCharWidthW
GetCharacterPlacementW
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClipboardData
GetClipboardFormatNameW
GetComputerNameW
GetConsoleTitleW
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentHwProfileW
GetDateFormatW
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDlgItemTextW
GetDriveTypeW
GetEnhMetaFileDescriptionW
GetEnhMetaFileW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileTitleW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFullPathNameW
GetGlyphOutlineW
GetICMProfileW
GetJobW
GetKerningPairsW
GetKeyNameTextW
GetKeyboardLayoutNameW
GetLocaleInfoW
GetLogColorSpaceW
GetLogicalDriveStringsW
GetLongPathNameW
GetMenuItemInfoW
GetMenuStringW
GetMessageW
GetMetaFileW
GetModuleFileNameW
GetModuleHandleW
GetMonitorInfoW
GetNamedPipeHandleStateW
GetNumberFormatW
GetObjectW
GetOpenFileNamePreviewW
GetOpenFileNameW
GetOutlineTextMetricsW
GetPrintProcessorDirectoryW
GetPrinterDataW
GetPrinterDriverDirectoryW
GetPrinterDriverW
GetPrinterW
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcAddress
GetProfileIntW
GetProfileSectionW
GetProfileStringW
GetPropA
GetPropW
GetRoleTextW
GetSaveFileNamePreviewW
GetSaveFileNameW
GetShortPathNameW
GetStartupInfoW
GetStateTextW
GetStringTypeExW
GetStringTypeW
GetSystemDirectoryW
GetSystemWindowsDirectoryW
GetTabbedTextExtentW
GetTempFileNameW
GetTempPathW
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextExtentPointW
GetTextFaceW
GetTextMetricsW
GetTimeFormatW
GetUserNameW
GetVersionExW
GetVolumeInformationW
GetWindowLongA
GetWindowLongW
GetWindowModuleFileNameW
GetWindowTextLengthW
GetWindowTextW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalFindAtomW
GlobalGetAtomNameW
GrayStringW
InitSecurityInterfaceW
InitializeSecurityContextW
InsertMenuItemW
InsertMenuW
IsBadStringPtrW
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerW
IsCharUpperW
IsClipboardFormatAvailable
IsDestinationReachableW
IsDialogMessageW
IsTextUnicode
IsValidCodePage
IsWindowUnicode
LCMapStringW
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
LoadKeyboardLayoutW
LoadLibraryExW
LoadLibraryW
LoadMenuIndirectW
LoadMenuW
LoadStringW
MCIWndCreateW
MapVirtualKeyExW
MapVirtualKeyW
MessageBoxExW
MessageBoxIndirectW
MessageBoxW
ModifyMenuW
MoveFileW
MultiByteToWideChar
MultinetGetConnectionPerformanceW
OemToCharBuffW
OemToCharW
OleUIAddVerbMenuW
OleUIBusyW
OleUIChangeIconW
OleUIChangeSourceW
OleUIConvertW
OleUIEditLinksW
OleUIInsertObjectW
OleUIObjectPropertiesW
OleUIPasteSpecialW
OleUIPromptUserW
OleUIUpdateLinksW
OpenEventW
OpenFileMappingW
OpenMutexW
OpenPrinterW
OpenSemaphoreW
OpenWaitableTimerW
OutputDebugStringW
PageSetupDlgW
PeekConsoleInputW
PeekMessageW
PlaySoundW
PolyTextOutW
PostMessageW
PostThreadMessageW
PrintDlgW
QueryContextAttributesW
QueryCredentialsAttributesW
QueryDosDeviceW
QuerySecurityPackageInfoW
RasConnectionNotificationW
RasCreatePhonebookEntryW
RasDeleteEntryW
RasDeleteSubEntryW
RasDialW
RasEditPhonebookEntryW
RasEnumConnectionsW
RasEnumDevicesW
RasEnumEntriesW
RasGetConnectStatusW
RasGetEntryDialParamsW
RasGetEntryPropertiesW
RasGetErrorStringW
RasGetProjectionInfoW
RasHangUpW
RasRenameEntryW
RasSetEntryDialParamsW
RasSetEntryPropertiesW
RasSetSubEntryPropertiesW
RasValidateEntryNameW
ReadConsoleInputW
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
RegConnectRegistryW
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryMultipleValuesW
RegQueryValueExW
RegQueryValueW
RegReplaceKeyW
RegSaveKeyW
RegSetValueExW
RegSetValueW
RegUnLoadKeyW
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterWindowMessageW
RemoveDirectoryW
RemoveFontResourceW
RemovePropA
RemovePropW
ReplaceTextW
ResetDCW
ResetPrinterW
SHBrowseForFolderW
SHChangeNotify
SHFileOperationW
SHGetFileInfoW
SHGetNewLinkInfoW
SHGetPathFromIDListW
ScrollConsoleScreenBufferW
SearchPathW
SendDlgItemMessageW
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCalendarInfoW
SetClassLongW
SetComputerNameW
SetConsoleTitleW
SetCurrentDirectoryW
SetDefaultCommConfigW
SetDlgItemTextW
SetEnvironmentVariableW
SetFileAttributesW
SetICMProfileW
SetJobW
SetLocaleInfoW
SetMenuItemInfoW
SetPrinterDataW
SetPrinterW
SetPropA
SetPropW
SetVolumeLabelW
SetWindowLongA
SetWindowLongW
SetWindowTextW
SetWindowsHookExW
SetWindowsHookW
ShellAboutW
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
StartDocPrinterW
StartDocW
SystemParametersInfoW
TabbedTextOutW
TextOutW
TranslateAcceleratorW
UnregisterClassW
UpdateICMRegKeyW
UpdateResourceA
UpdateResourceW
VerFindFileW
VerInstallFileW
VerLanguageNameW
VerQueryValueW
VkKeyScanExW
VkKeyScanW
WNetAddConnection2W
WNetAddConnection3W
WNetAddConnectionW
WNetCancelConnection2W
WNetCancelConnectionW
WNetConnectionDialog1W
WNetDisconnectDialog1W
WNetEnumResourceW
WNetGetConnectionW
WNetGetLastErrorW
WNetGetNetworkInformationW
WNetGetProviderNameW
WNetGetResourceInformationW
WNetGetResourceParentW
WNetGetUniversalNameW
WNetGetUserW
WNetOpenEnumW
WNetUseConnectionW
WaitNamedPipeW
WideCharToMultiByte
WinHelpW
WriteConsoleInputW
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteConsoleW
WritePrivateProfileSectionW
WritePrivateProfileStringW
WritePrivateProfileStructW
WriteProfileSectionW
WriteProfileStringW
__FreeAllLibrariesInMsluDll
auxGetDevCapsW
capCreateCaptureWindowW
capGetDriverDescriptionW
joyGetDevCapsW
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW
mciGetDeviceIDW
mciGetErrorStringW
mciSendCommandW
mciSendStringW
midiInGetDevCapsW
midiInGetErrorTextW
midiOutGetDevCapsW
midiOutGetErrorTextW
mixerGetControlDetailsW
mixerGetDevCapsW
mixerGetLineControlsW
mixerGetLineInfoW
mmioInstallIOProcW
mmioOpenW
mmioRenameW
mmioStringToFOURCCW

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/TVUAx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7aee9784a135db7bfbb04324a3f1898d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:8a:e0:c6:15:ae:c8:f8:37:4c:ae:19:b3:5b:40
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/05/2007, 00:00

Not After

25/01/2008, 23:59

Subject

CN=TVU networks,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=TVU networks,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e0:a7:96:3a:0f:c3:7d:7f:f6:c4:7f:81:c9:67:5d:63:6c:ef:b4:9f
Signer

Actual PE Digest

e0:a7:96:3a:0f:c3:7d:7f:f6:c4:7f:81:c9:67:5d:63:6c:ef:b4:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\home\luntbuild\work\app-winrd\products\winrd\prj\TVUAx\Release\TVUAx.pdb

Imports

ws2_32

WSARecvFrom
WSASendTo
__WSAFDIsSet
getsockname
getpeername
WSAGetLastError
accept
listen
gethostname
ntohs
send
recv
sendto
recvfrom
shutdown
inet_addr
ntohl
closesocket
bind
htons
htonl
socket
WSACleanup
setsockopt
gethostbyname
WSAStartup
select
connect
ioctlsocket
inet_ntoa

kernel32

lstrcpyA
GetModuleFileNameA
lstrcatA
InterlockedIncrement
InterlockedDecrement
HeapFree
GetProcessHeap
GetModuleHandleA
lstrcpynA
IsDBCSLeadByte
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
FlushInstructionCache
GetCurrentProcess
HeapAlloc
GetCurrentThreadId
FindResourceExA
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcmpA
LocalFree
TlsSetValue
TlsAlloc
TlsGetValue
CreateThread
CreateMutexA
ReleaseMutex
OutputDebugStringA
GetTickCount
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
CompareStringW
GetStringTypeW
GetStringTypeA
WriteFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCPInfo
GetOEMCP
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter
TerminateProcess
GetProcAddress
TlsFree
SetLastError
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
GetTimeZoneInformation
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
ExitProcess
ResumeThread
ExitThread
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
Sleep
CreateEventA
SetEvent
CloseHandle
TerminateThread
WaitForSingleObject
RaiseException
SetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFilePointer
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle

user32

GetDC
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
UnionRect
PtInRect
SendMessageA
CharNextA
DefWindowProcA
DestroyWindow
MessageBoxA
IsWindow
PostMessageA
UnregisterClassA
DestroyCursor
SetRectEmpty
UpdateWindow
ScreenToClient
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
SetCursor
GetDlgCtrlID
DrawFocusRect
GetSysColor
IsWindowEnabled
GetWindowTextA
GetWindowTextLengthA
CreateCursor
GetClassNameA
SetWindowTextA
GetDlgItem
MapWindowPoints
GetWindowRect
GetWindow
EndDialog
GetDlgItemTextA
RegisterWindowMessageA
InvalidateRgn
GetDesktopWindow
DestroyAcceleratorTable
RedrawWindow
CreateAcceleratorTableA
FindWindowA
BringWindowToTop
IsWindowVisible
IsZoomed
PostQuitMessage
ReleaseDC
GetActiveWindow
DialogBoxParamA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DrawTextA
InflateRect
FillRect
CopyRect
GetKeyState
InvalidateRect
ShowWindow
SetFocus
IsChild
GetFocus
GetParent
CreateWindowExA
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
LoadBitmapA
SystemParametersInfoA
BeginPaint
GetClientRect
EndPaint
MoveWindow

gdi32

SetMapMode
LPtoDP
CreateDCA
DeleteObject
BitBlt
CreateCompatibleDC
SetTextColor
GetStockObject
SetViewportOrgEx
GetObjectA
SelectClipRgn
CreateRectRgn
GetClipRgn
CreateFontIndirectA
CreateSolidBrush
CreateCompatibleBitmap
DeleteDC
GetDeviceCaps
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
CreateRectRgnIndirect
SelectObject
SetBkMode
DeleteMetaFile

advapi32

RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA

ole32

OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
StringFromCLSID
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CreateDataAdviseHolder
CreateOleAdviseHolder
OleLoadFromStream
WriteClassStm
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleSaveToStream

oleaut32

SysAllocStringLen
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
OleCreatePropertyFrame
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantClear
VariantInit
VarUI4FromStr
RegisterTypeLi
SysFreeString
UnRegisterTypeLi
LoadTypeLi
SysAllocString

libexpatw

ord52
ord31
ord53
ord18
ord25
ord21
ord16

libeay32

ord2254

ssleay32

ord21
ord141
ord12
ord110
ord74
ord183
ord6
ord43
ord86
ord87
ord75
ord58
ord78
ord108
ord96
ord77
ord48
ord8
ord142

shlwapi

PathFindExtensionA

comctl32

_TrackMouseEvent

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/libeay32.dll
.dll windows:4 windows x86 arch:x86

9a8fb143a010f07506356c42d6154f05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

recvfrom
sendto
bind
listen
accept
ntohl
inet_ntoa
WSACancelBlockingCall
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

msvcr71

_write
_fileno
_stat
_chmod
_getch
strstr
_read
sprintf
wcsstr
_vsnprintf
vfprintf
_iob
abort
free
realloc
malloc
memchr
time
localtime
gmtime
strncpy
_errno
memmove
isxdigit
isdigit
fprintf
_getpid
fputs
fclose
fread
fwrite
fflush
fopen
_setmode
ftell
fseek
fgets
atoi
perror
qsort
strcmp
getenv
strerror
strchr
isalnum
isspace
strncmp
strtoul
strrchr
tolower
isupper
sscanf
exit
strtol
signal
printf
_initterm
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit

kernel32

SetLastError
LoadLibraryA
FreeLibrary
FindClose
GetProcAddress
GetTickCount
GetThreadTimes
GetCurrentThread
ExitProcess
GetFileType
GetVersion
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
CloseHandle
GetVersionExA
FlushConsoleInputBuffer
GetModuleHandleA
GetCurrentThreadId
FindNextFileA
GetLastError
FindFirstFileA
GetStdHandle

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_cipher
BIO_set_ex_data
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number
CONF_get_section
CONF_get_string
CONF_imodule_get_flags
CONF_imodule_get_module
CONF_imodule_get_name
CONF_imodule_get_usr_data
CONF_imodule_get_value
CONF_imodule_set_flags
CONF_imodule_set_usr_data
CONF_load
CONF_load_bio
CONF_load_fp
CONF_module_add
CONF_module_get_usr_data
CONF_module_set_usr_data
CONF_modules_finish
CONF_modules_free
CONF_modules_load
CONF_modules_load_file

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/libexpatw.dll
.dll windows:4 windows x86 arch:x86

16adaa296932ee15ea6dacef0485a6a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo

Exports

Exports

XML_DefaultCurrent
XML_ErrorString
XML_ExpatVersion
XML_ExpatVersionInfo
XML_ExternalEntityParserCreate
XML_FreeContentModel
XML_GetBase
XML_GetBuffer
XML_GetCurrentByteCount
XML_GetCurrentByteIndex
XML_GetCurrentColumnNumber
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_GetFeatureList
XML_GetIdAttributeIndex
XML_GetInputContext
XML_GetParsingStatus
XML_GetSpecifiedAttributeCount
XML_MemFree
XML_MemMalloc
XML_MemRealloc
XML_Parse
XML_ParseBuffer
XML_ParserCreate
XML_ParserCreateNS
XML_ParserCreate_MM
XML_ParserFree
XML_ParserReset
XML_ResumeParser
XML_SetAttlistDeclHandler
XML_SetBase
XML_SetCdataSectionHandler
XML_SetCharacterDataHandler
XML_SetCommentHandler
XML_SetDefaultHandler
XML_SetDefaultHandlerExpand
XML_SetDoctypeDeclHandler
XML_SetElementDeclHandler
XML_SetElementHandler
XML_SetEncoding
XML_SetEndCdataSectionHandler
XML_SetEndDoctypeDeclHandler
XML_SetEndElementHandler
XML_SetEndNamespaceDeclHandler
XML_SetEntityDeclHandler
XML_SetExternalEntityRefHandler
XML_SetExternalEntityRefHandlerArg
XML_SetNamespaceDeclHandler
XML_SetNotStandaloneHandler
XML_SetNotationDeclHandler
XML_SetParamEntityParsing
XML_SetProcessingInstructionHandler
XML_SetReturnNSTriplet
XML_SetSkippedEntityHandler
XML_SetStartCdataSectionHandler
XML_SetStartDoctypeDeclHandler
XML_SetStartElementHandler
XML_SetStartNamespaceDeclHandler
XML_SetUnknownEncodingHandler
XML_SetUnparsedEntityDeclHandler
XML_SetUserData
XML_SetXmlDeclHandler
XML_StopParser
XML_UseForeignDTD
XML_UseParserAsHandlerArg

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/tvu/ssleay32.dll
.dll windows:4 windows x86 arch:x86

ec3469e6569d715ba5e5e1375e9767e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord1654
ord903
ord252
ord2206
ord857
ord176
ord641
ord2821
ord281
ord290
ord654
ord181
ord188
ord269
ord3109
ord2630
ord910
ord2411
ord754
ord490
ord222
ord167
ord168
ord169
ord85
ord52
ord2201
ord289
ord493
ord911
ord464
ord3245
ord354
ord2936
ord3244
ord323
ord3067
ord2894
ord961
ord89
ord109
ord202
ord3239
ord866
ord110
ord3422
ord2929
ord3644
ord3570
ord2578
ord111
ord3010
ord3480
ord2924
ord3459
ord3512
ord3608
ord3575
ord3663
ord123
ord201
ord118
ord3666
ord219
ord498
ord285
ord635
ord912
ord909
ord3724
ord313
ord495
ord120
ord151
ord3178
ord3695
ord3550
ord3418
ord203
ord128
ord31
ord830
ord727
ord2760
ord282
ord572
ord3719
ord216
ord206
ord497
ord3682
ord2877
ord3711
ord205
ord486
ord484
ord763
ord577
ord907
ord87
ord481
ord3729
ord333
ord2915
ord256
ord1096
ord1097
ord2589
ord1145
ord1144
ord1081
ord2292
ord622
ord627
ord657
ord653
ord1653
ord2784
ord965
ord964
ord2572
ord2747
ord3704
ord3758
ord3767
ord3647
ord3766
ord3365
ord3460
ord3454
ord3754
ord3394
ord187
ord897
ord3414
ord3495
ord67
ord65
ord53
ord78
ord98
ord3559
ord3399
ord636
ord914
ord626
ord890
ord1004
ord3527
ord364
ord1010
ord2051
ord58
ord66
ord630
ord628
ord1041
ord1007
ord1005
ord1027
ord3378
ord3437
ord316
ord629
ord892
ord74
ord248
ord1655
ord575
ord1025
ord246
ord1100
ord679
ord2524
ord3595
ord1023
ord3505
ord401
ord93
ord3396
ord3657
ord887
ord889
ord891
ord315
ord1147
ord189
ord314
ord956
ord280
ord2181
ord399
ord748
ord279
ord283
ord400
ord751
ord750
ord774
ord3205
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3623
ord32
ord718
ord7
ord716
ord703
ord680
ord86
ord88
ord1101
ord293
ord322
ord2996
ord3155
ord2927
ord325
ord329
ord318
ord304
ord292
ord299
ord955
ord2252
ord91
ord247
ord904
ord901
ord623
ord905

msvcr71

_iob
_errno
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
strncmp
memmove
time
fprintf

kernel32

GetLastError
DisableThreadLibraryCalls
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sessions
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_msg_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_cmp
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_hash
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kernel/uusee/updateC2.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt
skins/ĬƤ.skn
skins/ƻMAC.skn
skins/ɫˮ.skn
uninst.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Ʒ_9PTV.com.url

Sharing

General

Malware Config

Signatures

Files

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 290KB

.ndata Size: - Virtual size: 304KB

.rsrc Size: 29KB - Virtual size: 32KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

Headers

File Characteristics

Sections

CODE Size: 621KB - Virtual size: 620KB

DATA Size: 6KB - Virtual size: 5KB

BSS Size: - Virtual size: 3KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 40KB - Virtual size: 40KB

.rsrc Size: 152KB - Virtual size: 152KB

a3344bd04f51a952af24e10e4b973774

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcp60

ws2_32

wininet

version

Exports

Exports

Sections

.text Size: 424KB - Virtual size: 423KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 20KB - Virtual size: 28KB

.rsrc Size: 31KB - Virtual size: 30KB

.reloc Size: 40KB - Virtual size: 40KB

e4197e66afe241c7aa26e2bdac468c14

Headers

File Characteristics

Imports

mfc42

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 304KB

.rsrc
Size: 29KB - Virtual size: 32KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

CODE
Size: 621KB - Virtual size: 620KB

DATA
Size: 6KB - Virtual size: 5KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 152KB - Virtual size: 152KB

.text
Size: 424KB - Virtual size: 423KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 20KB - Virtual size: 28KB

.rsrc
Size: 31KB - Virtual size: 30KB

.reloc
Size: 40KB - Virtual size: 40KB

.text
Size: 251KB - Virtual size: 250KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 46KB - Virtual size: 45KB

.reloc
Size: 27KB - Virtual size: 27KB

.text
Size: 175KB - Virtual size: 174KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 107KB - Virtual size: 106KB

.reloc
Size: 31KB - Virtual size: 30KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 17KB - Virtual size: 24KB

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 12KB - Virtual size: 12KB