2cae019a8f2d4bc5557544af36b2fd99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cae019a8f2d4bc5557544af36b2fd99_JaffaCakes118
Size

13.1MB
MD5

2cae019a8f2d4bc5557544af36b2fd99
SHA1

6df77bf06dd18f77598f90d3b25d50c753c44e5a
SHA256

6953a4bdcf67ecd58da1010f09e3e65b035723c2f97931369f70e6c830a6ff97
SHA512

9e6772591468ce3300842fbf53b294597095c0951da4e04bb7b20d0ca502dbd96574501f0b68d12c0b80194bda5e04ca65ed3beed04b34e6d9a25f115769ac64
SSDEEP

393216:fJ5Nne3iLH6I6qOs/IpPItUKNFii8STfgP:fJ5V3LH6uOKtZN4i80fgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack008/components/IBitCometExtension3.dll
unpack008/components/IBitCometExtension4.dll

Files

2cae019a8f2d4bc5557544af36b2fd99_JaffaCakes118
.rar
BitComet.exe
.exe windows:5 windows x86 arch:x86

fbcf928d644586f522358cbee05593b6

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dd:8e:68:b7:80:5a:fe:09:ec:b4:42:7b:de:a2:49:1f:ea:57:cd:09
Signer

Actual PE Digest

dd:8e:68:b7:80:5a:fe:09:ec:b4:42:7b:de:a2:49:1f:ea:57:cd:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\develop\BitComet.1.27\app\Release_unicode\GUI_BitComet.pdb

Imports

kernel32

GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetCPInfo
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
ExitProcess
ExitThread
RtlUnwind
GetDateFormatA
GetTimeFormatA
VirtualProtect
HeapReAlloc
UnhandledExceptionFilter
GetStartupInfoW
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
GetThreadLocale
GlobalFlags
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
CompareStringA
InterlockedExchange
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetProfileIntW
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFindAtomW
GetVersionExA
GetModuleHandleA
SuspendThread
ResumeThread
GlobalFree
GlobalSize
InterlockedDecrement
CreateRemoteThread
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CopyFileExW
MoveFileExW
CreateProcessW
GlobalMemoryStatusEx
lstrcatW
VirtualQuery
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
RaiseException
OutputDebugStringW
SetEnvironmentVariableW
FindFirstFileA
SetConsoleMode
ReadConsoleInputA
GetStringTypeExA
CreateMutexA
FlushConsoleInputBuffer
CreateWaitableTimerA
SetWaitableTimer
OpenEventA
CreateDirectoryW
DeviceIoControl
RemoveDirectoryW
IsBadStringPtrA
IsBadReadPtr
PeekNamedPipe
SetCurrentDirectoryW
GetEnvironmentVariableW
SetThreadLocale
ExpandEnvironmentStringsW
DebugBreak
SetConsoleCursorPosition
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterA
FreeConsole
IsProcessorFeaturePresent
InterlockedCompareExchange
CreateFileMappingW
GetFileInformationByHandle
GetDiskFreeSpaceW
SetUnhandledExceptionFilter
IsDebuggerPresent
SetThreadPriority
GetCurrentThread
GetVolumeInformationW
GetDiskFreeSpaceExW
GetDriveTypeW
SetSystemPowerState
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetTempFileNameW
GetModuleFileNameW
GlobalMemoryStatus
GetUserDefaultLangID
GetSystemDefaultLangID
GetShortPathNameW
SetProcessWorkingSetSize
GetProcessWorkingSetSize
VirtualFree
VirtualAlloc
MulDiv
FreeResource
LocalFree
LocalAlloc
CreateThread
TerminateThread
OpenEventW
ResetEvent
ReleaseMutex
lstrlenA
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
LoadLibraryA
LockFileEx
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesW
GetFileAttributesA
WideCharToMultiByte
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
LockFile
UnlockFile
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
CreateSemaphoreA
DuplicateHandle
SetFileAttributesW
GetACP
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocalTime
CompareStringW
lstrcpyW
MultiByteToWideChar
GetPrivateProfileStringW
lstrcmpiW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
GetWindowsDirectoryW
lstrcpynW
FlushInstructionCache
lstrlenW
GetVersion
SetThreadExecutionState
GlobalDeleteAtom
GlobalAddAtomW
GetSystemPowerStatus
GetCommandLineW
GetOEMCP
IsValidCodePage
GetSystemInfo
ReleaseSemaphore
GetVersionExW
GlobalAlloc
GetCurrentProcessId
GlobalUnlock
GlobalLock
LoadLibraryExW
GetLongPathNameW
Sleep
GetTickCount
CreateMutexW
FormatMessageW
MoveFileW
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
GetProcessHeap
WaitForMultipleObjects
CreateEventW
FreeLibrary
UnmapViewOfFile
MapViewOfFile
CreateEventA
OpenFileMappingW
DeleteFileW
CopyFileW
GetProcAddress
GetModuleHandleW
SetLastError
GetLastError
LoadLibraryW
GetSystemDirectoryW
GetCurrentThreadId
LockResource
SizeofResource
CloseHandle
LoadResource
FindResourceW
WaitForSingleObject
SetEvent
InitializeCriticalSectionAndSpinCount

user32

TranslateMessage
GetMessageW
GetWindowTextW
AdjustWindowRectEx
GetActiveWindow
PeekMessageW
ValidateRect
DrawFocusRect
EqualRect
LockWindowUpdate
GetCapture
CopyIcon
IntersectRect
GetClassNameA
IsChild
CallWindowProcW
DispatchMessageW
PostThreadMessageW
RegisterClassExW
RegisterClipboardFormatW
SetWindowRgn
GetWindowDC
GetDlgCtrlID
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
wvsprintfW
wsprintfW
InsertMenuW
CallNextHookEx
CreateCaret
DestroyCaret
SetWindowsHookExW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
DrawFrameControl
DefWindowProcW
GetSysColor
DrawTextW
SetMenuItemBitmaps
GetLastActivePopup
TabbedTextOutW
DrawTextExW
GrayStringW
GetScrollPos
SystemParametersInfoA
SetScrollInfo
GetScrollInfo
RegisterWindowMessageW
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
PostMessageW
EnableWindow
SendMessageW
GetDC
ReleaseDC
GetClientRect
LoadBitmapW
GetSystemMetrics
SetTimer
KillTimer
IsIconic
IsWindowVisible
MessageBoxW
SetForegroundWindow
EnumThreadWindows
SetClipboardViewer
ChangeClipboardChain
IsClipboardFormatAvailable
OpenClipboard
RegisterClassW
GetClassInfoW
GetClassInfoExW
GetClipboardData
CloseClipboard
GetClipboardOwner
GetWindowThreadProcessId
EmptyClipboard
SetClipboardData
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
RemoveMenu
GetWindowLongW
SetWindowPos
BringWindowToTop
GetWindowPlacement
ShowWindow
IsWindowEnabled
SetFocus
GetWindow
GetParent
GetFocus
EnumWindows
ScrollWindow
MapWindowPoints
GetMessageTime
GetTopWindow
GetDlgItem
GetForegroundWindow
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetClassLongW
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
MoveWindow
TranslateAcceleratorW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CopyAcceleratorTableW
InvalidateRgn
MapDialogRect
SetWindowContextHelpId
GetNextDlgGroupItem
MessageBeep
ShowOwnedPopups
IsZoomed
SetCursorPos
DestroyCursor
CharNextW
EndMenu
ScreenToClient
IsWindow
GetCursorPos
WindowFromPoint
PtInRect
AnimateWindow
SetWindowLongW
GetKeyState
LoadIconW
LoadImageW
GetWindowRect
UpdateWindow
InvalidateRect
FillRect
GetDesktopWindow
DrawIcon
GetDoubleClickTime
IsRectEmpty
EnableMenuItem
CheckMenuItem
SetRectEmpty
DestroyWindow
CreateWindowExW
SendMessageTimeoutW
DdeGetData
DdeFreeDataHandle
MessageBoxA
DdeInitializeW
DdeCreateStringHandleA
DdeNameService
DdeFreeStringHandle
ExitWindowsEx
GetMenu
DrawMenuBar
UnregisterClassW
GetDCEx
GetDialogBaseUnits
CharUpperW
ShowScrollBar
GetSystemMenu
SetActiveWindow
LoadStringA
OffsetRect
DrawAnimatedRects
SetParent
EnumChildWindows
FindWindowW
GetClassNameW
SetMenuDefaultItem
GetSubMenu
LoadMenuW
InflateRect
SetRect
EndPaint
BeginPaint
LoadCursorW
SetCursor
ReleaseCapture
SetCapture
GetSysColorBrush
SystemParametersInfoW
SetWindowPlacement
CopyRect
GetComboBoxInfo
RedrawWindow
UnionRect
DestroyIcon
ClientToScreen
IsMenu
CheckMenuRadioItem
GetMenuItemInfoW
SetMenuItemInfoW
InsertMenuItemW
ModifyMenuW
DeleteMenu
GetMessagePos
GetMenuState
PostQuitMessage
CreateMenu
DestroyMenu
RegisterHotKey
UnregisterHotKey
VkKeyScanW
GetAsyncKeyState
EnableScrollBar
GetUpdateRgn
CreateDialogParamW
GetIconInfo
CreateIconIndirect
DrawIconEx
FlashWindow
DrawStateW
DrawEdge
HideCaret
ShowCaret
keybd_event
ChildWindowFromPoint
MsgWaitForMultipleObjects
GetClipboardFormatNameW
DestroyAcceleratorTable
CreateAcceleratorTableW
FindWindowExW
ValidateRgn
ChangeDisplaySettingsW
EnumDisplaySettingsW
ShowCursor
DdeUninitialize
DdeQueryStringW
DdeCreateDataHandle
DdeGetLastError
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeConnect
DdePostAdvise
GetUserObjectInformationW
GetProcessWindowStation
SetCaretPos

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
CreatePen
ExtCreatePen
CreateHatchBrush
GetCharWidthW
CreateFontW
StretchDIBits
CreateEllipticRgn
DPtoLP
LPtoDP
GetRgnBox
SetRectRgn
GetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
Escape
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32W
SelectObject
GetDeviceCaps
GetBitmapDimensionEx
CreateSolidBrush
GetStockObject
CreateFontIndirectW
GetObjectW
GetOutlineTextMetricsW
RealizePalette
GdiFlush
Polyline
PolyBezier
ExtFloodFill
SetBrushOrgEx
GetCharABCWidthsW
GetTextExtentExPointW
Arc
Pie
PolyPolygon
RoundRect
MaskBlt
OffsetRgn
ExtCreateRegion
GetRegionData
RectInRegion
CreateICW
EqualRgn
PtInRegion
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateDIBitmap
GetDIBColorTable
GetSystemPaletteEntries
SetAbortProc
EndDoc
StartPage
EndPage
GetEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
PlayEnhMetaFile
CloseEnhMetaFile
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetWindowExtEx
SetROP2
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextMetricsW
Rectangle
GetTextColor
GetBkColor
DeleteObject
CreatePenIndirect
CreateDIBSection
Ellipse
GetDIBits
CreateBitmap
CreateRectRgnIndirect
GetPixel
CreateRectRgn
CombineRgn
StretchBlt
SetPixel
Polygon
EnumFontFamiliesExW
CopyMetaFileW
CreateDCW
GetViewportExtEx
PatBlt

comdlg32

PrintDlgW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgW
GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

OpenSCManagerW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
StartServiceW
ControlService
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyW
RegSetValueExW
GetTokenInformation
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW

shell32

SHBrowseForFolderW
DragQueryPoint
ExtractIconExW
ord155
SHGetFolderLocation
SHGetFolderPathW
SHFileOperationW
SHChangeNotify
ord680
DragAcceptFiles
Shell_NotifyIconW
SHAppBarMessage
SHGetFileInfoW
ShellExecuteW
ExtractIconW
DragFinish
ord16
ShellExecuteExW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
SHBindToParent

comctl32

ord17
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_Destroy
ImageList_Add
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Remove
ImageList_SetBkColor
ord16
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_Create
ImageList_DragMove
ImageList_DragEnter
ImageList_DragLeave
_TrackMouseEvent
ImageList_EndDrag

shlwapi

AssocQueryStringW
PathIsUNCW
SHStrDupW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
StrRetToBufW

oledlg

OleUIBusyW

ole32

OleSetClipboard
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleUninitialize
CoGetMalloc
OleInitialize
OleLockRunning
CLSIDFromProgID
OleSetContainedObject
OleRun
CreateStreamOnHGlobal
CoCreateGuid
CoFreeUnusedLibraries
PropVariantClear
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CLSIDFromString

oleaut32

SysFreeString
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VarDecFromR8
VarR8FromDec
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
OleLoadPicture
VariantInit
SysStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SysAllocString
SysAllocStringLen

ws2_32

listen
shutdown
getsockname
getpeername
connect
WSAAsyncGetHostByName
send
recv
WSACancelAsyncRequest
WSAAsyncSelect
WSAEventSelect
setsockopt
WSAGetLastError
sendto
gethostbyname
recvfrom
closesocket
bind
htonl
socket
ntohs
inet_ntoa
WSASetLastError
WSACleanup
WSAStartup
inet_addr
htons
ioctlsocket
accept

winmm

sndPlaySoundW

rpcrt4

RpcStringFreeW
UuidToStringW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 222KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 763KB - Virtual size: 762KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BitComet_x64.exe
.exe windows:5 windows x64 arch:x64

22edd3e6d90d9d3dd739e996e1c50423

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:23:5f:63:97:53:7e:f2:a7:ee:18:25:9e:5b:f5:f9:19:a5:84:4c
Signer

Actual PE Digest

63:23:5f:63:97:53:7e:f2:a7:ee:18:25:9e:5b:f5:f9:19:a5:84:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\develop\BitComet.1.27\app\Release_unicode_x64\GUI_BitComet.pdb

Imports

kernel32

HeapCreate
GetCPInfo
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetCurrentDirectoryA
GetDriveTypeA
SetEnvironmentVariableA
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
DecodePointer
EncodePointer
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
HeapQueryInformation
ExitProcess
ExitThread
RtlUnwindEx
GetTimeFormatA
GetDateFormatA
VirtualProtect
HeapReAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
RtlPcToFileHeader
GetStartupInfoW
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
GetThreadLocale
GlobalFlags
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
FindActCtxSectionStringW
CompareStringA
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
GetProfileIntW
FileTimeToSystemTime
GlobalGetAtomNameW
GlobalFindAtomW
GetVersionExA
GetModuleHandleA
SuspendThread
ResumeThread
GlobalFree
GlobalSize
CreateRemoteThread
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CopyFileExW
MoveFileExW
CreateProcessW
GlobalMemoryStatusEx
lstrcatW
VirtualQuery
GetFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
RaiseException
SetEnvironmentVariableW
FindFirstFileA
SetConsoleMode
ReadConsoleInputA
GetStringTypeExA
CreateMutexA
FlushConsoleInputBuffer
CreateWaitableTimerA
SetWaitableTimer
OpenEventA
CreateDirectoryW
DeviceIoControl
RemoveDirectoryW
PeekNamedPipe
SetCurrentDirectoryW
GetEnvironmentVariableW
SetThreadLocale
ExpandEnvironmentStringsW
DebugBreak
SetConsoleCursorPosition
FillConsoleOutputCharacterW
GetConsoleScreenBufferInfo
ReadConsoleOutputCharacterA
FreeConsole
InterlockedPopEntrySList
InterlockedPushEntrySList
OutputDebugStringW
CreateFileMappingW
GetFileInformationByHandle
GetDiskFreeSpaceW
SetUnhandledExceptionFilter
IsDebuggerPresent
SetThreadPriority
GetCurrentThread
GetVolumeInformationW
GetDiskFreeSpaceExW
GetDriveTypeW
SetSystemPowerState
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetTempFileNameW
GetModuleFileNameW
GlobalMemoryStatus
GetUserDefaultLangID
GetSystemDefaultLangID
GetShortPathNameW
SetProcessWorkingSetSize
GetProcessWorkingSetSize
VirtualFree
VirtualAlloc
MulDiv
FreeResource
LocalFree
LocalAlloc
CreateThread
TerminateThread
OpenEventW
ResetEvent
ReleaseMutex
lstrlenA
DeleteFileA
AreFileApisANSI
GetSystemTime
GetTempPathA
LoadLibraryA
LockFileEx
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
GetFileAttributesW
GetFileAttributesA
WideCharToMultiByte
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
LockFile
UnlockFile
SetEndOfFile
SetFilePointer
GetFileSize
CreateFileA
GetFullPathNameA
GetFullPathNameW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
CreateSemaphoreA
DuplicateHandle
SetFileAttributesW
GetACP
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocalTime
CompareStringW
lstrcpyW
MultiByteToWideChar
GetPrivateProfileStringW
lstrcmpiW
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
GetWindowsDirectoryW
lstrcpynW
FlushInstructionCache
lstrlenW
GetVersion
SetThreadExecutionState
GlobalDeleteAtom
GlobalAddAtomW
GetSystemPowerStatus
GetCommandLineW
GetOEMCP
IsValidCodePage
GetSystemInfo
ReleaseSemaphore
GetVersionExW
GlobalAlloc
GetCurrentProcessId
GlobalUnlock
GlobalLock
LoadLibraryExW
GetLongPathNameW
Sleep
GetTickCount
CreateMutexW
FormatMessageW
MoveFileW
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
GetProcessHeap
WaitForMultipleObjects
CreateEventW
FreeLibrary
CreateEventA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
DeleteFileW
CopyFileW
GetProcAddress
GetModuleHandleW
SetLastError
GetLastError
LoadLibraryW
GetSystemDirectoryW
GetCurrentThreadId
LockResource
SizeofResource
CloseHandle
LoadResource
FindResourceW
WaitForSingleObject
SetEvent
HeapSetInformation

user32

TranslateMessage
GetMessageW
GetWindowTextW
AdjustWindowRectEx
GetActiveWindow
PeekMessageW
ValidateRect
DrawFocusRect
EqualRect
LockWindowUpdate
GetCapture
CopyIcon
IntersectRect
GetClassNameA
IsChild
CallWindowProcW
DrawFrameControl
DefWindowProcW
GetSysColor
DrawTextW
OffsetRect
CreateCaret
DispatchMessageW
wvsprintfW
wsprintfW
InsertMenuW
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetLastActivePopup
TabbedTextOutW
DrawTextExW
GrayStringW
SystemParametersInfoA
SetScrollInfo
GetScrollInfo
RegisterClassW
DrawAnimatedRects
SetParent
EnumChildWindows
FindWindowW
PostThreadMessageW
RegisterClassExW
RegisterClipboardFormatW
SetWindowRgn
GetScrollPos
GetWindowDC
GetDlgCtrlID
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
DestroyCaret
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
RegisterWindowMessageW
PostMessageW
EnableWindow
SendMessageW
GetDC
ReleaseDC
GetClientRect
LoadBitmapW
GetSystemMetrics
SetTimer
KillTimer
IsIconic
IsWindowVisible
MessageBoxW
SetForegroundWindow
EnumThreadWindows
SetClipboardViewer
ChangeClipboardChain
IsClipboardFormatAvailable
GetClassInfoW
GetClassInfoExW
OpenClipboard
GetClipboardData
CloseClipboard
GetClipboardOwner
GetWindowThreadProcessId
EmptyClipboard
SetClipboardData
TrackPopupMenu
AppendMenuW
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
RemoveMenu
GetWindowLongW
SetWindowPos
BringWindowToTop
GetWindowPlacement
ShowWindow
IsWindowEnabled
SetFocus
GetWindow
GetParent
GetFocus
EnumWindows
ScrollWindow
MapWindowPoints
GetMessageTime
GetTopWindow
GetDlgItem
GetForegroundWindow
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
GetClassLongPtrW
WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
MoveWindow
TranslateAcceleratorW
LoadAcceleratorsW
ReuseDDElParam
UnpackDDElParam
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CopyAcceleratorTableW
InvalidateRgn
MapDialogRect
SetWindowContextHelpId
GetNextDlgGroupItem
MessageBeep
ShowOwnedPopups
IsZoomed
SetCursorPos
DestroyCursor
CharNextW
EndMenu
ScreenToClient
IsWindow
GetCursorPos
WindowFromPoint
PtInRect
AnimateWindow
SetWindowLongW
GetWindowLongPtrW
GetKeyState
LoadIconW
LoadImageW
GetWindowRect
UpdateWindow
InvalidateRect
FillRect
GetDesktopWindow
DrawIcon
GetDoubleClickTime
IsRectEmpty
EnableMenuItem
CheckMenuItem
SetRectEmpty
DestroyWindow
CreateWindowExW
SendMessageTimeoutW
DdeGetData
DdeFreeDataHandle
MessageBoxA
DdeInitializeW
DdeCreateStringHandleA
DdeNameService
DdeFreeStringHandle
ExitWindowsEx
UnregisterClassW
GetDCEx
GetDialogBaseUnits
CharUpperW
ShowScrollBar
LoadStringA
GetProcessWindowStation
GetUserObjectInformationW
DdePostAdvise
GetClassNameW
SetMenuDefaultItem
GetSubMenu
LoadMenuW
InflateRect
SetRect
EndPaint
BeginPaint
LoadCursorW
SetCursor
ReleaseCapture
SetCapture
GetSysColorBrush
SetWindowLongPtrW
SystemParametersInfoW
SetWindowPlacement
CopyRect
GetComboBoxInfo
RedrawWindow
UnionRect
DestroyIcon
ClientToScreen
IsMenu
CheckMenuRadioItem
GetMenuItemInfoW
SetMenuItemInfoW
InsertMenuItemW
ModifyMenuW
DeleteMenu
GetMessagePos
GetMenuState
PostQuitMessage
CreateMenu
DestroyMenu
RegisterHotKey
UnregisterHotKey
SetActiveWindow
GetSystemMenu
DrawMenuBar
GetMenu
VkKeyScanW
GetAsyncKeyState
EnableScrollBar
GetUpdateRgn
CreateDialogParamW
GetIconInfo
CreateIconIndirect
DrawIconEx
FlashWindow
DrawStateW
DrawEdge
HideCaret
ShowCaret
keybd_event
ChildWindowFromPoint
MsgWaitForMultipleObjects
GetClipboardFormatNameW
DestroyAcceleratorTable
CreateAcceleratorTableW
FindWindowExW
ValidateRgn
ChangeDisplaySettingsW
EnumDisplaySettingsW
ShowCursor
DdeUninitialize
DdeQueryStringW
DdeCreateDataHandle
DdeGetLastError
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeConnect
SetCaretPos

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
CreatePen
ExtCreatePen
CreateHatchBrush
GetCharWidthW
CreateFontW
StretchDIBits
CreateEllipticRgn
DPtoLP
LPtoDP
GetRgnBox
SetRectRgn
GetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
Escape
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
PatBlt
CreateDCW
CopyMetaFileW
EnumFontFamiliesExW
Polygon
GetTextExtentPoint32W
SelectObject
GetDeviceCaps
GetOutlineTextMetricsW
RealizePalette
GdiFlush
Polyline
PolyBezier
ExtFloodFill
SetBrushOrgEx
GetCharABCWidthsW
GetTextExtentExPointW
Arc
Pie
PolyPolygon
RoundRect
MaskBlt
OffsetRgn
ExtCreateRegion
GetRegionData
RectInRegion
CreateICW
EqualRgn
PtInRegion
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
CreateDIBitmap
GetDIBColorTable
GetSystemPaletteEntries
SetAbortProc
EndDoc
StartPage
EndPage
GetEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileHeader
CreateEnhMetaFileW
PlayEnhMetaFile
CloseEnhMetaFile
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetWindowExtEx
SetStretchBltMode
GetBitmapDimensionEx
CreateSolidBrush
GetStockObject
CreateFontIndirectW
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextMetricsW
Rectangle
Ellipse
GetTextColor
GetBkColor
DeleteObject
CreatePenIndirect
CreateDIBSection
GetObjectW
GetDIBits
CreateBitmap
CreateRectRgnIndirect
GetPixel
CreateRectRgn
CombineRgn
StretchBlt
GetViewportExtEx
SetPixel

comdlg32

PrintDlgW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PageSetupDlgW
GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
QueryServiceStatusEx
StartServiceW
ControlService
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegisterEventSourceW
ReportEventW
DeregisterEventSource
RegOpenKeyW
RegSetValueExW
GetTokenInformation
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW

shell32

SHGetFolderPathW
ExtractIconExW
SHBrowseForFolderW
ExtractIconW
DragFinish
ord16
ShellExecuteExW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage
Shell_NotifyIconW
DragAcceptFiles
ord680
SHChangeNotify
SHFileOperationW
DragQueryPoint
SHGetFolderLocation
ord155
SHBindToParent

comctl32

ord17
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_Replace
ImageList_SetBkColor
ord16
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragMove
ImageList_Remove
ImageList_DragEnter
ImageList_DragLeave
_TrackMouseEvent
ImageList_EndDrag

shlwapi

PathStripToRootW
PathFindExtensionW
PathFindFileNameW
SHStrDupW
PathIsUNCW
AssocQueryStringW
StrRetToBufW

oledlg

OleUIBusyW

ole32

OleSetClipboard
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleUninitialize
CoGetMalloc
OleInitialize
OleLockRunning
CLSIDFromProgID
OleSetContainedObject
OleRun
CreateStreamOnHGlobal
CoCreateGuid
CoFreeUnusedLibraries
PropVariantClear
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CLSIDFromString

oleaut32

SysFreeString
VariantCopy
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VarDecFromR8
VarR8FromDec
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
OleLoadPicture
VariantInit
SysStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SysAllocString
SysAllocStringLen

ws2_32

listen
shutdown
getsockname
getpeername
connect
WSAAsyncGetHostByName
send
recv
WSACancelAsyncRequest
WSAAsyncSelect
WSAEventSelect
setsockopt
WSAGetLastError
sendto
gethostbyname
recvfrom
closesocket
bind
htonl
socket
ntohs
inet_ntoa
WSASetLastError
WSACleanup
WSAStartup
inet_addr
htons
ioctlsocket
accept

winmm

sndPlaySoundW

rpcrt4

RpcStringFreeW
UuidToStringW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 523KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 947KB - Virtual size: 947KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 777KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ChangeLog.txt
CrashReport.exe
.exe windows:5 windows x86 arch:x86

35414ce505fdb2a89822b4da72ed4561

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c4:e2:f9:b2:f8:f5:c3:4e:c7:19:ab:14:de:4b:f1:50:b4:96:de:9f
Signer

Actual PE Digest

c4:e2:f9:b2:f8:f5:c3:4e:c7:19:ab:14:de:4b:f1:50:b4:96:de:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Develop_1\CrashReport\CrashReport\src\CrashReport\app\release\CrashReport.pdb

Imports

kernel32

LocalReAlloc
TlsFree
InterlockedIncrement
GetFileAttributesA
GetFileSizeEx
GetFileTime
SetErrorMode
GetModuleHandleW
GetCPInfo
GetOEMCP
GetTickCount
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
GetStdHandle
TlsSetValue
InitializeCriticalSectionAndSpinCount
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FormatMessageA
LocalFree
GlobalAddAtomA
SuspendThread
ResumeThread
SetThreadPriority
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
FindFirstFileA
FileTimeToLocalFileTime
FindNextFileA
FindClose
lstrlenA
GlobalUnlock
FreeResource
GlobalFree
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
FindActCtxSectionStringA
LoadLibraryExA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
GetProcAddress
SystemTimeToFileTime
GetLocalTime
UnmapViewOfFile
GetCurrentProcess
DuplicateHandle
FileTimeToDosDateTime
SetFilePointer
GetFileInformationByHandle
GetFileType
FileTimeToSystemTime
GetFileSize
ReadFile
WriteFile
CreateFileA
WaitForMultipleObjects
CreateEventA
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
CloseHandle
SetEvent
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
MultiByteToWideChar
SetLastError
GetLastError
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
MulDiv
Sleep
CopyFileA
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CreateProcessA
GetModuleFileNameA
GetACP
GetUserDefaultLangID

user32

RegisterClipboardFormatA
PostThreadMessageA
SetCapture
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
GetDlgCtrlID
DefWindowProcA
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExA
CallNextHookEx
GetMessageA
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
CharUpperA
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
UnregisterClassA
GetSysColorBrush
GetNextDlgGroupItem
InvalidateRgn
GetWindowThreadProcessId
GetWindowLongA
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
GetLastActivePopup
IsWindowEnabled
MessageBoxA
FillRect
PostMessageA
CopyIcon
LoadCursorA
InflateRect
ReleaseDC
GetDC
GetSysColor
IsWindow
RedrawWindow
GetParent
GetWindowRect
SetCursor
PtInRect
ScreenToClient
GetMessagePos
InvalidateRect
MessageBeep
SetWindowLongA
DispatchMessageA
TranslateMessage
PostQuitMessage
PeekMessageA
KillTimer
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SetTimer
SendMessageA
AppendMenuA
GetSystemMenu
LoadIconA
EnableWindow
CallWindowProcA

gdi32

ExtSelectClipRgn
ScaleWindowExtEx
CreateSolidBrush
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
SetWindowExtEx
DeleteObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetWindowExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
ExtTextOutA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateRectRgnIndirect
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteDC
GetDeviceCaps
GetViewportExtEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegQueryValueA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysFreeString

wsock32

WSAStartup
WSACleanup
WSASetLastError

wininet

InternetSetStatusCallback
InternetReadFile
HttpQueryInfoA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpSendRequestA
InternetSetCookieA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCloseHandle
InternetAttemptConnect
InternetConnectA
InternetOpenA

Sections

.text
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Favourite.xml
.xml
License.txt
Privacy.txt
ReadMe.txt
fav/HowTo-AddYourSite.txt
fav/download-complete.wav
fav/fav_bg.xml
.xml
fav/fav_ca.xml
.xml
fav/fav_de.xml
.xml
fav/fav_el.xml
.xml
fav/fav_en_us.xml
.xml
fav/fav_es.xml
.xml
fav/fav_fi.xml
.xml
fav/fav_he.xml
.xml
fav/fav_hu.xml
.xml
fav/fav_it.xml
.xml
fav/fav_ja.xml
.xml
fav/fav_ko.xml
.xml
fav/fav_lv.xml
.xml
fav/fav_nl.xml
.xml
fav/fav_pl.xml
.xml
fav/fav_pt.xml
.xml
fav/fav_pt_br.xml
.xml
fav/fav_ru.xml
.xml
fav/fav_sl.xml
.xml
fav/fav_th.xml
.xml
fav/fav_uk.xml
.xml
fav/fav_vi.xml
.xml
fav/fav_zh_cn.xml
fav/fav_zh_tw.xml
.xml
fav/passport_info_en_us.mht
.eml .js polyglot
- http://blog.bitcomet.com/?login
- http://blog.bitcomet.com/bcmedia/albums/?login
- http://www.apphit.com/?login
- http://www.atcomet.com/?login
- http://www.mcomet.com/?login
- http://www.playcomet.com/?login
attachment-10
.gif
attachment-11
.gif
attachment-12
.gif
attachment-13
.gif
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
attachment-8
.gif
attachment-9
.gif
email-html-1.txt
.js
fav/passport_info_zh_cn.mht
.eml .js polyglot
- http://hero.txwy.com/?login
- http://tf.txwy.com/?login
- http://ww2.txwy.com/?login
- http://www.cometbbs.com/?login
- http://www.txwy.com/?login
- http://www.txwybbs.com/?login
attachment-10
.gif
attachment-11
.gif
attachment-12
.gif
attachment-13
.gif
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
attachment-8
.gif
attachment-9
.gif
email-html-1.txt
.js
fav/passport_info_zh_tw.mht
.eml .js polyglot
- http://ao.txwy.tw/?login
- http://bbs.txwy.tw/?login
- http://m.txwy.tw/?login
- http://tf.txwy.tw/?login
- http://ww2.txwy.tw/?login
- http://www.txwy.tw/?login
attachment-10
.gif
attachment-11
.gif
attachment-12
.gif
attachment-13
.gif
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
attachment-8
.gif
attachment-9
.gif
email-html-1.txt
.js
fav/passport_login_en_us.mht
.eml
- http://blog.bitcomet.com/?login
- http://blog.bitcomet.com/bcmedia/albums/?login
- http://www.apphit.com/?login
- http://www.atcomet.com/?login
- http://www.cometid.com/passport/register?login
- http://www.mcomet.com/?login
- http://www.playcomet.com/?login
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
email-html-1.txt
fav/passport_login_zh_cn.mht
.eml
- http://blog.mdbchina.com/?login
- http://game.didai.com/?login
- http://m.didai.com/?login
- http://mp3.didai.com/?login
- http://my.mdbchina.com/?login
- http://www.cometpass.com/passport/register?login
- http://www.mdbchina.cn/?login
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
email-html-1.txt
fav/passport_login_zh_tw.mht
.eml
- http://ao.txwy.tw/?login
- http://bbs.txwy.tw/?login
- http://m.txwy.tw/?login
- http://tf.txwy.tw/?login
- http://ww2.txwy.tw/?login
- http://www.cometpassport.com/passport/register?login
- http://www.txwy.tw/?login
attachment-2
.gif
attachment-3
.gif
attachment-4
.gif
attachment-5
.gif
attachment-6
.gif
attachment-7
.gif
email-html-1.txt
fav/新云软件.url
.url
lang/HowTo-Translate.txt
lang/bitcomet-ar.mo
lang/bitcomet-bg.mo
lang/bitcomet-bs.mo
lang/bitcomet-ca.mo
lang/bitcomet-cs.mo
lang/bitcomet-da.mo
lang/bitcomet-de.mo
lang/bitcomet-el.mo
lang/bitcomet-en_US.mo
.eml
lang/bitcomet-es.mo
lang/bitcomet-et.mo
lang/bitcomet-eu.mo
lang/bitcomet-fa.mo
lang/bitcomet-fi.mo
lang/bitcomet-fr.mo
lang/bitcomet-gl.mo
lang/bitcomet-he.mo
lang/bitcomet-hr.mo
lang/bitcomet-hu.mo
lang/bitcomet-hy.mo
lang/bitcomet-id.mo
lang/bitcomet-it.mo
lang/bitcomet-ja.mo
lang/bitcomet-kk.mo
lang/bitcomet-kn.mo
lang/bitcomet-ko.mo
lang/bitcomet-lt.mo
lang/bitcomet-lv.mo
lang/bitcomet-mk.mo
lang/bitcomet-ms.mo
lang/bitcomet-nb.mo
lang/bitcomet-ne.mo
lang/bitcomet-nl.mo
lang/bitcomet-pl.mo
lang/bitcomet-pt.mo
lang/bitcomet-pt_BR.mo
lang/bitcomet-ro.mo
lang/bitcomet-ru.mo
lang/bitcomet-sk.mo
lang/bitcomet-sl.mo
lang/bitcomet-sq.mo
lang/bitcomet-sr.mo
lang/bitcomet-sv.mo
lang/bitcomet-ta.mo
lang/bitcomet-th.mo
lang/bitcomet-tr.mo
lang/bitcomet-ug.mo
lang/bitcomet-uk.mo
lang/bitcomet-ur.mo
lang/bitcomet-vi.mo
lang/bitcomet-zh_CN.mo
lang/bitcomet-zh_TW.mo
rules/dhtnodes.dat
rules/tracker.dat
tools/BitCometAgent.dll
.dll regsvr32 windows:5 windows x86 arch:x86

2dcd855383d3fdd58d70e00bc913c6e1

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

32:e9:cf:c4:fb:e8:c4:c0:62:d0:d3:16:39:1e:8b:68:df:ef:f5:c9
Signer

Actual PE Digest

32:e9:cf:c4:fb:e8:c4:c0:62:d0:d3:16:39:1e:8b:68:df:ef:f5:c9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Develop_Server\BitCometAgent_ActiveX\app\Release_Unicode\BitCometAgent_ActiveX.pdb

Imports

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType
SafeArrayGetVartype
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
UnRegisterTypeLi
RegisterTypeLi
SafeArrayGetLBound

kernel32

DeviceIoControl
CreateMutexA
GetVersionExA
lstrcpyW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
lstrlenW
RaiseException
GetLastError
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadResource
SizeofResource
FindResourceW
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
lstrcmpiW
LoadLibraryExW
FreeLibrary
CreateEventA
SetEvent
CloseHandle
GetThreadLocale
SetThreadLocale
LocalFree
lstrcpynW
GetFileInformationByHandle
AreFileApisANSI
OpenEventA
FindFirstFileA
LeaveCriticalSection
LoadLibraryW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateProcessW
Thread32First
Thread32Next
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
Sleep
ResetEvent
WaitForSingleObject
GetCurrentProcess
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
ExpandEnvironmentStringsW
DebugBreak
GetVersionExW
CompareStringW
GetSystemInfo
GetCurrentThreadId
ReleaseMutex
TlsSetValue
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
FormatMessageW
GetFileAttributesW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathW
GetTempFileNameW
FindClose
FindFirstFileW
GetEnvironmentVariableW
GetCurrentProcessId
GetCPInfo
IsValidCodePage
TerminateProcess
GetACP
GetLocaleInfoW
GetUserDefaultLCID
IsValidLocale
GetFileType
SetCurrentDirectoryW
CopyFileW
GetModuleHandleA
ReadFile
WriteFile
WaitForMultipleObjects
PeekNamedPipe
GetDriveTypeW
FormatMessageA
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetStringTypeW
LCMapStringA
LCMapStringW
GetSystemTimeAsFileTime
HeapReAlloc
DeleteFileW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
SetStdHandle
MoveFileW
GetFullPathNameW
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
SetLastError
HeapSize
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetTimeFormatA
GetDateFormatA
GetOEMCP
GetLocaleInfoA
EnumSystemLocalesA
GetStringTypeA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetEndOfFile
GetProcessHeap
CompareStringA

user32

DdeFreeStringHandle
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
DdePostAdvise
wsprintfW
MessageBoxW
GetWindowTextW
EnumThreadWindows
DestroyWindow
UnregisterClassW
DdeDisconnect
CharNextW

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid
CoTaskMemFree
CoTaskMemRealloc

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/BitCometBHO.dll
.dll regsvr32 windows:5 windows x86 arch:x86

04ab723258615f472b614e44dcc9ef56

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a0:8c:21:49:1f:a5:42:06:15:1a:67:63:d6:cb:41:2f:f1:13:de:d6
Signer

Actual PE Digest

a0:8c:21:49:1f:a5:42:06:15:1a:67:63:d6:cb:41:2f:f1:13:de:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Develop\BitCometExtension_IE\app\release_unicode\BitCometBHO.pdb

Imports

kernel32

SetEvent
WaitForSingleObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
Thread32First
Thread32Next
GetTickCount
Sleep
ResetEvent
CreateEventW
CreateProcessW
GetCurrentProcess
FlushInstructionCache
CreateEventA
lstrcpynW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCurrentDirectoryA
CreateFileA
PeekNamedPipe
CloseHandle
GetConsoleMode
GetConsoleCP
GetDriveTypeW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiW
OpenEventA
AreFileApisANSI
FindFirstFileW
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
SetThreadLocale
GetThreadLocale
GetACP
GetFullPathNameA
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
FindResourceW
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
GetFullPathNameW
DeviceIoControl
FindClose
LocalAlloc
CreateMutexA
GetVersionExA
GetFileInformationByHandle
SetEndOfFile
SetFilePointer
FlushFileBuffers
ReadFile
CreateFileW
lstrlenW
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetProcAddress
lstrcpyW
GetFileAttributesW
ReleaseMutex
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
LocalFree
FormatMessageA
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
GetStringTypeW
GetCPInfo
LCMapStringA
LCMapStringW
SetLastError
HeapSize
ExitProcess
HeapReAlloc
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExW
GetSystemInfo
SetStdHandle

user32

wsprintfW
ReleaseDC
GetDC
EnumThreadWindows
CallWindowProcW
GetWindowTextW
LoadImageW
IsWindow
FillRect
CharNextW
InsertMenuItemW
CreatePopupMenu
SetMenuInfo
GetMenuInfo
GetMenuItemCount
DeleteMenu
GetMenuItemInfoW
SetMenuItemInfoW
SetWindowLongW
GetSysColor
LoadBitmapW
GetCursorPos
CallNextHookEx
SetRect
GetSystemMetrics
DrawTextW
SetWindowsHookExW
UnhookWindowsHookEx
EnableMenuItem
GetWindowThreadProcessId
ScreenToClient
PostMessageW
AppendMenuW

gdi32

SetTextColor
GetObjectW
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
SelectObject
SetBkMode

advapi32

RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CLSIDFromString
CoCreateGuid
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
SysStringLen
VarUI4FromStr
LoadRegTypeLi
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

SHDeleteKeyW

comctl32

ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_AddMasked

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/BitCometService.exe
.exe windows:5 windows x86 arch:x86

466bdf11c9b849fd09036efcb887877c

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ca:f0:be:2b:91:d0:9f:5b:66:98:77:65:90:24:15:c6:79:96:94:9b
Signer

Actual PE Digest

ca:f0:be:2b:91:d0:9f:5b:66:98:77:65:90:24:15:c6:79:96:94:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Develop_Server\Service_BCHelper\app\Release_unicode\Service_BCHelper.pdb

Imports

kernel32

QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
FindNextFileW
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
VirtualAlloc
VirtualFree
HeapCreate
GetModuleFileNameA
GetStdHandle
HeapSize
CreateThread
ExitThread
HeapReAlloc
RaiseException
RtlUnwind
SetConsoleMode
ReadConsoleInputA
FlushConsoleInputBuffer
GetVersion
CreateProcessW
GlobalMemoryStatusEx
lstrcatW
VirtualQuery
FileTimeToDosDateTime
OutputDebugStringW
GetFileInformationByHandle
GetDiskFreeSpaceW
GetLocalTime
OpenFileMappingW
CreateFileMappingW
GetLongPathNameW
GlobalMemoryStatus
GetSystemDefaultLangID
lstrcpyW
CreateWaitableTimerA
SetWaitableTimer
OpenEventA
InterlockedCompareExchange
LoadLibraryExW
CreateSemaphoreA
GetSystemTime
SetFilePointerEx
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
MapViewOfFileEx
CreateFileMappingA
ReleaseSemaphore
FindNextFileA
FindFirstFileA
FormatMessageA
GetSystemInfo
CreateMutexW
WaitForMultipleObjects
TerminateThread
MapViewOfFile
UnmapViewOfFile
OpenEventW
ResetEvent
ReleaseMutex
OutputDebugStringA
SetConsoleTextAttribute
GetStartupInfoW
ExitProcess
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
GetCurrentThread
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetModuleHandleA
CreateFileW
FindFirstFileW
FindClose
DuplicateHandle
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
LoadLibraryA
lstrcmpW
GetVersionExA
SystemTimeToFileTime
lstrlenA
lstrcmpA
CompareStringW
InterlockedIncrement
CreateEventW
WaitForSingleObject
GetCurrentThreadId
AreFileApisANSI
ResumeThread
SetThreadPriority
MultiByteToWideChar
FormatMessageW
lstrlenW
WideCharToMultiByte
GetCurrentProcessId
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
SetLastError
HeapAlloc
GetCurrentProcess
TerminateProcess
HeapFree
GetProcessHeap
LocalFree
GetLastError
SetEvent
CloseHandle
CreateEventA

user32

LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetDesktopWindow
RegisterWindowMessageW
GetLastActivePopup
GetWindowLongW
GetParent
SendMessageW
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
GetSubMenu
GetMenuItemCount
GetMenuItemID
DestroyMenu
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
PostQuitMessage
MessageBoxW
SetWindowTextW
ClientToScreen
GetForegroundWindow
GetMenuState
ValidateRect
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
wvsprintfW
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
PeekMessageW

gdi32

PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
DeleteObject
ExtTextOutW
SaveDC
RestoreDC
SetMapMode

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

DeleteService
RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameW
AdjustTokenPrivileges
OpenProcessToken
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
ControlService
StartServiceW
ChangeServiceConfig2W
CreateServiceW
SetServiceStatus
QueryServiceStatusEx
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyW
RegCloseKey
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
QueryServiceObjectSecurity
CloseServiceHandle
OpenServiceW
OpenSCManagerW

ole32

CoCreateGuid
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 841KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/UPNP.exe
.exe windows:4 windows x86 arch:x86

5056ac97ed837319137f03ec281bcc42

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:b6:d3:9b:ba:c2:eb:6f:38:1d:43:f8:7a:70:8f:f0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

24/09/2007, 00:00

Not After

12/11/2009, 23:59

Subject

CN=Comet Network Technology Co Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Comet Network Technology Co Ltd.,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:e3:d0:e8:de:b0:2e:f6:65:d2:04:ba:ee:ed:de:94:29:f8:c5:ef
Signer

Actual PE Digest

62:e3:d0:e8:de:b0:2e:f6:65:d2:04:ba:ee:ed:de:94:29:f8:c5:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Develop\UPnp\app\Release\GUI_UPNP.pdb

Imports

kernel32

GetOEMCP
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
ExitThread
CreateThread
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCPInfo
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileMappingA
CreateFileA
OpenEventA
TerminateThread
MapViewOfFile
UnmapViewOfFile
FileTimeToDosDateTime
CreateProcessA
lstrcatA
OutputDebugStringA
GlobalMemoryStatus
lstrcpyA
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
ResetEvent
ReleaseMutex
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
FreeResource
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
lstrcmpA
FreeLibrary
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
Sleep
GetModuleHandleA
GetProcAddress
ReleaseSemaphore
GetCurrentProcess
DuplicateHandle
GetCurrentThreadId
WaitForSingleObject
GetTickCount
GetSystemTimeAsFileTime
SetEvent
GetSystemTime
CreateSemaphoreA
HeapFree
GetProcessHeap
HeapAlloc
CreateEventA
FindResourceA
LoadResource
LockResource
SizeofResource
CloseHandle
GetACP
GetUserDefaultLangID
CreateMutexA
GetVersion
CompareStringA
CompareStringW
GetLastError
WideCharToMultiByte
lstrlenA
InterlockedExchange
OpenFileMappingA
MultiByteToWideChar
QueryPerformanceCounter

user32

EndPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
CharUpperA
BeginPaint
wsprintfA
wvsprintfA
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
PostThreadMessageA
GetMenuItemID
AdjustWindowRectEx
RegisterClipboardFormatA
MessageBoxA
RegisterWindowMessageA
LoadIconA
IsIconic
SendMessageA
GetSystemMetrics
EnableWindow
GetClientRect
GetWindowTextA
PostMessageA
GetSubMenu
GetMenuItemCount
UnregisterClassA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
SetCapture
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
DefWindowProcA
DestroyMenu

gdi32

SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ScaleWindowExtEx
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

GetUserNameA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CoRevokeClassObject
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoFreeUnusedLibraries
CoInitializeSecurity
CoUninitialize
CoInitialize
CoCreateInstance
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoCreateGuid
CreateILockBytesOnHGlobal

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringByteLen
VariantChangeType
SafeArrayGetElement
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString
VariantCopy

ws2_32

inet_addr
gethostname

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/Updater.exe
.exe windows:5 windows x86 arch:x86

8d8af1500e6ecdf813361d73c45370a3

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:6b:7d:3c:cc:fa:c8:cc:b4:66:5e:40:0d:60:9e:2d:56:ef:ca:3f
Signer

Actual PE Digest

3a:6b:7d:3c:cc:fa:c8:cc:b4:66:5e:40:0d:60:9e:2d:56:ef:ca:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryW
DeleteFileW
RemoveDirectoryW
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
FormatMessageA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
HeapAlloc
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
FreeLibrary
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetFilePointer
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemTime
WaitForSingleObject
GetProcessHeap
GetFileAttributesW
GetVersionExW
GetSystemInfo
GlobalMemoryStatus
GetTempPathW
GetTempFileNameW
GetLocalTime
SetThreadPriority
CreateFileW
ReadFile
SetEndOfFile
GetFileSize
lstrlenW
OutputDebugStringW
FileTimeToLocalFileTime
FileTimeToDosDateTime
VirtualQuery
lstrcpyW
lstrcatW
CreateProcessW
GetVersion
GetVersionExA
ReleaseMutex
CreateMutexA
ResetEvent
ResumeThread
SystemTimeToFileTime
WaitForMultipleObjects
SetWaitableTimer
CreateWaitableTimerA
ExitThread
CreateThread
GetCommandLineW
GetLastError
CreateMutexW
GetProcAddress
LoadLibraryW
GetSystemDefaultLangID
SetEvent
CloseHandle
CreateEventA
GetFileAttributesExW
GetModuleHandleA

user32

DestroyMenu
MessageBoxW
RegisterWindowMessageW
SetTimer
KillTimer
PostMessageW
MessageBoxExW
LoadIconW
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
wsprintfW
wvsprintfW
GetMessageW
DestroyWindow
TranslateMessage
DispatchMessageW
LoadCursorW
RegisterClassExW
CreateWindowExW
PostQuitMessage
TrackPopupMenu
GetMessagePos
SetForegroundWindow
AppendMenuW
CreatePopupMenu
DefWindowProcW
ShowWindow

shell32

Shell_NotifyIconW
ShellExecuteExW

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
GetUserNameW
AdjustTokenPrivileges
OpenProcessToken

wininet

HttpSendRequestA
InternetOpenA
HttpQueryInfoA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tools/VideoSnapshot.exe
.exe windows:5 windows x86 arch:x86

3fc59050d2eed1ebff01f0fc1914b44c

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:91:da:a4:32:56:92:6f:c9:04:93:16:95:67:ff:ff:6e:2f:bf:3f
Signer

Actual PE Digest

30:91:da:a4:32:56:92:6f:c9:04:93:16:95:67:ff:ff:6e:2f:bf:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Develop\VideoSnap\app\Release_unicode\VideoSnapshot.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

GetThreadLocale
FileTimeToSystemTime
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
GetModuleHandleA
GetStringTypeExW
lstrcmpiW
LockFile
UnlockFile
FindClose
FindFirstFileW
GetVolumeInformationW
SetErrorMode
GetFileAttributesExW
GetFileSizeEx
GetStartupInfoW
UnhandledExceptionFilter
GetTimeFormatA
GetDateFormatA
HeapReAlloc
RtlUnwind
ExitProcess
ExitThread
CreateThread
HeapSize
VirtualProtect
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
QueryPerformanceCounter
lstrlenA
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
ResumeThread
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FreeResource
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
InterlockedDecrement
GlobalGetAtomNameW
GlobalAddAtomW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualQuery
GetFileTime
FileTimeToLocalFileTime
RaiseException
lstrlenW
SetUnhandledExceptionFilter
FindNextFileW
CreateDirectoryW
AreFileApisANSI
FormatMessageA
OpenEventA
ResetEvent
GetVersion
FlushConsoleInputBuffer
CreateMutexA
ReleaseMutex
ReadConsoleInputA
SetConsoleMode
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
GetFullPathNameA
PeekNamedPipe
GetCurrentDirectoryA
IsDebuggerPresent
TerminateProcess
DuplicateHandle
Sleep
GetCurrentThread
GetCurrentProcessId
GetLocalTime
GetSystemTimeAsFileTime
lstrcpyW
lstrcpynW
GetFileSize
SetEndOfFile
SetFilePointer
FlushFileBuffers
WriteFile
ReadFile
GetLastError
WideCharToMultiByte
HeapAlloc
HeapFree
GetProcessHeap
SetLastError
GetCurrentThreadId
VirtualFree
VirtualAlloc
GetLongPathNameW
GlobalMemoryStatus
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
FormatMessageW
LocalFree
GetCurrentProcess
GetCommandLineW
SetPriorityClass
MulDiv
GetTickCount
WaitForSingleObject
GetModuleHandleW
UnmapViewOfFile
SetCurrentDirectoryW
GetCurrentDirectoryW
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
CreateFileW
GetACP
MultiByteToWideChar
GetModuleFileNameW
GetFullPathNameW
GetFileAttributesW
CloseHandle
SetEvent
CreateEventA
InterlockedCompareExchange

user32

DeleteMenu
IsRectEmpty
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
GetMenuItemInfoW
InflateRect
ClientToScreen
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
UnregisterClassW
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
PostThreadMessageW
CharNextW
CopyAcceleratorTableW
SetRect
InvalidateRgn
SetCapture
GetNextDlgGroupItem
MessageBeep
GetClientRect
CreateWindowExW
CharUpperW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
DeferWindowPos
CallWindowProcW
PtInRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UnhookWindowsHookEx
GetClassNameW
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongW
GetDlgCtrlID
GetKeyState
SetCursor
PeekMessageW
GetCapture
ReleaseCapture
LoadAcceleratorsW
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
IsIconic
InsertMenuItemW
CreatePopupMenu
GetClassInfoW
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongW
IsWindow
TranslateAcceleratorW
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
wsprintfW
SetForegroundWindow
EnableWindow
UpdateWindow
SendMessageW
PostMessageW
LoadIconW
DefWindowProcW
MessageBoxW
GetFocus

gdi32

CreateSolidBrush
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetStockObject
CreatePatternBrush
RectVisible
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
DeleteObject
CreateFontIndirectW
BitBlt
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32W
ExtTextOutW
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateBitmap
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

DeregisterEventSource
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken
ReportEventA
RegisterEventSourceA

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
CLSIDFromString
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID

oleaut32

VariantClear
SysStringLen
SysFreeString
SysAllocStringLen
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

wininet

HttpSendRequestA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetReadFile
HttpQueryInfoA
InternetOpenA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/bitcomet_extension_signed.xpi
.zip
BitComet Extension.txt
META-INF/manifest.mf
META-INF/zigbert.rsa
META-INF/zigbert.sf
chrome.manifest
chrome/content/bc_context_menu.js
.js
chrome/content/bc_context_menu.xul
.xml
chrome/content/bc_media_capture.js
.js
chrome/content/bc_media_capture.xul
.xml
chrome/content/unknownContentTypeSaveAs.js
.js
chrome/content/unknownContentTypeSaveAs.xul
chrome/locale/en-US/bc_context_menu.dtd
chrome/locale/en-US/bc_media_capture.dtd
chrome/locale/en-US/bc_media_capture.properties
chrome/locale/zh-CN/bc_context_menu.dtd
chrome/locale/zh-CN/bc_media_capture.dtd
chrome/locale/zh-CN/bc_media_capture.properties
chrome/skin/download_all.png
.png
chrome/skin/download_link.png
.png
chrome/skin/download_media.png
.png
chrome/skin/icon.png
.png
components/IBitCometExtension3.dll
.dll windows:5 windows x86 arch:x86

128405ac0c90516a0e0eaf9ec53a8552

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Develop_Server\BitCometExtension_Firefox\app\Release_unicode\BitCometExtension_Firefox.pdb

Imports

xpcom

NS_GetServiceManager
NS_GetComponentManager
NS_Alloc
NS_Free
NS_StringContainerFinish
NS_StringContainerInit
NS_CStringSetData
NS_CStringGetData
NS_UTF16ToCString
NS_CStringContainerFinish
NS_CStringContainerInit
NS_StringSetData

nspr4

PR_AtomicDecrement
PR_AtomicIncrement

kernel32

InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
MultiByteToWideChar
LocalFree
FormatMessageA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetModuleHandleA
FreeLibrary
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameW
GetProcessHeap
WaitForSingleObject
GetSystemInfo
GetVersion
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
LoadLibraryW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateProcessW
Thread32First
Thread32Next
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ResetEvent
ExpandEnvironmentStringsW
DebugBreak
ReleaseMutex
FormatMessageW
GetFileAttributesW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathW
GetDriveTypeW
GetTempFileNameW
FindClose
FindFirstFileW
GetEnvironmentVariableW
GetModuleFileNameW
SetCurrentDirectoryW
CopyFileW
ReadFile
WaitForMultipleObjects
PeekNamedPipe
MoveFileW
DeleteFileW
SetConsoleMode
ReadConsoleInputA
OpenEventA
AreFileApisANSI
SetEnvironmentVariableW
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetEndOfFile
SetEvent
CloseHandle
CreateEventA
GetFileInformationByHandle
lstrcpynW
lstrcpyW
CreateMutexA
FindFirstFileA
GetVersionExW

user32

DestroyWindow
UnregisterClassW
DdeFreeStringHandle
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
MessageBoxW
GetWindowTextW
EnumThreadWindows
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
DdePostAdvise
wsprintfW

advapi32

GetUserNameW
RegQueryValueExW
DeregisterEventSource
ReportEventA
RegisterEventSourceA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoCreateInstance
CoCreateGuid

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

NSGetModule

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/IBitCometExtension3.xpt
components/IBitCometExtension4.dll
.dll windows:5 windows x86 arch:x86

8b757e7564a74d39db2ae919c81d367a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Develop_Server\BitCometExtension_Firefox\app\Release_unicode\BitCometExtension_Firefox.pdb

Imports

xpcom

NS_GetServiceManager
NS_GetComponentManager
NS_StringContainerFinish
NS_StringContainerInit
NS_CStringSetData
NS_CStringGetData
NS_UTF16ToCString
NS_CStringContainerFinish
NS_CStringContainerInit
NS_StringSetData

kernel32

InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
MultiByteToWideChar
LocalFree
FormatMessageA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
SetConsoleCtrlHandler
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetModuleHandleA
FreeLibrary
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExW
GetProcessHeap
WaitForSingleObject
InterlockedIncrement
GetVersion
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
LoadLibraryW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateProcessW
Thread32First
Thread32Next
CreateEventW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ResetEvent
ExpandEnvironmentStringsW
DebugBreak
ReleaseMutex
FormatMessageW
GetFileAttributesW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathW
GetDriveTypeW
FindClose
FindFirstFileW
GetEnvironmentVariableW
GetModuleFileNameW
SetCurrentDirectoryW
CopyFileW
ReadFile
WaitForMultipleObjects
PeekNamedPipe
GetFullPathNameW
MoveFileW
DeleteFileW
SetConsoleMode
ReadConsoleInputA
OpenEventA
AreFileApisANSI
SetEnvironmentVariableW
GetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
SetEndOfFile
GetFileInformationByHandle
lstrcpynW
lstrcpyW
SetEvent
CloseHandle
CreateEventA
CreateMutexA
DeviceIoControl
FindFirstFileA
GetSystemInfo
GetTempFileNameW

user32

DestroyWindow
UnregisterClassW
DdeFreeStringHandle
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
MessageBoxW
GetWindowTextW
EnumThreadWindows
MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
DdeConnect
DdePostAdvise
wsprintfW

advapi32

GetUserNameW
RegQueryValueExW
DeregisterEventSource
ReportEventA
RegisterEventSourceA
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyExW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoCreateGuid
CoCreateInstance

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

NSModule

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/IBitCometExtension4.xpt
defaults/preferences/bc_context_menu.js
install.rdf
readme.txt
tools/npBitCometAgent.dll
.dll windows:5 windows x86 arch:x86

2b8bb7b218c586d754cc726f8f14826d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

01/12/2009, 00:00

Not After

30/11/2012, 23:59

Subject

CN=Shanghai Comet Network Technology,O=Shanghai Comet Network Technology,POSTALCODE=200050,STREET=4 Floor\, No. 1118 Yu Yuan Road,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cf:8a:aa:61:a2:39:cd:6f:3e:78:b0:db:d3:a2:96:7e:69:06:b3:de
Signer

Actual PE Digest

cf:8a:aa:61:a2:39:cd:6f:3e:78:b0:db:d3:a2:96:7e:69:06:b3:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Develop_Server\BitCometAgent_FireFox\app\Release_unicode\BitCometAgent_FirefoxPlugin.pdb

Imports

kernel32

LocalFree
FormatMessageA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoW
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExW
LoadLibraryW
OutputDebugStringW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CreateProcessW
Thread32First
Thread32Next
GetVersionExA
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ResetEvent
WaitForSingleObject
ExpandEnvironmentStringsW
DebugBreak
InitializeCriticalSection
GetSystemInfo
ReleaseMutex
FormatMessageW
GetFileAttributesW
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTempPathW
GetTempFileNameW
FindClose
FindFirstFileW
GetEnvironmentVariableW
GetModuleFileNameW
SetCurrentDirectoryW
CopyFileW
GetModuleHandleA
ReadFile
WaitForMultipleObjects
PeekNamedPipe
lstrcpyW
lstrcpynW
GetFileInformationByHandle
SetEndOfFile
GetFullPathNameA
GetDriveTypeA
GetCurrentDirectoryA
SetEnvironmentVariableW
GetFullPathNameW
MoveFileW
DeleteFileW
OpenEventA
GetProcessHeap
AreFileApisANSI
InterlockedCompareExchange
CreateMutexA
DeviceIoControl
FindFirstFileA
SetEvent
CloseHandle
CreateEventW
CreateEventA
GetDriveTypeW

user32

DdeClientTransaction
DdeDisconnect
DdeInitializeW
DdeGetLastError
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeQueryStringW
DdeUninitialize
DdeFreeStringHandle
DdeCreateStringHandleW
SetWindowLongW
DestroyWindow
UnregisterClassW
MessageBoxW
GetWindowTextW
EnumThreadWindows
DefWindowProcW
EndPaint
wsprintfW
DrawTextA
GetWindowLongW
FrameRect
GetClientRect
BeginPaint
DdeNameService
DdeConnect
DdePostAdvise

gdi32

GetStockObject

advapi32

RegOpenKeyExW
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetUserNameW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoCreateGuid

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 766KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/nsIBitCometAgent.xpt

Sharing

General

Malware Config

Signatures

Files

fbcf928d644586f522358cbee05593b6

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:dbCertificate

Extended Key Usages

Key Usages

dd:8e:68:b7:80:5a:fe:09:ec:b4:42:7b:de:a2:49:1f:ea:57:cd:09Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

rpcrt4

version

Sections

.text Size: 7.9MB - Virtual size: 7.9MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 222KB - Virtual size: 1.7MB

.tls Size: 512B - Virtual size: 13B

.rsrc Size: 777KB - Virtual size: 776KB

.reloc Size: 763KB - Virtual size: 762KB

22edd3e6d90d9d3dd739e996e1c50423

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:dbCertificate

Extended Key Usages

Key Usages

63:23:5f:63:97:53:7e:f2:a7:ee:18:25:9e:5b:f5:f9:19:a5:84:4cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

rpcrt4

version

Sections

.text Size: 12.2MB - Virtual size: 12.2MB

.rdata Size: 4.2MB - Virtual size: 4.2MB

.data Size: 523KB - Virtual size: 2.0MB

.pdata Size: 947KB - Virtual size: 947KB

.tls Size: 512B - Virtual size: 25B

text Size: 3KB - Virtual size: 2KB

data Size: 7KB - Virtual size: 6KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

dd:8e:68:b7:80:5a:fe:09:ec:b4:42:7b:de:a2:49:1f:ea:57:cd:09
Signer

.text
Size: 7.9MB - Virtual size: 7.9MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 222KB - Virtual size: 1.7MB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 777KB - Virtual size: 776KB

.reloc
Size: 763KB - Virtual size: 762KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

63:23:5f:63:97:53:7e:f2:a7:ee:18:25:9e:5b:f5:f9:19:a5:84:4c
Signer

.text
Size: 12.2MB - Virtual size: 12.2MB

.rdata
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 523KB - Virtual size: 2.0MB

.pdata
Size: 947KB - Virtual size: 947KB

.tls
Size: 512B - Virtual size: 25B

text
Size: 3KB - Virtual size: 2KB

data
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 777KB - Virtual size: 776KB

.reloc
Size: 265KB - Virtual size: 265KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

c4:e2:f9:b2:f8:f5:c3:4e:c7:19:ab:14:de:4b:f1:50:b4:96:de:9f
Signer

.text
Size: 257KB - Virtual size: 257KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 45KB - Virtual size: 44KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate

32:e9:cf:c4:fb:e8:c4:c0:62:d0:d3:16:39:1e:8b:68:df:ef:f5:c9
Signer

.text
Size: 812KB - Virtual size: 812KB

.rdata
Size: 152KB - Virtual size: 152KB

.data
Size: 16KB - Virtual size: 37KB

.tls
Size: 512B - Virtual size: 13B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 77KB - Virtual size: 77KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

2e:5c:c2:39:2a:49:c3:02:34:13:cc:ae:a5:4d:9c:db
Certificate