39776124a9cb5de4e1b4d54f184581fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

39776124a9cb5de4e1b4d54f184581fb_JaffaCakes118
Size

6.3MB
MD5

39776124a9cb5de4e1b4d54f184581fb
SHA1

0bb6cd007cffdba359aa64b0b70bb298ccd616aa
SHA256

43920a20626a75e1da4f04d7cfb399480555200543a1205615cd18e37ea188d1
SHA512

cff7101d414d10365e93cf89cb2e8bad770d9385839caffa0f6301ee2e380c78566f5029fb17d46b2d90a675fb01c147a533de61de30bdcbf8cb27d810f7fd58
SSDEEP

196608:CpxyDEJ3mxh5FF9PwtPm/2clDxEhVoL69aoUneu2:Gyomf5FXPOPm7x+o6aomeD

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQLive/@绿化工具.exe
unpack002/$PLUGINSDIR/ButtonEvent.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/KillProcDLL.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/linker.dll
unpack001/QQLive/TXSSO/InstTXSSOHelper.dll
unpack001/QQLive/TXSSO/InstTXSSO_LUI.exe
unpack001/QQLive/atl80.dll
unpack001/QQLive/avcodec-52.dll
unpack001/QQLive/avformat-52.dll
unpack001/QQLive/avutil-50.dll
unpack001/QQLive/mfc80u.dll
unpack001/QQLive/msvcp80.dll
unpack001/QQLive/msvcr80.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/QQLive/@绿化工具.exe	nsis_installer_1
static1/unpack001/QQLive/@绿化工具.exe	nsis_installer_2

Files

39776124a9cb5de4e1b4d54f184581fb_JaffaCakes118
.rar
QQLive/@绿化工具.exe
.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ButtonEvent.dll
.dll windows:4 windows x86 arch:x86

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpyA
lstrcpynA
GlobalFree

user32

PostMessageA
CallWindowProcA
GetDlgItem
FindWindowExA
SetWindowLongA
wsprintfA

Exports

Exports

AddEventHandler
Unload
UnsetEventHandler
WhichButtonId

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
MessageBoxA
CallWindowProcA
PostMessageA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls

msvcrt

strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa

Exports

Exports

KillProc

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/linker.dll
.dll windows:4 windows x86 arch:x86

5b9be84907034b8f0152e51177ceafc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
GlobalFree

user32

UpdateWindow
InvalidateRect
SetCapture
SetFocus
PtInRect
GetWindowRect
GetDC
ReleaseCapture
EndPaint
BeginPaint
SetCursor
LoadCursorA
CallWindowProcA
DestroyCursor
SetWindowLongA
CreateCursor
IsWindow
ReleaseDC
SetWindowPos
GetWindowLongA
SendMessageA
GetClientRect
FillRect
GetFocus
DrawFocusRect
DrawTextA
ClientToScreen

gdi32

SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteObject
SelectObject

shell32

ShellExecuteA

Exports

Exports

Link
Unload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/www.greendown.cn.ini
QQLive/ADManage.dll
.dll regsvr32 windows:4 windows x86 arch:x86

59371d9dbd1b763ccabc32547d0e0bfa

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b1:3e:4e:f9:5e:6a:35:6a:89:ad:e1:5b:31:6b:24:75:39:77:9b:b9
Signer

Actual PE Digest

b1:3e:4e:f9:5e:6a:35:6a:89:ad:e1:5b:31:6b:24:75:39:77:9b:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\ADManage.pdb

Imports

kernel32

DeleteCriticalSection
GetLastError
lstrcmpiW
WaitForSingleObject
SetEvent
InterlockedIncrement
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
CreateEventW
GetModuleHandleW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
TerminateThread
CopyFileW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
ResetEvent
SetThreadLocale
GetThreadLocale
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileAttributesW
InitializeCriticalSection
GetFileSize
CreateFileW
GetTempFileNameW
GetTempPathW
LoadLibraryW
GetProcAddress
OutputDebugStringW
WideCharToMultiByte
InterlockedDecrement
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
FormatMessageW
lstrlenW
HeapAlloc
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
CloseHandle
lstrlenA
Sleep
GetTickCount
LeaveCriticalSection
MultiByteToWideChar
EnterCriticalSection
RaiseException
ReadFile

user32

SetWindowLongW
GetClassInfoExW
UnregisterClassA
LoadCursorW
PostMessageW
SendMessageW
IsWindow
DefWindowProcW
RegisterClassExW
GetWindowLongW
CallWindowProcW
CreateWindowExW
CharNextW
DestroyWindow
RegisterWindowMessageW
SetWindowTextW
GetClientRect
GetSysColor
MoveWindow
SetWindowPos
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
IsChild
GetParent
GetDlgItem
GetClassNameW
TrackMouseEvent
GetDoubleClickTime
KillTimer
SetTimer
ShowWindow
GetWindowTextLengthW
GetWindowTextW
FindWindowExW
CreateAcceleratorTableW
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
FillRect
ReleaseCapture

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteDC
SelectObject
CreateCompatibleBitmap
DeleteObject

advapi32

RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

ole32

CoFreeLibrary
CoLoadLibrary
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoCreateInstance
CoGetClassObject
OleLockRunning
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc

oleaut32

GetErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantInit
VarBstrCmp
SysStringLen
SysFreeString
VariantCopy

encrypt

?oi_symmetry_decrypt2@@YAHPBEH0PAEPAH@Z
?oi_symmetry_encrypt2@@YAXPBEH0PAEPAH@Z

msvcp80

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z

log

?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CreateAllDirectory@@YAHPB_W@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?TraceComError@@YAXAAV_com_error@@@Z
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?NavigateURL@@YAHPB_WH@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetUserGuid@@YAXPADAAH@Z
?CreateObjectFromFile2@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?ConvertTime@@YAI_J@Z
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?StrToAddr@@YAHAAUsockaddr_in@@PB_WF@Z
?GetRandomNum@@YAKKK@Z
?DOLOG@@YAXPB_WZZ

msvcr80

_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
fputc
ferror
fopen
_time64
_localtime32_s
_mktime32
_vsnwprintf_s
ceil
_localtime64_s
_resetstkoflw
calloc
fseek
ftell
fread
fprintf
_initterm
_wtoi64
wcstoul
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
vswprintf_s
_vscwprintf
memmove_s
_invalid_parameter_noinfo
memcpy_s
_time32
_recalloc
??_V@YAXPAX@Z
_beginthreadex
memset
__CxxFrameHandler3
??2@YAPAXI@Z
malloc
swprintf_s
__clean_type_info_names_internal
_CxxThrowException
??3@YAXPAX@Z
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
strncpy
_wfopen_s
_errno
wcsrchr
wcsstr
fopen_s
fwrite
fclose
srand
rand
wcschr
memcpy
realloc
wcscat_s
wcscpy_s
_purecall
wcsncpy_s
free

wininet

InternetOpenUrlW
InternetCloseHandle
InternetOpenW

urlmon

URLDownloadToCacheFileW

ws2_32

WSAGetLastError
ntohs
closesocket
setsockopt
inet_ntoa
htonl
connect
socket
htons
select
ntohl
send
recv

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/COPYING.GPLv3
QQLive/COPYING.LGPLv3
QQLive/ChannelMgr.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0198bac7e1e2c253c87b1ff38b70cad0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

22:71:9f:a7:12:5d:1f:2a:13:56:d6:a4:d7:40:7d:c0:c5:17:f7:e2
Signer

Actual PE Digest

22:71:9f:a7:12:5d:1f:2a:13:56:d6:a4:d7:40:7d:c0:c5:17:f7:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\ChannelMgr.pdb

Imports

kernel32

GetTickCount
RaiseException
MultiByteToWideChar
lstrlenA
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadLibraryW
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetLocaleInfoA
OutputDebugStringW
GetFileAttributesW
GetProcAddress
WideCharToMultiByte
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
GetVersionExA
FormatMessageW
GetProcessHeap
InitializeCriticalSection
HeapAlloc
GetLastError
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
FreeLibrary
lstrlenW
ResetEvent
SetFileAttributesW
DeleteFileW
CopyFileW
TerminateThread
CreateEventW
SetEvent
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter

user32

RegisterClassW
CreateWindowExW
GetWindowLongW
DefWindowProcW
SetWindowLongW
DestroyWindow
UnregisterClassW
IsWindow
PostMessageW
UnregisterClassA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

SafeArrayGetLBound
SysFreeString
SysStringLen
SysAllocStringLen
SafeArrayCreate
SafeArrayCopy
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VarBstrCat
VariantCopy
SafeArrayGetVartype
SafeArrayGetUBound
VarBstrCmp
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy

log

?CreateAllDirectory@@YAHPB_W@Z
?CheckAdvise@@YAXPB_W@Z
?HexStringToBits@@YA_NPBDPAEAAH@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z
?DOLOG@@YAXPB_WZZ
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckUnadvise@@YAXPB_W@Z

httpdownload

?SetRequestMethod@CHttpDowndExports@@QAEXH@Z
?AddInfo@CHttpDowndExports@@QAEHPB_W0@Z
?AddInfo@CHttpDowndExports@@QAEHPB_WK@Z
?AddContent@CHttpDowndExports@@QAEHPBEH@Z
?SetUIInterface@CHttpDowndExports@@QAEXPAVCHttpDownloadUIInterface@@@Z
?Download@CHttpDowndExports@@QAEIPB_W0@Z
?CancelDownload@CHttpDowndExports@@QAEXXZ
?OnRedirected@CHttpDownloadUIInterface@@UAEXPB_W@Z
?OnProgress@CHttpDownloadUIInterface@@UAEXKK@Z
?OnDownloadStart@CHttpDownloadUIInterface@@UAEXKK@Z
?OnConnected@CHttpDownloadUIInterface@@UAEXXZ
?OnConnecting@CHttpDownloadUIInterface@@UAEXPB_W@Z
??0CHttpDowndExports@@QAE@XZ
??1CHttpDowndExports@@QAE@XZ
??_7CHttpDownloadUIInterface@@6B@
??1CHttpDownloadUIInterface@@UAE@XZ

atl80

ord11
ord64
ord22
ord18
ord15
ord31
ord61
ord23
ord30
ord32
ord58
ord10

shlwapi

StrCmpW

msvcp80

?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

wininet

InternetSetCookieW

urlmon

URLDownloadToCacheFileW

msvcr80

memcpy
_wfopen_s
fseek
wcsstr
fread
wcsnlen
_localtime64_s
_wtol
rand
_vsnprintf
srand
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
ftell
_beginthreadex
wcsftime
_time64
wcstoul
fopen_s
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
__CxxFrameHandler3
_invalid_parameter_noinfo
memmove_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
fwrite
free
??_V@YAXPAX@Z
_purecall
_recalloc
calloc
memset
malloc
_resetstkoflw
wcschr
_vscwprintf
vswprintf_s
swprintf_s
fclose

ws2_32

ntohs
ntohl
htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Common.dll
.dll regsvr32 windows:4 windows x86 arch:x86

303e522d79eb2e882ca5c8c84c8ba8de

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

54:09:9d:10:e5:e6:88:33:ea:31:68:dd:ed:fa:56:32:a9:b4:b9:8d
Signer

Actual PE Digest

54:09:9d:10:e5:e6:88:33:ea:31:68:dd:ed:fa:56:32:a9:b4:b9:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\platform_QQLiveProj_2\Basic_HummerPlatform_VOB\Platform_fr\Output\bin\Common.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

SetEndOfFile
GetDiskFreeSpaceW
FreeLibrary
LoadLibraryW
GetFullPathNameW
Sleep
lstrcmpW
CopyFileW
MoveFileExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
MoveFileW
GetSystemTimeAsFileTime
GetProcessTimes
GetCurrentProcess
LoadLibraryA
GetModuleHandleA
GetPrivateProfileStringA
GetFileAttributesA
GetModuleFileNameA
GetCurrentProcessId
VirtualQuery
QueryPerformanceFrequency
SetProcessAffinityMask
GetProcessAffinityMask
GetLocaleInfoW
GetUserDefaultLCID
GetSystemDefaultLCID
IsValidLocale
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetUserDefaultLangID
SetLocaleInfoW
GetDateFormatW
FlushFileBuffers
GetCalendarInfoW
GetCurrencyFormatW
GetNumberFormatW
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrcmpiA
lstrcmpiW
GetCPInfoExW
SetEvent
SetThreadPriority
ResetEvent
TerminateThread
WaitForSingleObject
WaitForMultipleObjects
CreateEventW
IsBadReadPtr
GetACP
GetVersion
OpenProcess
lstrcpynW
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
SetProcessWorkingSetSize
SetFilePointerEx
GetFileSize
GetCommandLineW
GetTempPathW
WriteFile
SetFilePointer
FindResourceExW
FindResourceW
FindFirstFileW
SetFileAttributesW
HeapReAlloc
HeapSize
InterlockedCompareExchange
TerminateProcess
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetFileType
CreateDirectoryW
GetFileAttributesW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LoadResource
LockResource
GetFileSizeEx
ReadFile
GetModuleFileNameW
lstrlenW
RaiseException
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
OutputDebugStringA
CreateFileW
LocalAlloc
InterlockedExchange
GetVersionExA
GetLocaleInfoA
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatW
HeapDestroy

user32

FindWindowW
GetWindowThreadProcessId
CharLowerW
CharUpperW
CharNextW
CharLowerA
CharUpperA
CharNextA
UnregisterClassA
PostMessageW
KillTimer
SetTimer
DestroyWindow
CreateWindowExW
ShowWindow
DefWindowProcW
GetFocus
IsWindowEnabled
EnableWindow
IsWindow
SetFocus
SetPropW
RemovePropW
SendMessageW
GetPropW
GetWindowLongW
GetParent
GetWindow
GetWindowRect
GetDesktopWindow
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
DrawTextW
GetIconInfo
GetDC
ReleaseDC
RegisterClassExW
GetClassInfoExW
SetWindowLongW

gdi32

CreateDIBitmap
ExtCreateRegion
CreateRectRgn
CreateCompatibleBitmap
RectVisible
StretchDIBits
SetStretchBltMode
SetBkMode
SetTextColor
GetStockObject
CreateFontIndirectW
ExtTextOutW
SetDIBitsToDevice
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetDIBits
RealizePalette
SelectObject
GetObjectW
StretchBlt
BitBlt
SetBkColor
DeleteObject
CreateBitmap

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW

shell32

ShellExecuteW
SHGetMalloc
ShellExecuteExW
SHGetSpecialFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW

ole32

CoCreateGuid
CoCreateInstance
CLSIDFromString
CoLoadLibrary
CoFreeLibrary
CoTaskMemAlloc
CoTaskMemFree
StgOpenStorage
StgOpenStorageOnILockBytes
StringFromGUID2
CoGetMalloc
StgCreateDocfile

oleaut32

LoadTypeLi
SysFreeString
VariantChangeType
SysReAllocStringLen
VariantInit
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
SysStringByteLen
BstrFromVector
VectorFromBstr
VarBstrCmp
VarDateFromStr
VariantTimeToSystemTime
VariantClear
SysAllocString
SysAllocStringLen
SysStringLen
LoadRegTypeLi

atl80

ord31
ord58
ord32
ord30
ord61
ord15
ord18
ord22
ord64
ord23

shlwapi

StrCmpW

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

msvcr80

_gmtime64_s
_mktime64
_wtol
wcstoul
iswalpha
iswalnum
_snwprintf
_adjust_fdiv
_localtime64_s
wcsftime
strstr
_vscprintf
vsprintf_s
_mbspbrk
_mbsinc
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_vscwprintf
_vsnwprintf
iswdigit
wcsstr
strrchr
strchr
toupper
wcsncmp
memcpy_s
wcsrchr
_wcsicmp
_wtof
memmove
_msize
strtod
abort
_snprintf
getenv
sscanf
sprintf
_strrev
_ismbcspace
vswprintf_s
wcscoll
_wcsicoll
wcspbrk
_wcsrev
wcscspn
wcsspn
wcsnlen
fprintf
exit
atoi
atof
_vsnprintf_s
tolower
isalpha
isalnum
_beginthreadex
_heapmin
_endthread
_beginthread
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
sscanf_s
??3@YAXPAX@Z
__CxxFrameHandler3
_CxxThrowException
_time64
isspace
iswspace
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
??_V@YAXPAX@Z
isxdigit
wcschr
memset
memmove_s
setlocale
free
_purecall
_wtoi
__iob_func
qsort
malloc
_CIsqrt
_CIsin
_CIcos
floor
_CIpow
_cabs
_CIatan
_CIlog
ceil
_CIexp
strncpy
fclose
fread
fwrite
fseek
ftell
fflush
feof
ferror
fputc
getc
isprint
printf
memcpy
strncmp
calloc
longjmp
_setjmp3
__CxxLongjmpUnwind
_wfopen
_CIfmod
div
_CIacos
_CIatan2
wcsncpy
realloc

wintrust

WTHelperGetProvCertFromChain
CryptCATAdminReleaseCatalogContext
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext

crypt32

CertGetNameStringW

Exports

Exports

??0CCmdCodecBase@@QAE@XZ
??0CExpatDataCompat@@QAE@XZ
??0CExpatFileReader@@QAE@XZ
??0CExpatMemReader@@QAE@XZ
??0CFmtString@@QAE@XZ
??0CRootStorage@@QAE@ABV0@@Z
??0CRootStorage@@QAE@PAVCCompoundDocument@@@Z
??0CScopeToggler@@QAE@PA_N_N@Z
??0CShortStreamContainer@@QAE@XZ
??0CStorage@@QAE@ABV0@@Z
??0CStorage@@QAE@PAVCCompoundDocument@@H@Z
??0CStorageIterator@@QAE@ABV0@@Z
??0CStorageIterator@@QAE@XZ
??0CStream@@QAE@ABV0@@Z
??0CStream@@QAE@PAVCCompoundDocument@@H@Z
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??0CTXBSTR@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??0CTXBSTR@@QAE@H@Z
??0CTXBSTR@@QAE@HPB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
??0CTXCommPack@@QAE@ABV0@@Z
??0CTXCommPack@@QAE@XZ
??0CTXFileDialog@@IAE@XZ
??0CTXFileDialog@@QAE@ABV0@@Z
??0CTXFileDialog@@QAE@HPB_W00K0PAUHWND__@@HPAVVFileDialgCallback@@@Z
??0CTXStringA@@QAE@ABV0@@Z
??0CTXStringA@@QAE@DH@Z
??0CTXStringA@@QAE@PBD@Z
??0CTXStringA@@QAE@PBDH@Z
??0CTXStringA@@QAE@UtagEN@@PB_WH@Z
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??0CTXStringA@@QAE@XZ
??0CTXStringW@@QAE@ABU_GUID@@@Z
??0CTXStringW@@QAE@ABUtagVARIANT@@@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@H@Z
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@PB_WH@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??0CTXStringW@@QAE@UtagGBK@@PBDH@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@_WH@Z
??0CTXTLVCodecBase@@QAE@XZ
??0CTXThreadModel@@IAE@XZ
??0CTXTime@@QAE@AAVCTime@ATL@@@Z
??0CTXTime@@QAE@ABU_FILETIME@@H@Z
??0CTXTime@@QAE@ABU_SYSTEMTIME@@H@Z
??0CTXTime@@QAE@GGH@Z
??0CTXTime@@QAE@HHHHHHH@Z
??0CTXTime@@QAE@XZ
??0CTXTime@@QAE@_J@Z
??0CTXVariant@@QAE@ABVCTXBuffer@@@Z
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@PB_WK@Z
??0CxFile@@QAE@XZ
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PB_WK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@KPAE@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@PBD@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@IAE@PBD@Z
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??1CCmdCodecBase@@UAE@XZ
??1CExpatDataCompat@@QAE@XZ
??1CExpatFileReader@@UAE@XZ
??1CExpatMemReader@@UAE@XZ
??1CFmtString@@QAE@XZ
??1CRootStorage@@QAE@XZ
??1CScopeToggler@@QAE@XZ
??1CShortStreamContainer@@QAE@XZ
??1CStorage@@QAE@XZ
??1CStorageIterator@@QAE@XZ
??1CStream@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??1CTXCommPack@@UAE@XZ
??1CTXFileDialog@@QAE@XZ
??1CTXStringA@@QAE@XZ
??1CTXStringW@@QAE@XZ
??1CTXTLVCodecBase@@UAE@XZ
??1CTXThreadModel@@MAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4CRootStorage@@QAEAAV0@ABV0@@Z
??4CScopeToggler@@QAEAAV0@ABV0@@Z
??4CShortStreamContainer@@QAEAAV0@ABV0@@Z
??4CStorage@@QAEAAV0@ABV0@@Z
??4CStorageIterator@@QAEAAV0@ABV0@@Z
??4CStream@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXFileDialog@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@D@Z
??4CTXStringA@@QAEAAV0@PBD@Z
??4CTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@_W@Z
??4CTXTime@@QAEAAV0@_J@Z
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??7CTXStringA@@QBE_NXZ
??7CTXStringW@@QBE_NXZ
??8@YA_NABVCTXStringA@@0@Z
??8@YA_NABVCTXStringA@@D@Z
??8@YA_NABVCTXStringA@@PBD@Z
??8@YA_NABVCTXStringW@@0@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??8@YA_NABVCTXStringW@@_W@Z
??8@YA_NDABVCTXStringA@@@Z
??8@YA_NPA_WABVCTXBSTR@@@Z
??8@YA_NPA_WABVCTXStringW@@@Z
??8@YA_NPBDABVCTXStringA@@@Z
??8@YA_NPB_WABVCTXBSTR@@@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??8@YA_N_WABVCTXStringW@@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??8CTXBSTR@@QBE_NPA_W@Z
??8CTXBSTR@@QBE_NPB_W@Z
??8CTXTime@@QBE_NV0@@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??9@YA_NABVCTXStringA@@0@Z
??9@YA_NABVCTXStringA@@D@Z
??9@YA_NABVCTXStringA@@PBD@Z
??9@YA_NABVCTXStringW@@0@Z
??9@YA_NABVCTXStringW@@PB_W@Z
??9@YA_NABVCTXStringW@@_W@Z
??9@YA_NDABVCTXStringA@@@Z
??9@YA_NPA_WABVCTXBSTR@@@Z
??9@YA_NPBDABVCTXStringA@@@Z
??9@YA_NPB_WABVCTXBSTR@@@Z
??9@YA_NPB_WABVCTXStringW@@@Z
??9@YA_N_WABVCTXStringW@@@Z
??9CTXBSTR@@QBE_NABV0@@Z
??9CTXBSTR@@QBE_NPA_W@Z
??9CTXBSTR@@QBE_NPB_W@Z
??9CTXTime@@QBE_NV0@@Z
??ACTXStringA@@QBEDH@Z
??ACTXStringW@@QBE_WH@Z
??BCTXBSTR@@QBEPA_WXZ
??BCTXStringA@@QBEPBDXZ
??BCTXStringW@@QBEPB_WXZ
??GCTXTime@@QBE?AV0@VCTimeSpan@ATL@@@Z
??GCTXTime@@QBE?AVCTimeSpan@ATL@@V0@@Z
??H@YA?AVCTXStringA@@ABV0@0@Z
??H@YA?AVCTXStringA@@ABV0@D@Z
??H@YA?AVCTXStringA@@ABV0@PBD@Z
??H@YA?AVCTXStringA@@DABV0@@Z
??H@YA?AVCTXStringA@@PBDABV0@@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??HCTXTime@@QBE?AV0@VCTimeSpan@ATL@@@Z
??ICTXBSTR@@QAEPAPA_WXZ
??M@YA_NABVCTXStringA@@0@Z
??M@YA_NABVCTXStringA@@PBD@Z
??M@YA_NABVCTXStringW@@0@Z
??M@YA_NABVCTXStringW@@PB_W@Z
??M@YA_NPBDABVCTXStringA@@@Z
??M@YA_NPB_WABVCTXStringW@@@Z
??MCTXBSTR@@QBE_NABV0@@Z
??MCTXBSTR@@QBE_NPA_W@Z
??MCTXBSTR@@QBE_NPB_W@Z
??MCTXTime@@QBE_NV0@@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??N@YA_NABVCTXStringA@@0@Z
??N@YA_NABVCTXStringA@@PBD@Z
??N@YA_NABVCTXStringW@@0@Z
??N@YA_NABVCTXStringW@@PB_W@Z
??N@YA_NPBDABVCTXStringA@@@Z
??N@YA_NPB_WABVCTXStringW@@@Z
??NCTXTime@@QBE_NV0@@Z
??O@YA_NABVCTXStringA@@0@Z
??O@YA_NABVCTXStringA@@PBD@Z
??O@YA_NABVCTXStringW@@0@Z
??O@YA_NABVCTXStringW@@PB_W@Z
??O@YA_NPBDABVCTXStringA@@@Z
??O@YA_NPB_WABVCTXStringW@@@Z
??OCTXBSTR@@QBE_NABV0@@Z
??OCTXBSTR@@QBE_NPA_W@Z
??OCTXBSTR@@QBE_NPB_W@Z
??OCTXTime@@QBE_NV0@@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??P@YA_NABVCTXStringA@@0@Z
??P@YA_NABVCTXStringA@@PBD@Z
??P@YA_NABVCTXStringW@@0@Z
??P@YA_NABVCTXStringW@@PB_W@Z
??P@YA_NPBDABVCTXStringA@@@Z
??P@YA_NPB_WABVCTXStringW@@@Z
??PCTXTime@@QBE_NV0@@Z
??YCTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@PB_W@Z
??YCTXStringA@@QAEAAV0@ABV0@@Z
??YCTXStringA@@QAEAAV0@D@Z
??YCTXStringA@@QAEAAV0@PBD@Z
??YCTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??YCTXStringW@@QAEAAV0@_W@Z
??YCTXTime@@QAEAAV0@VCTimeSpan@ATL@@@Z
??ZCTXTime@@QAEAAV0@VCTimeSpan@ATL@@@Z
??_7CRootStorage@@6B@
??_7CStorage@@6B@
??_7CStream@@6B@
??_7CTXCommPack@@6B@
??_7CxFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_7TiXmlAttribute@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBuf@CTXCommPack@@QAEHPBEI@Z
?AddBufLenByte@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBufLenDWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBundleFile@TXStringBundle@@YAXPB_W0@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddConfigData@ModuleConfig@@YAJPB_W0@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?AddEncryptInfo@TXEncryptMgr@@YAJU_GUID@@PAUITXDataStorage@@PAUITXSvrSealCrypto@@PAUITXEncUIGetPass@@PAUITXCallback@@H@Z
?AddEvent@CTXThreadModel@@IAEXPAX@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?AddFmtString@TXStringBundle@@YAXABVCFmtString@@@Z
?AddIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
?AddPlugin@CoreCenter@Util@@YAHPA_WPAUITXData@@@Z
?AddRef@CCmdCodecBase@@MAGKXZ
?AddRelativeFileSystem@FS@@YAJPB_W00HH@Z
?AddStrA@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrAEndChar@CTXCommPack@@QAEHABVCTXStringA@@E@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrALenDWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrW@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWEndChar@CTXCommPack@@QAEHABVCTXStringW@@E@Z
?AddStrWLenByte@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWLenDWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddStrWLenWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddTLV@CTXCommPack@@QAEHEABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHGABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHKABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
?AddUInt64@CTXCommPack@@QAEH_KH@Z
?AddVBuf@CTXCommPack@@IAEHABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?Alloc@CxMemFile@@IAEXK@Z
?AllocSysString@CTXStringW@@QBEPA_WXZ
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?AnsiToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?Append@CTXBSTR@@QAEJABV1@@Z
?Append@CTXBSTR@@QAEJD@Z
?Append@CTXBSTR@@QAEJPB_W@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
?Append@CTXBSTR@@QAEJ_W@Z
?Append@CTXStringA@@QAEXABV1@@Z
?Append@CTXStringA@@QAEXPBD@Z
?Append@CTXStringA@@QAEXPBDH@Z
?Append@CTXStringW@@QAEXABV1@@Z
?Append@CTXStringW@@QAEXPB_W@Z
?Append@CTXStringW@@QAEXPB_WH@Z
?AppendBSTR@CTXBSTR@@QAEJPA_W@Z
?AppendBSTR@CTXStringW@@QAEXPA_W@Z
?AppendBytes@CTXBSTR@@QAEJPBDH@Z
?AppendChar@CTXStringA@@QAEXD@Z
?AppendChar@CTXStringW@@QAEX_W@Z
?AppendFormat@CTXStringW@@QAAXPB_WZZ
?ArrayToBSTR@CTXBSTR@@QAEJPBUtagSAFEARRAY@@@Z
?AssignBSTR@CTXBSTR@@QAEJQA_W@Z
?Attach@CTXBSTR@@QAEXPA_W@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?BIG5ToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?BSTRToArray@CTXBSTR@@QAEJPAPAUtagSAFEARRAY@@@Z
?Base64Encode@Encode@Util@@YA?AVCTXStringW@@ABVCTXBuffer@@H@Z
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?Blank@TiXmlText@@IBE_NXZ
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?BrokenCodec@CCmdCodecBase@@IAEXPB_W@Z
?ByteLength@CTXBSTR@@QBEIXZ
?CDATA@TiXmlText@@QBE_NXZ
?CPConvert@Encoding@XmlText@@YAHHPBD@Z
?CRC32@Encode@Util@@YAKKPBEH@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?ChangeConfig@CCmdCodecBase@@IAEXHH@Z
?ChangeConfig@CTXTLVCodecBase@@IAEX_N@Z
?CheckBufEndChar@CTXCommPack@@QAEHE@Z
?CheckBuffer@CTXCommPack@@IAEHI@Z
?CheckOutOverflow@CTXCommPack@@IAEHI@Z
?CheckRunMode@CTXCommPack@@IAEHW4RunMode@1@@Z
?CheckVistaAndStartSelfMediumLevel@Sys@Util@@YAHXZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Clear@CxImageGIF@@IAEXEAAUtag_image@1@@Z
?Clear@TiXmlNode@@QAEXXZ
?ClearCommitFlag@CStorage@@UAEXXZ
?ClearCommitFlag@CStream@@UAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Close@CStream@@QAEXXZ
?Close@CxMemFile@@UAE_NXZ
?CloseDocument@CRootStorage@@QAEJXZ
?CodeAddBuffer@CTXTLVCodecBase@@IAEXEPAUITXBuffer@@@Z
?CodeArrayBuffer@CCmdCodecBase@@IAEXXZ
?CodeArrayBufferLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@H@Z
?CodeArrayNumber@CCmdCodecBase@@IAEXW4TX_DATA_TYPE@@@Z
?CodeArrayString@CCmdCodecBase@@IAEXI@Z
?CodeArrayStringEndChar@CCmdCodecBase@@IAEXD@Z
?CodeArrayStringLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeArrayTXDataBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeArrayTXDataString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeArrayTXDataStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeArrayTXDataStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayToEnd@CCmdCodecBase@@IAEXPB_WH@Z
?CodeBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeBuffer@CTXTLVCodecBase@@IAEXEPB_WK@Z
?CodeBufferEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeByte@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeByteEx@CTXTLVCodecBase@@IAEXEPB_WE_N1@Z
?CodeChar@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeCharEx@CTXTLVCodecBase@@IAEXEPB_WD_N1@Z
?CodeDWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeDWordEx@CTXTLVCodecBase@@IAEXEPB_WK_N1@Z
?CodeEndArray@CCmdCodecBase@@IAEXXZ
?CodeInt@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeIntEx@CTXTLVCodecBase@@IAEXEPB_WH_N1@Z
?CodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeShort@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeShortEx@CTXTLVCodecBase@@IAEXEPB_WF_N1@Z
?CodeString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeTXData@CCmdCodecBase@@UAGJPAUITXData@@PAPAUITXBuffer@@@Z
?CodeWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeWordEx@CTXTLVCodecBase@@IAEXEPB_WG_N1@Z
?CodecTLV@CTXTLVCodecBase@@UAGJKPAUITXData@@PAPAUITXBuffer@@@Z
?Collate@CTXStringW@@QBEHPB_W@Z
?CollateNoCase@CTXStringW@@QBEHPB_W@Z
?Colorize@CxImage@@QAE_NEEM@Z
?Colorize@CxImage@@QAE_NNNN@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CombinePath@FS@Util@@YA?AVCTXStringW@@ABV3@0@Z
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
?CommitChange@FS@@YAHPB_W@Z
?CommitEntry@CStream@@AAEJXZ
?Compare@CTXStringA@@QBEHPBD@Z
?Compare@CTXStringW@@QBEHPB_W@Z
?CompareColors@CxImage@@KAHPBX0@Z
?CompareNoCase@CTXStringA@@QBEHPBD@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?Contour@CxImage@@QAE_NXZ
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?ConvertTXArraySpecialLabel@Convert@Util@@YAHPAUITXArray@@PA_W@Z
?ConvertTXArrayStringBundle@Convert@Util@@YAHPAUITXArray@@@Z
?ConvertTXDataSpecialLabel@Convert@Util@@YAHPAUITXData@@PA_W@Z
?ConvertTXDataStringBundle@Convert@Util@@YAHPAUITXData@@@Z
?ConvertTXDataToXML@Convert@Util@@YAHPA_WPAUITXDataRead@@0@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
?ConvertXMLSpecialLabel@Convert@Util@@YAHPA_W0PAPA_W@Z
?ConvertXMLStrToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
?ConvertXMLToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
?Copy@CStorageIterator@@AAEXPAUTXSTATSTG@@PBU2@@Z
?Copy@CTXBSTR@@QBEPA_WXZ
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyBufferOut@CTXCommPack@@QBEHAAVCTXBuffer@@@Z
?CopyBufferOut@CTXCommPack@@QBEHPAEAAI@Z
?CopyDecodeBufferOut@CTXCommPack@@QBEHAAVCTXBuffer@@@Z
?CopyDecodeBufferOut@CTXCommPack@@QBEHPAEAAI@Z
?CopyDirectory@FS@@YAHPB_W0PAUITXCopyDirProgress@@@Z
?CopyElementTo@CStorage@@QAEJPB_WPAV1@0@Z
?CopyFileInMem@FS@@YAHPB_W0PAUITXBuffer@@H@Z
?CopyFileW@FS@@YAHPB_W0H@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyTXDataField@Data@Util@@YAHPAUITXDataRead@@PAUITXData@@PB_W2@Z

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Core.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5e339ebb2e2bc240545b5401f608512a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

18:c6:b2:54:35:fa:01:47:ca:4e:c8:35:8f:0c:60:e7:db:0b:f9:d5
Signer

Actual PE Digest

18:c6:b2:54:35:fa:01:47:ca:4e:c8:35:8f:0c:60:e7:db:0b:f9:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Core.pdb

Imports

log

?DOLOG@@YAXPB_WZZ

mfc80u

ord266
ord1908
ord265
ord764
ord3677
ord757
ord566
ord765
ord315
ord1079
ord1033
ord1087
ord1197
ord1199
ord1093
ord371
ord1162
ord1115
ord1192
ord1168
ord1170
ord1200
ord581
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord2708
ord4301
ord2829
ord762
ord1178
ord2725
ord1182
ord314
ord1043
ord6751
ord2239
ord3824
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord2531
ord5562

msvcr80

_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_initterm_e
_onexit
_lock
_encode_pointer
_amsg_exit
_adjust_fdiv
_vscwprintf
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__clean_type_info_names_internal
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??1exception@std@@UAE@XZ
__CxxFrameHandler3
_decode_pointer
__dllonexit
_unlock
_except_handler4_common
_resetstkoflw
malloc
calloc
_recalloc
_purecall
free
memcpy_s
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
memset
vswprintf_s

kernel32

GetVersionExA
GetACP
HeapFree
HeapReAlloc
HeapSize
GetLocaleInfoA
HeapDestroy
GetProcessHeap
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
RaiseException
lstrlenW
OutputDebugStringW
GetFileAttributesW
GetProcAddress
GetLastError
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
HeapAlloc

user32

UnregisterClassA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoCreateInstance
CoLoadLibrary

oleaut32

LoadTypeLi
LoadRegTypeLi
SysStringLen
SysFreeString

atl80

ord15
ord18
ord31
ord58
ord32
ord30
ord61
ord23
ord64
ord22

msvcp80

?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Encrypt.dll
.dll windows:4 windows x86 arch:x86

2238759357539c6a1268e1a65676d82d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e8:df:99:0f:2e:00:9e:28:96:bb:99:99:6f:c5:bd:23:af:2c:72:69
Signer

Actual PE Digest

e8:df:99:0f:2e:00:9e:28:96:bb:99:99:6f:c5:bd:23:af:2c:72:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Encrypt.pdb

Imports

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
rand
_unlock
??3@YAXPAX@Z

ws2_32

ntohl
htonl

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount

Exports

Exports

?TeaDecryptECB@@YAXPBE0PAE@Z
?TeaEncryptECB@@YAXPBE0PAE@Z
?oi_symmetry_decrypt2@@YAHPBEH0PAEPAH@Z
?oi_symmetry_decrypt@@YAHPBEH0PAEPAH@Z
?oi_symmetry_encrypt2@@YAXPBEH0PAEPAH@Z
?oi_symmetry_encrypt@@YAXPBEH0PAEPAH@Z

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/ExceptCatch.dll
.dll windows:4 windows x86 arch:x86

8229ff023a8b05fa4166086398591f79

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:84:ab:a9:15:0f:bd:e0:ae:ae:3b:95:8f:43:8c:03:98:49:40:ae
Signer

Actual PE Digest

08:84:ab:a9:15:0f:bd:e0:ae:ae:3b:95:8f:43:8c:03:98:49:40:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\Symbol\ExceptCatch.pdb

Imports

mfc80u

ord1271
ord1058
ord4119
ord1894
ord760
ord572
ord3189
ord4255
ord4480
ord3943
ord2638
ord3703
ord3713
ord3712
ord2985
ord2527
ord2640
ord2534
ord2856
ord2708
ord4301
ord2829
ord2725
ord2531
ord5196
ord1590
ord1646
ord1647
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord3155
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4238
ord1393
ord3940
ord1608
ord1611
ord5911
ord6721
ord416
ord354
ord3176
ord4256
ord5199
ord1392
ord5908
ord6720
ord1542
ord1661
ord1662
ord4884
ord4729
ord4206
ord5178
ord1785
ord709
ord501
ord2651
ord6063
ord1555
ord5803
ord4574
ord266
ord265
ord6086
ord3635
ord1925
ord1118
ord3204
ord1472
ord6749
ord6751
ord3390
ord280
ord384
ord3927
ord5083
ord2897
ord2460
ord5319
ord5398
ord1430
ord6284
ord2011
ord629
ord776
ord4026
ord777
ord2310
ord370
ord2260
ord2261
ord5558
ord4074
ord618
ord5416
ord1908
ord3990
ord386
ord2271
ord2279
ord2745
ord774
ord631
ord267
ord575
ord1079
ord6111
ord6700
ord282
ord2895
ord1479
ord5524
ord4101
ord870
ord899
ord651
ord620
ord605
ord2121
ord900
ord293
ord2311
ord896
ord1093
ord371
ord1168
ord762
ord5708
ord1176
ord283
ord577
ord1178
ord1182
ord2384
ord764

msvcr80

__dllonexit
_unlock
wcsncpy_s
wcscat_s
_wsplitpath_s
vswprintf_s
wcsncmp
wcsrchr
swscanf_s
srand
rand
memmove_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_encode_pointer
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
wprintf
_set_invalid_parameter_handler
memcpy_s
_i64tow_s
memset
memcpy
__CxxFrameHandler3
wcsftime
_localtime64_s
_time64
strchr
_recalloc
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_CxxThrowException
__clean_type_info_names_internal

kernel32

WriteFile
SetFileAttributesW
DeleteFileW
GetPrivateProfileIntW
GetCurrentProcess
GetModuleHandleW
GetProcAddress
WritePrivateProfileStringW
lstrlenA
VirtualQueryEx
GetModuleFileNameA
CreateFileA
CloseHandle
GetVersionExW
IsBadReadPtr
VirtualProtect
GetLastError
MultiByteToWideChar
SetLastError
GetModuleFileNameW
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
OpenProcess
GetCurrentProcessId
GetSystemDefaultLCID
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetOEMCP
GetACP
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
LoadLibraryW
GetCurrentThreadId
CreateFileW
GetUserDefaultLCID
WideCharToMultiByte
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
SetUnhandledExceptionFilter

user32

EnableWindow
SendMessageW
GetSystemMetrics
KillTimer
SetTimer
GetClientRect
MessageBeep
LoadBitmapW
GetWindowRect
UnregisterClassA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegOpenKeyW

shell32

SHGetFolderPathW

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysAllocString

log

?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CreateObjectFromFile@@YAJPB_WPAUIUnknown@@ABU_GUID@@2PAPAX@Z

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?allocate@?$allocator@D@std@@QAEPADI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z

imagehlp

SymSetOptions
SymInitialize
SymFunctionTableAccess
StackWalk
SymGetSymFromAddr
SymGetModuleInfo
SymLoadModule

psapi

EnumProcessModules

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle

Exports

Exports

?SetExceptionCatcher@@YAXPB_WH@Z

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/FMDecoder.dll
.dll windows:4 windows x86 arch:x86

d7a90c34fa7d73257447dc832a5e653a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ec:b6:92:cc:db:c0:08:5f:44:ba:6a:de:7e:76:96:94:75:1b:9d:6a
Signer

Actual PE Digest

ec:b6:92:cc:db:c0:08:5f:44:ba:6a:de:7e:76:96:94:75:1b:9d:6a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\FMDecoder.pdb

Imports

kernel32

LoadResource
EnterCriticalSection
FindResourceExW
WideCharToMultiByte
lstrlenW
DeleteFileA
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
GetPrivateProfileIntW
LockResource
GetLastError
CreateMutexW
CloseHandle
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
FreeLibrary
LoadLibraryExW
GetProcAddress
GetModuleFileNameW
SizeofResource
FindResourceW
GetLocalTime
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetThreadLocale
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
Sleep
InterlockedCompareExchange
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

avcodec-52

ord131
ord46
ord110
ord107
ord146
ord127
ord48
ord114

avformat-52

ord44
ord19
ord51
ord59
ord55
ord8
ord30
ord274

avutil-50

ord65

msvcr80

_CIsin
__CxxFrameHandler3
_CxxThrowException
_stricmp
_CItan
__clean_type_info_names_internal
??3@YAXPAX@Z
sprintf_s
wcsrchr
memmove_s
_time64
_strlwr_s
fclose
ftell
fseek
fflush
fwrite
rename
fopen
??_V@YAXPAX@Z
swprintf_s
vsprintf_s
memcpy_s
??2@YAPAXI@Z
strcpy_s
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
_aligned_free
?what@exception@std@@UBEPBDXZ
_aligned_malloc
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
malloc
free
_purecall
atoi
strstr
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
memcpy

user32

UnregisterClassA

Exports

Exports

CreateDecoder
InitFFMPEG
RGB2YUY2
RGB2YV12

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/FileVersion.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cfd8cd7bc5e5b1472849369d1c575194

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cc:39:06:60:a9:2c:e2:5c:ff:cd:ed:86:09:eb:e4:c8:06:d1:8b:a9
Signer

Actual PE Digest

cc:39:06:60:a9:2c:e2:5c:ff:cd:ed:86:09:eb:e4:c8:06:d1:8b:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\FileVersion.pdb

Imports

kernel32

HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetModuleFileNameW
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcmpiW
GetLastError
DeleteCriticalSection
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetThreadLocale
SetThreadLocale
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedDecrement
Sleep
InterlockedIncrement
RaiseException
HeapDestroy
HeapAlloc

user32

SetWindowRgn
OffsetRect
EqualRect
IntersectRect
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
UnregisterClassA
PtInRect
UnionRect
SetFocus
IsChild
GetFocus
IsWindow
InvalidateRect
GetKeyState
RegisterClassExW
CreateWindowExW
SetWindowPos
GetDC
ReleaseDC
LoadCursorW
GetClassInfoExW
ShowWindow
GetWindowLongW
SetWindowLongW
DestroyWindow
DefWindowProcW
CharNextW

gdi32

SetMapMode
SetViewportOrgEx
DeleteDC
CreateDCW
GetClipRgn
CreateRectRgn
SelectClipRgn
Rectangle
SetTextAlign
TextOutW
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
LPtoDP

advapi32

RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

ole32

OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleLoadFromStream

oleaut32

LoadRegTypeLi
OleCreatePropertyFrame
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
VarBstrCat
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
swprintf_s
??2@YAPAXI@Z
_purecall
_wsplitpath_s
_vscwprintf
_itow_s
??_U@YAPAXI@Z
_recalloc
__CxxFrameHandler3
memset
??_V@YAXPAX@Z
wcscat_s
wcsncpy_s
wcscpy_s
_CxxThrowException
memcpy_s
??3@YAXPAX@Z
vswprintf_s
malloc
free

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/GF.dll
.dll regsvr32 windows:4 windows x86 arch:x86

43aa980eb83257753d0e187e5be9a630

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

66:57:cb:a3:a7:8f:06:be:4c:9d:91:46:81:48:b5:33:4e:55:62:5e
Signer

Actual PE Digest

66:57:cb:a3:a7:8f:06:be:4c:9d:91:46:81:48:b5:33:4e:55:62:5e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\platform_QQLiveProj_2\Basic_HummerPlatform_VOB\Platform_fr\Output\bin\GF.pdb

Imports

xgraphic32

CreateTextureRgn
SetTextureSlice
SetTextureMode
LockTextureBits
UnlockTextureBits
GetTextureFilter
GeoRectangle
GeoRoundRect
FillGradualRect
DrawTexture
ColorizeTexture
GrayTexture
NormalizeTexture
ARGBColorize
CanvasToTexture
SetViewportOrg
GeoRectFocusEx
SetCanvasBkColor
SetWindowOrg
FillSolidRect
SetCanvasWindow
CreateCanvasFromDC
GdiTransCanvas
CanvasScroll
DrawTextureEx
TranslateTexture
GetCanvasBkColor
GetCanvasFilter
GetCanvasHandle
DrawModulation
GetTextureSize
CopyTexture
LightTexture
DeleteTexture
CreateTexture
GetTextureHandle
ShuffleTexture
SetTextureFilter
FillSolidRectEx
CreateCanvas
SetCanvasFilter
MixCanvasWithColor
BlendCanvas
DeleteCanvas
MixCanvas
GetCanvasWindow
GetWindowOrg

common

?SetCreateObjectFactory@CoreCenter@Util@@YAXP6AJABU_GUID@@0PAPAX@Z@Z
?SetGetServiceFactory@CoreCenter@Util@@YAXP6AJABU_GUID@@PA_WPAPAX@Z@Z
ord27
?AppendFormat@CTXStringW@@QAAXPB_WZZ
??OCTXBSTR@@QBE_NABV0@@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?GetFileName@FS@Util@@YA?AVCTXStringW@@ABV3@@Z
?ConvertXMLStrToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?RGBtoHSL@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?GetCurrentCallStack@Sys@Util@@YA?AVCTXStringW@@V3@HH@Z
ord25
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
?TrimLeft@CTXStringW@@QAEAAV1@PB_W@Z
??0CFmtString@@QAE@XZ
?PropertyStr@CFmtString@@QAEHPB_W0@Z
?DoFormat@CFmtString@@QAEPB_WPB_W@Z
??1CFmtString@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@ABV0@@Z
??MCTXBSTR@@QBE_NABV0@@Z
??0CTXBSTR@@QAE@PB_W@Z
?Copy@CTXBSTR@@QBEPA_WXZ
??0CTXBSTR@@QAE@XZ
??4CTXBSTR@@QAEAAV0@PB_W@Z
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@PA_W@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?ConvertXMLToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
??ICTXBSTR@@QAEPAPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?Length@CTXBSTR@@QBEIXZ
??0CTXStringW@@QAE@ABV0@@Z
??8CTXBSTR@@QBE_NPB_W@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@XZ
??8@YA_NPB_WABVCTXBSTR@@@Z
?IsEmpty@CTXBSTR@@QAEHXZ
?CreateTXArray@Data@Util@@YAHPAPAUITXArray@@@Z
??0CTXBSTR@@QAE@HPB_W@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?Format@CTXStringW@@QAAXPB_WZZ
??M@YA_NABVCTXStringW@@0@Z
??BCTXStringW@@QBEPB_WXZ
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
?GetLength@CTXStringW@@QBEHXZ
?IsEmpty@CTXStringW@@QBE_NXZ
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??1CxImage@@UAE@XZ
??0CxImage@@QAE@K@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?GetFrameDelay@CxImage@@QBEKXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?Load@CxImage@@QAE_NPAVCxFile@@K@Z
?LoadGif@CxImageHelper@@YAPAVCxImage@@PAVCxFile@@AAH@Z
?FindFormat@CxImageHelper@@YAKPAVCxFile@@PAH@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetBpp@CxImage@@QBEGXZ
?GetColorType@CxImage@@QAEEXZ
?Find@CTXStringW@@QBEHPB_WH@Z
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetAlpha@CxImage@@QBEPAEXZ
?GetHeight@CxImage@@QBEKXZ
?GetWidth@CxImage@@QBEKXZ
?Compare@CTXStringW@@QBEHPB_W@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??0CxImage@@QAE@PAEKK@Z
??9@YA_NABVCTXStringW@@PB_W@Z
?Tokenize@CTXStringW@@QBE?AV1@PB_WAAH@Z
??9@YA_NABVCTXStringW@@0@Z
wcslcpy
??0CTXStringW@@QAE@PB_WH@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
??8@YA_NABVCTXStringW@@PB_W@Z
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?IsFileSystemFile@FS@@YAHPB_W@Z
??1CxFile@@UAE@XZ
??_7CxFile@@6B@
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Thumbnail@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?GuidFromString@Com@Util@@YAJPA_WAAU_GUID@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?SetCommitFlag@CxFile@@UAE_N_N@Z
?bFileOpenSuc@CxFile@@UAE_NXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?Resample@CxImage@@QAE_NJJHPAV1@@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?IsIndexed@CxImage@@QBE_NXZ
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?Save@CxImage@@QAE_NPAVCxFile@@K@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetFrame@CxImage@@QAEXJ@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N@Z
?SetDisposalMethod@CxImageGIF@@QAEXH@Z
?SetLoops@CxImageGIF@@QAEXH@Z
??0CxImageGIF@@QAE@XZ
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?GetNumFrames@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
??1CxImageGIF@@UAE@XZ
?SetFrameDelay@CxImage@@QAEXK@Z
?MixFrom@CxImage@@QAEXAAV1@JJ@Z
?Save@CxImage@@QAE_NPAVCxTXFile@@K@Z
?Create@CxImage@@QAEPAXKKKK@Z
?MakeLower@CTXStringW@@QAEAAV1@XZ
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
?IsFileExist@FS@@YAHPB_W@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?ConvertXMLSpecialLabel@Convert@Util@@YAHPA_W0PAPA_W@Z
?Trim@CTXStringW@@QAEAAV1@XZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
?GetAt@CTXStringW@@QBE_WH@Z
??9CTXBSTR@@QBE_NPB_W@Z
?IsStopped@CoreCenter@Util@@YAHXZ
??0CTXStringW@@QAE@_WH@Z
?Find@CTXStringW@@QBEH_WH@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?Empty@CTXBSTR@@QAEXXZ
??8CTXBSTR@@QBE_NABV0@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
?Mid@CTXStringW@@QBE?AV1@HH@Z
?Remove@CTXStringW@@QAEH_W@Z
??8@YA_NABVCTXStringW@@0@Z
?NotifyIdle@Window@Util@@YAJXZ
?Right@CTXStringW@@QBE?AV1@H@Z
?ToLower@CTXBSTR@@QAEJXZ
?AllocSysString@CTXStringW@@QBEPA_WXZ
?CopyTo@CTXBSTR@@QBEJPAPA_W@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??8CTXBSTR@@QBE_NPA_W@Z
??0CTXBSTR@@QAE@H@Z
?OpenUrlWithDefBrowser@UrlBase@Util@@YAXABVCTXStringW@@@Z
?MakeUpper@CTXStringW@@QAEAAV1@XZ
??1CTXStringA@@QAE@XZ
?CompareNoCase@CTXStringA@@QBEHPBD@Z
??0CTXStringA@@QAE@PBD@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?RemoveFileSystem@FS@@YAHPB_W@Z

imm32

ImmAssociateContext

rpcrt4

RpcStringFreeW
UuidToStringW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetProcessHeap
HeapFree
ExpandEnvironmentStringsW
OutputDebugStringW
FlushInstructionCache
GetCurrentProcess
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
WideCharToMultiByte
MultiByteToWideChar
lstrcpynW
Sleep
MulDiv
GetProcAddress
LoadLibraryExW
FreeLibrary
lstrcmpW
GetUserDefaultLCID
HeapAlloc
LoadLibraryA
SetThreadLocale
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualProtect
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
lstrlenW
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetVersionExW

user32

IsMenu
GetCapture
GetDlgItem
GetSubMenu
UpdateLayeredWindow
ReleaseCapture
SetCapture
DrawEdge
DrawFrameControl
GetSysColor
GetSysColorBrush
SetPropW
RemovePropW
GetPropW
ShowScrollBar
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
GetScrollInfo
EnableScrollBar
PeekMessageW
GetCursor
GetMessagePos
MessageBoxW
GetAsyncKeyState
TrackMouseEvent
GetDoubleClickTime
SendInput
GetScrollPos
KillTimer
SetTimer
MoveWindow
IsIconic
DestroyIcon
SetRect
GetKeyState
GetWindowTextW
IsWindowEnabled
GetWindowTextLengthW
RegisterClipboardFormatW
CallWindowProcW
EndPaint
RedrawWindow
IsZoomed
MonitorFromWindow
AnimateWindow
UpdateWindow
GetDesktopWindow
SystemParametersInfoW
SubtractRect
GetDlgCtrlID
GetClientRect
MapWindowPoints
SetWindowRgn
SetWindowTextW
SetWindowLongW
BeginPaint
ValidateRgn
ValidateRect
MonitorFromPoint
GetMonitorInfoW
SetActiveWindow
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
GetWindow
GetFocus
PostMessageW
SetParent
SetCursor
GetCursorPos
EnableWindow
ShowWindow
ClientToScreen
GetWindowRect
UnionRect
IntersectRect
DestroyWindow
CreateWindowExW
EqualRect
GetForegroundWindow
IsChild
PtInRect
SetFocus
EnumThreadWindows
GetClassNameW
IsWindowVisible
GetClassLongW
LoadImageW
GetWindowRgn
FillRect
ScreenToClient
BringWindowToTop
SetForegroundWindow
CreateIconFromResourceEx
CreateIconFromResource
SetLayeredWindowAttributes
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
GetWindowDC
SetRectEmpty
GetSystemMetrics
InflateRect
IsRectEmpty
SetWindowPos
DefWindowProcW
InvalidateRgn
ReleaseDC
GetDC
LoadCursorFromFileW
DestroyCursor
IsWindow
CopyRect
OffsetRect
FindWindowExW
GetWindowLongW
GetParent
InvalidateRect
SendMessageW
GetActiveWindow
RegisterClassExW
CharNextW
LoadCursorW
GetUpdateRect
UnregisterClassA
GetClassInfoExW

gdi32

CreateEnhMetaFileW
TextOutW
CloseEnhMetaFile
Polygon
BitBlt
Rectangle
LineTo
MoveToEx
SetBkColor
ExtTextOutW
CreateCompatibleBitmap
SetPixel
SelectObject
GetPixel
GetRgnBox
GetTextExtentExPointW
GetClipBox
SetWindowOrgEx
SaveDC
GetViewportOrgEx
GetWindowOrgEx
ExtSelectClipRgn
GetStockObject
StretchBlt
UnrealizeObject
CreateBitmap
PatBlt
SetBrushOrgEx
CreatePatternBrush
RestoreDC
GetObjectW
EnumFontFamiliesExW
DPtoLP
CreateFontIndirectW
GetTextMetricsW
OffsetRgn
CombineRgn
CreateRectRgnIndirect
GetRegionData
ExtCreateRegion
CreateRoundRectRgn
CreatePen
CreateCompatibleDC
SetViewportOrgEx
SetTextColor
SetBkMode
CreateRectRgn
CreateBrushIndirect
DeleteObject
GetDeviceCaps
DeleteDC
PlayEnhMetaFile

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExA
RegCloseKey

shell32

DragFinish
SHGetFileInfoW
DragQueryFileW

ole32

CoFileTimeNow
CoTaskMemFree
StringFromCLSID
CoCreateInstance
CLSIDFromProgID
DoDragDrop
RevokeDragDrop
RegisterDragDrop

oleaut32

VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
VariantInit
VariantClear
DispCallFunc
SysAllocStringLen
SysFreeString

atl80

ord58
ord31
ord30
ord11
ord10
ord43
ord44
ord18
ord22
ord64
ord15
ord32

msvcp80

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z

msvcr80

_wcsicmp
memmove
memset
_recalloc
_purecall
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
??_V@YAXPAX@Z
fwrite
fseek
ftell
fflush
feof
ferror
fputc
getc
_wfopen
fclose
_time64
??3@YAXPAX@Z
memcpy_s
malloc
free
_CxxThrowException
wcscpy_s
wcsrchr
swscanf
_wtof
memcpy
realloc
wcschr
wcsncpy
wcsncpy_s
_invalid_parameter_noinfo
_wtoi
_CIsqrt
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
swprintf_s
__CxxFrameHandler3
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
fread

comctl32

ImageList_GetImageInfo

usp10

ScriptGetProperties
ScriptLayout
ScriptTextOut
ScriptPlace
ScriptGetFontProperties
ScriptShape
ScriptFreeCache
ScriptBreak
ScriptGetLogicalWidths
ScriptItemize

urlmon

CoInternetGetSession

Exports

Exports

??0CGFAnchor@@QAE@XZ
??0CGFFrameAnchorHelper@@QAE@XZ
??4CGFAnchor@@QAEAAV0@ABV0@@Z
??4CGFFrameAnchorHelper@@QAEAAV0@ABV0@@Z
?AddAnchor@CGFAnchor@@QAEXEEVCRect@@VCPoint@@@Z
?AddColorizeListener@GF@Util@@YAJPAUIGFColorizeListener@@@Z
?AddSkinChangeListener@GF@Util@@YAJPAUIGFSkinChangeListener@@@Z
?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?BeginDrag@GF@Util@@YAJPAUIGFFrame@@VCPoint@@@Z
?BeginDragEffect@GF@Util@@YAXPAUIGFFrame@@VCPoint@@@Z
?ChangeSkin@GF@Util@@YAHPA_W@Z
?CheckPermitActiveX@IEActiveX@Util@@YAHABU_GUID@@@Z
?ClearMousePointer@GF@Util@@YAJPAUIGFFrame@@@Z
?ClosePopupWindows@GF@Util@@YAXXZ
?Colorize@GF@Util@@YA?ATtagARGB@@T3@H@Z
?Colorize@GF@Util@@YA?ATtagARGB@@T3@NNN@Z
?ConvertConfigMd@Metadata@Util@@YAJPA_W@Z
?CreateCompatibleImage@GIF@Util@@YAJAAVCxImage@@KKPAV3@@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?CreatexFile@GF@Util@@YAXPAPAVCxFile@@VCTXStringW@@K@Z
?DelColorizeListener@GF@Util@@YAJPAUIGFColorizeListener@@@Z
?DelSkinChangeListener@GF@Util@@YAJPAUIGFSkinChangeListener@@@Z
?DispatchFrameMsg@GF@Util@@YAJPAUIGFFrame@@PAUtagBaseArg@@PAHPAJH@Z
?DispatchMsg_LocationChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagPOINT@@1@Z
?DispatchMsg_Lock@MsgEvt@Util@@YAJPAUIGFFrame@@H@Z
?DispatchMsg_PaddingChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagRECT@@1@Z
?DispatchMsg_SizeChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagSIZE@@1@Z
?DumpGFElementInfo@GF@Util@@YAXPAUIGFElement@@@Z
?EndDrag@GF@Util@@YAJXZ
?EndDragEffect@GF@Util@@YAXXZ
?FindDomodalChildren@GF@Util@@YAXPAUHWND__@@AAV?$vector@PAUHWND__@@V?$allocator@PAUHWND__@@@std@@@std@@@Z
?FlashFrameBorder@GF@Util@@YAJPAUIGFFrame@@EEKKHKKPAUIGFAnimationEvent@@@Z
?FramePoint2WindowPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?FreeData@Metadata@Util@@YAJAAPA_W@Z
?GIFScale@GIF@Util@@YAJPAVCxFile@@0HHH@Z
?GIFScale@GIF@Util@@YAJPB_W0HHH@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAD@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAE@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAG@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAI@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAK@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAN@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPATtagARGB@@@Z
?GetAnchor@CGFFrameAnchorHelper@@QAEJPAK@Z
?GetAnchor@CGFFrameAnchorHelper@@QAEJPAPA_W@Z
?GetAnchorResult@CGFAnchor@@QAE?AVCRect@@PAVVCalcSizeSupporter@@PAUtagSIZE@@@Z
?GetAnchorResult@CGFFrameAnchorHelper@@QAE?AVCRect@@V2@0PAVVCalcSizeSupporter@@@Z
?GetBOOL@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?GetCacheMetaData@GF@Util@@YAXPAH@Z
?GetColorizeInfo@GF@Util@@YAXAAN00@Z
?GetCurrentModeId@GF@Util@@YAHXZ
?GetFrameInfo@GFSpyFuncHelper@@YAJPAUIGFFrame@@PAUtagFrameInfo@@@Z
?GetGFConfigAgentCount@@YAMXZ
?GetGFConfigAgentSaveElmCount@@YAMXZ
?GetGFDrawCount@@YAKXZ
?GetGFElementCount@@YAKXZ
?GetGFFrameCount@@YAMXZ
?GetIEAcxContainer@IEEvent@Util@@YAXPAPAUIActiveXContainer@@@Z
?GetInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAPAU3@@Z
?GetInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAPAUITXArray@@@Z
?GetLightColor@Text@GF@Util@@YA?ATtagARGB@@T4@@Z
?GetMetadataMemoryUsage@@YAMXZ
?GetPaletteIndex@GIF@Util@@YAHAAVCxImage@@EEEAAE@Z
?GetService@GF@Util@@YAJABU_GUID@@PA_WPAPAX@Z
?GetSkinColorizeInfo@GF@Util@@YAXAAN00@Z
?GetTextColor@Text@GF@Util@@YA?ATtagARGB@@T4@@Z
?GetTotalGFFrameCount@@YAMXZ
?GetWindowByHWnd@GFSpyFuncHelper@@YAJPAUHWND__@@PAPAUIGFPopupWin@@@Z
?HookGFKeyMsg@GF@Util@@YAJPAUIGFHookKeyMsgListener@@@Z
?ImmAssociateContext@GF@Util@@YAXPAUIGFWin@@PAUHIMC__@@@Z
?IsFrameReachable@GF@Util@@YAHPAUIGFFrame@@@Z
?IsValidGFElement@GF@Util@@YAHPAUIGFElement@@@Z
?LightInLightOut@GF@Util@@YAJPAUIGFFrame@@EEKKHKKPAUIGFAnimationEvent@@@Z
?LoadImageW@GF@Util@@YAPAXPB_WIHHI@Z
?Merge@GIF@Util@@YAJAAV?$vector@PAVCxFile@@V?$allocator@PAVCxFile@@@std@@@std@@AAV?$vector@HV?$allocator@H@std@@@4@PAVCxFile@@K@Z
?Merge@GIF@Util@@YAJAAV?$vector@PB_WV?$allocator@PB_W@std@@@std@@AAV?$vector@HV?$allocator@H@std@@@4@PB_WK@Z
?MessageBoxW@GF@Util@@YAJPAUIGFFrame@@PAPAUIGFSysMessageBox@@VCTXStringW@@2H@Z
?ModifyReflect@GF@Util@@YAJPAXIH@Z
?OnColorizeChanged@GF@Util@@YAJXZ
?Overlap@GIF@Util@@YAJPAVCxFile@@00K@Z
?Overlap@GIF@Util@@YAJPB_W00K@Z
?PopupMenu@GF@Util@@YAXPAUIGFMenuEx@@PAUIGFFrame@@@Z
?PrintFrame@GF@Util@@YAPAUHGTEXTURE__@@PAUIGFFrame@@KH@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_W1@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WD@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WE@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WG@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WH@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WI@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WK@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WN@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WTtagARGB@@@Z
?PutBOOL@Metadata@Util@@YAJPAUITXData@@PA_WH@Z
?PutInterface@Metadata@Util@@YAJPAUITXData@@PA_W0@Z
?PutInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAUITXArray@@@Z
?RawCreateGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAPAUIGFElement@@PAU4@PAUITXCore@@@Z
?RawCreateGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAPAUIGFElement@@PAU4@PA_W@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@PAUITXCore@@@Z
?RawCreateGFObjectByName@GF@Util@@YAJPA_WPAPAUIGFElement@@@Z
?RawCreateGFObjectByName@GF@Util@@YAJPA_WPAPAUIGFElement@@PAUITXCore@@@Z
?RawInitGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAUIGFElement@@1PAUITXCore@@@Z
?RawInitGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAUIGFElement@@1PA_W@Z
?RawInitGFElementByXtml@GF@Util@@YAJPA_WPAUIGFElement@@10@Z
?RawInitGFElementByXtml@GF@Util@@YAJPA_WPAUIGFElement@@1PAUITXCore@@@Z
?RectExToRect@CGFAnchor@@IAE?AVCRect@@AAVCRectEx@@PAVVCalcSizeSupporter@@PAUtagSIZE@@@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?SetAnchor@CGFAnchor@@QAEXEVCRect@@@Z
?SetAnchor@CGFFrameAnchorHelper@@QAEJK@Z
?SetAnchor@CGFFrameAnchorHelper@@QAEJPA_W@Z
?SetCacheMetaData@GF@Util@@YAXH@Z
?SetColorizeInfo@GF@Util@@YAXNNN@Z
?SetCurrentMode@GF@Util@@YAJH@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?SetForegroundWindow@GF@Util@@YAXPAUIGFWin@@@Z
?SetFrameAttribute@GFSpyFuncHelper@@YAJPAUIGFFrame@@PB_W1@Z
?SetImageCacheCount@@YAXK@Z
?SetModeAttr@GF@Util@@YAJHPAUITXData@@@Z
?SetPermitActiveFileList@IEActiveX@Util@@YAHPAUITXArrayRead@@@Z
?SetPermitActiveXClsidList@IEActiveX@Util@@YAHPAUITXArrayRead@@@Z
?SetPermitEnable@IEActiveX@Util@@YAHH@Z
?SetSkinColorizeInfo@GF@Util@@YAXNNN@Z
?SetStopCreateCompoent@GF@Util@@YAXXZ
?SlideFrame@GF@Util@@YAJPAUIGFFrame@@VCRect@@1KKHKKPAUIGFAnimationEvent@@@Z
?StopFlashFrameBorder@GF@Util@@YAJPAUIGFFrame@@@Z
?StopLightInLightOut@GF@Util@@YAJPAUIGFFrame@@@Z
?StopSlideFrame@GF@Util@@YAJPAUIGFFrame@@@Z
?TopFrameFromPoint@GF@Util@@YAJPAUIGFFrame@@PBUtagPOINT@@PAPAU3@@Z
?TopFrameInfoFromPoint@GFSpyFuncHelper@@YAJPAUIGFFrame@@PBUtagPOINT@@PAUtagFrameInfo@@@Z
?TransMd2GFElement@Metadata@Util@@YAJPAUITXData@@PAPAUIGFElement@@PAUIGFEnvironment@@PA_W@Z
?TransStringValue@Metadata@Util@@YA?AVCTXBSTR@@V3@@Z
?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
?UnhookGFKeyMsg@GF@Util@@YAJPAUIGFHookKeyMsgListener@@@Z
?__GetGFCustMemAlloc@@YAIXZ
?__GetGFCustMemNewed@@YAIXZ
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/HallMain.dll
.dll regsvr32 windows:4 windows x86 arch:x86

54be654f3123e1de8fed1e6b068deacc

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9e:ce:13:75:2e:01:91:c2:d1:75:d0:30:bc:e5:cd:93:83:92:f0:5d
Signer

Actual PE Digest

9e:ce:13:75:2e:01:91:c2:d1:75:d0:30:bc:e5:cd:93:83:92:f0:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\HallMain.pdb

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
RaiseException
GetThreadLocale
SetThreadLocale
lstrlenA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
OutputDebugStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetLocaleInfoA
GetACP
GetFileAttributesW
GetProcAddress
GetLastError
MultiByteToWideChar
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
IsDebuggerPresent
InitializeCriticalSection
InterlockedExchange
GetVersionExA

user32

UnregisterClassA

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

VariantInit
DispCallFunc
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear

log

?DOLOG@@YAXPB_WZZ
?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z

atl80

ord30
ord11
ord10
ord31
ord15
ord32
ord61
ord23
ord64
ord18
ord22
ord58

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
??_V@YAXPAX@Z
_purecall
free
memcpy
_vscwprintf
vswprintf_s
memset
memcpy_s
memmove_s
_recalloc
calloc
malloc
_resetstkoflw
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
??3@YAXPAX@Z
??1exception@std@@UAE@XZ

ws2_32

htons
inet_ntoa
ntohl
ntohs
htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/HttpDownload.dll
.dll windows:4 windows x86 arch:x86

65523877398283a5e1700c6574c2e8f5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

93:c7:df:f4:3c:72:e9:5a:6e:0c:c0:2d:c5:9a:b2:1c:59:9a:1a:07
Signer

Actual PE Digest

93:c7:df:f4:3c:72:e9:5a:6e:0c:c0:2d:c5:9a:b2:1c:59:9a:1a:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\Release\HttpDownload.pdb

Imports

mfc80u

ord896
ord6096
ord3990
ord287
ord862
ord762
ord660
ord3227
ord423
ord899
ord5524
ord290
ord6700
ord5558
ord1908
ord5148
ord2340
ord1176
ord6751
ord1646
ord1156
ord314
ord3249
ord1172
ord5316
ord6282
ord760
ord572
ord3331
ord4255
ord4480
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2856
ord2708
ord4301
ord2829
ord2725
ord2531
ord5196
ord1590
ord1647
ord1955
ord5171
ord1353
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord4078
ord2379
ord2397
ord2409
ord2386
ord2402
ord2407
ord2390
ord2392
ord2394
ord2388
ord2404
ord2384
ord931
ord927
ord929
ord925
ord920
ord5229
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord4238
ord1393
ord3940
ord1608
ord1611
ord5911
ord6721
ord1571
ord5327
ord6293
ord3678
ord4100
ord897
ord2468
ord765
ord315
ord1079
ord1033
ord1087
ord1197
ord1199
ord1093
ord371
ord1162
ord1115
ord1192
ord1168
ord1170
ord1200
ord581
ord1472
ord777
ord283
ord280
ord6167
ord6173
ord4074
ord2444
ord900
ord2261
ord2260
ord4101
ord2461
ord2460
ord5398
ord1182
ord1077
ord776
ord2311
ord2895
ord870
ord1147
ord774
ord3927
ord1175
ord265
ord2121
ord4057
ord548
ord4038
ord5462
ord293
ord577
ord266
ord3168
ord559
ord1178
ord747
ord6201
ord2381
ord764
ord372

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__CxxFrameHandler3
memcpy
memset
wcstoul
_wsplitpath_s
_mktime64
wcsftime
_localtime64_s
_time64
rand
srand
__clean_type_info_names_internal
_beginthreadex
memcpy_s
_purecall
_except_handler4_common
?terminate@@YAXXZ

kernel32

SetThreadPriority
ReadFile
GetTempPathW
GetProcessHeap
HeapFree
CloseHandle
CreateFileW
CreateEventW
CreateDirectoryW
GetFileAttributesW
HeapAlloc
SetFilePointer
SetEndOfFile
GetFileSize
SetEvent
GetLastError
WriteFile
ResetEvent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
TerminateThread
WaitForMultipleObjects
LocalFree
LocalAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
WaitForSingleObject

user32

PeekMessageW
EnableWindow
DispatchMessageW
GetDesktopWindow
PostMessageW
SendMessageW

wininet

InternetOpenW
InternetErrorDlg
HttpOpenRequestW
HttpSendRequestW
InternetConnectW
InternetSetStatusCallbackW
InternetCloseHandle
InternetReadFileExA
HttpQueryInfoW
HttpEndRequestW
HttpSendRequestExW
InternetQueryOptionW
InternetWriteFile
HttpAddRequestHeadersW

oleaut32

SysFreeString

Exports

Exports

??0CHttpDowndExports@@QAE@XZ
??0CHttpDownload@@QAE@XZ
??0CHttpDownloadUIInterface@@IAE@XZ
??0CHttpDownloadUIInterface@@QAE@ABV0@@Z
??0CThreadModel@@IAE@XZ
??1CHttpDowndExports@@QAE@XZ
??1CHttpDownload@@UAE@XZ
??1CHttpDownloadUIInterface@@UAE@XZ
??1CThreadModel@@MAE@XZ
??4CHttpDowndExports@@QAEAAV0@ABV0@@Z
??4CHttpDownloadUIInterface@@QAEAAV0@ABV0@@Z
??_7CHttpDownload@@6B@
??_7CHttpDownloadUIInterface@@6B@
??_7CThreadModel@@6B@
?AddContent@CHttpDowndExports@@QAEHPBEH@Z
?AddContent@CHttpDownload@@QAEHPBEH@Z
?AddEvent@CThreadModel@@IAEXPAX@Z
?AddInfo@CHttpDowndExports@@QAEHPB_W0@Z
?AddInfo@CHttpDowndExports@@QAEHPB_WK@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBEH@Z
?AfterThread@CHttpDownload@@MAEXXZ
?AfterThread@CThreadModel@@MAEXXZ
?BeforeThread@CHttpDownload@@MAEXXZ
?BeforeThread@CThreadModel@@MAEXXZ
?CancelDownload@CHttpDowndExports@@QAEXXZ
?CancelDownload@CHttpDownload@@QAEXXZ
?CheckDirectoryExist@CHttpDownload@@IAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?CheckFileExist@CHttpDownload@@IAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?ClearRequestContent@CHttpDownload@@QAEXXZ
?ClearRequestHeader@CHttpDownload@@QAEXXZ
?CloseInternetConnection@CHttpDownload@@IAEXXZ
?CloseInternetFile@CHttpDownload@@IAEXXZ
?CloseInternetSession@CHttpDownload@@IAEXXZ
?CloseSaveFile@CHttpDownload@@IAEXXZ
?CreateAllDirectory@CHttpDownload@@IAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?CreateHeapData@CHttpDownload@@IAEHPBXKAAPAX@Z
?CreateUIProxy@CHttpDownload@@IAEHXZ
?DecodeBuffer@CHttpDownload@@IAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PBEK@Z
?DeleteUIProxy@CHttpDownload@@IAEXXZ
?Download@CHttpDowndExports@@QAEIPB_W0@Z
?Download@CHttpDownload@@QAEIPB_W0PAU_SYSTEMTIME@@@Z
?Download@CHttpDownload@@QAEIPB_WPAU_SYSTEMTIME@@@Z
?DownloadBase@CHttpDownload@@IAEIPB_W0@Z
?DownloadInternetFile@CHttpDownload@@IAEIXZ
?DownloadResume@CHttpDownload@@QAEIPB_W0KH@Z
?DownloadRun@CHttpDownload@@IAEIXZ
?EncodeBuffer@CHttpDownload@@IAEHPAEAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?ExitDownload@CHttpDownload@@IAEXXZ
?FlushSaveFile@CHttpDownload@@IAEHXZ
?GetDownloadTempDir@CHttpDownload@@QAEAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetFileCurrentPos@CHttpDownload@@IAEHPAXAAK@Z
?GetLastModifyTime@CHttpDownload@@QAEHAAU_SYSTEMTIME@@@Z
?GetRawResponseHeader@CHttpDownload@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetRawUserRequestHeader@CHttpDownload@@QAE?AV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@XZ
?GetRequestContent@CHttpDownload@@QAEXPAPBEPAH@Z
?GetResponseFileName@CHttpDownload@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?GetUserAgent@CHttpDownload@@IAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?HttpHandleModifiedTime@CHttpDownload@@IAEXXZ
?HttpPreSetFilePointer@CHttpDownload@@IAEXK@Z
?HttpQueryInfoStatusCode@CHttpDownload@@IAEKXZ
?HttpQueryResponseHeader@CHttpDownload@@IAEXXZ
?HttpSendRequestW@CHttpDownload@@MAEIXZ
?HttpSetExternalHeader@CHttpDownload@@IAEXV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?HttpSetRequestModifiedHeader@CHttpDownload@@IAEXAAU_SYSTEMTIME@@@Z
?InitDownload@CHttpDownload@@IAEIXZ
?InitMemberData@CHttpDownload@@IAEXXZ
?InitReceiveBuffer@CHttpDownload@@IAEHXZ
?InternetStatusCallback@CHttpDownload@@KGXPAXKK0K@Z
?IsThreadRunning@CThreadModel@@IAEHXZ
?MoveFilePosition@CHttpDownload@@IAEHKK@Z
?OnConnected@CHttpDownload@@IAEXXZ
?OnConnected@CHttpDownloadUIInterface@@UAEXXZ
?OnConnecting@CHttpDownload@@IAEXXZ
?OnConnecting@CHttpDownloadUIInterface@@UAEXPB_W@Z
?OnDownloadComplete@CHttpDownload@@IAEXK@Z
?OnDownloadComplete@CHttpDownloadUIInterface@@UAEXKPB_W@Z
?OnDownloadStart@CHttpDownload@@IAEXKK@Z
?OnDownloadStart@CHttpDownloadUIInterface@@UAEXKK@Z
?OnError@CHttpDownload@@IAEXK@Z
?OnError@CHttpDownloadUIInterface@@UAEXKPB_W@Z
?OnGetProxyUserPassword@CHttpDownload@@IAEHXZ
?OnHttpStatusOK@CHttpDownload@@IAEIK@Z
?OnHttpStatusOther@CHttpDownload@@IAEIK@Z
?OnHttpStatusPartialContent@CHttpDownload@@IAEIK@Z
?OnHttpStatusRedirect@CHttpDownload@@IAEIK@Z
?OnInetClosingConnection@CHttpDownload@@IAEXPAX@Z
?OnInetConnectionClosed@CHttpDownload@@IAEXPAX@Z
?OnInetHandleCreated@CHttpDownload@@IAEXPAXPAUINTERNET_ASYNC_RESULT@@@Z
?OnInetRequestComplete@CHttpDownload@@IAEXPAXPAUINTERNET_ASYNC_RESULT@@@Z
?OnInetResponceReceived@CHttpDownload@@IAEXPAX0@Z
?OnMessageError@CHttpDownload@@IAEXPB_W@Z
?OnProgress@CHttpDownload@@MAEXK@Z
?OnProgress@CHttpDownloadUIInterface@@UAEXKK@Z
?OnRedirect@CHttpDownload@@IAEXPB_W@Z
?OnRedirected@CHttpDownloadUIInterface@@UAEXPB_W@Z
?OnStatusCallback@CHttpDownload@@MAEXPAXK0K@Z
?OnSupportResume@CHttpDownload@@MAEXH@Z
?OpenInternetConnection@CHttpDownload@@IAEIXZ
?OpenInternetFile@CHttpDownload@@IAEIXZ
?OpenInternetSession@CHttpDownload@@IAEHXZ
?OpenSaveFile@CHttpDownload@@IAEHXZ
?QueryEvent@CThreadModel@@IAEHAAPAXH@Z
?QueryExitEvent@CThreadModel@@IAEHXZ
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAH@Z
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAK@Z
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAV23@H@Z
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAEK@Z
?QueryInfoBase@CHttpDownload@@IAEHPB_WAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?QueryInternetFileInfo@CHttpDownload@@IAEXAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAKAAU_SYSTEMTIME@@@Z
?ReleaseReceiveBuffer@CHttpDownload@@IAEXXZ
?Run@CHttpDownload@@MAEIXZ
?SetAutoResume@CHttpDownload@@QAEXH@Z
?SetDownloadSize@CHttpDownload@@IAEXH@Z
?SetDownloadTempDir@CHttpDownload@@QAEXPB_W@Z
?SetEventMask@CHttpDownload@@QAEXE@Z
?SetFileSize@CHttpDownload@@IAEXH@Z
?SetInternetOptions@CHttpDownload@@IAEHXZ
?SetRequestMethod@CHttpDowndExports@@QAEXH@Z
?SetRequestMethod@CHttpDownload@@QAEXH@Z
?SetResueThread@CHttpDownload@@QAEXH@Z
?SetStatusAndErrorCode@CHttpDownload@@IAEXW4DOWNLOAD_STATUS@1@W4DOWNLOAD_ERRORCODE@@@Z
?SetUIInterface@CHttpDowndExports@@QAEXPAVCHttpDownloadUIInterface@@@Z
?SetUIInterface@CHttpDownload@@QAEXPAVCHttpDownloadUIInterface@@@Z
?SetUseIEProxy@CHttpDownload@@QAEXH@Z
?StartThread@CThreadModel@@QAEHXZ
?StopThread@CThreadModel@@QAEXXZ
?WaitThread@CThreadModel@@QAEHK@Z
?WriteSaveFile@CHttpDownload@@IAEHPAXK@Z
?__ThreadProxyProc@CThreadModel@@CGIPAX@Z
?m_strPassword@CHttpDownload@@1V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@A
?m_strUserName@CHttpDownload@@1V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@A
?m_thisMap@CHttpDownload@@0VCThisMapPtrToPtr@1@A

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LiveAPI.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5d10ea44adca0fbb34173b467dcd0bf5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3c:6f:d2:c9:00:1c:63:07:37:af:22:d4:a3:c6:be:6b:d5:bb:16:e3
Signer

Actual PE Digest

3c:6f:d2:c9:00:1c:63:07:37:af:22:d4:a3:c6:be:6b:d5:bb:16:e3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveAPI.pdb

Imports

kernel32

InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
LockResource
InterlockedIncrement
GetProcAddress
GetFileAttributesW
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetModuleFileNameW
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
FindResourceExW
lstrlenW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange

user32

SendMessageTimeoutW
GetWindow
IsWindow
UnregisterClassA
GetPropW
CharNextW
GetDesktopWindow

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoLoadLibrary
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

SysFreeString
UnRegisterTypeLi
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
LoadTypeLi
RegisterTypeLi

log

?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z
?DOLOG@@YAXPB_WZZ

msvcr80

vswprintf_s
malloc
free
memcpy_s
_CxxThrowException
wcscpy_s
wcsncpy_s
wcscat_s
memset
__CxxFrameHandler3
??_V@YAXPAX@Z
_recalloc
??_U@YAPAXI@Z
_vscwprintf
memcmp
memmove_s
_purecall
??2@YAPAXI@Z
calloc
_resetstkoflw
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
??3@YAXPAX@Z
wcslen

msvcp80

?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LiveMaster.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6694a13f50c4e9481512ed179af283a5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:96:47:41:06:c2:e2:9e:18:3b:26:e9:c3:a6:a0:90:b6:6c:ef:db
Signer

Actual PE Digest

08:96:47:41:06:c2:e2:9e:18:3b:26:e9:c3:a6:a0:90:b6:6c:ef:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveMaster.pdb

Imports

kernel32

GetProcAddress
LoadLibraryW
WideCharToMultiByte
LoadLibraryExW
RaiseException
MultiByteToWideChar
OutputDebugStringW
lstrlenA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleFileNameW
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetLastError
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetPrivateProfileStringW
GetTickCount
DeleteFileW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetLogicalDrives
GetDiskFreeSpaceExW
CreateFileW
GetVersionExW
DeviceIoControl
CloseHandle
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
FindFirstFileW
GetDriveTypeW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetFileAttributesW
WaitForSingleObject
GetExitCodeProcess
TerminateProcess

user32

PostMessageW
IsWindow
DefWindowProcW
RegisterClassExW
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
LoadCursorW
GetClassInfoExW
DestroyWindow
SetTimer
KillTimer
GetKeyState
InvalidateRect
GetFocus
IntersectRect
EndPaint
GetClientRect
BeginPaint
SetWindowLongW
GetWindowLongW
UnregisterClassA
ShowWindow
PtInRect
UnionRect
CallWindowProcW
CreateWindowExW
SetFocus
IsChild

gdi32

DeleteMetaFile
CreateRectRgnIndirect
SetTextAlign
TextOutW
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
CreateMetaFileW
DeleteDC
SetMapMode
LPtoDP
GetDeviceCaps
SaveDC
SetViewportOrgEx

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoTaskMemAlloc
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoFreeLibrary
CoLoadLibrary
CoCreateInstance

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
VariantChangeType
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
VarBstrCmp
SysStringLen

atl80

ord30
ord23
ord15
ord64
ord22
ord32
ord61
ord18
ord53
ord52
ord51
ord50
ord31
ord58
ord44
ord43
ord26
ord27

shlwapi

PathAppendW

msvcp80

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z

msvcr80

calloc
_purecall
_itow_s
free
srand
rand
__CxxFrameHandler3
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
??2@YAPAXI@Z
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
sprintf_s
strncpy_s
malloc
_resetstkoflw
wcsrchr
wcscpy_s
_wcsicmp
_time64
wcstoul
strchr
sscanf_s
isdigit
_decode_pointer
wcsstr
??3@YAXPAX@Z
memset
swprintf_s
wcscat_s
memcpy_s
memmove_s
vswprintf_s
_CxxThrowException
_vscwprintf
??_V@YAXPAX@Z
_recalloc
wcsncpy_s
strcat_s

log

?CreateObjectFromFile2@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetUserAppDataPath3@@YA?AVCComBSTR@ATL@@XZ
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?DOLOG@@YAXPB_WZZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

ws2_32

gethostname
gethostbyname
inet_ntoa
WSAStartup
WSACleanup
inet_addr
ntohl

Exports

Exports

CreateP2PAppCtrl
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseP2PAppCtrl

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LiveMedia.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9f61b8dcec31f89e5334d1fc1ed288a8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:63:32:b9:33:6e:03:c3:d0:17:ee:6f:b0:86:0d:65:3c:6f:ae:18
Signer

Actual PE Digest

30:63:32:b9:33:6e:03:c3:d0:17:ee:6f:b0:86:0d:65:3c:6f:ae:18

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\Symbol\LiveMedia.pdb

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
RaiseException
GetCurrentThreadId
SetLastError
GetTickCount
SetThreadExecutionState
MultiByteToWideChar
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
HeapFree
GetProcessHeap
lstrlenA
HeapAlloc
GetModuleFileNameW
GetPrivateProfileIntW
GetProcAddress
GetFileAttributesW
OutputDebugStringW
GlobalFree
GlobalHandle
MulDiv
HeapDestroy
HeapReAlloc
HeapSize
InterlockedExchange
GetACP
GetLocaleInfoA
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
Sleep
TerminateProcess
UnhandledExceptionFilter
lstrcmpW
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLastError
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetCurrentProcess
FlushInstructionCache
ResetEvent
SetFileAttributesW
DeleteFileW
CopyFileW
TerminateThread
CreateEventW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageW
GetVersionExA

user32

UnregisterClassA
RegisterClassW
UnregisterClassW
TrackMouseEvent
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CreateDialogIndirectParamW
GetCursorPos
GetDoubleClickTime
KillTimer
SetTimer
GetKeyState
UnionRect
PtInRect
PostMessageW
IsWindow
SetWindowLongW
GetWindowLongW
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
MapDialogRect
SetWindowContextHelpId
EndDialog
MessageBoxW
SetParent
SendDlgItemMessageW
CreateWindowExW
GetWindowRect
ShowWindow
SystemParametersInfoW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
FindWindowExW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
SetWindowPos
MoveWindow
CharNextW
GetSysColor
GetClientRect
CallWindowProcW
DefWindowProcW
SendMessageW
SetWindowTextW
DestroyWindow
CopyRect

gdi32

SaveDC
CreateMetaFileW
CreateRectRgnIndirect
SetWindowOrgEx
SetMapMode
LPtoDP
SetWindowExtEx
RestoreDC
CloseMetaFile
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
SetViewportOrgEx
CreateDCW
GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
BitBlt
DeleteMetaFile

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW

ole32

StringFromGUID2
OleInitialize
CoLoadLibrary
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
OleLoadFromStream
CoTaskMemFree
CoTaskMemRealloc
CoFreeLibrary
OleUninitialize
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning

oleaut32

VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
DispCallFunc
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantCopy
VariantChangeType
OleCreatePropertyFrame
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
VarBstrCmp
SysStringLen
GetErrorInfo

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

log

?CheckFileExist@@YAHPB_W@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?LiveMediaStart@@YAPAXXZ
?CreateObjectFromFile@@YAJPB_WPAUIUnknown@@ABU_GUID@@2PAPAX@Z
?IsWindowsVista@@YAHXZ
?IsEnableUAC@@YAHXZ
?GetIEUseableDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CreateAllDirectory@@YAHPB_W@Z
?LiveMediaStop@@YAXAAPAX@Z
?IsLiveMediaExist@@YA_NXZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@@Z
?GetXPMenuState@@YAXAAHAAK@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?NavigateURL@@YAHPB_WH@Z
?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?CreateObjectFromFile2@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?DOLOG@@YAXPB_WZZ

urlmon

URLDownloadToCacheFileW

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
_wcsicmp
__CxxFrameHandler3
memcpy_s
_CxxThrowException
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_beginthreadex
free
wcschr
_vscwprintf
vswprintf_s
??_V@YAXPAX@Z
memset
_recalloc
swprintf_s
_purecall
rand
srand
malloc
wcsstr
wcsncpy_s
wcscpy_s
wcscat_s
_itow_s
calloc
ldiv
_resetstkoflw
wcstoul
wcsrchr
_wcslwr_s
_wtoi
memcpy
??3@YAXPAX@Z

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LivePlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

31dbbeb37cfb76c193b6f62659f35fc9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:3a:ca:9c:ee:e5:1a:9f:d7:71:3c:8c:f6:df:27:1d:0c:3f:2e:3a
Signer

Actual PE Digest

6a:3a:ca:9c:ee:e5:1a:9f:d7:71:3c:8c:f6:df:27:1d:0c:3f:2e:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\LivePlayer.pdb

Imports

comctl32

_TrackMouseEvent

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
FreeLibrary
GetProcAddress
LoadLibraryExW
SizeofResource
RaiseException
GetLocalTime
CreateMutexW
GetLastError
GetPrivateProfileIntW
GlobalAlloc
GlobalLock
GlobalUnlock
CloseHandle
lstrlenA
GetModuleHandleW
GetModuleFileNameW
SetLastError
DeleteFileA
GetCurrentProcess
FlushInstructionCache
FindResourceExW
FindResourceW
LockResource
LoadResource

user32

RegisterClassExW
SendMessageW
GetClassInfoExW
SetWindowLongW
GetWindowLongW
SetWindowTextW
IsWindow
LoadCursorW
PtInRect
SystemParametersInfoW
SendInput
GetKeyState
InvalidateRect
GetFocus
IsChild
SetFocus
ShowWindow
UnionRect
UnregisterClassA
BeginPaint
EndPaint
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
CallWindowProcW
DefWindowProcW
CreateWindowExW
DestroyWindow
KillTimer
SetTimer
ClientToScreen
GetClientRect
MoveWindow

gdi32

GetDeviceCaps
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW

ole32

CoCreateInstance
CoTaskMemAlloc
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreatePropertyFrame
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen

atl80

ord50
ord31
ord58
ord26
ord27
ord30
ord51
ord44
ord43
ord61
ord23
ord64
ord22
ord18
ord15
ord32

msvcp80

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

msvcr80

strcpy_s
_strlwr_s
_resetstkoflw
malloc
calloc
fopen
fwrite
fflush
fseek
ftell
??_V@YAXPAX@Z
memmove_s
sprintf_s
rename
fclose
memset
_time64
vsprintf_s
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
memcpy
_except_handler4_common
_purecall
_unlock
??3@YAXPAX@Z
_CxxThrowException
swprintf_s
_recalloc
__CxxFrameHandler3
wcsrchr
memcpy_s
free
_itow_s
??2@YAPAXI@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LiveStream.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6edb7aee474832e692f6388919c1639d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

68:9d:6e:84:f6:4a:85:44:7e:18:1c:d4:c5:20:f2:79:98:ee:c8:21
Signer

Actual PE Digest

68:9d:6e:84:f6:4a:85:44:7e:18:1c:d4:c5:20:f2:79:98:ee:c8:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveStream.pdb

Imports

ws2_32

closesocket
socket
accept
connect
send
WSAGetLastError
htons
listen
inet_addr
bind
ioctlsocket
select
inet_ntoa
recv

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetProcessHeap
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
FormatMessageA
GetProcAddress
LocalFree
WideCharToMultiByte
SizeofResource
lstrlenW
lstrcmpiA
FreeLibrary
RaiseException
DisableThreadLibraryCalls
DeleteCriticalSection
InterlockedIncrement
FindResourceA
LoadResource
GetModuleHandleA
LoadLibraryExA
GetLastError
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InitializeCriticalSection
IsDBCSLeadByte
CloseHandle
SetUnhandledExceptionFilter
GetTickCount
WaitForSingleObject
CreateEventA
SetEvent
CreateDirectoryA
FindFirstFileA
FindClose
Sleep
GetVersionExA
CreateThread
lstrcmpiW
GetLocalTime
GetStringTypeExW
DeleteFileA
GetPrivateProfileIntW
GetEnvironmentVariableA
CompareStringW
GetVersion
GetEnvironmentVariableW
MapViewOfFile
InterlockedExchange
UnmapViewOfFile
GetStringTypeExA
CompareStringA
CreateFileMappingA
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateMutexA

user32

GetMessageA
KillTimer
SetTimer
PostMessageA
GetWindowLongA
IsWindow
DestroyWindow
DispatchMessageA
CreateWindowExA
TranslateMessage
CharNextA
UnregisterClassA
CharUpperA
CharLowerA
CharUpperW
CharLowerW
SetWindowLongA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA

shell32

SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CLSIDFromString
StringFromCLSID
CoLoadLibrary
CoFreeLibrary

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCat
SysAllocString
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
SysAllocStringLen

msvcr80

_strnicmp
_stricmp
__CxxFrameHandler3
??3@YAXPAX@Z
strcpy
sprintf
_splitpath
??_U@YAPAXI@Z
strlen
_CxxThrowException
wcstombs
strcat
strcpy_s
strcat_s
_recalloc
_mbsnbcpy_s
_purecall
wcsncpy_s
??2@YAPAXI@Z
malloc
memset
_resetstkoflw
memcmp
memcpy_s
free
memmove_s
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
_beginthreadex
fclose
strstr
fopen
sprintf_s
_time64
_localtime64
strftime
atoi
strchr
vsprintf_s
fwrite
wcslen
swprintf_s
ftell
calloc
_strlwr_s
_mbsrchr
_vsnprintf
fflush
rename
fseek
wcscpy_s
strcmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
??_V@YAXPAX@Z

msvcp80

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?flags@ios_base@std@@QBEHXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?width@ios_base@std@@QBEHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/LiveVOD.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bf342b245435c681943d315ee184031a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:37:15:fc:f5:f9:96:ef:1c:17:c4:a4:45:68:73:18:16:e5:e1:02
Signer

Actual PE Digest

03:37:15:fc:f5:f9:96:ef:1c:17:c4:a4:45:68:73:18:16:e5:e1:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveVOD.pdb

Imports

ws2_32

htons
bind
listen
WSAStartup
WSACleanup
inet_addr
inet_ntoa
closesocket
recv
send
select
__WSAFDIsSet
accept
socket
WSAGetLastError

wininet

InternetCrackUrlA

kernel32

HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
lstrlenA
GetPrivateProfileIntW
GetLocalTime
GetProcAddress
GetFileAttributesW
OutputDebugStringW
Sleep
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetTickCount
CreateMutexW
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
HeapFree
LoadLibraryW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
SetEvent
GetModuleHandleW
CreateEventW
UnmapViewOfFile
InterlockedExchange
CreateMutexA
MapViewOfFile
CreateFileMappingA
RaiseException
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
FreeLibrary

user32

IsWindow
SetTimer
PostMessageW
DestroyWindow
UnregisterClassA
CreateWindowExA
SetWindowLongA
SetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowLongW
KillTimer

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW

ole32

CoUninitialize
CoCreateInstance
CoLoadLibrary
CoInitialize

oleaut32

LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen

atl80

ord15
ord18
ord31
ord64
ord61
ord11
ord10
ord22
ord23
ord58

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z

msvcr80

_mbschr
_purecall
strncmp
swprintf_s
strftime
strtoul
_localtime64
strrchr
strncpy_s
isalpha
_wsplitpath_s
wcscat_s
wcsrchr
wcsncpy_s
_strlwr_s
_strnicmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_crt_debugger_hook
??3@YAXPAX@Z
__CxxFrameHandler3
memset
free
_CxxThrowException
memcpy_s
_invalid_parameter_noinfo
memmove_s
calloc
_recalloc
_time64
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_vscwprintf
vswprintf_s
fclose
rename
sprintf_s
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
??_V@YAXPAX@Z
ftell
fseek
fflush
fwrite
fopen
vsprintf_s
memcpy
_vsnprintf
strcpy_s
_beginthreadex
strchr
strstr

Exports

Exports

CreateQQLiveVOD
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/MMInstaller.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4f5525660c2de1f765d7d4e916a708f5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c7:31:da:e9:60:c6:4c:8f:3d:56:f2:8c:dc:06:6e:f8:6e:d6:21:7b
Signer

Actual PE Digest

c7:31:da:e9:60:c6:4c:8f:3d:56:f2:8c:dc:06:6e:f8:6e:d6:21:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MMInstaller.pdb

Imports

kernel32

TerminateThread
WaitForSingleObject
SetEvent
CloseHandle
WideCharToMultiByte
GetProcAddress
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateEventW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
RaiseException
lstrcmpiW
GetModuleFileNameW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
SizeofResource
LoadResource
FindResourceW
GetStringTypeA
ReadFile
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
WaitForMultipleObjects
GetExitCodeProcess
lstrlenW
GetLocalTime
CreateDirectoryW
lstrlenA
MultiByteToWideChar
Sleep
GetTickCount
FindFirstFileW
GetConsoleMode
GetConsoleCP
WriteFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetTimeZoneInformation
GetLocaleInfoW
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
ExitProcess
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
HeapSize
VirtualAlloc
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetLastError
LoadLibraryA
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
FindClose
DeleteFileW
FindNextFileW
GetFileAttributesW
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GlobalAlloc
GlobalFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetProcessHeap
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

CharNextW
LoadIconW
LoadCursorW
RegisterClassW
SetTimer
KillTimer
RegisterClassExW
CreateWindowExW
PostMessageW
DefWindowProcW
IsWindow
DestroyWindow
GetWindowLongW
SetWindowLongW
UnregisterClassA

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoLoadLibrary
CoFreeLibrary
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysAllocStringByteLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringByteLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
SysStringLen

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CertFreeCertificateContext
CertRDNValueToStrW
CertFindRDNAttr
CryptDecodeObject
CertCreateCertificateContext
CryptMsgGetParam
CryptQueryObject
CertCloseStore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/MediaCtrl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1f81bd139782d99bb29d84bdf91133c2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:bf:4d:28:88:94:fd:74:99:6e:e2:3f:7e:16:9f:06:73:29:43:a4
Signer

Actual PE Digest

12:bf:4d:28:88:94:fd:74:99:6e:e2:3f:7e:16:9f:06:73:29:43:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MediaCtrl.pdb

Imports

common

?IsValid@CxImage@@QBE_NXZ
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetHeight@CxImage@@QBEKXZ
?GetWidth@CxImage@@QBEKXZ
?Load@CxImage@@QAE_NPB_WK@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@PAK_N@Z
??1CxImage@@UAE@XZ
??0CxImage@@QAE@K@Z
?Create@CxImage@@QAEPAXKKKK@Z
?GetImageRgn@CxImage@@QAE_NAAPAUHRGN__@@PAUtagRECT@@@Z
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?Record@Perf@Util@@YAJPB_WHH00@Z
?Save@CxImage@@QAE_NPB_WK@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?OnUninitCom@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?OnExitCoreCenter@Misc@Util@@YAXXZ
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??0CTXBSTR@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??BCTXStringW@@QBEPB_WXZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@XZ
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
??1CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@PB_W@Z
?Destroy@CxImage@@QAE_NXZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z

gf

?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?FreeData@Metadata@Util@@YAJAAPA_W@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?FramePoint2WindowPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z

kernel32

Sleep
OutputDebugStringW
GetFileAttributesW
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetLocaleInfoA
GetACP
InterlockedExchange
GetThreadLocale
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
SetThreadLocale
GetLastError
MoveFileW
DeleteFileW
RaiseException
MultiByteToWideChar
GetTickCount
GetLocalTime
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleFileNameW
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetVersion
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
SetLastError
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
lstrcmpiW
DeleteCriticalSection
CreateEventW
CloseHandle
WaitForSingleObject
TerminateThread
GetCurrentThreadId
InitializeCriticalSection
GetProcessHeap

user32

PtInRect
ReleaseCapture
SetCapture
GetWindowRect
GetCursorPos
ShowWindow
CopyRect
SetWindowLongW
SetWindowPlacement
SetParent
GetDesktopWindow
GetWindowPlacement
GetClientRect
CharNextW
RegisterWindowMessageW
UnregisterClassA
RegisterClassExW
LoadCursorW
GetClassInfoExW
SetWindowPos
PostQuitMessage
BringWindowToTop
GetSystemMetrics
GetAsyncKeyState
SetFocus
WindowFromPoint
GetAncestor
GetForegroundWindow
MapVirtualKeyW
GetKeyNameTextW
LoadImageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowCursor
GetKeyState
IsRectEmpty
SystemParametersInfoW
IsWindowVisible
IsZoomed
FindWindowExW
GetWindowThreadProcessId
SetRectEmpty
SetRect
CreatePopupMenu
TrackPopupMenu
AppendMenuW
DestroyMenu
SendMessageW
DrawTextW
OffsetRect
SetWindowRgn
InvalidateRect
ReleaseDC
EndPaint
BeginPaint
SetWindowTextW
ClientToScreen
UpdateWindow
FillRect
CreateWindowExW
DestroyWindow
KillTimer
SetTimer
TrackMouseEvent
MoveWindow
CallWindowProcW
FindWindowW
GetWindowLongW
DefWindowProcW
IsWindow

gdi32

CreateSolidBrush
SaveDC
GetViewportOrgEx
GetWindowOrgEx
CreateRectRgnIndirect
ExtSelectClipRgn
RestoreDC
CreateDCW
CreateCompatibleDC
SetBkColor
CreateCompatibleBitmap
DeleteDC
SetTextColor
SetBkMode
SelectObject
CreateFontIndirectW
DeleteObject

advapi32

RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW

ole32

CoCreateInstance
StringFromCLSID
CoLoadLibrary
CoTaskMemFree

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
VarUI4FromStr
SysAllocString
VariantCopy
DispCallFunc
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysFreeString
GetErrorInfo

log

?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetXPMenuState@@YAXAAHAAK@Z
?CheckUnadvise@@YAXPB_W@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?SetXPMenuState@@YAXH@Z
?IsWindowsVista@@YAHXZ
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?GetRandomNum@@YAKKK@Z
?CheckAdvise@@YAXPB_W@Z
?DOLOG@@YAXPB_WZZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z

atl80

ord30
ord58
ord11
ord42
ord32
ord48
ord15
ord18
ord22
ord64
ord31
ord10
ord23
ord61
ord43
ord47
ord44

msvcp80

?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

??3@YAXPAX@Z
memcpy_s
_CxxThrowException
_invalid_parameter_noinfo
_vscwprintf
vswprintf_s
swprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_purecall
free
??_V@YAXPAX@Z
_recalloc
memset
calloc
malloc
wcscpy_s
wcsncpy_s
_resetstkoflw
ldiv
wcsstr
wcstoul
_wcsicmp
wcschr
_wtof
_wtol
wcsncpy
_wtoi
rand
srand
_time64
wcsftime
_localtime64_s
_itow_s
?terminate@@YAXXZ
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_adjust_fdiv
_crt_debugger_hook

xgraphic32

GetCanvasHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/MediaSource.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d6045cd397df23f6f9ec56c846b24242

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7c:7c:78:0b:16:6e:4d:52:43:c2:73:ec:3e:e3:07:02:5b:84:3f:7b
Signer

Actual PE Digest

7c:7c:78:0b:16:6e:4d:52:43:c2:73:ec:3e:e3:07:02:5b:84:3f:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\MediaSource.pdb

Imports

kernel32

InitializeCriticalSection
SizeofResource
LoadLibraryExW
lstrlenA
LockResource
GetProcAddress
DeleteCriticalSection
LeaveCriticalSection
LoadResource
FindResourceExW
CreateSemaphoreW
CreateEventW
WaitForSingleObject
CloseHandle
ReleaseSemaphore
GetTickCount
GetLastError
CreateMutexW
GetACP
lstrcpynW
InterlockedIncrement
InterlockedDecrement
SetEvent
ResetEvent
FreeLibrary
GetCurrentProcess
GetCurrentThreadId
GetVersionExW
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
GetLocaleInfoA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
RaiseException
lstrlenW
Sleep
FindResourceW
MultiByteToWideChar
InterlockedExchange
GetModuleHandleW
SetThreadPriority
GetLocalTime
GetModuleFileNameW
IsBadWritePtr
WideCharToMultiByte
GetPrivateProfileIntW
EnterCriticalSection
DeleteFileA
GetThreadLocale
InterlockedCompareExchange
GetCurrentProcessId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
TerminateProcess
QueryPerformanceCounter

user32

PostMessageW
wsprintfW
SetRectEmpty
UnregisterClassA

gdi32

DeleteDC
GetDeviceCaps
CreateDCW
CreateCompatibleBitmap
GetDIBits
DeleteObject

advapi32

RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW

shell32

SHGetFolderPathW

ole32

CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysAllocString
SysAllocStringLen

fmdecoder

InitFFMPEG

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

msvcr80

_initterm
_initterm_e
_malloc_crt
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_encoded_null
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
fopen
rename
memcpy_s
vsprintf_s
??2@YAPAXI@Z
_strlwr_s
memmove_s
wcsrchr
sprintf_s
strcpy_s
_time64
swprintf_s
fclose
ftell
??_V@YAXPAX@Z
fseek
fflush
fwrite
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_CxxThrowException
_invalid_parameter_noinfo
_beginthreadex
??0exception@std@@QAE@ABQBD@Z
strstr
_strnicmp
isalpha
_purecall
memcpy
memset
__CxxFrameHandler3
_wtoi
free
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Microsoft.VC80.ATL.manifest
.xml
QQLive/Microsoft.VC80.CRT.manifest
QQLive/Microsoft.VC80.MFC.manifest
QQLive/Microsoft.VC80.MFCLOC.manifest
QQLive/MiniTips.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4cbbd530b3064fe37a65bdfb5135084e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

58:4f:fd:62:c8:59:b7:c0:22:2b:78:66:be:5b:21:68:83:ee:ef:2b
Signer

Actual PE Digest

58:4f:fd:62:c8:59:b7:c0:22:2b:78:66:be:5b:21:68:83:ee:ef:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MiniTips.pdb

Imports

common

?IsEmpty@CTXBSTR@@QAEHXZ
??ICTXBSTR@@QAEPAPA_WXZ
??0CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??0CTXBSTR@@QAE@PB_W@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z

gf

?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z

kernel32

CopyFileW
DeleteFileW
SetFileAttributesW
ResetEvent
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
GetLastError
InterlockedIncrement
GetFileAttributesW
OutputDebugStringW
lstrlenA
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
RaiseException
WideCharToMultiByte
RemoveDirectoryW
GetModuleHandleW
TerminateThread
CreateEventW
FindResourceExW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
SetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
QueryPerformanceCounter
InterlockedDecrement
GetProcAddress

user32

SystemParametersInfoW
PostMessageW
RegisterWindowMessageW
UnregisterClassW
DestroyWindow
SetWindowLongW
SetTimer
IsWindow
UnregisterClassA
GetCursorPos
PtInRect
MonitorFromRect
GetMonitorInfoW
CopyRect
GetDesktopWindow
DefWindowProcW
GetWindowLongW
CreateWindowExW
IsIconic
SetWindowPos
IsWindowVisible
OffsetRect
IsZoomed
GetWindowRect
RegisterClassW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

SysStringByteLen
VarBstrCmp
SysAllocStringByteLen
DispCallFunc
SysAllocString
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysFreeString

log

?CreateAllDirectory@@YAHPB_W@Z
?DOLOG@@YAXPB_WZZ
?CheckFileExist@@YAHPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckUnadvise@@YAXPB_W@Z
?CheckDirectoryExist@@YAHPB_W@Z
?ConvertTime@@YAI_J@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckAdvise@@YAXPB_W@Z

atl80

ord18
ord15
ord31
ord22
ord30
ord61
ord23
ord32
ord64
ord10
ord11
ord58

msvcp80

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z

urlmon

URLDownloadToCacheFileW

msvcr80

?terminate@@YAXXZ
_except_handler4_common
wcschr
fopen_s
malloc
fwrite
fclose
wcstoul
_wtoi64
_encoded_null
_unlock
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_localtime32_s
_time64
_resetstkoflw
_beginthreadex
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_vscwprintf
vswprintf_s
??0exception@std@@QAE@ABV01@@Z
memcpy
asctime_s
__dllonexit
_encode_pointer
_lock
_malloc_crt
_decode_pointer
_initterm
_onexit
srand
rand
??3@YAXPAX@Z
__CxxFrameHandler3
memcpy_s
_CxxThrowException
free
swprintf_s
memmove_s
??2@YAPAXI@Z
??_V@YAXPAX@Z
_purecall
_recalloc
calloc
memset
wcsrchr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/P2PDownload.dll
.dll regsvr32 windows:4 windows x86 arch:x86

e7ba64e626673bd60afff28322de70eb

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:27:0b:a3:dc:63:93:cb:91:a0:6e:19:8d:87:af:39:14:c1:79:b6
Signer

Actual PE Digest

12:27:0b:a3:dc:63:93:cb:91:a0:6e:19:8d:87:af:39:14:c1:79:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\P2PDownload.pdb

Imports

ws2_32

WSACleanup
inet_ntoa
gethostname
WSAStartup
ntohl
inet_addr
gethostbyname

kernel32

lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CloseHandle
WaitForSingleObject
GetCurrentThreadId
GetProcAddress
TerminateThread
CreateEventW
lstrlenA
GetModuleHandleW
DeleteCriticalSection
GetPrivateProfileIntW
GetPrivateProfileStringW
CopyFileW
DeleteFileW
SetFileAttributesW
LocalFree
FormatMessageW
GetLastError
GetTickCount
SetThreadLocale
GetThreadLocale
SetEvent
MoveFileW
ResetEvent
FreeLibrary
LoadLibraryW
RaiseException
GetACP
GetLocaleInfoA
InitializeCriticalSection
WideCharToMultiByte
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateDirectoryW
GetVersionExA
HeapDestroy
HeapAlloc
TerminateProcess
InterlockedCompareExchange
Sleep
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange

user32

CreateWindowExW
RegisterClassW
GetWindowLongW
LoadIconW
UnregisterClassA
DefWindowProcW
IsWindow
SetTimer
KillTimer
SendMessageW
PostMessageW
LoadCursorW
DestroyWindow
UnregisterClassW
SetWindowLongW

ole32

CoCreateInstance
CoFreeLibrary

oleaut32

VariantInit
SysAllocStringLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysFreeString
VariantClear

log

?DOLOG@@YAXPB_WZZ
?CreateObjectFromFile2@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?CheckFileExist@@YAHPB_W@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

atl80

ord61
ord30
ord23
ord58
ord31
ord15
ord18
ord22
ord64
ord32

msvcp80

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
_encoded_null
_unlock
?terminate@@YAXXZ
_except_handler4_common
_time64
srand
_beginthreadex
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__dllonexit
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
free
??_V@YAXPAX@Z
_purecall
_CxxThrowException
_recalloc
calloc
memset
malloc
_resetstkoflw
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
memcpy_s
strncpy_s
strcpy_s
rand
_invalid_parameter_noinfo
memmove_s
vswprintf_s
??0exception@std@@QAE@ABV01@@Z

urlmon

URLDownloadToCacheFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQHelper.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d485d3af9e2d3a07b458dfd443901d42

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:3a:51:a4:3f:16:7f:ca:df:e9:64:f4:02:80:4e:9b:2d:99:a5:d2
Signer

Actual PE Digest

05:3a:51:a4:3f:16:7f:ca:df:e9:64:f4:02:80:4e:9b:2d:99:a5:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQHelper.pdb

Imports

kernel32

FindResourceW
FindResourceExW
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
CreateProcessW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
LoadResource
GetCurrentProcess
TerminateProcess
LockResource
SizeofResource
RaiseException
CloseHandle
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
lstrlenW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetLastError
WideCharToMultiByte
UnhandledExceptionFilter

user32

CharNextW
UnregisterClassA
MessageBoxW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFileInfoW
ShellExecuteW

ole32

CoTaskMemFree
StringFromCLSID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
VariantClear
VariantChangeType
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayUnlock
SafeArrayLock
SysAllocString
SafeArrayDestroy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetVartype
VarUI4FromStr
LoadRegTypeLi
GetErrorInfo
LoadTypeLi
VariantCopy
SysAllocStringLen
SafeArrayCopy
VariantInit
SysFreeString

log

?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z

atl80

ord58
ord32
ord61
ord23
ord64
ord18
ord15
ord30
ord22
ord31

msvcp80

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

msvcr80

__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
_purecall
_crt_debugger_hook
?terminate@@YAXXZ
_wcsicmp
??3@YAXPAX@Z
malloc
free
_CxxThrowException
_vscwprintf
vswprintf_s
calloc
_recalloc
swprintf_s
memcpy_s
_resetstkoflw
__CxxFrameHandler3
??_V@YAXPAX@Z
memcpy
memset
strncpy_s
_beginthreadex
??2@YAPAXI@Z
wcscpy_s
wcsncpy_s
memmove_s
__clean_type_info_names_internal

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLive.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d42b0319cf9214195a14fb73b2782da9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6f:f5:2b:f8:8d:d4:b8:be:69:cd:d4:6b:63:01:09:05:23:5a:44:3e
Signer

Actual PE Digest

6f:f5:2b:f8:8d:d4:b8:be:69:cd:d4:6b:63:01:09:05:23:5a:44:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\P2PStream.pdb

Imports

ws2_32

inet_addr
htons
ntohl
ntohs
setsockopt
accept
connect
recv
listen
getpeername
ioctlsocket
htonl
sendto
send
gethostname
gethostbyname
inet_ntoa
WSAGetLastError
WSACleanup
WSAStartup
select
__WSAFDIsSet
socket
bind
recvfrom
closesocket

kernel32

HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TerminateProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
lstrlenA
CloseHandle
GetTickCount
DeleteFileA
GetPrivateProfileIntW
HeapFree
CreateMutexA
GetLocalTime
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
GetProcAddress
Sleep
WaitForSingleObject
CreateSemaphoreA
SetEvent
CreateEventA
TerminateThread
DisableThreadLibraryCalls
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetFileAttributesW
GetModuleFileNameW
GetModuleHandleA
ReleaseMutex
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

PostMessageA
IsWindow
SetTimer
CreateWindowExA
SetWindowLongA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
GetWindowLongA
UnregisterClassA
SendMessageA
KillTimer

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoLoadLibrary
CoFreeLibrary

oleaut32

SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VarBstrCat
SysFreeString
SysStringLen

atl80

ord18
ord22
ord64
ord49
ord23
ord61
ord15
ord32

msvcr80

??3@YAXPAX@Z
memcpy
memset
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memmove_s
_time64
malloc
free
memcpy_s
fclose
calloc
_resetstkoflw
ftell
fseek
fflush
fwrite
fopen
_localtime64_s
strrchr
rename
sprintf_s
strcpy_s
vsprintf_s
srand
rand
_purecall
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_splitpath_s
strcat_s
_wassert
_beginthreadex
strchr
strncpy_s
atoi
isdigit
strtol
clock
_beginthread
_mbsrchr
_wsplitpath_s
wcsncpy_s
wcscat_s
swprintf_s
_strlwr_s
memmove
strstr
strlen
strncpy
exit
perror
fprintf
__iob_func
fputc
fgetc
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal

msvcp80

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseCommLib

Sections

.text
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLive.exe
.exe windows:4 windows x86 arch:x86

5877745a9b846fa043a868e7fa879408

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6f:00:6b:7c:af:e3:3f:67:20:f0:1d:56:9d:42:8f:d6:9c:30:7b:64
Signer

Actual PE Digest

6f:00:6b:7c:af:e3:3f:67:20:f0:1d:56:9d:42:8f:d6:9c:30:7b:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLive.pdb

Imports

comctl32

InitCommonControlsEx

common

?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@XZ
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??1CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@XZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
?TrimRight@CTXStringW@@QAEAAV1@PB_W@Z
?RemoveFileSystem@FS@@YAHPB_W@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?InitPlatformFileSystem@Boot@Util@@YAHXZ
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
??0CTXStringW@@QAE@PA_W@Z
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
??1CTXStringW@@QAE@XZ
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
??0CTXBSTR@@QAE@PB_W@Z

gf

?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z
?ClosePopupWindows@GF@Util@@YAXXZ
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z

kernel32

GlobalDeleteAtom
GlobalAddAtomW
GetModuleFileNameW
GetProcAddress
GetFileAttributesW
OutputDebugStringW
CreateProcessW
RaiseException
GetModuleHandleW
GetTickCount
SetEnvironmentVariableW
GetEnvironmentVariableW
FreeLibrary
LoadLibraryW
lstrlenW
lstrcmpiW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
LocalFree
GetVersionExW
GetCommandLineW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
SystemTimeToFileTime
GetLocalTime
HeapFree
GetProcessHeap
HeapAlloc
FormatMessageW
GetProcessTimes
GetCurrentProcess
GetCurrentProcessId
FlushInstructionCache
SetLastError
GetSystemInfo
GetSystemTime
OpenProcess
GetCurrentThread
GlobalUnlock
CreateMutexW
GlobalAlloc
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
lstrcpynW
GetLastError
DeleteFileW
CopyFileW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
ResetEvent
SetFileAttributesW
TerminateThread
CreateEventW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetEvent
WaitForSingleObject
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReleaseMutex
lstrlenA
GetVersion
GetSystemDirectoryW
GetWindowsDirectoryW
WideCharToMultiByte
GlobalLock
MultiByteToWideChar

user32

UnregisterHotKey
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
RegisterHotKey
MessageBoxW
UnregisterClassW
DestroyWindow
SetTimer
KillTimer
CreateWindowExW
RegisterClassExW
CharNextW
PostThreadMessageW
GetPropW
SendMessageTimeoutW
GetWindow
LoadCursorW
UnregisterClassA
GetDesktopWindow
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
SetWindowPos
SystemParametersInfoW
GetSystemMetrics
GetWindowRect
IsZoomed
SetForegroundWindow
GetClassInfoExW
IsWindow
PostMessageW
RegisterClassW
MonitorFromRect
GetMonitorInfoW
GetClientRect
MapWindowPoints
FindWindowExW
GetWindowThreadProcessId
ClientToScreen
OffsetRect
SetRectEmpty
SetRect
FindWindowW
GetDoubleClickTime
GetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ShowOwnedPopups
EnumWindows
GetWindowPlacement
SetFocus
PtInRect
CopyRect
GetParent
SetPropW
PostQuitMessage
EnableWindow
LoadIconW
BringWindowToTop
SendMessageW
ShowWindow
MoveWindow
SetWindowTextW
IsWindowVisible
IsIconic

gdi32

DeleteObject

advapi32

RegCloseKey
RegQueryValueW
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyW

shell32

Shell_NotifyIconW
ShellExecuteW
CommandLineToArgvW
SHGetFileInfoW

ole32

StringFromIID
CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID
CoTaskMemFree
CoLoadLibrary

oleaut32

SysAllocStringLen
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
DispCallFunc
VariantClear
VariantInit
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
SysFreeString

atl80

ord44
ord30
ord64
ord58
ord32
ord31
ord10
ord11
ord42
ord47
ord48
ord43

msvcp80

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

log

?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?CheckFileExist@@YAHPB_W@Z
?PreTranslateMessage@CQMMouseWheelWithoutFocus@@SAHPAUtagMSG@@@Z
?GetWindowWorkArea@@YA?AUtagRECT@@PAUHWND__@@@Z
?ResizeRect@@YA?AUtagRECT@@U1@UtagSIZE@@@Z
?SetXPMenuState@@YAXH@Z
?IsWinXPOrLater@@YAHXZ
?SetDoLog@@YAXH@Z
?SetQQliveDlgHwnd@@YAXPAUHWND__@@@Z
?NavigateURL@@YAHPB_WH@Z
?CheckAllAdviseValue@@YAXXZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?FocusToTop@@YAXPAUHWND__@@@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?RegistLocalInfo@@YAHXZ
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?UnregisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?DOLOG@@YAXPB_WZZ
?RegisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?CheckUnadvise@@YAXPB_W@Z
?CheckAdvise@@YAXPB_W@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?CopyLiveUpFiles@@YAHXZ
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?IsLiveMediaExist@@YA_NXZ
?GetRandomNum@@YAKKK@Z
?LimitRect@@YA?AUtagRECT@@U1@0HH@Z

urlmon

URLDownloadToCacheFileW

msvcr80

srand
free
malloc
wcscpy_s
wcsncpy_s
_purecall
wcschr
_wtoi
_itow_s
calloc
_time64
memcpy
wcstoul
??_V@YAXPAX@Z
swscanf_s
_invalid_parameter_noinfo
_wfopen_s
tmpfile_s
_rmtmp
fclose
fgets
feof
fputs
vswprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
swprintf_s
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_recalloc
_beginthreadex
fwrite
fread
fseek
ftell
memset
_mbschr
_mbsinc
wcscat_s
_wcsicmp
wcsrchr
ldiv
wcsncmp
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_except_handler4_common
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_CxxThrowException
memcpy_s
__CxxFrameHandler3
_amsg_exit
_vscwprintf
_wcslwr_s
wcsstr
??3@YAXPAX@Z

psapi

GetProcessMemoryInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

wininet

GetUrlCacheEntryInfoW
SetUrlCacheEntryInfoW

exceptcatch

?SetExceptionCatcher@@YAXPB_WH@Z

ws2_32

inet_addr

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive/QQLive.tpc
QQLive/QQLiveCommu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6bc1fafafc04aa1a9fb5a8c29d019e60

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7a:d4:39:a9:93:53:3c:34:8d:f5:cb:26:f5:d4:c3:c4:52:63:4b:07
Signer

Actual PE Digest

7a:d4:39:a9:93:53:3c:34:8d:f5:cb:26:f5:d4:c3:c4:52:63:4b:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveCommu.pdb

Imports

log

?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?DOLOG@@YAXPB_WZZ

atl80

ord58
ord23
ord61
ord31
ord32
ord30
ord10
ord11
ord15
ord18
ord22
ord64

kernel32

lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetTickCount
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
CloseHandle
WaitForSingleObject
Sleep
GetLastError
QueryPerformanceCounter
GetFileAttributesW
OutputDebugStringW
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
RaiseException
GetModuleHandleW
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
GetSystemTimeAsFileTime

user32

KillTimer
PostMessageW
DefWindowProcW
GetWindowLongW
CreateWindowExW
RegisterClassW
UnregisterClassA
IsWindow
RegisterWindowMessageW
UnregisterClassW
DestroyWindow
SetWindowLongW
SetTimer

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoLoadLibrary
CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
VariantClear
SysStringLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString

msvcp80

?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

_except_handler4_common
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
srand
swprintf_s
memmove_s
_wtol
_vsnwprintf_s
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
??3@YAXPAX@Z
free
_CxxThrowException
_invalid_parameter_noinfo
__CxxFrameHandler3
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
_purecall
malloc
_recalloc
calloc
memset
_resetstkoflw
_beginthreadex
memcpy
_vscwprintf
vswprintf_s
memcpy_s
_lock

ws2_32

__WSAFDIsSet
select
WSACleanup
htonl
WSAStartup
ntohl
ntohs
ioctlsocket
socket
closesocket
recvfrom
sendto
inet_addr
inet_ntoa
gethostbyname
WSAGetLastError
connect
send
recv
htons

iphlpapi

GetIpForwardTable

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLiveDxDll.dll
.dll windows:4 windows x86 arch:x86

4206a0063ada7bc567e1a564a67b82a8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8f:30:64:a6:1b:77:82:e4:a8:cb:f5:a4:8a:7b:62:f2:25:c7:e7:64
Signer

Actual PE Digest

8f:30:64:a6:1b:77:82:e4:a8:cb:f5:a4:8a:7b:62:f2:25:c7:e7:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\QQLiveDxDll.pdb

Imports

winmm

timeEndPeriod
timeBeginPeriod

kernel32

lstrlenW
SizeofResource
WideCharToMultiByte
LockResource
WriteFile
GetModuleFileNameW
LoadResource
GetModuleHandleW
LoadLibraryW
lstrlenA
FindResourceExW
DeleteFileA
FreeLibrary
GetPrivateProfileIntW
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
SetEvent
GetFileAttributesW
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryExW
InterlockedExchange
CreateEventW
WaitForSingleObject
GetLastError
CreateMutexW
CloseHandle
GetSystemDirectoryA
CreateFileW
CreateThread
WaitForMultipleObjects
GetExitCodeThread
InterlockedIncrement
InterlockedDecrement
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLocalTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
RaiseException
GetVersionExW
FindResourceW
LoadLibraryExA
MultiByteToWideChar
MulDiv
QueryPerformanceCounter

user32

UnregisterClassA
GetClientRect
GetWindowDC
KillTimer
SetTimer
PostMessageW
MsgWaitForMultipleObjects
PeekMessageW
PostThreadMessageW
EqualRect
SetRectEmpty
FillRect
GetDC
MonitorFromWindow
GetDesktopWindow
GetWindowLongW
IsWindow
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowLongW
CreateWindowExW
ReleaseDC

gdi32

CreateSolidBrush
DeleteObject

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen

fmdecoder

InitFFMPEG

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr80

_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_encoded_null
_malloc_crt
__CxxFrameHandler3
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_CxxThrowException
_CIlog10
memcpy
??3@YAXPAX@Z
??_V@YAXPAX@Z
memcpy_s
sprintf_s
wcsstr
_time64
memmove_s
fclose
??2@YAPAXI@Z
wcsrchr
ftell
swprintf_s
fseek
fflush
fwrite
rename
fopen
vsprintf_s
_strlwr_s
_purecall
vswprintf_s
wcscpy_s
_beginthreadex
strcpy_s
free
memset
_unlock
__dllonexit
_encode_pointer
_initterm

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CreateDx

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLiveEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6370dc027de37d6cfa5697e52228c199

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

51:f4:00:e1:e4:9d:59:8b:34:d8:e2:b5:5c:90:ae:5b:7c:b6:86:25
Signer

Actual PE Digest

51:f4:00:e1:e4:9d:59:8b:34:d8:e2:b5:5c:90:ae:5b:7c:b6:86:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveEx.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
RaiseException
WritePrivateProfileStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
lstrlenA
GetProcAddress
MultiByteToWideChar
CreateDirectoryA
GetLastError
GetModuleFileNameA
Sleep
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime

user32

UnregisterClassA

shell32

SHGetSpecialFolderPathA

ole32

CoLoadLibrary
CoFreeLibrary
CoCreateInstance

atl80

ord61
ord23
ord32
ord49
ord64
ord22
ord18
ord15

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

msvcr80

??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
atoi
_itoa
malloc
free
_resetstkoflw
_purecall
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_invalid_parameter_noinfo
sprintf_s
memset
__CxxFrameHandler3
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseCommLib

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLiveHooks.dll
.dll windows:4 windows x86 arch:x86

918bd412b5c4d08260936fe619f7c938

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

de:c6:65:c7:80:8b:41:6c:0e:4b:72:d9:78:ed:45:9c:dc:8f:cc:2c
Signer

Actual PE Digest

de:c6:65:c7:80:8b:41:6c:0e:4b:72:d9:78:ed:45:9c:dc:8f:cc:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveHooks.pdb

Imports

mfc80

ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord5213
ord1187
ord1191
ord5566
ord3830
ord372
ord6754
ord765
ord315
ord1084
ord1037
ord1092
ord1206
ord1208
ord1098
ord371
ord1917
ord1167
ord1120
ord1201
ord764
ord1175
ord1177
ord314
ord1209
ord581
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord3683
ord745
ord557
ord3934
ord4109
ord297
ord1486
ord300
ord781
ord785
ord5715
ord1185
ord6006
ord6118
ord6703
ord299
ord876
ord1489
ord310
ord2322
ord6174
ord6180
ord2902
ord2451
ord5491
ord2271
ord304
ord2272
ord578
ord757

msvcr80

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
memset
__CxxFrameHandler3
strstr
malloc
free
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
wcscpy_s
calloc
_recalloc
_resetstkoflw
wcslen
??2@YAPAXI@Z
_unlock
_initterm_e
_initterm
_encoded_null
_malloc_crt
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
?terminate@@YAXXZ

kernel32

UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
LocalAlloc
LocalFree
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
CompareStringW
CompareStringA
lstrlenW
MultiByteToWideChar
InterlockedExchange
GetFileAttributesExW
GetFileAttributesExA
SetUnhandledExceptionFilter
GetFileType
GetVersionExA
GetVersion
GetSystemInfo
GetCurrentProcessId
lstrcmpiA
VirtualProtect
GetCurrentProcess
WriteProcessMemory
GetLastError
VirtualQuery
GetProcAddress
GetModuleHandleA
Module32Next
Module32First
CreateToolhelp32Snapshot
CloseHandle
GetCurrentThreadId
GetSystemTimeAsFileTime
IsDebuggerPresent
QueryPerformanceCounter
WideCharToMultiByte
GetThreadLocale
GetACP
GetLocaleInfoA
GetTickCount

user32

CharUpperW
CharLowerA
CharLowerW
CharUpperA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoTaskMemFree
StringFromCLSID

oleaut32

SysFreeString

imagehlp

ImageDirectoryEntryToData

Exports

Exports

InstallHook
SetFileList
SetFlag
UninstallHook

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/QQLiveOneClick.exe
.exe windows:4 windows x86 arch:x86

53c88570b5548132a8dfcd74f8dc75fe

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:13:83:da:49:97:56:02:c4:8e:a0:3d:dd:ca:77:4b:b5:50:f2:a6
Signer

Actual PE Digest

04:13:83:da:49:97:56:02:c4:8e:a0:3d:dd:ca:77:4b:b5:50:f2:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQliveOneClick.pdb

Imports

kernel32

SizeofResource
WritePrivateProfileStringW
LockResource
GetPrivateProfileStringW
LoadResource
GetVersionExW
FindResourceExW
WaitForSingleObject
GetExitCodeProcess
CreateDirectoryW
GetLastError
GetFileAttributesW
SetFileAttributesW
GetDriveTypeW
GetDiskFreeSpaceExW
FindResourceW
DeviceIoControl
GetModuleFileNameW
OutputDebugStringW
GetProcAddress
Sleep
GetSystemDirectoryW
WinExec
lstrlenW
WideCharToMultiByte
GetLogicalDrives
FindFirstFileW
DeleteFileW
GetTickCount
CreateFileW
CloseHandle
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetThreadLocale
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetLocaleInfoA

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
CoLoadLibrary

oleaut32

SysAllocString
SysFreeString

shlwapi

PathAppendW

msvcr80

_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
__winitenv
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
memset
_wcsicmp
_wtoi
calloc
_except_handler4_common
_recalloc
free
??_U@YAPAXI@Z
memmove_s
_vscwprintf
vswprintf_s
swprintf_s
wcsncpy_s
memcpy_s
wcscat_s
rand
srand
??_V@YAXPAX@Z
??3@YAXPAX@Z
__CxxFrameHandler3
_CxxThrowException

msvcp80

?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

user32

UnregisterClassA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive/QQLiveUp.exe
.exe windows:4 windows x86 arch:x86

7483a43b6b0e676f1a5cf19d0f91467d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

84:3e:db:9d:2e:ec:70:2a:83:94:8d:16:13:88:da:c4:12:bc:e7:3c
Signer

Actual PE Digest

84:3e:db:9d:2e:ec:70:2a:83:94:8d:16:13:88:da:c4:12:bc:e7:3c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveUp.pdb

Imports

httpdownload

??1CHttpDownloadUIInterface@@UAE@XZ
?OnConnecting@CHttpDownloadUIInterface@@UAEXPB_W@Z
?OnConnected@CHttpDownloadUIInterface@@UAEXXZ
?SetUIInterface@CHttpDownload@@QAEXPAVCHttpDownloadUIInterface@@@Z
?GetRawResponseHeader@CHttpDownload@@QAEHAAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@@Z
?OnProgress@CHttpDownloadUIInterface@@UAEXKK@Z
?Download@CHttpDownload@@QAEIPB_W0PAU_SYSTEMTIME@@@Z
?OnRedirected@CHttpDownloadUIInterface@@UAEXPB_W@Z
??1CHttpDownload@@UAE@XZ
??0CHttpDownload@@QAE@XZ
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAK@Z
?QueryInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@AAV23@H@Z
??_7CHttpDownloadUIInterface@@6B@
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?OnDownloadStart@CHttpDownloadUIInterface@@UAEXKK@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z

log

?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?DOLOG@@YAXPB_WZZ
?CopyLiveUpFiles@@YAHXZ
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?CheckUnadvise@@YAXPB_W@Z
?CreateStandardFont@@YAXAAPAUHFONT__@@@Z
?CheckAdvise@@YAXPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

mfc80u

ord1118
ord5231
ord5956
ord1591
ord4276
ord4716
ord3397
ord2311
ord1271
ord1925
ord4255
ord4480
ord5210
ord3943
ord4179
ord2985
ord2638
ord6271
ord4101
ord1479
ord899
ord896
ord776
ord774
ord284
ord283
ord762
ord280
ord5398
ord2460
ord265
ord6700
ord2121
ord266
ord860
ord282
ord4562
ord3942
ord5222
ord1178
ord5220
ord5971
ord1908
ord2925
ord1911
ord3826
ord2011
ord5378
ord6215
ord5096
ord1176
ord1007
ord5229
ord5579
ord2009
ord2054
ord4320
ord2239
ord6274
ord3795
ord6272
ord4008
ord4032
ord4535
ord3677
ord1123
ord1139
ord566
ord757
ord1121
ord3824
ord1049
ord334
ord593
ord5113
ord3327
ord1182
ord4475
ord2832
ord5562
ord5209
ord5226
ord2260
ord587
ord5485
ord3842
ord1058
ord3176
ord3189
ord4256
ord5199
ord4238
ord1392
ord1785
ord5908
ord6720
ord1542
ord4743
ord1661
ord314
ord1662
ord1067
ord4884
ord3635
ord6751
ord4729
ord620
ord4206
ord1634
ord5178
ord1572
ord4574
ord3286
ord2365
ord4347
ord1894
ord267
ord715
ord2077
ord1536
ord6063
ord4226
ord6086
ord3158
ord2155
ord4026
ord1386
ord2648
ord3990
ord4314
ord354
ord501
ord5558
ord605
ord709
ord2361
ord920
ord925
ord929
ord927
ord931
ord2384
ord2404
ord577
ord2388
ord2394
ord2392
ord2390
ord2407
ord2402
ord2386
ord2409
ord293
ord2397
ord2379
ord2381
ord2399
ord2169
ord2163
ord1513
ord6273
ord3796
ord6275
ord3339
ord4961
ord1353
ord5171
ord1955
ord1647
ord1646
ord1590
ord5196
ord3198
ord741
ord2086
ord2531
ord1582
ord2725
ord1079
ord6721
ord2829
ord572
ord5911
ord4301
ord1611
ord2708
ord1608
ord2856
ord3940
ord2534
ord1393
ord2640
ord4234
ord2527
ord3311
ord5148
ord3712
ord3204
ord1899
ord3713
ord5067
ord3703
ord764
ord1198
ord3800

msvcr80

_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
__CxxFrameHandler3
wcsncmp
wcschr
memset
wcsncpy
fwrite
fseek
wcstol
ftell
memmove
fclose
__p__commode
_vswprintf
__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
wprintf_s
rand
vswprintf_s
_vscwprintf
_time64
memcpy_s
malloc
wcsncpy_s
wcscat_s
free
_recalloc
_lock
_onexit
_decode_pointer
_except_handler4_common
wcscpy_s
fread
_invoke_watson
_controlfp_s
memcpy
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_wfopen

kernel32

MultiByteToWideChar
GetVersionExW
GetPrivateProfileStringW
WideCharToMultiByte
WritePrivateProfileStringW
LocalFree
OutputDebugStringW
GetFileAttributesW
GetProcAddress
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLastError
FormatMessageW
LoadLibraryExW
DeleteCriticalSection
RaiseException
lstrlenW
FindResourceW
CreateMutexW
FreeLibrary
GetCommandLineW
SizeofResource
lstrcmpiW
LoadResource
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
DeleteFileW
GetPrivateProfileIntW
GetACP
GetLocaleInfoA
CreateProcessW

user32

MessageBoxW
CharNextW
EnableWindow
SendMessageW
PostMessageW
UnregisterClassA
SetForegroundWindow
GetDC
IsIconic
FindWindowW
ShowOwnedPopups
GetSystemMetrics
ReleaseDC
AppendMenuW
GetSystemMenu
DrawIcon
ShowScrollBar
LoadIconW
GetClientRect

gdi32

GetTextMetricsW
CreateSolidBrush

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW

shell32

ShellExecuteW
CommandLineToArgvW
Shell_NotifyIconW

comctl32

InitCommonControlsEx

shlwapi

StrCmpW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoRegisterClassObject
CoTaskMemRealloc
StringFromGUID2
CoLoadLibrary
CoRevokeClassObject

oleaut32

LoadRegTypeLi
DispCallFunc
VariantClear
VariantInit
RegisterTypeLi
SysAllocString
LoadTypeLi
VarUI4FromStr
SysStringLen
SysFreeString
UnRegisterTypeLi

msvcp80

?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z

wintrust

WinVerifyTrust

crypt32

CryptQueryObject
CryptMsgGetParam
CertCreateCertificateContext
CryptDecodeObject
CertFindRDNAttr
CertCloseStore
CryptMsgClose
CertFreeCertificateContext
CertRDNValueToStrW

ws2_32

htonl
ntohl

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive/SetupShell.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9911902a51c84b0e656a1944172e5ab4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

99:65:e8:98:1b:9e:67:67:b4:5c:e6:19:cf:fb:0b:d3:79:6a:54:5c
Signer

Actual PE Digest

99:65:e8:98:1b:9e:67:67:b4:5c:e6:19:cf:fb:0b:d3:79:6a:54:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\SetupShell.pdb

Imports

common

??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z

gf

?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z

kernel32

CreateFileW
GetDiskFreeSpaceExW
GetLogicalDrives
WritePrivateProfileStringW
GetPrivateProfileIntW
DeleteFileW
GetTickCount
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
lstrlenA
FindResourceW
InterlockedDecrement
GetPrivateProfileStructW
WritePrivateProfileStructW
lstrlenW
GetModuleFileNameW
SetThreadLocale
GetThreadLocale
RaiseException
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
OpenProcess
GetVersion
GetProcAddress
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
DeviceIoControl
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
FindFirstFileW
GetDriveTypeW
CreateDirectoryW
GetLastError
GetFileAttributesW
SetFileAttributesW
WaitForSingleObject
GetExitCodeProcess
GetVersionExW
CloseHandle
GetCurrentThreadId
FindResourceExW
InterlockedIncrement

user32

GetWindowRect
SetRectEmpty
SetRect
GetParent
GetDesktopWindow
SystemParametersInfoW
IsIconic
IsWindowVisible
IsZoomed
SetWindowLongW
GetWindowLongW
SetWindowPos
IsWindow
FindWindowW
FindWindowExW
GetWindowThreadProcessId
SendMessageW
ClientToScreen
OffsetRect
UnregisterClassA

advapi32

RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW

shell32

ShellExecuteExW
SHGetMalloc
SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

DispCallFunc
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
VarBstrCmp

log

?CheckAdvise@@YAXPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?IsWindowsVista@@YAHXZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ

atl80

ord31
ord58
ord15
ord61
ord23
ord32
ord18
ord22
ord64
ord10
ord30

shlwapi

PathAppendW

msvcp80

?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

msvcr80

srand
rand
__CxxFrameHandler3
_resetstkoflw
malloc
_wfopen_s
fseek
ftell
fread
fclose
_decode_pointer
_invalid_parameter_noinfo
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
fwrite
_purecall
free
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
calloc
??2@YAPAXI@Z
_wtoi
_wcsicmp
wcsstr
wcstoul
ldiv
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_onexit
_malloc_crt
_lock
??3@YAXPAX@Z
memset
swprintf_s
wcscat_s
memcpy_s
_CxxThrowException
vswprintf_s
_vscwprintf
memmove_s
??_V@YAXPAX@Z
_recalloc
wcsncpy_s
??0exception@std@@QAE@ABV01@@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Skin.rdb
QQLive/Statistic.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5f54cda1c457da653cda193734816209

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f7:2f:6e:bd:69:cf:fa:20:de:2e:39:39:15:e7:78:a2:f1:d6:d0:bd
Signer

Actual PE Digest

f7:2f:6e:bd:69:cf:fa:20:de:2e:39:39:15:e7:78:a2:f1:d6:d0:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Statistic.pdb

Imports

mfc80u

ord3824
ord2239
ord1043
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord765
ord315
ord1079
ord1033
ord1087
ord1197
ord1199
ord1093
ord371
ord1162
ord1115
ord1192
ord1168
ord1170
ord1200
ord581
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord566
ord764
ord3677
ord2311
ord1236
ord283
ord421
ord5105
ord1434
ord655
ord5489
ord2697
ord2696
ord3195
ord380
ord293
ord776
ord899
ord870
ord577
ord265
ord1908
ord266
ord314
ord762
ord267
ord6751
ord1182
ord1178
ord1176
ord757

msvcr80

??0exception@std@@QAE@ABV01@@Z
calloc
_recalloc
memmove_s
_purecall
memcpy
_decode_pointer
_onexit
_lock
_CxxThrowException
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
_wrename
swprintf_s
_fileno
fread
_ultow_s
_invalid_parameter_noinfo
memset
free
vswprintf_s
_vscwprintf
memcpy_s
_time32
__CxxFrameHandler3
??0exception@std@@QAE@XZ
_malloc_crt
__clean_type_info_names_internal
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_encode_pointer
_beginthreadex
_itow_s
_fstat32
fclose
fwrite
fopen_s
_wtol

kernel32

WideCharToMultiByte
WaitForSingleObject
TerminateThread
CloseHandle
GetPrivateProfileIntW
OutputDebugStringW
GetFileAttributesW
GetProcAddress
InterlockedDecrement
DeleteFileW
GetTickCount
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetCurrentProcessId
GetSystemTimeAsFileTime
CopyFileW
MultiByteToWideChar
GlobalMemoryStatus
GetDiskFreeSpaceExW
GetVersionExW
SetThreadLocale
GetThreadLocale
RaiseException
LocalFree
LocalAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
InterlockedIncrement
GetLastError
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId

user32

GetSystemMetrics
UnregisterClassA

gdi32

GetDeviceCaps
DeleteDC
CreateDCW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoLoadLibrary

oleaut32

LoadTypeLi
SysStringByteLen
VariantCopy
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
SysAllocString
DispCallFunc
LoadRegTypeLi
SysAllocStringByteLen

atl80

ord32
ord61
ord23
ord15
ord30
ord11
ord10
ord58
ord18
ord22
ord31
ord64

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

log

?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?DOLOG@@YAXPB_WZZ
?CheckUnadvise@@YAXPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?GetUserGuid@@YAXPADAAH@Z
?CheckAdvise@@YAXPB_W@Z
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ

ws2_32

htons
htonl

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/StreamIO.dll
.dll windows:4 windows x86 arch:x86

c9017928733bc5e5430dd808156974b4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a5:2a:1e:ba:99:6d:76:e1:63:3e:bf:9f:d9:73:45:63:53:eb:52:13
Signer

Actual PE Digest

a5:2a:1e:ba:99:6d:76:e1:63:3e:bf:9f:d9:73:45:63:53:eb:52:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\StreamIO.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
SetFilePointer
MapViewOfFile
CreateMutexA
WaitForSingleObject
UnmapViewOfFile
DeleteFileA
GetPrivateProfileIntW
MultiByteToWideChar
CreateMutexW
WideCharToMultiByte
lstrlenW
FindResourceW
lstrlenA
SizeofResource
DeleteCriticalSection
GetModuleFileNameW
LockResource
LoadResource
GetLocalTime
FindResourceExW
CreateEventW
InterlockedExchange
GetModuleHandleW
CloseHandle
GetTickCount
CreateFileA
GetFileSize
GetLastError
ReadFile
CreateFileMappingA
InitializeCriticalSection
InterlockedDecrement
GetFileAttributesA
InterlockedIncrement
TerminateProcess
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetCurrentProcess

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetFolderPathW

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

rename
_time64
wcsrchr
fclose
sprintf_s
swprintf_s
strrchr
memcpy_s
strcpy_s
ftell
_vsnprintf
fseek
_strlwr_s
fflush
fwrite
free
memset
_unlock
vsprintf_s
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_purecall
??3@YAXPAX@Z
fopen
memmove_s
??_V@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
__dllonexit
_invalid_parameter_noinfo
_CxxThrowException
__CxxFrameHandler3
??2@YAPAXI@Z
memcpy

user32

UnregisterClassA

Exports

Exports

CreateIOManager
CreateStreamIO

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/SysData/ADPlayer.swf
QQLive/SysData/HomePage.swf
QQLive/SysData/Loading.html
.html
QQLive/SysData/Loading.swf
QQLive/SysData/LocalConnectCmd.swf
QQLive/SysData/Report.exe
.exe windows:4 windows x86 arch:x86

6fbdb0e12f5f8df9632b5384927db790

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:03:13:a2:9e:82:a4:ae:db:e4:b2:91:93:b0:8d:7b:64:13:e9:91
Signer

Actual PE Digest

3a:03:13:a2:9e:82:a4:ae:db:e4:b2:91:93:b0:8d:7b:64:13:e9:91

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpOpenRequestA
InternetOpenA
HttpSendRequestA
InternetCloseHandle
InternetSetOptionA
HttpQueryInfoA
InternetErrorDlg
InternetConnectA
InternetQueryOptionA

mfc42

ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord5307
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord5302
ord4698
ord6215
ord2086
ord2864
ord823
ord1247
ord2621
ord1134
ord2725
ord4079
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord825
ord815
ord5265
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord2727
ord5280
ord2730
ord2729
ord4003
ord1146
ord1168
ord800
ord4160
ord540
ord2863
ord2379
ord755
ord470
ord537
ord2614
ord860
ord2818
ord3258
ord1265
ord2233
ord5572
ord2915
ord1799
ord3353
ord654
ord772
ord610
ord801
ord614
ord341
ord3798
ord4837
ord541
ord290
ord6467
ord5300
ord5603
ord5606
ord5602
ord5608
ord535
ord5858
ord5860
ord6883
ord5857
ord5861
ord939
ord6140
ord6142
ord6139
ord6143
ord3981
ord3986
ord6781
ord3979
ord4226
ord446
ord743
ord3127
ord3616
ord5651
ord3126
ord3613
ord3663
ord350
ord354
ord4129
ord6662
ord5450
ord6394
ord5440
ord6383
ord3346
ord2393
ord941
ord940
ord2763
ord6648
ord1949
ord6055
ord1776
ord5290
ord818
ord567
ord4275
ord1114
ord1113
ord6442
ord1233
ord5431
ord3348
ord4351
ord2989
ord619
ord2625
ord297
ord2033
ord3780
ord2077
ord5809
ord2988
ord4021
ord5480
ord2029
ord1228
ord1639
ord1638
ord3742
ord5810
ord5481
ord2031
ord4863
ord5796
ord5478
ord966
ord3570
ord605
ord278
ord4335
ord4411
ord4447
ord4919
ord4975
ord1971
ord1670
ord349
ord2449
ord924
ord926
ord922
ord923
ord4277
ord2764
ord6282
ord2784
ord4204
ord3500
ord1200
ord2152
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord858
ord538
ord500
ord287
ord3579
ord1576

msvcrt

_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
__dllonexit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp
strncpy
strcpy
atol
_CxxThrowException
_beginthreadex
memcmp
atoi
memmove
sprintf
memset
strlen
_mbscmp
memcpy
__p___argc
__p___argv
__CxxFrameHandler
strstr
_setmbcp

kernel32

MultiByteToWideChar
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
DeleteFileA
GetTempFileNameA
GetTempPathA
WideCharToMultiByte
lstrlenW
GlobalFree
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
GetLastError
WaitForSingleObject
InitializeCriticalSection
lstrlenA
CreateDirectoryA
DeleteCriticalSection
FreeLibrary

user32

LoadIconA
GetClientRect
GetSystemMetrics
GetDesktopWindow
IsIconic
SendMessageA
AppendMenuA
GetSystemMenu
DrawIcon
EnableWindow
KillTimer
PostQuitMessage
PostMessageA
IsWindow
SetTimer

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoTaskMemAlloc
StgOpenStorage
CoCreateGuid
StgCreateDocfile
CoTaskMemFree

wsock32

ntohs
WSAGetLastError
getsockopt
inet_ntoa
inet_addr
gethostbyname
gethostname
htonl
ntohl
ioctlsocket
setsockopt
listen
htons

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive/SysData/VideoLoading.swf
QQLive/SysData/WebSkin/InVideo.swf
QQLive/SysData/WebSkin/MiniCtrlBar.swf
QQLive/SysData/WebSkin/MiniWebCtrlBar.swf
QQLive/SysData/WebSkin/WebCtrlBar.swf
QQLive/SysData/WebSkin/bbweb.xml
.xml
QQLive/SysData/WebSkin/default.xml
.xml
QQLive/SysData/WebSkin/loading.swf
QQLive/SysData/WebSkin/logo.swf
QQLive/SysData/WebSkin/minibbweb.xml
.xml
QQLive/SysData/WebSkin/play_hover.png
.png
QQLive/SysData/WebSkin/play_normal.png
.png
QQLive/SysData/cacherecord.html
.js
QQLive/SysData/cacherecord_bigportal.html
.html .js polyglot
QQLive/SysData/error_bg.png
.png
QQLive/SysData/img/buffer_bg.png
.png
QQLive/SysData/img/sp.png
.png
QQLive/SysData/img/sprite.png
.png
QQLive/SysData/loading_prompt.gif
.gif
QQLive/SysData/origin.swf
QQLive/SysData/programinfo_err.html
.js
QQLive/SysData/recommendedPage.swf
QQLive/SysData/tips.swf
QQLive/TNProxy.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3e1312f81e1880a7089194f148e0d58e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:55:f9:95:e6:cd:a7:e4:0d:b8:62:9e:5a:f1:5e:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

26-02-2007 00:00

Not After

26-02-2008 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Shenzhen R&D Center,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:40:e0:b2:03:2a:9d:8a:a2:ea:27:80:4e:77:3c:8f:ab:8c:9a:ef
Signer

Actual PE Digest

5a:40:e0:b2:03:2a:9d:8a:a2:ea:27:80:4e:77:3c:8f:ab:8c:9a:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryA
InterlockedIncrement
GetProcAddress
FreeLibrary
GetTickCount
CloseHandle
Sleep
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue

ws2_32

htonl
sendto
connect
htons
ntohs
ntohl
gethostbyname
WSAStartup
WSACleanup
select
closesocket
ioctlsocket
setsockopt
socket
bind
recvfrom
recv
send
getpeername
listen
accept
inet_ntoa
__WSAFDIsSet
WSAGetLastError
gethostname
inet_addr

msvcrt

_adjust_fdiv
_onexit
malloc
_initterm
__dllonexit
_CxxThrowException
??1type_info@@UAE@XZ
strcmp
memmove
isdigit
fgetc
_ftol
atoi
strncpy
strstr
free
calloc
memset
rand
srand
strcpy
memcpy
_beginthreadex
strlen
time
_iob
fputc
sprintf
printf
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

msvcp60

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??1?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??1_Winit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetGetConnectedState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/TXSSO/I18N/2052/PGFStringBundle.xml
.xml
QQLive/TXSSO/I18N/2052/SSOStringBundle.xml
.xml
QQLive/TXSSO/I18N/SSOConfig.xml
.xml
QQLive/TXSSO/InstTXSSOHelper.dll
.dll windows:4 windows x86 arch:x86

7300c288a62aa77b3e11d1bb9ccde7b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\basebuilder_hummerplatformProj_int\Basic_HummerPlatform_VOB\Platform\SSOPlatform\TXSSO\output\bin\InstTXSSOHelper.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetLongPathNameW
LoadLibraryA
OpenProcess
InterlockedIncrement
CreateToolhelp32Snapshot
Process32FirstW
InterlockedDecrement
Module32FirstW
Module32NextW
Process32NextW
GetFileAttributesW
CloseHandle
lstrlenA
MoveFileExW
lstrcmpiW
GetProcAddress
FreeLibrary
DebugBreak
GetVersionExW
CreateFileW
OutputDebugStringW
GetConsoleOutputCP
GetCurrentProcessId
VirtualAlloc
GetModuleHandleW
VirtualFree
DuplicateHandle
GetCurrentProcess
WaitForSingleObject
GetLastError
LoadLibraryW
MultiByteToWideChar
QueryDosDeviceW
TerminateThread
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
SetFilePointer
WriteConsoleW
CreateFileA
lstrlenW
HeapFree
ReadFile
InitializeCriticalSection
RtlUnwind
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
ResumeThread
CreateThread
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
ExitProcess
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
QueryPerformanceCounter
GetTickCount
HeapSize
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
WriteFile
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA

user32

CharNextW
wvsprintfW
LoadStringW
GetWindowTextW
GetWindowThreadProcessId
GetWindowLongW
EnumWindows
UnregisterClassA

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

shlwapi

PathFileExistsW

Exports

Exports

CheckModuleExist
CheckTXSSOModuleExist
FreeTXSSOModuleExistResult
QueryTXSSOModuleExistInfo
QueryTXSSOModuleExistInfo_IEFilter

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/TXSSO/InstTXSSO_LUI.exe
.exe windows:4 windows x86 arch:x86

b43ad91db2689030bab9ee598cc64c53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\Hummer\basebuilder_hummerplatformProj_int\Basic_HummerPlatform_VOB\Platform\SSOPlatform\TXSSO\output\bin\InstTXSSO_LUI.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

InterlockedDecrement
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetFilePointer
SetEndOfFile
CloseHandle
GetFileAttributesW
GetFullPathNameW
DeleteFileW
MoveFileW
CopyFileW
GetLastError
MoveFileExW
FindResourceW
CreateProcessW
WaitForSingleObject
GetDriveTypeW
FindFirstFileW
FindNextFileW
FindClose
SizeofResource
LockResource
LoadResource
FindResourceExW
CreateDirectoryW
CreateFileW
WriteFile
GetFileSize
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
GetProcAddress
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
GetLocaleInfoA
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
WideCharToMultiByte
GetTimeZoneInformation
GetStdHandle
GetModuleFileNameA
LoadLibraryA
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
Sleep
VirtualAlloc
RtlUnwind
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA

user32

GetDesktopWindow
UnregisterClassA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive/TXSSO/bin/SSOCommon.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3211a8c05bbc30c688421aa2ff2ae7c3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

24:3a:3f:57:ba:96:38:8e:68:47:04:e4:ee:b1:59:9e:e1:55:1e:29
Signer

Actual PE Digest

24:3a:3f:57:ba:96:38:8e:68:47:04:e4:ee:b1:59:9e:e1:55:1e:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\basebuilder_hummerplatformProj_int\Basic_HummerPlatform_VOB\Platform\SSOPlatform\TXSSO\output\bin\SSOCommon.pdb

Imports

ws2_32

__WSAFDIsSet
WSAAsyncSelect
WSAGetLastError
closesocket
ioctlsocket
recv
select
WSAStartup
inet_ntoa
WSACleanup
inet_addr
gethostname
gethostbyname
send
WSAAsyncGetHostByName
WSACancelAsyncRequest
getservbyport
gethostbyaddr
getservbyname
accept
socket
WSASetLastError
sendto
recvfrom
connect
listen
getsockopt
setsockopt
getsockname
getpeername
bind

wininet

InternetSetCookieW
HttpQueryInfoW
InternetSetOptionW
HttpSendRequestW
InternetGetCookieW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetQueryOptionW
InternetCanonicalizeUrlW
HttpOpenRequestW
InternetErrorDlg
InternetCrackUrlW

winmm

timeGetTime

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

iphlpapi

GetIpForwardTable
GetIpAddrTable

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetVersionExA
IsDebuggerPresent
RtlUnwind
GetLocaleInfoA
InterlockedExchange
HeapReAlloc
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
OutputDebugStringA
CreateDirectoryW
GetFileAttributesW
GetFileType
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetTempPathW
CloseHandle
SetFilePointer
ReadFile
CreateFileW
WriteFile
GetFileSize
GetCommandLineW
GetDiskFreeSpaceW
GetProcAddress
LoadLibraryW
GetFullPathNameW
lstrcmpW
SetEndOfFile
GetFileSizeEx
CopyFileW
MoveFileExW
WideCharToMultiByte
IsBadReadPtr
GetACP
HeapSize
GetVersion
GetCurrentProcess
GetCurrentProcessId
OpenProcess
lstrcpynW
LoadLibraryA
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
SetProcessWorkingSetSize
MoveFileW
Sleep
GetSystemTimeAsFileTime
GetProcessTimes
GetModuleHandleA
GetPrivateProfileStringA
GetFileAttributesA
GetModuleFileNameA
VirtualQuery
QueryPerformanceFrequency
SetProcessAffinityMask
GetProcessAffinityMask
GetLocaleInfoW
GetUserDefaultLCID
GetSystemDefaultLCID
IsValidLocale
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetUserDefaultLangID
SetLocaleInfoW
GetDateFormatW
GetTimeFormatW
GetCalendarInfoW
GetCurrencyFormatW
GetNumberFormatW
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapCompact
GetVolumeInformationW
GetDriveTypeW
CreateProcessW
CreatePipe
DuplicateHandle
GetStdHandle
LockResource
lstrcmpiA
FindResourceExW
FormatMessageW
GlobalFree
SetLastError
LocalFree
WaitForSingleObject
GetSystemDirectoryA
SetEvent
SetThreadPriority
ResetEvent
TerminateThread
WaitForMultipleObjects
CreateEventW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
ExitThread
ResumeThread
CreateThread
ExitProcess
GetCommandLineA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetOEMCP
IsValidCodePage
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetCPInfoExW
DeviceIoControl

user32

SendMessageW
KillTimer
SetTimer
CharNextA
CharUpperA
CharLowerA
PostMessageW
CharLowerW
ReleaseDC
GetDC
DestroyWindow
GetDesktopWindow
DrawTextW
RegisterClassExW
CharUpperW
SetWindowLongW
CreateWindowExW
ShowWindow
DefWindowProcW
OpenInputDesktop
GetUserObjectInformationW
GetThreadDesktop
CloseDesktop
UnregisterClassA
IsWindow
IsWindowVisible
GetClassNameW
GetGUIThreadInfo
GetWindowLongW
GetParent
GetWindowRect
GetWindowTextW
SystemParametersInfoW
FindWindowW
GetWindowThreadProcessId
CharNextW
GetIconInfo
GetClassInfoExW
GetSystemMetrics

gdi32

CreateDIBSection
DeleteDC
CreateRectRgn
GetStockObject
ExtCreateRegion
GetDIBits
RealizePalette
SelectObject
GetObjectW
StretchBlt
BitBlt
SetBkColor
CreateBitmap
CreateCompatibleBitmap
RectVisible
StretchDIBits
SetStretchBltMode
SetBkMode
SetTextColor
CreateFontIndirectW
ExtTextOutW
SetDIBitsToDevice
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CreateDIBitmap
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
DuplicateTokenEx
RegQueryValueExW

shell32

ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoCreateGuid
CoFreeLibrary
CoLoadLibrary
CLSIDFromString
CoGetMalloc

oleaut32

VariantChangeType
SysReAllocStringLen
SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VarDateFromStr
VarBstrCmp
VectorFromBstr
BstrFromVector
SysStringByteLen
SysAllocStringByteLen
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
LoadRegTypeLi

shlwapi

StrCmpW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
WTHelperGetProvSignerFromChain
CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle
WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

netapi32

Netbios

rasapi32

RasGetProjectionInfoW
RasEnumConnectionsW

Exports

Exports

??0CCmdCodecBase@@QAE@XZ
??0CExpatDataCompat@@QAE@XZ
??0CExpatFileReader@@QAE@XZ
??0CExpatMemReader@@QAE@XZ
??0CFmtString@@QAE@XZ
??0CMACReader@@QAE@XZ
??0CScopeToggler@@QAE@PA_N_N@Z
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??0CTXBSTR@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??0CTXBSTR@@QAE@H@Z
??0CTXBSTR@@QAE@HPB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
??0CTXCommPack@@QAE@ABV0@@Z
??0CTXCommPack@@QAE@XZ
??0CTXCriticalSection@@QAE@ABV0@@Z
??0CTXCriticalSection@@QAE@XZ
??0CTXHttpDownload@@QAE@XZ
??0CTXHttpDownloadSink@@IAE@XZ
??0CTXHttpDownloadSink@@QAE@ABV0@@Z
??0CTXHttpUpload@@QAE@XZ
??0CTXHttpUploadBuffer@@QAE@XZ
??0CTXHttpUploadStandard@@QAE@XZ
??0CTXStringA@@QAE@ABV0@@Z
??0CTXStringA@@QAE@DH@Z
??0CTXStringA@@QAE@PBD@Z
??0CTXStringA@@QAE@PBDH@Z
??0CTXStringA@@QAE@UtagEN@@PB_WH@Z
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??0CTXStringA@@QAE@XZ
??0CTXStringW@@QAE@ABU_GUID@@@Z
??0CTXStringW@@QAE@ABUtagVARIANT@@@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@H@Z
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@PB_WH@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??0CTXStringW@@QAE@UtagGBK@@PBDH@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@_WH@Z
??0CTXTCPDataSender@@QAE@XZ
??0CTXTLVCodecBase@@QAE@XZ
??0CTXThreadModel@@IAE@XZ
??0CTXUDPDataSender@@QAE@XZ
??0CTXVariant@@QAE@ABVCTXBuffer@@@Z
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@PB_WK@Z
??0CxFile@@QAE@XZ
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PB_WK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@KPAE@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@PBD@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@IAE@PBD@Z
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??0VTXTCPDataSenderTimeOutCallback@@QAE@ABV0@@Z
??0VTXTCPDataSenderTimeOutCallback@@QAE@XZ
??0VTXUDPDataSenderTimeOutCallback@@QAE@ABV0@@Z
??0VTXUDPDataSenderTimeOutCallback@@QAE@XZ
??1CCmdCodecBase@@UAE@XZ
??1CExpatDataCompat@@QAE@XZ
??1CExpatFileReader@@UAE@XZ
??1CExpatMemReader@@UAE@XZ
??1CFmtString@@QAE@XZ
??1CMACReader@@QAE@XZ
??1CScopeToggler@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??1CTXCommPack@@UAE@XZ
??1CTXCriticalSection@@UAE@XZ
??1CTXHttpDownload@@UAE@XZ
??1CTXHttpDownloadSink@@UAE@XZ
??1CTXHttpUpload@@UAE@XZ
??1CTXHttpUploadBuffer@@UAE@XZ
??1CTXHttpUploadStandard@@UAE@XZ
??1CTXStringA@@QAE@XZ
??1CTXStringW@@QAE@XZ
??1CTXTCPDataSender@@UAE@XZ
??1CTXTLVCodecBase@@UAE@XZ
??1CTXThreadModel@@MAE@XZ
??1CTXUDPDataSender@@UAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4CScopeToggler@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXCriticalSection@@QAEAAV0@ABV0@@Z
??4CTXHttpDownloadSink@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@D@Z
??4CTXStringA@@QAEAAV0@PBD@Z
??4CTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@_W@Z
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??4VTXTCPDataSenderTimeOutCallback@@QAEAAV0@ABV0@@Z
??4VTXUDPDataSenderTimeOutCallback@@QAEAAV0@ABV0@@Z
??7CTXStringA@@QBE_NXZ
??7CTXStringW@@QBE_NXZ
??8@YA_NABVCTXStringA@@0@Z
??8@YA_NABVCTXStringA@@D@Z
??8@YA_NABVCTXStringA@@PBD@Z
??8@YA_NABVCTXStringW@@0@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??8@YA_NABVCTXStringW@@_W@Z
??8@YA_NDABVCTXStringA@@@Z
??8@YA_NPA_WABVCTXBSTR@@@Z
??8@YA_NPA_WABVCTXStringW@@@Z
??8@YA_NPBDABVCTXStringA@@@Z
??8@YA_NPB_WABVCTXBSTR@@@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??8@YA_N_WABVCTXStringW@@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??8CTXBSTR@@QBE_NPA_W@Z
??8CTXBSTR@@QBE_NPB_W@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??9@YA_NABVCTXStringA@@0@Z
??9@YA_NABVCTXStringA@@D@Z
??9@YA_NABVCTXStringA@@PBD@Z
??9@YA_NABVCTXStringW@@0@Z
??9@YA_NABVCTXStringW@@PB_W@Z
??9@YA_NABVCTXStringW@@_W@Z
??9@YA_NDABVCTXStringA@@@Z
??9@YA_NPA_WABVCTXBSTR@@@Z
??9@YA_NPBDABVCTXStringA@@@Z
??9@YA_NPB_WABVCTXBSTR@@@Z
??9@YA_NPB_WABVCTXStringW@@@Z
??9@YA_N_WABVCTXStringW@@@Z
??9CTXBSTR@@QBE_NABV0@@Z
??9CTXBSTR@@QBE_NPA_W@Z
??9CTXBSTR@@QBE_NPB_W@Z
??ACTXStringA@@QBEDH@Z
??ACTXStringW@@QBE_WH@Z
??BCTXBSTR@@QBEPA_WXZ
??BCTXCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
??BCTXStringA@@QBEPBDXZ
??BCTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringA@@ABV0@0@Z
??H@YA?AVCTXStringA@@ABV0@D@Z
??H@YA?AVCTXStringA@@ABV0@PBD@Z
??H@YA?AVCTXStringA@@DABV0@@Z
??H@YA?AVCTXStringA@@PBDABV0@@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??ICTXBSTR@@QAEPAPA_WXZ
??M@YA_NABVCTXStringA@@0@Z
??M@YA_NABVCTXStringA@@PBD@Z
??M@YA_NABVCTXStringW@@0@Z
??M@YA_NABVCTXStringW@@PB_W@Z
??M@YA_NPBDABVCTXStringA@@@Z
??M@YA_NPB_WABVCTXStringW@@@Z
??MCTXBSTR@@QBE_NABV0@@Z
??MCTXBSTR@@QBE_NPA_W@Z
??MCTXBSTR@@QBE_NPB_W@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??N@YA_NABVCTXStringA@@0@Z
??N@YA_NABVCTXStringA@@PBD@Z
??N@YA_NABVCTXStringW@@0@Z
??N@YA_NABVCTXStringW@@PB_W@Z
??N@YA_NPBDABVCTXStringA@@@Z
??N@YA_NPB_WABVCTXStringW@@@Z
??O@YA_NABVCTXStringA@@0@Z
??O@YA_NABVCTXStringA@@PBD@Z
??O@YA_NABVCTXStringW@@0@Z
??O@YA_NABVCTXStringW@@PB_W@Z
??O@YA_NPBDABVCTXStringA@@@Z
??O@YA_NPB_WABVCTXStringW@@@Z
??OCTXBSTR@@QBE_NABV0@@Z
??OCTXBSTR@@QBE_NPA_W@Z
??OCTXBSTR@@QBE_NPB_W@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??P@YA_NABVCTXStringA@@0@Z
??P@YA_NABVCTXStringA@@PBD@Z
??P@YA_NABVCTXStringW@@0@Z
??P@YA_NABVCTXStringW@@PB_W@Z
??P@YA_NPBDABVCTXStringA@@@Z
??P@YA_NPB_WABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@PB_W@Z
??YCTXStringA@@QAEAAV0@ABV0@@Z
??YCTXStringA@@QAEAAV0@D@Z
??YCTXStringA@@QAEAAV0@PBD@Z
??YCTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??YCTXStringW@@QAEAAV0@_W@Z
??_7CTXCommPack@@6B@
??_7CTXCriticalSection@@6B@
??_7CTXHttpDownload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpDownload@@6BCTXThreadModel@@@
??_7CTXHttpDownloadSink@@6B@
??_7CTXHttpUpload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUpload@@6BCTXThreadModel@@@
??_7CTXHttpUploadBuffer@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadBuffer@@6BCTXThreadModel@@@
??_7CTXHttpUploadStandard@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadStandard@@6BCTXThreadModel@@@
??_7CTXTCPDataSender@@6B@
??_7CTXUDPDataSender@@6B@
??_7CxFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_7TiXmlAttribute@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
??_7VTXTCPDataSenderTimeOutCallback@@6B@
??_7VTXUDPDataSenderTimeOutCallback@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBuf@CTXCommPack@@QAEHPBEI@Z
?AddBufLenByte@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBufLenDWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBundleFile@TXStringBundle@@YAXPB_W0@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddConfigData@ModuleConfig@@YAJPB_W0@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?AddEvent@CTXThreadModel@@IAEXPAX@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?AddFmtString@TXStringBundle@@YAXABVCFmtString@@@Z
?AddFormData@CTXHttpDownload@@QAEXABVCTXStringW@@0@Z
?AddIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@0@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@K@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@PBEK@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
?AddPlugin@CoreCenter@Util@@YAHPA_WPAUITXData@@@Z
?AddRef@CCmdCodecBase@@MAGKXZ
?AddRelativeFileSystem@FS@@YAJPB_W00HH@Z
?AddStrA@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrAEndChar@CTXCommPack@@QAEHABVCTXStringA@@E@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrALenDWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrW@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWEndChar@CTXCommPack@@QAEHABVCTXStringW@@E@Z
?AddStrWLenByte@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWLenDWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddStrWLenWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddTLV@CTXCommPack@@QAEHEABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHGABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHKABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
?AddUInt64@CTXCommPack@@QAEH_KH@Z
?AddVBuf@CTXCommPack@@IAEHABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?Alloc@CxMemFile@@IAEXK@Z
?AllocSysString@CTXStringW@@QBEPA_WXZ
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?AnalyseResponseData@CTXHttpDownload@@AAEHAAH@Z
?AnalyseResponseHead@CTXHttpDownload@@AAEHXZ
?AnsiToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?Append@CTXBSTR@@QAEJABV1@@Z
?Append@CTXBSTR@@QAEJD@Z
?Append@CTXBSTR@@QAEJPB_W@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
?Append@CTXBSTR@@QAEJ_W@Z
?Append@CTXStringA@@QAEXABV1@@Z
?Append@CTXStringA@@QAEXPBD@Z
?Append@CTXStringA@@QAEXPBDH@Z
?Append@CTXStringW@@QAEXABV1@@Z
?Append@CTXStringW@@QAEXPB_W@Z
?Append@CTXStringW@@QAEXPB_WH@Z
?AppendBSTR@CTXBSTR@@QAEJPA_W@Z
?AppendBSTR@CTXStringW@@QAEXPA_W@Z
?AppendBytes@CTXBSTR@@QAEJPBDH@Z
?AppendChar@CTXStringA@@QAEXD@Z
?AppendChar@CTXStringW@@QAEX_W@Z
?AppendFormat@CTXStringW@@QAAXPB_WZZ
?ApplyProxyInfoToHttp@Network@Util@@YAXXZ
?ApplySettings@CTXTCPDataSender@@IAEXPAUITXData@@PAUtagTXTCPPacket@@@Z
?ApplySettings@CTXUDPDataSender@@IAEXPAUITXData@@PAUtagTXUDPPacket@@@Z
?ArrayToBSTR@CTXBSTR@@QAEJPBUtagSAFEARRAY@@@Z
?AssignBSTR@CTXBSTR@@QAEJQA_W@Z
?Attach@CTXBSTR@@QAEXPA_W@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?BIG5ToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?BSTRToArray@CTXBSTR@@QAEJPAPAUtagSAFEARRAY@@@Z
?Base64Encode@Encode@Util@@YA?AVCTXStringW@@ABVCTXBuffer@@H@Z
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?Blank@TiXmlText@@IBE_NXZ
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?BrokenCodec@CCmdCodecBase@@IAEXPB_W@Z
?BuildRqHead@CTXHttpDownload@@AAEHAAVCTXStringA@@@Z
?ByteLength@CTXBSTR@@QBEIXZ
?CDATA@TiXmlText@@QBE_NXZ
?CPConvert@Encoding@XmlText@@YAHHPBD@Z
?CRC32@Encode@Util@@YAKKPBEH@Z
?CancelDownload@CTXHttpDownload@@QAEXXZ
?CancelResolve@HostResolve@Util@@YAJK@Z
?CancelUpload@CTXHttpUpload@@QAEXXZ
?CancelUpload@CTXHttpUploadBuffer@@QAEXXZ
?CancelUpload@CTXHttpUploadStandard@@QAEXXZ
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?ChangeConfig@CCmdCodecBase@@IAEXHH@Z
?ChangeConfig@CTXTLVCodecBase@@IAEX_N@Z
?CheckBufEndChar@CTXCommPack@@QAEHE@Z
?CheckBuffer@CTXCommPack@@IAEHI@Z
?CheckOutOverflow@CTXCommPack@@IAEHI@Z
?CheckRunMode@CTXCommPack@@IAEHW4RunMode@1@@Z
?CheckUinValid@Extend@Util@@YAHPA_W@Z
?CheckVistaAndStartSelfMediumLevel@Sys@Util@@YAHXZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Clear@CxImageGIF@@IAEXEAAUtag_image@1@@Z
?Clear@TiXmlNode@@QAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearRequestHeader@CTXHttpDownload@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Close@CxMemFile@@UAE_NXZ
?CloseReuseTCP@CTXHttpDownload@@QAEXXZ
?ClrBit@BitManip@Util@@YAXKAAKH@Z
?ClrBit@BitManip@Util@@YAXKAAVCTXBuffer@@H@Z
?ClrBit@BitManip@Util@@YAXKAA_JH@Z
?CodeAddBuffer@CTXTLVCodecBase@@IAEXEPAUITXBuffer@@@Z
?CodeArrayBuffer@CCmdCodecBase@@IAEXXZ
?CodeArrayBufferLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@H@Z
?CodeArrayNumber@CCmdCodecBase@@IAEXW4TX_DATA_TYPE@@@Z
?CodeArrayString@CCmdCodecBase@@IAEXI@Z
?CodeArrayStringEndChar@CCmdCodecBase@@IAEXD@Z
?CodeArrayStringLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeArrayTXDataBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeArrayTXDataString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeArrayTXDataStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeArrayTXDataStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayToEnd@CCmdCodecBase@@IAEXPB_WH@Z
?CodeBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeBuffer@CTXTLVCodecBase@@IAEXEPB_WK@Z
?CodeBufferEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeByte@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeByteEx@CTXTLVCodecBase@@IAEXEPB_WE_N1@Z
?CodeChar@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeCharEx@CTXTLVCodecBase@@IAEXEPB_WD_N1@Z
?CodeDWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeDWordEx@CTXTLVCodecBase@@IAEXEPB_WK_N1@Z
?CodeEndArray@CCmdCodecBase@@IAEXXZ
?CodeInt@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeIntEx@CTXTLVCodecBase@@IAEXEPB_WH_N1@Z
?CodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeShort@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeShortEx@CTXTLVCodecBase@@IAEXEPB_WF_N1@Z
?CodeString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeTXData@CCmdCodecBase@@UAGJPAUITXData@@PAPAUITXBuffer@@@Z
?CodeWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeWordEx@CTXTLVCodecBase@@IAEXEPB_WG_N1@Z
?CodecTLV@CTXTLVCodecBase@@UAGJKPAUITXData@@PAPAUITXBuffer@@@Z
?Collate@CTXStringW@@QBEHPB_W@Z
?CollateNoCase@CTXStringW@@QBEHPB_W@Z
?Colorize@CxImage@@QAE_NEEM@Z
?Colorize@CxImage@@QAE_NNNN@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CombinePath@FS@Util@@YA?AVCTXStringW@@ABV3@0@Z
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
?CommitChange@FS@@YAHPB_W@Z
?Compare@CTXStringA@@QBEHPBD@Z
?Compare@CTXStringW@@QBEHPB_W@Z
?CompareColors@CxImage@@KAHPBX0@Z
?CompareNoCase@CTXStringA@@QBEHPBD@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?ConnectToServer@CTXHttpDownload@@AAEHXZ
?Contour@CxImage@@QAE_NXZ
?ConventAnsiBufferToBSTR@SSOConvert@Util@@YAHAAVCTXBuffer@@AAVCTXBSTR@@H@Z
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?ConvertTXArraySpecialLabel@Convert@Util@@YAHPAUITXArray@@PA_W@Z
?ConvertTXArrayStringBundle@Convert@Util@@YAHPAUITXArray@@@Z
?ConvertTXBufferToTXSSOBuffer@SSOConvert@Util@@YAJPAUITXBuffer@@PAPAUITXSSOBuffer@@@Z
?ConvertTXDataSpecialLabel@Convert@Util@@YAHPAUITXData@@PA_W@Z
?ConvertTXDataStringBundle@Convert@Util@@YAHPAUITXData@@@Z
?ConvertTXDataToTXSSOData@SSOConvert@Util@@YAJPAUITXData@@PAPAUITXSSOData@@@Z
?ConvertTXDataToXML@Convert@Util@@YAHPA_WPAUITXDataRead@@0@Z

Sections

.text
Size: 936KB - Virtual size: 935KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 412KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/TXSSO/bin/SSOLUIControl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

89b5043bf995ecf48dbc4c2b7764f65e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:43:d2:4f:d7:d5:67:67:15:0f:06:65:6a:69:d4:a9:af:43:6d:3a
Signer

Actual PE Digest

2a:43:d2:4f:d7:d5:67:67:15:0f:06:65:6a:69:d4:a9:af:43:6d:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\basebuilder_hummerplatformProj_int\Basic_HummerPlatform_VOB\Platform\SSOPlatform\TXSSO\output\bin\SSOLUIControl.pdb

Imports

ssocommon

?StringToIntW@Convert@Util@@YA_NPB_WAAH@Z
?Mid@CTXStringW@@QBE?AV1@HH@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Empty@CTXStringW@@QAEXXZ
?OpenUrlWithDefault@UrlBase@Util@@YAXABVCTXStringW@@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
?Delete@CTXStringW@@QAEHHH@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?Format@CTXStringW@@QAAXPB_WZZ
?SBCToDBC@Convert@Util@@YA_NAAVCTXStringW@@@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?Find@CTXStringW@@QBEH_WH@Z
??8@YA_NABVCTXStringW@@PB_W@Z
?Length@CTXBSTR@@QBEIXZ
??8CTXBSTR@@QBE_NPB_W@Z
??M@YA_NABVCTXStringW@@0@Z
??1CTXStringA@@QAE@XZ
?GetBufferOut@CTXCommPack@@QAEHAAVCTXBuffer@@@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetLCID@TXI18N@@YAKXZ
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@ABV0@@Z
?GetLength@CTXStringW@@QBEHXZ
??ACTXStringW@@QBE_WH@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
??0CTXBSTR@@QAE@ABV0@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?GetBSTRPtr@CTXStringW@@QAEPAPA_WXZ
?SetBufferIn@CTXCommPack@@QAEXPBEIH@Z
?ConvertTXSSOBufferToTXBuffer@SSOConvert@Util@@YAJPAUITXSSOBuffer@@PAPAUITXBuffer@@@Z
?ConvertTXSSODataToTXData@SSOConvert@Util@@YAJPAUITXSSOData@@PAPAUITXData@@@Z
?StringToDWordW@Convert@Util@@YA_NPB_WAAK@Z
??0CTXBSTR@@QAE@XZ
?IsEmpty@CTXBSTR@@QAEHXZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??ICTXBSTR@@QAEPAPA_WXZ
?GetBuf@CTXCommPack@@QAEHPAEHH@Z
?GetWord@CTXCommPack@@QAEHAAGHH@Z
??0CTXStringW@@QAE@XZ
?GetString@CTXCommPack@@QAEHAAVCTXStringW@@HHH@Z
?GetDWord@CTXCommPack@@QAEHAAKHH@Z
?GetByte@CTXCommPack@@QAEHAAEH@Z
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXCommPack@@UAE@XZ
??0CTXCommPack@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??1CTXStringW@@QAE@XZ
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??0CxImage@@QAE@K@Z
??1CxImage@@UAE@XZ
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@PAK_N@Z
??0CxMemFile@@QAE@KPAE@Z
?LoadGif@CxImageHelper@@YAPAVCxImage@@PAVCxFile@@AAH@Z
?GetWidth@CxImage@@QBEKXZ
?Load@CxImage@@QAE_NPAVCxFile@@K@Z
?GetHeight@CxImage@@QBEKXZ
??1CxMemFile@@UAE@XZ
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?GetLocalePath@TXI18N@@YA?AVCTXStringW@@PB_W@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
?MakeUpper@CTXStringW@@QAEAAV1@XZ
?Trim@CTXStringW@@QAEAAV1@XZ
??4CTXStringW@@QAEAAV0@ABV0@@Z

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetStringTypeW
GetStringTypeA
WriteConsoleA
WriteConsoleW
GetConsoleOutputCP
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
VirtualProtect
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
CloseHandle
WriteFile
GetConsoleCP
GetConsoleMode
LockResource
LoadResource
SizeofResource
FindResourceW
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
GetProcAddress
GetCurrentProcessId
FlushInstructionCache
GetCurrentProcess
lstrlenA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
WideCharToMultiByte
SetLastError
lstrcpynW
GetTickCount
SetStdHandle
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
Sleep
GetModuleFileNameA
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FlushFileBuffers
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer

user32

EnableWindow
IsDialogMessageW
GetDesktopWindow
DialogBoxParamW
DrawTextW
GetWindow
MapWindowPoints
EndDialog
GetSystemMetrics
GetCapture
ReleaseCapture
SystemParametersInfoW
SetCursor
GetSysColor
InflateRect
SetScrollInfo
GetScrollInfo
ShowScrollBar
GetScrollPos
SetCapture
IsWindowVisible
PostMessageW
ScreenToClient
SendMessageW
GetWindowRect
MoveWindow
CreateDialogParamW
FillRect
GetSysColorBrush
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
CreateWindowExW
RegisterClassExW
GetKeyState
IsWindow
GetParent
GetFocus
IsChild
SetFocus
GetDC
ReleaseDC
LoadCursorW
GetClassInfoExW
ShowWindow
UnionRect
PtInRect
GetClientRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
DestroyWindow
MessageBoxW
CharNextW
CallWindowProcW
GetWindowLongW
SetWindowLongW
DefWindowProcW
KillTimer
SetTimer
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
GetDlgItem
UnregisterClassA

gdi32

CloseMetaFile
RestoreDC
SetWindowExtEx
DeleteMetaFile
SaveDC
CreateMetaFileW
CreateDCW
GetDeviceCaps
GetClipRgn
CreateRectRgn
SelectClipRgn
Rectangle
SetTextAlign
TextOutW
SetWindowOrgEx
DPtoLP
GetTextExtentExPointW
GetObjectW
CreateRectRgnIndirect
CreateFontIndirectW
CreateSolidBrush
SetBkColor
GetStockObject
SetTextColor
SetBkMode
SelectObject
DeleteObject
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

ole32

OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
OleLoadFromStream
CoLoadLibrary
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CreateOleAdviseHolder

oleaut32

VariantClear
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VariantInit
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
LoadRegTypeLi

wininet

InternetCrackUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/TXSSO/bin/SSOPlatform.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bd3129ecfddc67f73dec950f0620ccaa

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d8:b9:72:14:fb:fa:94:aa:e0:d7:43:f5:35:bd:c3:86:34:d8:ed:26
Signer

Actual PE Digest

d8:b9:72:14:fb:fa:94:aa:e0:d7:43:f5:35:bd:c3:86:34:d8:ed:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\basebuilder_hummerplatformProj_int\Basic_HummerPlatform_VOB\Platform\SSOPlatform\TXSSO\output\bin\SSOPlatform.pdb

Imports

ws2_32

inet_addr

ssocommon

?CodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?DecodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?GetDecodeNumberUnsigned@CCmdCodecBase@@IAEKPB_W@Z
?DecodeString@CCmdCodecBase@@IAEXPB_WI@Z
?IsDecodeReachEnd@CCmdCodecBase@@IAEHXZ
?ChangeConfig@CCmdCodecBase@@IAEXHH@Z
?DecodeEndArray@CCmdCodecBase@@IAEXXZ
?DecodeArrayTXDataNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?DecodeArrayLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@H@Z
?BrokenCodec@CCmdCodecBase@@IAEXPB_W@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?Find@CTXStringW@@QBEH_WH@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringA@@QAE@PBDH@Z
??0CTXBSTR@@QAE@HPB_W@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?GetBuffer@CTXStringA@@QAEPADH@Z
?CodeBuffer@CCmdCodecBase@@IAEXPB_W@Z
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
?StringToDWordW@Convert@Util@@YA_NPB_WAAK@Z
??7CTXStringW@@QBE_NXZ
??4CTXStringW@@QAEAAV0@PB_W@Z
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?ToLower@CTXBSTR@@QAEJXZ
?GetClientType@ClientType@ProductConfig@Util@@YAJPAK@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?CreateChannel@Connection@Util@@YAJHPAPAUITXChannel@@@Z
?GetMemoryUsage@Sys@Util@@YAXAAK0@Z
?Encode16@Encode@Util@@YA?AVCTXStringW@@PBXI@Z
?IsCSSubSendData@Misc@Util@@YAHPAUITXData@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?GetLCID@TXI18N@@YAKXZ
??YCTXStringW@@QAEAAV0@PB_W@Z
wcslcat
?DecodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?DecodeBuffer@CCmdCodecBase@@IAEXPB_WI@Z
?CodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?OnRedirected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?OnProgress@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?OnDownloadStart@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?OnConnected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@@Z
?OnConnecting@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
??0CTXHttpDownloadSink@@IAE@XZ
??0CTXHttpDownload@@QAE@XZ
?SetUIInterface@CTXHttpDownload@@QAEXPAVCTXHttpDownloadSink@@@Z
??1CTXHttpDownloadSink@@UAE@XZ
??1CTXHttpDownload@@UAE@XZ
?GetDownloadedFilePath@CTXHttpDownload@@QAEHAAVCTXStringW@@@Z
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
?QueryInfo@CTXHttpDownload@@QAEHABVCTXStringW@@AAV2@H@Z
?EnableUnicodeString@CCmdCodecBase@@IAEXH@Z
?GetBSTRPtr@CTXStringW@@QAEPAPA_WXZ
?Download@CTXHttpDownload@@QAEHPB_WPAU_SYSTEMTIME@@0H@Z
?GetTXDataBuf@Data@Util@@YAHPAUITXDataRead@@PB_WAAVCTXBuffer@@@Z
?Generate@CComputerIDGenerator@@QAEKPAE@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
?GenerateEx@CComputerIDGenerator@@QAEHPAE@Z
?GetBufferByteLeft@CTXCommPack@@QBEHXZ
?ConventAnsiBufferToBSTR@SSOConvert@Util@@YAHAAVCTXBuffer@@AAVCTXBSTR@@H@Z
?GetBuf@CTXCommPack@@QAEHPAPBEHH@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?GetBufferOut@CTXCommPack@@QAEHAAVCTXBuffer@@@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?CRC32@Encode@Util@@YAKKPBEH@Z
?Empty@CTXBSTR@@QAEXXZ
?GetBinDir@Dir@Util@@YA?AVCTXStringW@@XZ
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?IsFileExist@FS@@YAHPB_W@Z
??0CTXStringW@@QAE@ABV0@@Z
?Attach@CTXBSTR@@QAEXPA_W@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?GetAt@CTXStringW@@QBE_WH@Z
?Empty@CTXStringW@@QAEXXZ
??YCTXStringW@@QAEAAV0@_W@Z
?CreateTXArray@Data@Util@@YAHPAPAUITXArray@@@Z
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
?StringToIP@Network@Util@@YAKPB_W@Z
?IPToString@Network@Util@@YA?AVCTXStringW@@K@Z
?Random@Sys@Util@@YAHXZ
?GetLCID@NLS@@YAKXZ
?GetTimeOffsetUTC@NLS@@YAJXZ
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??BCTXStringA@@QBEPBDXZ
??1CTXStringA@@QAE@XZ
?GetHostByName@HostResolve@Util@@YAJPA_WPAPA_W@Z
?Resolve@HostResolve@Util@@YAJPA_WPAUITXHostResolverSink@@PAK@Z
??0CTXStringW@@QAE@PB_WH@Z
?CancelResolve@HostResolve@Util@@YAJK@Z
??1CCmdCodecBase@@UAE@XZ
?DecodeBuffer@CCmdCodecBase@@UAGJPAUITXBuffer@@PAPAUITXData@@PAU3@@Z
?CodeTXData@CCmdCodecBase@@UAGJPAUITXData@@PAPAUITXBuffer@@@Z
?Release@CCmdCodecBase@@MAGKXZ
?AddRef@CCmdCodecBase@@MAGKXZ
?QueryInterface@CCmdCodecBase@@MAGJABU_GUID@@PAPAX@Z
??0CCmdCodecBase@@QAE@XZ
?GetIEProxySetting@Network@Util@@YAHPAUITXData@@AAE@Z
?GetIEProxyUserName@Network@Util@@YAHAAVCTXStringW@@0@Z
?IsEmpty@CTXStringW@@QBE_NXZ
?GetBSTR@CTXStringW@@QBEPA_WXZ
??0CTXCommPack@@QAE@XZ
?SetBufferIn@CTXCommPack@@QAEXAAVCTXBuffer@@H@Z
?GetWord@CTXCommPack@@QAEHAAGHH@Z
?GetByte@CTXCommPack@@QAEHAAEH@Z
?Decode16@Encode@Util@@YAHABVCTXStringW@@AAVCTXBuffer@@@Z
?DecodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?GetBuf@CTXCommPack@@QAEHPAEHH@Z
?GetDWord@CTXCommPack@@QAEHAAKHH@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??1CTXCommPack@@UAE@XZ
?TrimLeft@CTXStringW@@QAEAAV1@XZ
?TrimRight@CTXStringW@@QAEAAV1@XZ
??ACTXStringW@@QBE_WH@Z
??0CTXStringW@@QAE@PA_W@Z
?GetProcessName@SystemHelp@Util@@YA?AVCTXStringW@@K@Z
?CopyTXDataField@Data@Util@@YAHPAUITXDataRead@@PAUITXData@@PB_W2@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?ConvertTXSSOBufferToTXBuffer@SSOConvert@Util@@YAJPAUITXSSOBuffer@@PAPAUITXBuffer@@@Z
??8CTXBSTR@@QBE_NABV0@@Z
?ConvertTXSSODataToTXData@SSOConvert@Util@@YAJPAUITXSSOData@@PAPAUITXData@@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?ConvertTXDataToTXSSOData@SSOConvert@Util@@YAJPAUITXData@@PAPAUITXSSOData@@@Z
??MCTXBSTR@@QBE_NABV0@@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??0CTXBSTR@@QAE@ABV0@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
?GetUserDefaultLCID@NLS@@YAKXZ
?SetLCID@NLS@@YAHK@Z
?NotifyIdle@TXTimer@@YAXXZ
?SetUserLCID@TXI18N@@YAXK@Z
?IsEmpty@CTXBSTR@@QAEHXZ
?GetRootDir@Dir@Util@@YA?AVCTXStringW@@XZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?SetConfigFile@TXI18N@@YAHPB_W0@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?InitNetwork@Network@Util@@YAHXZ
?GetSSOTempDir@Dir@Util@@YA?AVCTXStringW@@XZ
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?InitDownloadTempDirectory@CTXHttpDownload@@SAXPB_W@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?Length@CTXBSTR@@QBEIXZ
?CreateTXArray@SSOData@Util@@YAHPAPAUITXSSOArray@@@Z
??ICTXBSTR@@QAEPAPA_WXZ
??8CTXBSTR@@QBE_NPA_W@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?CopyTXDataField@SSOData@Util@@YAHPAUITXSSODataRead@@PAUITXSSOData@@PB_W2@Z
??BCTXStringW@@QBEPB_WXZ
?CreateTXBuffer@SSOData@Util@@YAHPAPAUITXSSOBuffer@@@Z
?CreateTXData@SSOData@Util@@YAHPAPAUITXSSOData@@@Z
??0CTXBSTR@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
??0CTXBSTR@@QAE@PB_W@Z
??0CTXStringW@@QAE@XZ
??1CTXStringW@@QAE@XZ
?Find@CTXStringW@@QBEHPB_WH@Z
?GetLength@CTXStringW@@QBEHXZ
??4CTXStringW@@QAEAAV0@PA_W@Z
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
?GetLength@CTXStringA@@QBEHXZ

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

VirtualFree
GetProcessHeap
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
TerminateProcess
HeapReAlloc
RtlUnwind
HeapFree
HeapAlloc
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentProcess
HeapDestroy
GetOEMCP
IsValidCodePage
HeapCreate
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
HeapSize
SetHandleCount
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
OutputDebugStringA
InterlockedIncrement
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
Sleep
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetLocaleInfoW
LocalAlloc
LoadLibraryA
GetProcAddress
CreateDirectoryW
VirtualProtect
GlobalAlloc
GlobalFree
GetSystemDirectoryW
GetVolumeInformationW
GetDiskFreeSpaceExW
GetFileAttributesW
GetVersionExW
LocalFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexW
OpenMutexW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CloseHandle
GetThreadLocale
SetThreadLocale
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
InterlockedDecrement

user32

SendMessageW
CharNextW
GetWindowThreadProcessId
IsWindow
PostMessageW
UnregisterClassA
GetDesktopWindow

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
VariantClear
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 352KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/Upgrade.dll
.dll regsvr32 windows:4 windows x86 arch:x86

40d2a99971e9cf82f1531a00872ae3c6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:6b:bb:bc:24:8b:00:11:ff:39:95:42:d3:9b:ac:66:37:4a:9a:cb
Signer

Actual PE Digest

09:6b:bb:bc:24:8b:00:11:ff:39:95:42:d3:9b:ac:66:37:4a:9a:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Upgrade.pdb

Imports

httpdownload

?SetAutoResume@CHttpDownload@@QAEXH@Z
?OnError@CHttpDownloadUIInterface@@UAEXKPB_W@Z
?OnRedirected@CHttpDownloadUIInterface@@UAEXPB_W@Z
?SetUIInterface@CHttpDownload@@QAEXPAVCHttpDownloadUIInterface@@@Z
??0CHttpDownload@@QAE@XZ
??1CHttpDownload@@UAE@XZ
??_7CHttpDownloadUIInterface@@6B@
??1CHttpDownloadUIInterface@@UAE@XZ
?Download@CHttpDownload@@QAEIPB_W0PAU_SYSTEMTIME@@@Z
?CancelDownload@CHttpDownload@@QAEXXZ

log

?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?DOLOG@@YAXPB_WZZ

mfc80u

ord2054
ord4320
ord6274
ord3795
ord6272
ord4008
ord4032
ord757
ord3824
ord2239
ord1043
ord267
ord766
ord629
ord1430
ord6284
ord5083
ord384
ord2260
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord764
ord1182
ord1178
ord577
ord870
ord283
ord266
ord1908
ord265
ord762
ord293
ord860
ord776
ord581
ord1200
ord1170
ord1168
ord1192
ord1115
ord1162
ord371
ord1093
ord1199
ord1197
ord1087
ord1033
ord1079
ord315
ord774
ord280
ord5398
ord2460
ord4101
ord765
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712
ord3713
ord3703
ord2638
ord3943
ord4475
ord4255
ord3327
ord566
ord3677
ord314
ord2311
ord3927
ord6751
ord2261
ord2895
ord1476
ord1472
ord6700
ord282
ord1479
ord2121
ord896
ord899
ord284
ord2009

msvcr80

_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
wcstoul
wcscat_s
wcscpy_s
wcsrchr
wprintf_s
_wfopen
fseek
ftell
fclose
_onexit
wcstol
memmove
wcsstr
memcpy
wcsncpy
wcsncmp
wcschr
_vswprintf
_resetstkoflw
calloc
_recalloc
malloc
_purecall
memcpy_s
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
fwrite
__clean_type_info_names_internal
vswprintf_s
_vscwprintf
memset
__CxxFrameHandler3
free
_decode_pointer
fread

kernel32

GetProcessHeap
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
GetThreadLocale
SetThreadLocale
RaiseException
TerminateProcess
DeleteFileW
GetModuleHandleW
GetLocalTime
CreateToolhelp32Snapshot
Process32FirstW
GetVersion
CloseHandle
OpenProcess
Process32NextW
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
OutputDebugStringW
GetFileAttributesW
GetProcAddress
GetLastError
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
IsDebuggerPresent

user32

UnregisterClassA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW

shlwapi

StrCmpW

ole32

CoCreateInstance
CoLoadLibrary

oleaut32

DispCallFunc
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
VariantInit
VariantClear

atl80

ord58
ord10
ord11
ord23
ord61
ord31
ord32
ord30
ord15
ord18
ord22
ord64

msvcp80

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z

wintrust

WinVerifyTrust

crypt32

CertCreateCertificateContext
CryptDecodeObject
CertCloseStore
CryptMsgClose
CertFreeCertificateContext
CertRDNValueToStrW
CryptQueryObject
CryptMsgGetParam
CertFindRDNAttr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/UserData.dll
.dll regsvr32 windows:4 windows x86 arch:x86

969ec00d5573bf8ea02ab31d618894ad

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e6:40:7d:c6:24:09:13:ad:69:c8:df:1d:8f:54:0a:4b:1a:40:31:f4
Signer

Actual PE Digest

e6:40:7d:c6:24:09:13:ad:69:c8:df:1d:8f:54:0a:4b:1a:40:31:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\UserData.pdb

Imports

log

?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

mfc80u

ord3795
ord6272
ord4008
ord4032
ord3824
ord2239
ord1043
ord764
ord1182
ord1178
ord575
ord765
ord315
ord1079
ord1033
ord1087
ord1197
ord1199
ord1093
ord371
ord1162
ord1115
ord1192
ord1168
ord1170
ord1200
ord581
ord267
ord6751
ord314
ord762
ord266
ord1908
ord265
ord577
ord870
ord899
ord3677
ord757
ord566
ord3327
ord4255
ord4475
ord3943
ord2638
ord6274
ord3703
ord4320
ord3713
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord3712

msvcr80

??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
memcpy_s
_CxxThrowException
_encoded_null
_malloc_crt
_decode_pointer
??1exception@std@@UAE@XZ
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
_resetstkoflw
free
memmove_s
vswprintf_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_vscwprintf
_invalid_parameter_noinfo
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
memset
__CxxFrameHandler3
__clean_type_info_names_internal
_onexit
malloc
srand
rand
memcpy
calloc
_recalloc
_purecall
??0exception@std@@QAE@ABV01@@Z

kernel32

GetACP
GetLocaleInfoA
HeapFree
HeapReAlloc
HeapSize
GetVersionExA
HeapDestroy
GetProcessHeap
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
LocalFree
GetThreadLocale
SetThreadLocale
RaiseException
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetPrivateProfileIntW
GetTickCount
OutputDebugStringW
GetFileAttributesW
GetProcAddress
GetLastError
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
GetModuleFileNameW
HeapAlloc

user32

UnregisterClassA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

LoadTypeLi
LoadRegTypeLi
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantInit
SysFreeString
VarBstrCmp

atl80

ord32
ord30
ord64
ord22
ord18
ord15
ord31
ord58
ord61
ord23

msvcp80

?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/VProcess.dll
.dll windows:4 windows x86 arch:x86

c0554cc8941003a2df8ef686c1e605a9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dd:b8:1f:e9:51:2e:ab:83:b7:d1:24:14:1f:ce:1a:a4:44:fc:e4:f8
Signer

Actual PE Digest

dd:b8:1f:e9:51:2e:ab:83:b7:d1:24:14:1f:ce:1a:a4:44:fc:e4:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\VProcess.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_adjust_fdiv
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
_purecall
??_V@YAXPAX@Z
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler3
_CIlog10

Exports

Exports

CreateAProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 594B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/atl80.dll
.dll windows:4 windows x86 arch:x86

00c6e566e88c3d07ddc376fe4ce83c5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl80.i386.pdb

Imports

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
FindClose
FindFirstFileW
CompareStringW
GetSystemDirectoryW
GetLongPathNameW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
GetLastError
DisableThreadLibraryCalls
DebugBreak
OutputDebugStringA
GetVersionExA
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
LockResource
lstrcmpA
GetModuleHandleA
GetTickCount
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapSize
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LocalAlloc

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRegisterServer
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlRegisterTypeLib
AtlSetErrorInfo
AtlUnRegisterTypeLib
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/avcodec-52.dll
.dll windows:4 windows x86 arch:x86

0b0a193b30953e037a3575c3a6d862c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

avutil-50

av_crc
av_crc_get_table
av_d2q
av_div_q
av_free
av_freep
av_gcd
av_get_pix_fmt
av_lfg_init
av_log
av_log_get_level
av_malloc
av_mallocz
av_memcpy_backptr
av_pix_fmt_descriptors
av_realloc
av_reduce
av_reverse
av_strdup
av_strlcat
av_strlcpy
ff_sqrt_tab
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_reverse
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
av_pix_fmt_descriptors
ff_sqrt_tab
ff_sqrt_tab
ff_sqrt_tab

kernel32

AddAtomA
CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetEvent
Sleep
WaitForSingleObject
WideCharToMultiByte

msvcrt

_open
_tempnam
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_beginthreadex
_errno
_setjmp
abort
acos
asin
atan
calloc
ceil
cos
cosh
exp
fflush
floor
fputc
free
frexp
getenv
isprint
isspace
ldexp
localeconv
log
longjmp
malloc
memcmp
memmove
memset
pow
qsort
realloc
sin
sinh
sscanf
strchr
strcmp
strlen
strtol
tan
tanh
toupper
wcslen

Exports

Exports

MPV_common_defaults
MPV_common_end
MPV_common_init
MPV_common_init_mmx
MPV_decode_defaults
MPV_decode_mb
MPV_frame_end
MPV_frame_start
_get_output_format
aac_decoder
aac_parser
aasc_decoder
ac3_common_init
ac3_decoder
ac3_parametric_bit_allocation
ac3_parser
add_pixels_clamped_mmx
adler32
adler32_combine
align_put_bits
audio_resample
audio_resample_close
audio_resample_init
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_next
av_dct_calc
av_dct_end
av_dct_init
av_destruct_packet
av_destruct_packet_nofree
av_dup_packet
av_fast_malloc
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_find_opt
av_free_packet
av_get_bits_per_sample
av_get_bits_per_sample_format
av_get_double
av_get_int
av_get_pict_type_char
av_get_q
av_get_string
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_next_option
av_opt_set_defaults
av_opt_set_defaults2
av_opt_show
av_parse_video_frame_rate
av_parse_video_frame_size
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_set_double
av_set_int
av_set_q
av_set_string
av_set_string2
av_set_string3
av_shrink_packet
av_strtod
av_tempfile
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context
avcodec_alloc_context2
avcodec_alloc_frame
avcodec_channel_layout_num_channels
avcodec_check_dimensions
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio2
avcodec_decode_audio3
avcodec_decode_subtitle
avcodec_decode_subtitle2
avcodec_decode_video
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_channel_layout_string
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_context_defaults2
avcodec_get_edge_width
avcodec_get_frame_defaults
avcodec_get_pix_fmt
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_get_sample_fmt
avcodec_get_sample_fmt_name
avcodec_guess_channel_layout
avcodec_init
avcodec_license
avcodec_open
avcodec_pix_fmt_string
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_sample_fmt_string
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
c93_decoder
cbpc_b_tab
crc32
crc32_combine
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
ff_aac_ac3_parse
ff_aac_codebook_vector_idx
ff_aac_codebook_vector_vals
ff_aac_codebook_vectors
ff_aac_kbd_long_1024
ff_aac_kbd_short_128
ff_aac_num_swb_1024
ff_aac_num_swb_128
ff_aac_parse_header
ff_aac_pow2sf_tab
ff_aac_pred_sfb_max
ff_aac_sbr_ctx_close
ff_aac_sbr_ctx_init
ff_aac_sbr_init
ff_aac_scalefactor_bits
ff_aac_scalefactor_code
ff_aac_spectral_bits
ff_aac_spectral_codes
ff_aac_spectral_sizes
ff_ac3_bap_tab
ff_ac3_bit_alloc_calc_bap
ff_ac3_bit_alloc_calc_mask
ff_ac3_bit_alloc_calc_psd
ff_ac3_bitrate_tab
ff_ac3_channel_layout_tab
ff_ac3_channels_tab
ff_ac3_critical_band_size_tab
ff_ac3_db_per_bit_tab
ff_ac3_dec_channel_map
ff_ac3_downmix_c
ff_ac3_enc_channel_map
ff_ac3_fast_decay_tab
ff_ac3_fast_gain_tab
ff_ac3_floor_tab
ff_ac3_frame_size_tab
ff_ac3_hearing_threshold_tab
ff_ac3_log_add_tab
ff_ac3_parse_header
ff_ac3_parse_header_full
ff_ac3_rematrix_band_tab
ff_ac3_sample_rate_tab
ff_ac3_slow_decay_tab
ff_ac3_slow_gain_tab
ff_ac3_ungroup_3_in_5_bits_tab
ff_ac3_window
ff_acelp_apply_order_2_transfer_function
ff_acelp_fc_pulse_per_track
ff_acelp_high_pass_filter
ff_acelp_interp_filter
ff_acelp_interpolate
ff_acelp_interpolatef
ff_acelp_lp_decode
ff_acelp_lsf2lsp
ff_acelp_lsp2lpc
ff_acelp_lspd2lpc
ff_acelp_reorder_lsf
ff_acelp_weighted_vector_sum
ff_adaptive_gain_control
ff_aic_dc_scale_table
ff_alloc_picture
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_avg_cavs_qpel16_mc00_mmx2
ff_avg_cavs_qpel8_mc00_mmx2
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_avg_vc1_mspel_mc00_c
ff_avg_vc1_mspel_mc00_mmx2
ff_b60_sinc
ff_block_permute
ff_bone
ff_celp_circ_addf
ff_celp_convolve_circ
ff_celp_lp_synthesis_filter
ff_celp_lp_synthesis_filterf
ff_celp_lp_zero_synthesis_filterf
ff_check_alignment
ff_clean_intra_table_entries
ff_clear_fixed_vector
ff_combine_frame
ff_copy_bits
ff_copy_pce_data
ff_copy_picture
ff_cos
ff_cos_1024
ff_cos_128
ff_cos_16
ff_cos_16384
ff_cos_2048
ff_cos_256
ff_cos_32
ff_cos_32768
ff_cos_4096
ff_cos_512
ff_cos_64
ff_cos_65536
ff_cos_8192
ff_cos_tabs
ff_cropTbl
ff_dct_calc
ff_dct_common_init
ff_dct_end
ff_dct_init
ff_decode_10_pulses_35bits
ff_decode_sbr_extension
ff_dirac_parse_sequence_header
ff_dnxhd_init_mmx
ff_dot_productf
ff_draw_horiz_band
ff_eac3_default_chmap
ff_eac3_default_cpl_band_struct
ff_eac3_default_spx_band_struct
ff_eac3_hebap_tab
ff_emulated_edge_mc
ff_er_add_slice
ff_er_frame_end
ff_er_frame_start
ff_eval_expr
ff_exp2
ff_faanidct
ff_faanidct_add
ff_faanidct_put
ff_fc_2pulses_9bits_track1
ff_fc_2pulses_9bits_track1_gray
ff_fc_2pulses_9bits_track2_gray
ff_fc_4pulses_8bits_track_4
ff_fc_4pulses_8bits_tracks_13
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fetch_timestamp
ff_fft_calc_c
ff_fft_end
ff_fft_init
ff_fft_init_mmx
ff_fft_permute_c
ff_fill_linesize
ff_fill_pointer
ff_find_hwaccel
ff_find_start_code
ff_find_unused_picture
ff_flac_blocksize_table
ff_flac_get_max_frame_size
ff_flac_is_extradata_valid
ff_flac_parse_block_header
ff_flac_parse_streaminfo
ff_flac_sample_rate_table
ff_float_to_int16_c
ff_float_to_int16_interleave_c
ff_flv2_decode_ac_esc
ff_flv_decode_picture_header
ff_frame_rate_tab
ff_free_expr
ff_get_plane_bytewidth
ff_gmc_c
ff_golomb_vlc_len
ff_h261_loop_filter
ff_h261_rl_table_store
ff_h263_cbpy_tab
ff_h263_cbpy_vlc
ff_h263_chroma_qscale_table
ff_h263_decode_end
ff_h263_decode_frame
ff_h263_decode_init
ff_h263_decode_mb
ff_h263_decode_mba
ff_h263_find_frame_end
ff_h263_find_resync_marker
ff_h263_get_gob_height
ff_h263_inter_MCBPC_bits
ff_h263_inter_MCBPC_code
ff_h263_inter_MCBPC_vlc
ff_h263_intra_MCBPC_bits
ff_h263_intra_MCBPC_code
ff_h263_intra_MCBPC_vlc
ff_h263_loop_filter
ff_h263_loop_filter_strength
ff_h263_pixel_aspect
ff_h263_resync
ff_h263_rl_inter
ff_h263_show_pict_info
ff_h263_static_rl_table_store
ff_h263_update_motion_val
ff_h264_alloc_tables
ff_h264_check_intra4x4_pred_mode
ff_h264_check_intra_pred_mode
ff_h264_chroma_qp
ff_h264_decode_end
ff_h264_decode_init
ff_h264_decode_init_vlc
ff_h264_decode_mb_cabac
ff_h264_decode_mb_cavlc
ff_h264_decode_nal
ff_h264_decode_picture_parameter_set
ff_h264_decode_rbsp_trailing
ff_h264_decode_ref_pic_list_reordering
ff_h264_decode_ref_pic_marking
ff_h264_decode_sei
ff_h264_decode_seq_parameter_set
ff_h264_direct_dist_scale_factor
ff_h264_direct_ref_list_init
ff_h264_execute_ref_pic_marking
ff_h264_fill_default_ref_list
ff_h264_fill_mbaff_ref_list
ff_h264_filter_mb
ff_h264_filter_mb_fast
ff_h264_find_frame_end
ff_h264_frame_start
ff_h264_free_context
ff_h264_get_slice_type
ff_h264_hl_decode_mb
ff_h264_idct8_add4_c
ff_h264_idct8_add_c
ff_h264_idct8_dc_add_c
ff_h264_idct_add16_c
ff_h264_idct_add16intra_c
ff_h264_idct_add8_c
ff_h264_idct_add_c
ff_h264_idct_dc_add_c
ff_h264_init_cabac_states
ff_h264_lowres_idct_add_c
ff_h264_lowres_idct_put_c
ff_h264_lps_range
ff_h264_lps_state
ff_h264_mlps_state
ff_h264_mps_state
ff_h264_norm_shift
ff_h264_pred_direct_motion
ff_h264_pred_init
ff_h264_remove_all_refs
ff_h264_reset_sei
ff_h264_write_back_intra_pred_mode
ff_h264dsp_init
ff_h264dsp_init_x86
ff_huff_build_tree
ff_hwaccel_pixfmt_list_420
ff_idct_xvid_mmx
ff_idct_xvid_mmx2
ff_idct_xvid_sse2
ff_idct_xvid_sse2_add
ff_idct_xvid_sse2_put
ff_imdct_calc_c
ff_imdct_half_c
ff_img_copy_plane
ff_init_block_index
ff_init_cabac_decoder
ff_init_cabac_encoder
ff_init_cabac_states
ff_init_ff_cos_tabs
ff_init_ff_sine_windows
ff_init_scantable
ff_intel_h263_decode_picture_header
ff_inter_intra_vlc
ff_interleaved_dirac_golomb_vlc_code
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_intrax8_common_end
ff_intrax8_common_init
ff_intrax8_decode_picture
ff_intrax8dsp_init
ff_inverse
ff_is_hwaccel_pix_fmt
ff_kbd_window_init
ff_lockmgr_cb
ff_log2
ff_log2_run
ff_lsp2polyf
ff_match_2uint16
ff_mb_non_intra_vlc
ff_mba_length
ff_mba_max
ff_mdct_calc_c
ff_mdct_end
ff_mdct_init
ff_mpa_alloc_tables
ff_mpa_bitrate_tab
ff_mpa_decode_header
ff_mpa_enwindow
ff_mpa_freq_tab
ff_mpa_l2_select_table
ff_mpa_quant_bits
ff_mpa_quant_steps
ff_mpa_sblimit_table
ff_mpa_synth_filter
ff_mpa_synth_init
ff_mpa_synth_window
ff_mpeg12_common_init
ff_mpeg12_init_vlcs
ff_mpeg12_mbAddrIncrTable
ff_mpeg12_mbMotionVectorTable
ff_mpeg12_mbPatTable
ff_mpeg12_static_rl_table_store
ff_mpeg12_vlc_dc_chroma_bits
ff_mpeg12_vlc_dc_chroma_code
ff_mpeg12_vlc_dc_lum_bits
ff_mpeg12_vlc_dc_lum_code
ff_mpeg1_aspect
ff_mpeg1_clean_buffers
ff_mpeg1_dc_scale_table
ff_mpeg1_decode_block_intra
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg1_find_frame_end
ff_mpeg2_aspect
ff_mpeg2_dc_scale_table
ff_mpeg4_DCtab_chrom
ff_mpeg4_DCtab_lum
ff_mpeg4_c_dc_scale_table
ff_mpeg4_clean_buffers
ff_mpeg4_decode_partitions
ff_mpeg4_decode_picture_header
ff_mpeg4_default_intra_matrix
ff_mpeg4_default_non_intra_matrix
ff_mpeg4_find_frame_end
ff_mpeg4_get_video_packet_prefix_length
ff_mpeg4_init_direct_mv
ff_mpeg4_intra_level
ff_mpeg4_intra_run
ff_mpeg4_intra_vlc
ff_mpeg4_resync_prefix

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 160B

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 512B - Virtual size: 266B

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 512B - Virtual size: 280B

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 512B - Virtual size: 288B

IMAGE_SCN_MEM_DISCARDABLE
QQLive/avformat-52.dll
.dll windows:4 windows x86 arch:x86

3e1cbc4bbb3bd8c261e2a1584c418ef8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

avcodec-52

av_destruct_packet
av_destruct_packet_nofree
av_dup_packet
av_fast_realloc
av_free_packet
av_get_bits_per_sample
av_init_packet
av_new_packet
av_opt_set_defaults
av_parse_video_frame_rate
av_parse_video_frame_size
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_xiphlacing
avcodec_alloc_context
avcodec_close
avcodec_decode_audio3
avcodec_decode_video2
avcodec_find_decoder
avcodec_get_frame_defaults
avcodec_open
avcodec_pix_fmt_to_codec_tag
avcodec_register_all
avcodec_set_dimensions
avcodec_string
ff_ac3_parse_header
ff_dirac_parse_sequence_header
ff_flac_parse_block_header
ff_flac_parse_streaminfo
ff_mpa_decode_header
ff_mpa_freq_tab
ff_mpeg4audio_get_config
ff_mpeg4audio_sample_rates
ff_mpegaudio_decode_header
inflate
inflateEnd
inflateInit_
ff_mpeg4audio_sample_rates
ff_mpeg4audio_sample_rates
ff_mpa_freq_tab

avutil-50

av_compare_ts
av_crc
av_crc_get_table
av_d2q
av_d2str
av_des_crypt
av_des_init
av_div_q
av_free
av_freep
av_gcd
av_int2dbl
av_int2flt
av_log
av_lzo1x_decode
av_malloc
av_mallocz
av_mul_q
av_rc4_crypt
av_rc4_init
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_strdup
av_strlcat
av_strlcatf
av_strlcpy
av_strstart

kernel32

AddAtomA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
WideCharToMultiByte

msvcrt

_close
_fstat
_open
_read
_setmode
_write
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
_lseeki64
_stricmp
_strnicmp
abort
atoi
bsearch
fflush
fputc
free
getenv
gmtime
isalpha
localeconv
localtime
malloc
memchr
memcmp
memmove
memset
mktime
sscanf
strchr
strcmp
strcpy
strlen
strncmp
strrchr
strstr
strtol
time
toupper
wcslen

ws2_32

WSACleanup
WSAStartup
gethostbyaddr
gethostbyname
getservbyport
htonl
htons
ioctlsocket
ntohl
ntohs

Exports

Exports

_get_output_format
aac_demuxer
ac3_demuxer
asf_demuxer
av_add_index_entry
av_alloc_format_context
av_alloc_put_byte
av_close_input_file
av_close_input_stream
av_codec_get_id
av_codec_get_tag
av_convert_lang_to
av_destruct_packet@LIBAVFORMAT_52
av_destruct_packet_nofree@LIBAVFORMAT_52
av_dup_packet@LIBAVFORMAT_52
av_filename_number_test
av_find_default_stream_index
av_find_input_format
av_find_stream_info
av_free_packet@LIBAVFORMAT_52
av_gen_search
av_get_frame_filename
av_get_packet
av_gettime
av_guess_codec
av_guess_format
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_init_packet@LIBAVFORMAT_52
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_metadata_conv
av_metadata_free
av_metadata_get
av_metadata_set
av_metadata_set2
av_new_packet@LIBAVFORMAT_52
av_new_program
av_new_stream
av_oformat_next
av_open_input_file
av_open_input_stream
av_pkt_dump
av_pkt_dump_log
av_probe_input_format
av_probe_input_format2
av_protocol_next
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_protocol
av_seek_frame
av_seek_frame_binary
av_set_parameters
av_set_pts_info
av_update_cur_dts
av_url_read_fpause
av_url_read_fseek
av_url_read_pause
av_url_read_seek
av_write_frame
av_write_header
av_write_trailer
avf_sdp_create
avformat_alloc_context
avformat_configuration
avformat_license
avformat_seek_file
avformat_version
avi_demuxer
brktimegm
codec_movaudio_tags
codec_movvideo_tags
dump_format
eac3_demuxer
ff_asf_audio_conceal_none
ff_asf_audio_conceal_spread
ff_asf_audio_stream
ff_asf_codec_comment1_header
ff_asf_codec_comment_header
ff_asf_command_stream
ff_asf_comment_header
ff_asf_content_encryption
ff_asf_data_header
ff_asf_digital_signature
ff_asf_ext_content_encryption
ff_asf_ext_stream_audio_stream
ff_asf_ext_stream_embed_stream_header
ff_asf_ext_stream_header
ff_asf_extended_content_header
ff_asf_file_header
ff_asf_head1_guid
ff_asf_head2_guid
ff_asf_header
ff_asf_language_guid
ff_asf_marker_header
ff_asf_metadata_conv
ff_asf_metadata_header
ff_asf_my_guid
ff_asf_simple_index_header
ff_asf_stream_header
ff_asf_video_conceal_none
ff_asf_video_stream
ff_asfcrypt_dec
ff_avi_metadata_conv
ff_avi_tags
ff_codec_bmp_tags
ff_codec_get_id
ff_codec_get_tag
ff_codec_movsubtitle_tags
ff_codec_wav_tags
ff_crc04C11DB7_update
ff_data_to_hex
ff_dirac_codec
ff_dynarray_add
ff_flac_codec
ff_free_parser_state
ff_freeaddrinfo
ff_gai_strerror
ff_gen_syncpoint_search
ff_get_v
ff_get_wav_header
ff_getaddrinfo
ff_getnameinfo
ff_id3v1_genre_str
ff_id3v1_read
ff_id3v2_match
ff_id3v2_metadata_conv
ff_id3v2_parse
ff_id3v2_read
ff_id3v2_tag_len
ff_id3v2_tags
ff_inet_aton
ff_interleave_add_packet
ff_interleave_compare_dts
ff_metadata_demux_compat
ff_metadata_mux_compat
ff_mkv_codec_tags
ff_mkv_metadata_conv
ff_mkv_mime_tags
ff_mov_get_lpcm_codec_id
ff_mov_iso639_to_lang
ff_mov_lang_to_iso639
ff_mov_read_esds
ff_mp4_obj_type
ff_mp4_read_descr_len
ff_mpegts_parse_close
ff_mpegts_parse_open
ff_mpegts_parse_packet
ff_new_chapter
ff_ntp_time
ff_ogm_audio_codec
ff_ogm_old_codec
ff_ogm_text_codec
ff_ogm_video_codec
ff_old_dirac_codec
ff_old_flac_codec
ff_parse_specific_params
ff_probe_input_buffer
ff_program_add_stream_index
ff_put_str16_nolen
ff_raw_read_partial_packet
ff_read_frame_flush
ff_reduce_index
ff_restore_parser_state
ff_rewind_with_probe_data
ff_rm_alloc_rmstream
ff_rm_free_rmstream
ff_rm_metadata
ff_rm_parse_packet
ff_rm_read_mdpr_codecdata
ff_rm_reorder_sipr_data
ff_rm_retrieve_cache
ff_sdp_write_media
ff_sipr_subpk_size
ff_skeleton_codec
ff_socket_nonblock
ff_speex_codec
ff_store_parser_state
ff_theora_codec
ff_url_join
ff_url_split
ff_vorbis_codec
ff_vorbis_comment
ff_vorbiscomment_length
ff_vorbiscomment_metadata_conv
ff_vorbiscomment_write
ff_wav_codec_get_id
file_protocol
find_info_tag
first_iformat
first_oformat
first_protocol
flac_demuxer
flic_demuxer
flv_demuxer
get_be16
get_be24
get_be32
get_be64
get_buffer
get_byte
get_checksum
get_le16
get_le24
get_le32
get_le64
get_partial_buffer
get_strz
guess_format
guess_stream_format
h261_demuxer
h263_demuxer
h264_demuxer
init_checksum
init_put_byte
m4v_demuxer
matroska_demuxer
metadata_conv
mktimegm
mov_demuxer
mp3_demuxer
mpegps_demuxer
mpegts_demuxer
mpegtsraw_demuxer
mpegvideo_demuxer
ogg_demuxer
parse_date
parse_frame_rate
parse_image_size
pcm_alaw_demuxer
pcm_f32be_demuxer
pcm_f32le_demuxer
pcm_f64be_demuxer
pcm_f64le_demuxer
pcm_mulaw_demuxer
pcm_read_seek
pcm_s16be_demuxer
pcm_s16le_demuxer
pcm_s24be_demuxer
pcm_s24le_demuxer
pcm_s32be_demuxer
pcm_s32le_demuxer
pcm_s8_demuxer
pcm_u16be_demuxer
pcm_u16le_demuxer
pcm_u24be_demuxer
pcm_u24le_demuxer
pcm_u32be_demuxer
pcm_u32le_demuxer
pcm_u8_demuxer
pipe_protocol
put_be16
put_be24
put_be32
put_be64
put_buffer
put_byte
put_flush_packet
put_le16
put_le24
put_le32
put_le64
put_strz
put_tag
rdt_demuxer
register_protocol
rm_demuxer
small_strptime
strcasecmp
strncasecmp
swf_demuxer
uncompress
url_close
url_close_buf
url_close_dyn_buf
url_exist
url_fclose
url_fdopen
url_feof
url_ferror
url_fget_max_packet_size
url_fgetc
url_fgets
url_fileno
url_filesize
url_fopen
url_fseek
url_fsize
url_fskip
url_ftell
url_get_file_handle
url_get_filename
url_get_max_packet_size
url_interrupt_cb
url_open
url_open_buf
url_open_dyn_buf
url_open_dyn_packet_buf
url_open_protocol
url_read
url_read_complete
url_resetbuf
url_seek
url_set_interrupt_cb
url_setbufsize
url_write
vc1_demuxer
vc1t_demuxer
wav_demuxer

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 512B - Virtual size: 332B

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 512B - Virtual size: 380B

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 512B - Virtual size: 352B

IMAGE_SCN_MEM_DISCARDABLE
QQLive/avutil-50.dll
.dll windows:4 windows x86 arch:x86

59da50356ca612dbab8d81cdba301415

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
WideCharToMultiByte

msvcrt

_close
_open
_read
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
_iob
abort
fflush
fputc
fputs
free
frexp
getenv
ldexp
localeconv
log
malloc
realloc
strcmp
strcpy
strlen
toupper
wcslen

Exports

Exports

_get_output_format
av_add_q
av_adler32_update
av_aes_crypt
av_aes_init
av_aes_size
av_base64_decode
av_base64_encode
av_bmg_get
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_des_crypt
av_des_init
av_div_q
av_evaluate_lls
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_find_nearest_q_idx
av_flt2int
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_pix_fmt
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log_default_callback
av_log_get_level
av_log_level
av_log_set_callback
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_pix_fmt_descriptors
av_rc4_crypt
av_rc4_init
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_rnd
av_reverse
av_sha1_final
av_sha1_init
av_sha1_size
av_sha1_update
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_solve_lls
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strstart
av_sub_q
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_size
av_update_lls
av_vlog
avutil_configuration
avutil_license
avutil_version
ff_log2_tab
ff_random_get_seed
ff_sqrt_tab
read_line
write_line

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 224B

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 512B - Virtual size: 332B

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 512B - Virtual size: 380B

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 512B - Virtual size: 352B

IMAGE_SCN_MEM_DISCARDABLE
QQLive/log.dll
.dll windows:4 windows x86 arch:x86

e9bbba4ef3f208197da75ee50df3049b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

10:1a:3b:7c:79:78:6e:5a:03:cd:1f:8c:7b:e8:93:e3:c3:59:91:3a
Signer

Actual PE Digest

10:1a:3b:7c:79:78:6e:5a:03:cd:1f:8c:7b:e8:93:e3:c3:59:91:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Log.pdb

Imports

kernel32

GetProcAddress
CreateDirectoryW
EnterCriticalSection
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
FreeLibrary
CreateProcessW
DeleteCriticalSection
InterlockedDecrement
LoadResource
CreateMutexW
LockResource
CopyFileW
SizeofResource
FindResourceW
GetSystemDirectoryW
GetPrivateProfileStringW
FindResourceExW
WinExec
WritePrivateProfileStringW
SetProcessWorkingSetSize
GetCurrentProcess
CreateToolhelp32Snapshot
GetCurrentProcessId
Process32FirstW
OpenProcess
GetLocalTime
TerminateProcess
DeleteFileW
GetTickCount
GetProcessHeap
GetModuleFileNameW
GetShortPathNameW
FormatMessageW
GetPrivateProfileIntW
lstrlenW
GetFileAttributesW
HeapAlloc
DeviceIoControl
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
RaiseException
HeapFree
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
Sleep
Process32NextW
lstrlenA
GetVersionExW
CloseHandle
GetLastError
WideCharToMultiByte
CreateFileW
InterlockedExchange

user32

TrackMouseEvent
UnregisterClassA
RegisterWindowMessageW
SendMessageW
IsWindow
SetForegroundWindow
GetWindowRect
ShowWindow
IsIconic
GetWindowThreadProcessId
GetForegroundWindow
SystemParametersInfoW
GetMonitorInfoW
MonitorFromRect
AttachThreadInput
OffsetRect
CopyRect
GetAncestor
WindowFromPoint
GetCursorPos
GetWindowTextW

gdi32

CreateFontW

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
RegOpenKeyW

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CoInitialize
CoCreateGuid
StringFromGUID2
CoLoadLibrary
CoUninitialize

oleaut32

SysAllocString
SysFreeString

msvcr80

ftell
wcscpy_s
vswprintf_s
sprintf_s
fread
strncpy_s
??0exception@std@@QAE@ABV01@@Z
_strlwr_s
??_U@YAPAXI@Z
_wcslwr_s
srand
rand
memcpy_s
?what@exception@std@@UBEPBDXZ
memmove_s
wcscat_s
??_V@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_fstat64i32
_wfopen_s
swscanf_s
strncmp
_vsnprintf_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_vscwprintf
fseek
??2@YAPAXI@Z
_time64
wcsncpy_s
_mktime64
wcsrchr
wcschr
_wrename
wcsstr
_invalid_parameter_noinfo
_fileno
_wcsicmp
_wsplitpath_s
fwrite
swprintf_s
fclose
??0exception@std@@QAE@XZ
isalnum
isprint
malloc
tolower
_vsnwprintf_s
isspace
free
_CxxThrowException
memset
__CxxFrameHandler3
??3@YAXPAX@Z
memcpy

msvcp80

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

ws2_32

inet_addr
inet_ntoa
WSAGetLastError
gethostbyname
htons

netapi32

Netbios
NetApiBufferFree
NetWkstaTransportEnum

Exports

Exports

?AddCloseHwnd@@YAXPAUHWND__@@@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?BitsToHexString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEH@Z
?CheckAdvise@@YAXPB_W@Z
?CheckAllAdviseValue@@YAXXZ
?CheckDirectoryExist@@YAHPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?ClearRN@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?CloseAllCloseHwnd@@YAXXZ
?ConvertTime@@YAI_J@Z
?CopyLiveUpFiles@@YAHXZ
?CreateAllDirectory@@YAHPB_W@Z
?CreateObjectFromFile2@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?CreateObjectFromFile@@YAJPB_WPAUIUnknown@@ABU_GUID@@2PAPAX@Z
?CreateStandardFont@@YAXAAPAUHFONT__@@@Z
?DOLOG@@YAXPB_WZZ
?DelCloseHwnd@@YAXPAUHWND__@@@Z
?Encode16@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?FocusToTop@@YAXPAUHWND__@@@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetClientOsVersion@@YAEXZ
?GetComErrorDetail@@YA?AVCComBSTR@ATL@@AAV_com_error@@@Z
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetFolderByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?GetIEUseableDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?GetRandomNum@@YAKKK@Z
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ
?GetUserAppDataPath3@@YA?AVCComBSTR@ATL@@XZ
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserGuid@@YAXPADAAH@Z
?GetWindowWorkArea@@YA?AUtagRECT@@PAUHWND__@@@Z
?GetXMLKeyValue@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@0PAH1@Z
?GetXMLMasterKeyValue@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetXPMenuState@@YAXAAHAAK@Z
?HashXMLFile2@@YAHPB_WAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?HexStringToBits@@YA_NPBDPAEAAH@Z
?InflateColor@@YAKKH@Z
?IsEnableUAC@@YAHXZ
?IsInQuo@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?IsLiveMediaExist@@YA_NXZ
?IsWinXPOrLater@@YAHXZ
?IsWindows2KOrLater@@YAHXZ
?IsWindowsVista@@YAHXZ
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?LimitRect@@YA?AUtagRECT@@U1@0HH@Z
?LiveMediaStart@@YAPAXXZ
?LiveMediaStop@@YAXAAPAX@Z
?MinimizeMemory@@YAXXZ
?NavigateURL@@YAHPB_WH@Z
?PreTranslateMessage@CQMMouseWheelWithoutFocus@@SAHPAUtagMSG@@@Z
?RegistLocalInfo@@YAHXZ
?RegisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?ResizeRect@@YA?AUtagRECT@@U1@UtagSIZE@@@Z
?SetDoLog@@YAXH@Z
?SetQQliveDlgHwnd@@YAXPAUHWND__@@@Z
?SetXPMenuState@@YAXH@Z
?StrToAddr@@YAHAAUsockaddr_in@@PB_WF@Z
?TraceComError@@YAXAAV_com_error@@@Z
?UnregisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?WriteFlashPlayerTrust@@YAX_N@Z
?gLoadString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/login.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4c223a9e2d3fd4891e8ad62d664b2ca8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7d:d4:1d:c9:00:14:92:ee:58:a7:95:cb:58:29:78:0c:07:db:aa:8e
Signer

Actual PE Digest

7d:d4:1d:c9:00:14:92:ee:58:a7:95:cb:58:29:78:0c:07:db:aa:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\login.pdb

Imports

httpdownload

?SetRequestMethod@CHttpDownload@@QAEXH@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@0@Z
?AddInfo@CHttpDownload@@QAEHABV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@K@Z
?AddContent@CHttpDownload@@QAEHPBEH@Z
?SetUIInterface@CHttpDownload@@QAEXPAVCHttpDownloadUIInterface@@@Z
??0CHttpDownload@@QAE@XZ
?OnRedirected@CHttpDownloadUIInterface@@UAEXPB_W@Z
?OnProgress@CHttpDownloadUIInterface@@UAEXKK@Z
?OnDownloadStart@CHttpDownloadUIInterface@@UAEXKK@Z
?OnConnected@CHttpDownloadUIInterface@@UAEXXZ
?OnConnecting@CHttpDownloadUIInterface@@UAEXPB_W@Z
??1CHttpDownload@@UAE@XZ
??_7CHttpDownloadUIInterface@@6B@
?Download@CHttpDownload@@QAEIPB_W0PAU_SYSTEMTIME@@@Z
??1CHttpDownloadUIInterface@@UAE@XZ

common

??1CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@XZ
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
??0CTXStringW@@QAE@PB_W@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??1CTXStringW@@QAE@XZ
??BCTXStringW@@QBEPB_WXZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z

gf

?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

log

?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?CheckFileExist@@YAHPB_W@Z
?GetUserAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?NavigateURL@@YAHPB_WH@Z
?DOLOG@@YAXPB_WZZ
?FocusToTop@@YAXPAUHWND__@@@Z
?GetClientOsVersion@@YAEXZ
?BitsToHexString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEH@Z
?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?GetUserAppDataPath2@@YA?AVCComBSTR@ATL@@XZ

mfc80u

ord870
ord267
ord776
ord774
ord280
ord3927
ord2121
ord1176
ord2444
ord2895
ord1479
ord282
ord6700
ord1472
ord766
ord5558
ord5524
ord5398
ord2460
ord6161
ord1908
ord266
ord762
ord293
ord2311
ord283
ord899
ord896
ord3713
ord577
ord314
ord1043
ord764
ord3677
ord566
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord581
ord1200
ord1170
ord1168
ord1192
ord1115
ord1162
ord371
ord1093
ord1199
ord1197
ord1087
ord1033
ord1079
ord315
ord765
ord6751
ord1178
ord3712
ord1182
ord2239
ord3824
ord757
ord4032
ord4008
ord6272
ord3795
ord6274
ord4320
ord2054
ord2009
ord5579
ord3800
ord1007
ord5096
ord6215
ord5378
ord3826
ord1911
ord2925
ord5220
ord5222
ord3942
ord4562
ord5226
ord5209
ord5562
ord2531
ord2725
ord2829
ord4301
ord2708
ord2832
ord2534
ord2640
ord2527
ord265

msvcr80

_wcslwr_s
iswdigit
wcstol
_wcsnicmp
wcsncmp
_time64
memcpy
strtoul
calloc
malloc
_wfopen_s
fseek
_except_handler4_common
_unlock
__clean_type_info_names_internal
__dllonexit
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
ftell
fclose
fread
_purecall
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_resetstkoflw
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memcpy_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memmove_s
_vscwprintf
_invalid_parameter_noinfo
wcsnlen
memset
free
__CxxFrameHandler3
_recalloc
swprintf_s
_encode_pointer
vswprintf_s

kernel32

VirtualAlloc
GetTickCount
WideCharToMultiByte
SetLastError
GetCurrentProcess
FlushInstructionCache
OutputDebugStringW
GetFileAttributesW
GetProcAddress
GetLastError
lstrlenA
DeleteFileW
GetModuleFileNameW
lstrlenW
MultiByteToWideChar
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileStringW
GetPrivateProfileIntW
LocalFree
LocalAlloc
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersionExA
GetACP
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
RaiseException

user32

GetClassInfoExW
LoadCursorW
RegisterClassExW
GetParent
GetWindow
GetClientRect
MapWindowPoints
SystemParametersInfoW
IsIconic
SetWindowPos
IsWindowVisible
OffsetRect
IsZoomed
SetWindowLongW
CreateWindowExW
UnregisterClassA
DestroyWindow
GetWindowRect
IsWindow
MessageBoxW
CallWindowProcW
GetWindowLongW
PostMessageW
DefWindowProcW
GetDesktopWindow

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

ole32

CoLoadLibrary
CoCreateInstance

oleaut32

VarBstrCmp
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantInit
SysFreeString
SysStringLen

atl80

ord41
ord48
ord42
ord44
ord43
ord32
ord31
ord30
ord11
ord15
ord18
ord22
ord64
ord23
ord61
ord58
ord10

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

wininet

InternetSetCookieW

ws2_32

inet_ntoa

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/mfc80u.dll
.dll windows:4 windows x86 arch:x86

45cba60d0833bef75d882d15b2d5a2cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MFC80U.i386.pdb

Imports

msvcr80

?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
strcpy_s
_itow_s
_ultow_s
_ltow_s
iswdigit
ceil
wcsncmp
_wcsnicmp
_wfullpath
_wtol
__argc
swscanf_s
__wargv
_beginthreadex
_endthreadex
_wcsdup
_wtoi
_expand
wcstod
wcstoul
wcstol
_mbsrchr
_resetstkoflw
_recalloc
_wmakepath_s
_wsplitpath_s
_snwscanf_s
_vsnwprintf_s
labs
abs
calloc
_msize
wcscat_s
_snwprintf_s
_errno
_purecall
_mktime64
_localtime64_s
realloc
fputws
fwrite
clearerr_s
ferror
feof
fread
__doserrno
_fdopen
_open_osfhandle
_fileno
_get_osfhandle
fclose
fflush
ftell
fseek
fgetws
wcscpy_s
abort
memcmp
swprintf_s
wcsncpy_s
malloc
_wcsupr_s
_mbsicoll
vsprintf_s
wcslen
_mbsinc
wcsstr
_wcslwr_s
_mbsrev
memset
_mbscoll
_mbslwr_s
_vscwprintf
_mbscspn
_mbscmp
memmove
iswspace
_mbsicmp
wcsrchr
wcspbrk
_wcsrev
wcschr
wcscspn
_mbsupr_s
memcpy_s
_mbsspn
vswprintf_s
_wcsicoll
_wcsicmp
memcpy
_mbschr
free
_mbspbrk
wcsspn
wcscoll
memmove_s
_ismbcspace
strlen
_mbsstr
_vscprintf
_CxxThrowException
wcscmp
__clean_type_info_names_internal
__CxxFrameHandler3

kernel32

GetLocaleInfoA
GetSystemTimeAsFileTime
GetLastError
MultiByteToWideChar
FindResourceExW
GetEnvironmentVariableW
SizeofResource
LockResource
FormatMessageW
FindResourceW
WideCharToMultiByte
GetEnvironmentVariableA
LocalFree
FormatMessageA
LoadResource
SetLastError
GetAtomNameW
GlobalGetAtomNameW
lstrlenW
lstrcmpA
lstrlenA
DuplicateHandle
GetCurrentProcess
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
CreateFileW
FindClose
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
lstrcmpiW
CloseHandle
LockFile
GetThreadLocale
UnlockFile
GetStringTypeExW
SetEndOfFile
GetFileSize
MoveFileW
DeleteFileW
GetModuleFileNameW
GetShortPathNameW
LoadLibraryW
GetProcAddress
GlobalLock
GlobalSize
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileAttributesW
SetFileTime
GetFileTime
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
LocalAlloc
TlsAlloc
InitializeCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GlobalAddAtomW
GetCurrentThreadId
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomW
CompareStringW
GetCurrentProcessId
GetVersion
MulDiv
GetVersionExW
GetProfileIntW
LoadLibraryA
VirtualProtect
GetModuleHandleA
RaiseException
GlobalFlags
GetDiskFreeSpaceW
GetTempFileNameW
LocalLock
LocalUnlock
GetTempPathW
SearchPathW
SetEvent
SetThreadPriority
ResumeThread
SuspendThread
GetLocaleInfoW
CompareStringA
ConvertDefaultLocale
EnumResourceLanguagesW
GetCurrentThread
InterlockedExchange
SetErrorMode
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
InterlockedIncrement
FindNextFileW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyW
lstrcpyA
GetSystemTime
LoadLibraryExW
Sleep
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetACP

gdi32

GetBkMode
GetClipBox
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileW
CopyMetaFileW
Ellipse
CreateEllipticRgn
LPtoDP
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
DPtoLP
SetRectRgn
CombineRgn
GetMapMode
PolylineTo
PolyDraw
SetArcDirection
StartDocW
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
GetPixel
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
EnumMetaFile
PlayMetaFile
ModifyWorldTransform
PlayMetaFileRecord
SetWorldTransform
GetObjectType
SetGraphicsMode
ExtSelectClipRgn
SetStretchBltMode
CreateDIBPatternBrushPt
GetClipRgn
SetROP2
CreateRectRgn
SetPolyFillMode
CreateHatchBrush
SelectClipPath
SetBkMode
CreateSolidBrush
PolyBezierTo
ExtCreatePen
SelectPalette
SetColorAdjustment
EnumFontFamiliesExW
CreateDCW
BitBlt
CreateRectRgnIndirect
PatBlt
UnrealizeObject
Rectangle
CreatePen
CreatePatternBrush
CreateBitmap
DeleteMetaFile
CloseMetaFile
TextOutW
GetViewportOrgEx
GetDeviceCaps
GetTextColor
Escape
GetStretchBltMode
GetPolyFillMode
RectVisible
ExtTextOutW
PtVisible
MoveToEx
GetCurrentPositionEx
GetROP2
GetTextAlign
GetTextExtentPoint32A
ScaleWindowExtEx
RestoreDC
SetWindowExtEx
ScaleViewportExtEx
SaveDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetNearestColor
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
CreateFontIndirectW
SetWindowOrgEx
GetWindowOrgEx
GetTextFaceW
GetStockObject
GetTextMetricsW
GetTextExtentPoint32W
DeleteObject
GetCharWidthW
CreateFontW
DeleteDC
StretchDIBits
SelectObject
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
GetObjectW
SetTextColor

user32

IsWindow
IsChild
DeferWindowPos
GetClassNameW
GetClientRect
GetLastActivePopup
GetClassInfoW
AdjustWindowRectEx
MapWindowPoints
MessageBoxW
SetPropW
GetFocus
GetForegroundWindow
RegisterClassW
GetTopWindow
SetWindowsHookExW
SetActiveWindow
SetForegroundWindow
SetFocus
SetScrollPos
GetMessageTime
CreateWindowExW
SendDlgItemMessageW
SendDlgItemMessageA
GetScrollPos
GetMessagePos
RegisterWindowMessageW
SetScrollRange
UpdateWindow
DestroyWindow
GetKeyState
GetScrollRange
WinHelpW
GetDlgCtrlID
ShowScrollBar
PostMessageW
SendMessageW
IsIconic
GetCapture
DefWindowProcW
GetWindowTextLengthW
SetScrollInfo
LoadIconW
GetWindowPlacement
GetWindowTextW
GetScrollInfo
GetWindowRect
GetPropW
GetDlgItem
IsWindowVisible
SystemParametersInfoA
CallWindowProcW
SetWindowPlacement
ScrollWindow
PtInRect
RemovePropW
TrackPopupMenu
OffsetRect
TrackPopupMenuEx
GetWindowLongW
IntersectRect
GetMenuItemCount
PeekMessageW
SetWindowLongW
BeginDeferWindowPos
CallNextHookEx
DispatchMessageW
SetWindowPos
CopyRect
GetClassLongW
GetSubMenu
EndDeferWindowPos
GetMenuItemID
ScreenToClient
GetSysColor
EnableWindow
TranslateAcceleratorW
InsertMenuItemW
ReleaseCapture
BringWindowToTop
UnpackDDElParam
SetCursor
ReuseDDElParam
GetDesktopWindow
IsWindowEnabled
ShowWindow
GetWindowThreadProcessId
GetActiveWindow
LoadMenuW
DestroyMenu
CreatePopupMenu
InvalidateRect
SetMenu
SetRectEmpty
LoadAcceleratorsW
LoadCursorW
EqualRect
WaitMessage
WindowFromPoint
SetCapture
ClientToScreen
GetMessageW
TranslateMessage
DrawMenuBar
DefMDIChildProcW
RedrawWindow
DefFrameProcW
TranslateMDISysAccel
InflateRect
KillTimer
SetTimer
SetRect
GetDC
ReleaseDC
IsZoomed
SetParent
IsRectEmpty
GetSystemMenu
DeleteMenu
AppendMenuW
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextW
DrawTextExW
GrayStringW
UnionRect
MapVirtualKeyW
GetKeyNameTextW
DrawFocusRect
LoadBitmapW
FillRect
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
GetMenuStringW
SystemParametersInfoW
GetMenuItemInfoW
GetSysColorBrush
SetWindowTextW
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageW
MoveWindow
CheckDlgButton
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
ModifyMenuW
GetMenuCheckMarkDimensions
DestroyIcon
DestroyCursor
SetCursorPos
DrawIcon
FindWindowW
SetWindowRgn
GetTabbedTextExtentW
MessageBeep
IsClipboardFormatAvailable
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassW
ShowOwnedPopups
InsertMenuW
RegisterClipboardFormatW
SendNotifyMessageW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
GetWindow
GetMenu
GetClassInfoExW
GetParent
MsgWaitForMultipleObjects
UnhookWindowsHookEx
GetCursorPos
CharUpperW
OemToCharBuffA
UnregisterClassA
CharToOemBuffA
GetSystemMetrics

shlwapi

UrlUnescapeW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/msvcp80.dll
.dll windows:4 windows x86 arch:x86

6488997e312be12f8300ea7b1c34d497

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp80.i386.pdb

Imports

msvcr80

setvbuf
fwrite
??0exception@std@@QAE@XZ
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
__iob_func
_invoke_watson
_fsopen
wcstombs_s
_wfsopen
_get_osplatform
mbstowcs_s
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
_Strftime
strcspn
_strtoi64
_strtoui64
sprintf_s
abort
??0exception@std@@QAE@ABQBDH@Z
_realloc_crt
setlocale
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fputs
fflush
towlower
towupper
strcmp
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
memcpy
isupper
_calloc_crt
islower
__crtGetStringTypeW
__crtLCMapStringW
__crtCompareStringW
isspace
tolower
strtod
isdigit
isalnum
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
ungetc
fputc
fgetc
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
_invalid_parameter_noinfo
??_V@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove_s
memcpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
__uncaught_exception
??0exception@std@@QAE@ABQBD@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@IAE@PBDI_N@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@IAE@PBDI_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@IAE@PBDI_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@V?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@1@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@IAE@PBDI@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@IAE@PBDI@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@IAE@PBDI@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@IAE@PBDI@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@IAE@PBDI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@IAE@PBDI@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@IAE@PBDI@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@IAE@PBDI@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@IAE@PBDI@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@IAE@PBDI@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@IAE@PBDI@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/npQQLive.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b6bfe749f181fcce586cc9cda7791d2c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

37:72:9b:b2:25:86:ba:b4:2e:2a:5f:48:95:70:ea:92:e0:c7:a0:e8
Signer

Actual PE Digest

37:72:9b:b2:25:86:ba:b4:2e:2a:5f:48:95:70:ea:92:e0:c7:a0:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\npQQLive.pdb

Imports

kernel32

SetLastError
InitializeCriticalSection
GlobalAlloc
InterlockedDecrement
DeleteCriticalSection
GetCurrentProcess
GetLastError
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
lstrcmpW
UnhandledExceptionFilter
TerminateProcess
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException
FlushInstructionCache
InterlockedIncrement
EnterCriticalSection
GlobalLock
GetCurrentThreadId
GlobalUnlock
LeaveCriticalSection
MulDiv
lstrlenA
GetModuleFileNameW
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrlenW

user32

ScreenToClient
SetWindowTextW
UnregisterClassA
InvalidateRgn
RegisterWindowMessageW
DefWindowProcW
GetWindowTextW
MoveWindow
CallWindowProcW
RegisterClassExW
PostMessageW
DestroyAcceleratorTable
LoadCursorW
DestroyWindow
GetFocus
SetWindowLongW
GetDC
IsWindow
GetDesktopWindow
GetParent
ReleaseCapture
GetSysColor
SetWindowPos
EndPaint
GetWindow
GetClientRect
SetCapture
GetWindowLongW
ClientToScreen
FillRect
BeginPaint
RedrawWindow
CreateAcceleratorTableW
GetClassNameW
ReleaseDC
GetClassInfoExW
SendMessageW
GetWindowTextLengthW
InvalidateRect
CharNextW
SetFocus
GetDlgItem
IsChild
CreateWindowExW

gdi32

GetDeviceCaps
CreateSolidBrush
GetStockObject
CreateCompatibleBitmap
DeleteDC
DeleteObject
GetObjectW
SelectObject
BitBlt
CreateCompatibleDC

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW

ole32

OleInitialize
CLSIDFromProgID
StringFromGUID2
CLSIDFromString
CoGetClassObject
OleLockRunning
CreateStreamOnHGlobal
CoTaskMemAlloc
CoCreateInstance
OleUninitialize

oleaut32

DispCallFunc
OleCreateFontIndirect
SysStringByteLen
VariantClear
LoadTypeLi
SysAllocStringLen
SysAllocString
VariantInit
LoadRegTypeLi
SysStringLen
SysFreeString

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
memset
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
memcpy
??1exception@std@@UAE@XZ
free
strncpy_s
atol
memcpy_s
??2@YAPAXI@Z
malloc
swprintf_s
_recalloc
??_V@YAXPAX@Z
strcpy_s
??3@YAXPAX@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
__CxxFrameHandler3
_CxxThrowException
_amsg_exit

Exports

Exports

DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/p2papi.dll
.dll regsvr32 windows:4 windows x86 arch:x86

706133f665fbe764bed59238455756be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:09:e2:1b:94:ad:3f:c0:63:6c:d5:c2:48:10:13:84:6c:b1:fc:0e
Signer

Actual PE Digest

30:09:e2:1b:94:ad:3f:c0:63:6c:d5:c2:48:10:13:84:6c:b1:fc:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2papi.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ws2_32

send
shutdown
recv
WSAGetLastError
setsockopt
socket
connect
WSAStartup
htons
htonl
closesocket
sendto
gethostbyname
ntohl
recvfrom
WSACleanup
bind
ntohs
inet_ntoa
inet_addr

kernel32

GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetACP
CloseHandle
CreateFileA
GetModuleFileNameA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
SetFileAttributesA
GetFileAttributesA
GetLastError
CreateDirectoryA
DeleteFileA
Sleep
GetTickCount
InterlockedExchange
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalFree
GlobalAlloc
GetModuleHandleA
UnmapViewOfFile
LoadLibraryExA
lstrlenW
lstrlenA
GetCurrentThreadId
GetLocalTime
CreateThread
GetTempPathA
DisableThreadLibraryCalls
ResetEvent
SetEvent
CreateEventA
LocalFree
FormatMessageA
RaiseException
FindNextFileA
FindClose
FindFirstFileA
RemoveDirectoryA
SystemTimeToFileTime
GetSystemTime
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetSystemTimeAsFileTime

user32

UnregisterClassA

shell32

SHGetFolderPathA
ShellExecuteExA

ole32

CoCreateInstance
CLSIDFromString

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysStringLen
LoadRegTypeLi
LoadTypeLi

atl80

ord18
ord22
ord64
ord49
ord23
ord61
ord15
ord31
ord32
ord58

shlwapi

PathFindExtensionA
PathFileExistsA

msvcp80

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@V32@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

strstr
printf
_beginthreadex
isalpha
_resetstkoflw
memmove_s
_vsnprintf_s
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
atol
_i64toa
_atoi64
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
ftell
ferror
fread
fseek
_itoa
towlower
_mbscmp
_ultoa
__RTDynamicCast
strtok
fopen
fprintf
fclose
__iob_func
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memset
sprintf_s
srand
rand
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
atoi
_time32
_mbsrchr
malloc
free
strncpy
memcpy
strncpy_s
strchr
_snprintf_s
_purecall
??_V@YAXPAX@Z
_snprintf
fflush

netapi32

Netbios

iphlpapi

GetNetworkParams

wininet

CommitUrlCacheEntryA
SetUrlCacheEntryInfoA
GetUrlCacheEntryInfoA
CreateUrlCacheEntryA

Exports

Exports

??0IP2PApp@@QAE@ABV0@@Z
??0IP2PApp@@QAE@XZ
??1IP2PApp@@UAE@XZ
??4IP2PApp@@QAEAAV0@ABV0@@Z
??_7IP2PApp@@6B@
DeleteP2PCore
DeleteP2PDownload
DeleteP2PDownloadEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetP2PDownload
GetP2PDownload2
GetP2PDownloadEx
GetP2PDownloadWithAppTypeByNew

Sections

.text
Size: 216KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/p2papp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d58bc77b0c06701882e6d09d86c43815

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

89:70:31:ec:c6:2b:70:3c:b6:98:04:d1:c6:20:49:61:33:f6:9c:35
Signer

Actual PE Digest

89:70:31:ec:c6:2b:70:3c:b6:98:04:d1:c6:20:49:61:33:f6:9c:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2papp.pdb

Imports

ws2_32

setsockopt
gethostbyname
connect
htonl
recv
send
inet_ntoa
inet_addr
htons
ntohl
socket
WSAGetLastError
closesocket
ntohs

kernel32

TerminateProcess
InterlockedCompareExchange
Sleep
GetVersionExA
GetThreadLocale
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
lstrcmpiA
InterlockedExchange
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
SizeofResource
DisableThreadLibraryCalls
GetModuleFileNameA
LoadResource
GetModuleHandleA
FindResourceA
GetCurrentThreadId
GetLocalTime
RaiseException
GetCurrentProcess
GetProcAddress
IsDBCSLeadByte
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryA
EnterCriticalSection
CreateEventA
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
GetExitCodeThread
OutputDebugStringA
CreateThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetFileAttributesA
CreateDirectoryA
CreateFileMappingA
GetCurrentProcessId
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
FindFirstFileA
FindClose
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
GlobalAlloc
GlobalFree
GetLocaleInfoA
GetACP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LoadLibraryExA

user32

CharNextA
UnregisterClassA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA

ole32

CoLoadLibrary
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString
UnRegisterTypeLi
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen
RegisterTypeLi

msvcp80

?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

msvcr80

_CxxThrowException
atoi
_ultoa
ferror
ftell
fseek
fread
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
memcpy
__CxxFrameHandler3
__CppXcptFilter
??3@YAXPAX@Z
_recalloc
rand
_invalid_parameter_noinfo
??0exception@std@@QAE@ABQBD@Z
_resetstkoflw
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
malloc
?what@exception@std@@UBEPBDXZ
free
??2@YAPAXI@Z
_vsnprintf_s
memcpy_s
_snprintf_s
strcat_s
wcsncpy_s
strcpy_s
??_V@YAXPAX@Z
_mbsnbcpy_s
_purecall
_snprintf
__RTDynamicCast
_beginthreadex
_itoa
strncpy
fopen
fwrite
fclose
_atoi64
sprintf_s
_mbsrchr
_strlwr_s
memmove_s

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

DeleteP2PCore
DeleteP2PDownload
DeleteP2PDownloadEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetP2PDownload
GetP2PDownload2
GetP2PDownloadEx
GetP2PDownloadWithAppTypeByNew

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/p2pcore.dll
.dll windows:4 windows x86 arch:x86

6df3d07ad14ab5266678b57dd215ce7f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:36:04:9b:f6:16:48:ac:c7:0d:9f:c3:f6:cf:0f:e1:8a:23:de:33
Signer

Actual PE Digest

0e:36:04:9b:f6:16:48:ac:c7:0d:9f:c3:f6:cf:0f:e1:8a:23:de:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2pcore.pdb

Imports

ws2_32

sendto
inet_addr
send
select
htons
setsockopt
bind
inet_ntoa
gethostbyname
gethostname
WSAGetLastError
WSACleanup
ioctlsocket
ntohl
ntohs
recv
socket
closesocket
WSAStartup
recvfrom
connect
__WSAFDIsSet
htonl

kernel32

DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
UnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
GetCurrentProcessId
CreateFileMappingA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
GetProcAddress
InterlockedExchange
GetModuleFileNameA
MultiByteToWideChar
lstrlenA
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
WaitForSingleObject
CreateEventA
CloseHandle
SetEvent
GetTickCount
GetCurrentThreadId
FreeLibrary
GetLocalTime
Sleep
LoadLibraryA
WaitForMultipleObjects
GetFileAttributesA
GlobalFree
CreateDirectoryA
GetPrivateProfileStringA
GlobalAlloc
WritePrivateProfileStringA
TryEnterCriticalSection
OpenFileMappingA

user32

GetLastInputInfo

advapi32

RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey

shell32

SHGetFolderPathA

ole32

CoFreeLibrary
CoUninitialize
CoCreateGuid
CoInitialize
CoLoadLibrary

msvcp80

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

msvcr80

_CxxThrowException
strtol
isdigit
strchr
clock
_localtime32
strstr
_mbsrchr
atol
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CxxFrameHandler3
memset
memcpy
_onexit
??3@YAXPAX@Z
??_V@YAXPAX@Z
__RTDynamicCast
_purecall
??2@YAPAXI@Z
??1exception@std@@UAE@XZ
srand
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_time32
rand
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
memmove_s
_snprintf
free
strncpy
malloc
strncat
_beginthreadex
_snprintf_s
_vsnprintf_s
_beginthread
sprintf_s
_atoi64

Exports

Exports

??0IP2PCore@@QAE@ABV0@@Z
??0IP2PCore@@QAE@XZ
??1IP2PCore@@UAE@XZ
??4IP2PCore@@QAEAAV0@ABV0@@Z
??_7IP2PCore@@6B@
CreateP2PCore
DeleteCore

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/p2pdata.dll
.dll windows:4 windows x86 arch:x86

2202606890651d1608e0e8fc6043de7b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

af:65:dd:de:c6:a1:9a:7a:8f:e9:4b:ba:8e:9f:a3:cc:8b:ef:e8:48
Signer

Actual PE Digest

af:65:dd:de:c6:a1:9a:7a:8f:e9:4b:ba:8e:9f:a3:cc:8b:ef:e8:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2pdata.pdb

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
GetProcAddress
LoadLibraryA
FreeLibrary
GetTempPathA
GetCurrentThreadId
GetLocalTime
CopyFileA
FindClose
FindNextFileA
FindFirstFileA
ResetEvent
Sleep
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetDiskFreeSpaceExA
GetTickCount
GetLastError
CreateSemaphoreA
CreateEventA
CloseHandle
SetEvent
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
DeviceIoControl
DeleteFileA
RemoveDirectoryA
CreateThread
OutputDebugStringA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
UnmapViewOfFile
GetVersionExA
GetFileAttributesA
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
MultiByteToWideChar
ReleaseSemaphore
InterlockedExchange
TerminateProcess
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime

user32

PostMessageA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetFolderPathA

oleaut32

SysAllocStringLen
SysFreeString

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcr80

malloc
free
_CxxThrowException
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
strchr
strstr
memcpy
_purecall
??_V@YAXPAX@Z
_snprintf_s
memset
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
_vsnprintf_s
??2@YAPAXI@Z
??3@YAXPAX@Z
_snprintf
_time32
_beginthread
rand
srand
memmove_s
_stat32
realloc
memcpy_s
sprintf_s
atol
strncmp
memmove
atoi
_errno
_mkdir
_access
strcat_s
rename
printf
?terminate@@YAXXZ
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal

Exports

Exports

??0IP2PApp@@QAE@ABV0@@Z
??0IP2PApp@@QAE@XZ
??0IP2PData@@QAE@ABV0@@Z
??0IP2PData@@QAE@XZ
??0IP2PDbg@@QAE@ABV0@@Z
??0IP2PDbg@@QAE@XZ
??1IP2PApp@@UAE@XZ
??1IP2PData@@UAE@XZ
??1IP2PDbg@@UAE@XZ
??4IP2PApp@@QAEAAV0@ABV0@@Z
??4IP2PData@@QAEAAV0@ABV0@@Z
??4IP2PDbg@@QAEAAV0@ABV0@@Z
??_7IP2PApp@@6B@
??_7IP2PData@@6B@
??_7IP2PDbg@@6B@
CreateP2PDataMgr
CreateP2PDbgMgr
DeleteP2PDataMgr
DeleteP2PDbgMgr

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/p2phttp.dll
.dll windows:4 windows x86 arch:x86

3fa3585c1b0d586023e93056df344bd6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a4:09:6a:62:02:f7:ef:b7:db:5f:39:3d:1d:d6:c2:e7:d8:2f:a7:32
Signer

Actual PE Digest

a4:09:6a:62:02:f7:ef:b7:db:5f:39:3d:1d:d6:c2:e7:d8:2f:a7:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2phttp.pdb

Imports

wininet

InternetGetCookieA
InternetQueryOptionA

ws2_32

WSAStartup
select
__WSAFDIsSet
recv
send
gethostbyname
inet_addr
htons
inet_ntoa
ioctlsocket
connect
setsockopt
closesocket
ntohs
socket

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
UnmapViewOfFile
GetCurrentProcessId
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
ResetEvent
Sleep
CloseHandle
CreateEventA
GetProcAddress
LoadLibraryA
FreeLibrary
GetTickCount
GetCurrentThreadId
GetLocalTime
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
SetEvent
WaitForSingleObject
GetLastError

msvcr80

memset
strncpy
atol
_vsnprintf_s
_snprintf
strncat
_time32
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_CxxThrowException
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memmove_s
_beginthread
sprintf_s
strchr
strncmp
isalpha
atoi
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
__CxxFrameHandler3
_purecall
strstr
memmove
memcpy
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
_snprintf_s

msvcp80

?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

??0IHttpFile@@QAE@ABV0@@Z
??0IHttpFile@@QAE@XZ
??1IHttpFile@@UAE@XZ
??4IHttpFile@@QAEAAV0@ABV0@@Z
??_7IHttpFile@@6B@
CreateHttpClient
DeleteHttpClient

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/qqlive.ini
QQLive/vqqsdl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

378a40d925eb9d1633ddd70c2fdcdb05

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fb:c2:79:aa:4a:61:ce:38:29:81:55:e0:cd:c3:db:bc:76:3e:88:60
Signer

Actual PE Digest

fb:c2:79:aa:4a:61:ce:38:29:81:55:e0:cd:c3:db:bc:76:3e:88:60

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

bind
socket
recvfrom
setsockopt
connect
recv
sendto
send
inet_addr
gethostname
select
gethostbyname
WSACleanup
WSAStartup
WSAGetLastError
ioctlsocket
closesocket
ntohl
ntohs
__WSAFDIsSet
htons
htonl

kernel32

LoadLibraryA
lstrcpyA
MultiByteToWideChar
lstrlenA
lstrcatA
WideCharToMultiByte
lstrlenW
GetModuleFileNameA
GetShortPathNameA
SizeofResource
LoadResource
GetProcAddress
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
CreateEventA
CreateDirectoryA
GetModuleHandleA
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
SetEvent
GetTempPathA
GetCurrentDirectoryA
FindResourceA
GetTickCount
Sleep
WaitForSingleObject
TerminateThread
CloseHandle

user32

PostMessageA
CharNextA

advapi32

RegQueryValueExA
RegCreateKeyA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA

ole32

CoLoadLibrary
CoFreeLibrary
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoUninitialize

oleaut32

SysFreeString
VarUI4FromStr
RegisterTypeLi
SysAllocString
LoadTypeLi

msvcrt

memcmp
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
__dllonexit
?terminate@@YAXXZ
_except_handler3
tolower
_ftol
clock
sscanf
strchr
strtol
isdigit
rename
remove
_access
_chsize
_filelengthi64
_lseeki64
_read
_write
_commit
_close
_sopen
strncat
srand
time
strcmp
strncpy
_beginthreadex
rand
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
_splitpath
strcat
memset
realloc
malloc
free
_onexit
_purecall
??2@YAPAXI@Z
strcpy
_EH_prolog
__CxxFrameHandler
strlen
memcpy
??3@YAXPAX@Z

msvcp60

??1?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0ABV?$allocator@D@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?str@?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??_7out_of_range@std@@6B@
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0logic_error@std@@QAE@ABV01@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1_Lockit@std@@QAE@XZ
??_7bad_alloc@std@@6B@
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1_Winit@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0Init@ios_base@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo
GetIfEntry

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive/whatsnew.txt
QQLive/xGraphic32.dll
.dll windows:4 windows x86 arch:x86

887da8f744735d0f5ecae1160fd8f91a

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26-01-2010 00:00

Not After

25-01-2013 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

56:ed:d1:bf:d4:a2:bb:3d:a1:a4:61:fa:80:d2:92:1d:e3:1b:2b:52
Signer

Actual PE Digest

56:ed:d1:bf:d4:a2:bb:3d:a1:a4:61:fa:80:d2:92:1d:e3:1b:2b:52

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\Hummer\platform_QQLiveProj_2\Basic_HummerPlatform_VOB\Platform_fr\Output\bin\xGraphic32.pdb

Imports

kernel32

GlobalAlloc
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
Sleep
InterlockedExchange

user32

EqualRect
IntersectRect
ReleaseDC
GetDC
OffsetRect
WindowFromDC
CopyRect
IsRectEmpty
PtInRect
InflateRect
SetRect

gdi32

GetCurrentObject
CreateRectRgn
SetStretchBltMode
StretchBlt
ExtCreatePen
RoundRect
Rectangle
GetStockObject
ExtTextOutW
SetBkColor
CombineRgn
ExtCreateRegion
DeleteObject
CreateDIBSection
SetDIBitsToDevice
BitBlt
GetObjectW
GetClipBox
GetViewportOrgEx
GetWindowOrgEx
DeleteDC
SetViewportOrgEx
SetWindowOrgEx
CreateCompatibleDC
SelectObject

msimg32

AlphaBlend

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
memmove
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
??_V@YAXPAX@Z
__CxxFrameHandler3
memset
memcpy
_CIsqrt
_CxxThrowException

Exports

Exports

?DrawTexture9Grid@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@11KHE@Z
?DrawTextureCenter@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@1KE@Z
?DrawTextureTile@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@1KE@Z
?DrawTextureTopTile@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@11KE@Z
AHSLColorize
AHSLtoARGB
ARGBColorize
ARGBtoAHSL
BlendCanvas
BlurTexture
CanvasScroll
CanvasToTexture
ColorizeTexture
CopyTexture
CreateCanvas
CreateCanvasFromDC
CreateTexture
CreateTextureRgn
DeleteCanvas
DeleteTexture
DrawModulation
DrawTexture
DrawTextureEx
FillGradualRect
FillSolidRect
FillSolidRectEx
GdiTransCanvas
GeoRectFocusEx
GeoRectangle
GeoRectangleEx
GeoRoundRect
GeoRoundRectEx
GetCanvasBkColor
GetCanvasFilter
GetCanvasHandle
GetCanvasWindow
GetTextureFilter
GetTextureHandle
GetTextureMode
GetTextureSize
GetViewportOrg
GetWindowOrg
GrayTexture
InvertTexture
LightTexture
LockTextureBits
MixCanvas
MixCanvasWithColor
NormalizeTexture
SetCanvasBkColor
SetCanvasFilter
SetCanvasWindow
SetTextureCurSlice
SetTextureFilter
SetTextureMode
SetTextureSlice
SetViewportOrg
SetWindowOrg
ShuffleTexture
TranslateTexture
UnlockTextureBits

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c042238f43557c055fca8642de8a074

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 296KB

.ndata Size: - Virtual size: 360KB

.rsrc Size: 88KB - Virtual size: 88KB

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 128B

.reloc Size: 512B - Virtual size: 220B

0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

153027ec3b10bcea606b777657dd3402

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 172B

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 446B

5b9be84907034b8f0152e51177ceafc3

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 296KB

.ndata
Size: - Virtual size: 360KB

.rsrc
Size: 88KB - Virtual size: 88KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 128B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 172B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 446B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 276B

.reloc
Size: 512B - Virtual size: 256B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

b1:3e:4e:f9:5e:6a:35:6a:89:ad:e1:5b:31:6b:24:75:39:77:9b:b9
Signer

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 24KB - Virtual size: 22KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

22:71:9f:a7:12:5d:1f:2a:13:56:d6:a4:d7:40:7d:c0:c5:17:f7:e2
Signer