4a52855dc46f4c42a69e50d08e78aacd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a52855dc46f4c42a69e50d08e78aacd_JaffaCakes118
Size

3.3MB
MD5

4a52855dc46f4c42a69e50d08e78aacd
SHA1

05d19b7e6a10fa2815d3460b34cfb12d0be3de59
SHA256

3019aa40030b5c731af6dda3b0a251321148bcb46c7814973fad3361ad281524
SHA512

6205d0f35a6e532fa694987963052b127261bc784d7ca97705f78cd76201d0292f5cb0ab86dbea549982c896c34e43ba6e69ac7efce776ebc2a5d3cb715085bd
SSDEEP

49152:4LyiPNDBy36STcSRHO8CbG+1sx3PlWHmj9Mwsbh1MeZ8Us4wIeujMYf01g+Ww:4L1o7fRHxCbX2Pbj0z3iKeV2UX

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/dbghelp.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/dbghelp.dll	upx

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack003/components/FlashGetXPI.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/processwork.dll
unpack002/BugReport.dll
unpack002/BugReport.exe
unpack002/FlashGetExt.dll
unpack002/Info.exe
unpack002/Krnlmodule.dll
unpack002/P2PCore.dll
unpack002/P2SCore.dll
unpack002/adns.dll
unpack002/btcoreu.dll
unpack002/corestat.dll
unpack002/dbghelp.dll
unpack002/libScheduler.dll
unpack002/libSkinX.dll
unpack002/libStatistics.dll
unpack002/zlib.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/flashgetmini_v14.exe	nsis_installer_1

Files

4a52855dc46f4c42a69e50d08e78aacd_JaffaCakes118
.rar
flashgetmini_v14.exe
.exe windows:4 windows x86 arch:x86

4d17be67c8d0394c5c1b8e725359ed89

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClassA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1/$1/flashgetMini.xpi
.zip
META-INF/manifest.mf
META-INF/zigbert.rsa
META-INF/zigbert.sf
chrome.manifest
chrome/FlashGetMini.jar
.zip
content/contents.rdf
.xml
content/flashgetcommon.js
.js
content/flashgetmenu.js
.js
content/flashgetmenu.xul
content/icon.bmp
content/saveas.js
.js
content/saveas.xul
.xml
content/vssver.scc
flashget.rar
.rar
content/contents.rdf
.xml
content/flashgetcommon.js
.js
content/flashgetmenu.js
.js
content/flashgetmenu.xul
content/icon.bmp
content/saveas.js
.js
content/saveas.xul
.xml
content/vssver.scc
locale/en-US/common.dtd
locale/en-US/common.properties
locale/en-US/menu.dtd
locale/en-US/menu.properties
locale/en-US/saveas.dtd
locale/zh-CN/common.dtd
locale/zh-CN/common.properties
locale/zh-CN/menu.dtd
locale/zh-CN/menu.properties
locale/zh-CN/saveas.dtd
locale/en-US/common.dtd
locale/en-US/common.properties
locale/en-US/menu.dtd
locale/en-US/menu.properties
locale/en-US/saveas.dtd
locale/zh-CN/common.dtd
locale/zh-CN/common.properties
locale/zh-CN/menu.dtd
locale/zh-CN/menu.properties
locale/zh-CN/saveas.dtd
vssver.scc
components/FlashGetXPI.dll
.dll windows:4 windows x86 arch:x86

d6f4df271b4944d59aecc37e687347f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
HeapSize
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalFree
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA

ole32

CoCreateInstance
OleRun
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString
SafeArrayCreate
VariantInit
VariantClear
SysStringByteLen
SysAllocStringByteLen
SafeArrayPutElement
SafeArrayDestroy

xpcom

NS_Alloc
NS_GetComponentManager

nspr4

PR_AtomicDecrement
PR_AtomicIncrement

Exports

Exports

??RnsCreateInstanceByCID@@UBEIABUnsID@@PAPAX@Z
??RnsCreateInstanceByContractID@@UBEIABUnsID@@PAPAX@Z
??RnsCreateInstanceFromFactory@@UBEIABUnsID@@PAPAX@Z
??RnsGetClassObjectByCID@@UBEIABUnsID@@PAPAX@Z
??RnsGetClassObjectByContractID@@UBEIABUnsID@@PAPAX@Z
NSGetModule

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
components/IFlashgetXpi.xpt
install.rdf
.xml
$APPDATA/FlashGetBHO/$2
.dll regsvr32 windows:4 windows x86 arch:x86

bb872033cfc4d6243e499d8f0e568136

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\libMiniBHO.pdb

Imports

kernel32

UnmapViewOfFile
IsBadWritePtr
CloseHandle
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
SetThreadLocale
GetThreadLocale
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetCurrentThreadId
SetLastError
GetSystemDefaultLangID
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
GetPrivateProfileStringW
GetCurrentProcessId
IsProcessorFeaturePresent
InterlockedCompareExchange
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
lstrlenA
GetStringTypeW
GetStringTypeA
LoadLibraryA
InterlockedExchange
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
IsBadReadPtr
lstrlenW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetLastError
lstrcmpiW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocaleInfoA

user32

GetFocus
CharNextW
PostMessageW
IsWindow
SetFocus
DestroyWindow
SetWindowLongW
GetWindowLongW
KillTimer
DefWindowProcW
FindWindowW
LoadStringW
SetWindowsHookExW
CreateWindowExW
SetWindowPos
CharUpperBuffW
MapDialogRect
GetWindowRect
UnregisterClassA
GetWindowDC
ReleaseDC
InvalidateRect
UnhookWindowsHookEx
CallNextHookEx
GetWindowModuleFileNameW
SendMessageTimeoutW
PtInRect
WindowFromPoint
GetWindowThreadProcessId
CopyRect
CreatePopupMenu
AppendMenuW
TrackPopupMenu
GetCursorPos
GetSystemMetrics
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
GetDC
ScreenToClient
ClientToScreen
GetClientRect
MoveWindow
GetSysColor
LoadBitmapW
SendMessageW
SetWindowContextHelpId
GetWindow
SendDlgItemMessageW
SetTimer
IsWindowVisible
ShowWindow

gdi32

GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetStockObject

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoGetClassObject
ProgIDFromCLSID
OleUninitialize
OleInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

CreateErrorInfo
SetErrorInfo
OleCreateFontIndirect
DispCallFunc
VarBstrCmp
SysAllocStringLen
VariantChangeType
VariantCopy
RegisterTypeLi
UnRegisterTypeLi
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
VARIANT_UserFree
VARIANT_UserUnmarshal
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
SafeArrayUnlock
SafeArrayLock

rpcrt4

NdrOleAllocate
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrStubForwardingFunction
NdrOleFree
NdrStubCall2

shlwapi

PathRemoveFileSpecW

comctl32

_TrackMouseEvent

urlmon

CoInternetGetSession

oleacc

ObjectFromLresult

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

c4fa86e78b598d87f225e209ba30786f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
PtInRect
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
OpenClipboard

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/google.bmp
$PLUGINSDIR/google.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/processwork.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CloseProcess
ExistsProcess
KillProcess
QuitProcess

Sections

CODE
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 47B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/recommend.ini
$PLUGINSDIR/recommendUn.ini
$TEMP/gtapi_signed.dll
.dll windows:4 windows x86 arch:x86

a1cddef184beba696e690091795eacfd

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:44:c0:6a:6c:fb:50:76:c1:5d:39:95:72:c6:94:21
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

19/06/2007, 00:00

Not After

18/06/2010, 23:59

Subject

CN=Google Inc,OU=Digital ID Class 3 - Netscape Object Signing,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:d4:89:1c:dc:a0:67:a5:0d:5f:31:70:c9:f5:1a:18:ad:f2:70:25
Signer

Actual PE Digest

5a:d4:89:1c:dc:a0:67:a5:0d:5f:31:70:c9:f5:1a:18:ad:f2:70:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gtapi.pdb

Imports

kernel32

GetCurrentProcessId
GetModuleHandleW
LocalFree
OpenProcess
lstrcmpA
GetLocalTime
LoadLibraryW
LoadLibraryA
LocalAlloc
lstrlenA
FreeLibrary
GetFileAttributesW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetVersion
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetProcAddress
lstrcmpiA
CloseHandle
SetLastError
GetLastError
GetVersionExA
TerminateProcess
OutputDebugStringA

user32

CharUpperA
CharNextA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

CancelToolbarInstall
GetToolbarInstallerProgress
ToolbarCompatibilityCheck

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BarSet.bmp
BugReport.dll
.dll windows:4 windows x86 arch:x86

63a5027d66b11ea1188eb1c7ffcef3cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dbghelp

SymGetOptions
SymSetOptions
SymGetModuleBase
SymFunctionTableAccess
StackWalk
SymGetSymFromAddr
UnDecorateSymbolName
SymGetLineFromAddr
SymGetModuleInfo
SymCleanup
SymLoadModule
SymInitialize
MiniDumpWriteDump

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

psapi

GetProcessMemoryInfo

zlib

ord80
ord83
ord82
ord81
ord84

kernel32

GlobalFree
DeleteFileA
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedDecrement
lstrcatA
SetErrorMode
WritePrivateProfileStringA
InterlockedIncrement
GlobalFlags
RaiseException
GlobalFindAtomA
GlobalGetAtomNameA
FileTimeToSystemTime
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GlobalAddAtomA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
CreateFileA
FileTimeToDosDateTime
GetFileSize
ReadFile
FindFirstFileA
FileTimeToLocalFileTime
FindClose
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
MultiByteToWideChar
SetUnhandledExceptionFilter
GetTickCount
GetLocalTime
GetCurrentThread
DuplicateHandle
GetCurrentDirectoryA
GetEnvironmentVariableA
SetLastError
CreateToolhelp32Snapshot
Process32Next
CloseHandle
GetProcessTimes
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetModuleFileNameA
GetTempPathA
GetTempFileNameA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcmpW

user32

GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
DestroyMenu
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
GetTopWindow
GetSysColorBrush
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
wsprintfA
GetSystemMetrics
GetMenuItemID
GetSubMenu
SetMenuItemBitmaps
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
PostMessageA
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
PostQuitMessage
MapWindowPoints
LoadCursorA
CharUpperA
GetGuiResources
GetSysColor
GetMenuItemCount

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetClipBox
GetStockObject
TextOutA
RectVisible
PtVisible
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
CreateBitmap
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oleaut32

VariantInit
VariantChangeType
VariantClear

Exports

Exports

CreateClientVersionInfo
SetExceptionHandler

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BugReport.exe
.exe windows:4 windows x86 arch:x86

a760c49717a83cdcb60377682b20b96d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

InternetGetLastResponseInfoA
InternetSetStatusCallback
HttpSendRequestA
InternetReadFileExA
HttpAddRequestHeadersA
InternetConnectA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetQueryOptionA
HttpEndRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetWriteFile
InternetSetOptionA
InternetOpenA
HttpOpenRequestA
InternetErrorDlg
InternetCloseHandle

kernel32

RaiseException
WritePrivateProfileStringA
InterlockedIncrement
GlobalFlags
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
GetFileTime
RtlUnwind
LocalAlloc
GetDateFormatA
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
GetStartupInfoA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedDecrement
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
DeleteFileA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
lstrcmpW
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
WaitForMultipleObjects
TerminateThread
SetThreadPriority
WaitForSingleObject
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetTempPathA
ReadFile
CreateEventA
CreateDirectoryA
ResetEvent
GetFileAttributesA
GetProcessHeap
HeapFree
CloseHandle
CreateFileA
HeapAlloc
SetFilePointer
SetEndOfFile
GetFileSize
SetEvent
GetLastError
WriteFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
GetCommandLineA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetTimeFormatA

user32

ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
ShowWindow
SetWindowTextA
IsDialogMessageA
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
GetActiveWindow
GetCursorPos
ValidateRect
IsWindowEnabled
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
PeekMessageA
PostMessageA
ReleaseCapture
SetCursor
LoadIconA
DestroyMenu
GetSysColorBrush
LoadCursorA
PostThreadMessageA
EnableWindow
SetCapture
GetClientRect
GetWindowRect
SendMessageA
LoadBitmapA
InflateRect
PtInRect
GetMessageA
TranslateMessage
DispatchMessageA
EndPaint
BeginPaint
ReleaseDC
SetActiveWindow
GetDC
PostQuitMessage
IsWindow
GetDesktopWindow

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportExtEx
DeleteObject
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetObjectA
CreateFontIndirectA
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_Draw
ord17
ImageList_Destroy
ImageList_Create

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
UrlUnescapeA

oleaut32

VariantInit
VariantChangeType
VariantClear

ws2_32

WSACleanup
WSAStartup

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FlashGetExt.dll
.dll windows:4 windows x86 arch:x86

446844d9419259bd20b7832b7db296d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\FlashGetExt.pdb

Imports

kernel32

DisableThreadLibraryCalls
GetModuleFileNameW
MultiByteToWideChar
GetLastError
lstrlenA
FlushFileBuffers
CloseHandle
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
InitializeCriticalSection
RtlUnwind
LoadLibraryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
RaiseException

shell32

ShellExecuteW

shlwapi

PathRemoveFileSpecW

Exports

Exports

FGExt_FlvDetector
FGExt_InitFlvMonitor
FGExt_TermFlvMonitor

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FlashGetMini.exe
.exe windows:4 windows x86 arch:x86

5621192448006a8c84c5e99ecc339add

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\MiniFlashGet.root\pdb\FlashGetMini.pdb

Imports

kernel32

WinExec
lstrcatW
QueryPerformanceCounter
QueryPerformanceFrequency
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetModuleFileNameA
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapCreate
GetWindowsDirectoryW
TlsSetValue
TlsAlloc
TlsGetValue
CompareStringA
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
GetStartupInfoW
VirtualQuery
GetSystemInfo
VirtualProtect
ExitProcess
GetModuleHandleA
MoveFileW
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
WriteFile
GlobalAddAtomW
GetSystemDirectoryW
GetSystemTime
GetLogicalDrives
GetDriveTypeW
DeviceIoControl
lstrcpynW
GetDiskFreeSpaceExW
CreateDirectoryW
VirtualFree
VirtualAlloc
GetFileAttributesW
CreateFileW
GetFileInformationByHandle
CreateFileMappingW
GetACP
CreateMutexW
OpenFileMappingW
MapViewOfFile
IsBadWritePtr
GetProcessHeap
HeapFree
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
CreateTimerQueueTimer
DeleteTimerQueueTimer
UnmapViewOfFile
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
CreateThread
Sleep
GetTempPathW
lstrcpyW
GetCurrentProcessId
CreateProcessW
IsBadStringPtrW
SetFileAttributesW
RemoveDirectoryW
lstrcmpiW
CompareStringW
SetProcessWorkingSetSize
MulDiv
FreeLibrary
FindFirstFileW
GetFullPathNameW
CreateEventW
WaitForSingleObject
CloseHandle
ResumeThread
FindClose
FindNextFileW
GetModuleHandleW
GetSystemDefaultLangID
DeleteFileW
IsBadReadPtr
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
SetLastError
lstrcmpW
GetCurrentThreadId
lstrlenA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
GetProcAddress
WideCharToMultiByte
FreeResource
lstrlenW
GetVersionExW
GetCurrentProcess
FlushInstructionCache
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
GetModuleFileNameW
GetTickCount
CopyFileW
TlsFree

user32

EmptyClipboard
CloseClipboard
OpenClipboard
LoadStringW
GetActiveWindow
GetKeyState
RegisterClipboardFormatW
SetWindowRgn
GetScrollInfo
GetDlgItem
IntersectRect
GetMenu
MoveWindow
IsChild
PtInRect
IsRectEmpty
CopyRect
SetClipboardViewer
AdjustWindowRectEx
GetTopWindow
TranslateAcceleratorW
LoadIconW
InflateRect
OffsetRect
SetWindowLongW
GetWindowLongW
SendMessageW
PostMessageW
SetWindowTextW
SetWindowPos
GetClientRect
ClientToScreen
UpdateWindow
InvalidateRect
ShowWindow
RedrawWindow
SetTimer
GetClipboardData
SetDlgItemTextW
GetDesktopWindow
GetWindowThreadProcessId
DrawStateW
MessageBeep
WindowFromPoint
RegisterWindowMessageW
CharLowerW
PeekMessageW
LoadImageW
GetSubMenu
EnableWindow
IsIconic
SetForegroundWindow
FindWindowW
EnumThreadWindows
IsWindowEnabled
PostQuitMessage
DrawFocusRect
GetCursorPos
CharNextW
CreateDialogParamW
GetSysColorBrush
DrawEdge
GetClassLongW
GetDoubleClickTime
EndDialog
EndDeferWindowPos
DeferWindowPos
SetClipboardData
DestroyIcon
GetSysColor
GetComboBoxInfo
IsMenu
GetMessagePos
GetAsyncKeyState
SetWindowsHookExW
UnhookWindowsHookEx
DialogBoxParamW
GetFocus
DrawFrameControl
MapWindowPoints
EqualRect
CreateWindowExW
GetClassNameW
SetMenuDefaultItem
LoadStringA
SetCursorPos
RemoveMenu
TrackPopupMenu
LoadAcceleratorsW
DispatchMessageW
TranslateMessage
GetMessageW
LoadMenuW
mouse_event
GetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
IsDialogMessageW
ExitWindowsEx
UnregisterHotKey
RegisterHotKey
GetIconInfo
CopyIcon
UpdateLayeredWindow
TrackMouseEvent
SetLayeredWindowAttributes
CheckDlgButton
BringWindowToTop
GetClassInfoW
RegisterClassW
ChildWindowFromPoint
KillTimer
SetCapture
SetFocus
GetScrollPos
SetScrollPos
GetWindow
GetParent
GetDlgCtrlID
MessageBoxW
SetScrollInfo
IsWindow
LoadBitmapW
DrawIcon
DrawIconEx
DestroyWindow
GetClassInfoExW
LoadCursorW
CreatePopupMenu
AppendMenuW
CheckMenuItem
EnableMenuItem
GetMenuItemID
SetCursor
DestroyMenu
GetMonitorInfoW
MonitorFromPoint
CallWindowProcW
DestroyCursor
GetMenuItemCount
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
TrackPopupMenuEx
ModifyMenuW
ReleaseCapture
GetCapture
IsWindowVisible
DefWindowProcW
SystemParametersInfoW
GetDC
ReleaseDC
FillRect
SetRect
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
ScreenToClient
FrameRect
BeginPaint
EndPaint
GetSystemMetrics
GetWindowDC
GetDCEx
RegisterClassExW
CallNextHookEx
SetRectEmpty
CreateIconIndirect
BeginDeferWindowPos
UnregisterClassA

gdi32

GetTextMetricsW
CreateDIBSection
StretchBlt
Polygon
GetDeviceCaps
DPtoLP
SelectClipRgn
IntersectClipRect
Polyline
FillRgn
LPtoDP
CreatePatternBrush
GdiFlush
GetPixel
CreateDiscardableBitmap
GetObjectW
GetClipRgn
TextOutW
CreateBitmap
GetDIBits
SetTextJustification
FrameRgn
CreateRoundRectRgn
OffsetRgn
SetPixelFormat
ChoosePixelFormat
SwapBuffers
CombineRgn
CreatePolygonRgn
CreateRectRgn
SetStretchBltMode
SetWindowOrgEx
SetViewportOrgEx
GetClipBox
OffsetWindowOrgEx
BitBlt
Rectangle
LineTo
MoveToEx
GetStockObject
DeleteDC
CreateCompatibleBitmap
CreatePen
CreateSolidBrush
SetTextColor
CreateFontIndirectW
SelectObject
CreateCompatibleDC
RoundRect
DeleteObject
GetTextExtentPoint32W
SetBkColor
ExtTextOutW
SetBkMode
RestoreDC
SetDIBitsToDevice
PatBlt
SaveDC

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyW
RegQueryValueW
RegCloseKey

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW
DragFinish
DragQueryFileW
SHGetFileInfoW
CommandLineToArgvW
SHBrowseForFolderW
SHChangeNotify
ExtractIconW

ole32

CoInitialize
OleInitialize
OleUninitialize
CoUninitialize
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
CreateStreamOnHGlobal
CoCreateInstance
DoDragDrop
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

PathIsDirectoryW
PathCombineW
StrRChrW
UrlGetPartW
StrTrimW
PathRemoveFileSpecW
PathStripPathW
StrStrIW
PathFindFileNameW
PathGetArgsW
SHDeleteValueW
PathFileExistsW

comctl32

ImageList_GetIconSize
ImageList_DrawEx
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_Destroy
ImageList_GetImageCount
ImageList_Draw
ImageList_LoadImageW
ImageList_Create
ImageList_GetIcon
ImageList_ReplaceIcon
ord17

msimg32

GradientFill
AlphaBlend

opengl32

glDisable
wglCreateContext
wglMakeCurrent
glPushMatrix
glScalef
glBegin
glVertex3f
glEnd
glPopMatrix
glBindTexture
glMatrixMode
glLoadIdentity
glEnable
glShadeModel
glClearColor
glDepthFunc
glClearDepth
glMaterialfv
glLightfv
glHint
glTexCoord2f
glNormal3f
glBlendFunc
glColor4f
glRotatef
glTranslatef
glVertex2f
glTexParameteri
glPixelStorei
glGenTextures
glClear
wglDeleteContext
glViewport

gdiplus

GdipTransformMatrixPointsI
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipCreateMatrix2
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromFile
GdipGetGenericFontFamilySansSerif
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipDeleteMatrix
GdipDrawLinesI
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipReleaseDC
GdipSetPenColor
GdipSetPenWidth
GdipCloneBrush
GdipCreateFont
GdipResetClip
GdipSetClipRectI
GdipMeasureString
GdipDrawString
GdipFillRectangleI
GdipDrawRectangleI
GdipDrawLineI
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeletePen
GdipCreatePen1
GdipSetSolidFillColor
GdipDeleteBrush
GdiplusShutdown
GdipCloneImage
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromResource
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipFree
GdipDrawImagePointsRectI
GdipCreateStringFormat
GdipSetPenDashStyle

winmm

PlaySoundW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

sendto
ntohs
closesocket
ioctlsocket
WSAGetLastError
ntohl
bind
socket
recvfrom
htonl
htons
gethostbyname
WSAStartup
WSACleanup

netapi32

Netbios

glu32

gluLookAt
gluOrtho2D
gluBuild2DMipmaps
gluPerspective

Exports

Exports

??0?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@QAE@XZ
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UtagTaskItem@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniAppOptions@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniStats@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@3@XZ@51
?get_const_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UtagTaskItem@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@VCMiniAppOptions@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@VCMiniStats@@@23@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@3@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UtagTaskItem@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniAppOptions@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniStats@@@23@XZ
?get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SAAAV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SAAAV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@SAAAV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@3@XZ
?instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UtagTaskItem@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@VCMiniAppOptions@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@VCMiniStats@@@23@A
?instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@A
?instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@3@A
?instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@3@A
?is_destroyed@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@SA_NXZ
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@U?$pair@$$CB_KUtagTaskItem@@@std@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UtagTaskItem@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UtagTaskItem@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniAppOptions@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@VCMiniAppOptions@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@VCMiniStats@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@VCMiniStats@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vxml_iarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vxml_iarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vxml_iarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vxml_iarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vxml_iarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer_map@Vnaked_xml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer_map@Vxml_iarchive@archive@boost@@@?A0xb64522ff@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info_typeid_0@detail@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@detail@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@U?$pair@$$CB_KUtagTaskItem@@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@UtagTaskItem@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@V?$map@_KUtagTaskItem@@U?$less@_K@std@@V?$allocator@U?$pair@$$CB_KUtagTaskItem@@@std@@@3@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@V?$set@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniAppOptions@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vxml_oarchive@archive@boost@@VCMiniStats@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer_map@Vxml_oarchive@archive@boost@@@?A0x16a0fd22@detail@archive@boost@@@734@A

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GetAllUrl.htm
.html .vbs polyglot
GetUrl.htm
.html .js polyglot
GoogleToolbarInstaller_download_signed.exe
.exe windows:4 windows x86 arch:x86

e98766cda304a4f46c928a931a1c8967

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:44:c0:6a:6c:fb:50:76:c1:5d:39:95:72:c6:94:21
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

19/06/2007, 00:00

Not After

18/06/2010, 23:59

Subject

CN=Google Inc,OU=Digital ID Class 3 - Netscape Object Signing,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fa:6e:26:b6:b7:8d:a1:49:b2:ba:56:d1:b5:a1:bd:9f:1f:a0:28:ec
Signer

Actual PE Digest

fa:6e:26:b6:b7:8d:a1:49:b2:ba:56:d1:b5:a1:bd:9f:1f:a0:28:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

EndDialog

crypt32

CertFreeCertificateChain

urlmon

RegisterBindStatusCallback

version

VerQueryValueW

wintrust

WinVerifyTrust

wininet

InternetOpenUrlW

advapi32

GetAce

ole32

CoUninitialize

shell32

ShellExecuteExW

oleaut32

VarUI4FromStr

shlwapi

SHSetValueW

gdi32

CreateRectRgn

userenv

UnloadUserProfile

msi

ord238

Sections

.text
Size: 147KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Info.exe
.exe windows:4 windows x86 arch:x86

f7fd18e104e01a1a53ed8759a3135f57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

zlib

ord81
ord82
ord83
ord80
ord84

ws2_32

WSACleanup
WSAStartup
closesocket
WSAGetLastError
socket
inet_ntoa
bind
htonl
gethostbyaddr
gethostbyname
htons
getsockname
ntohs
recv
select
send
connect
accept
listen

kernel32

GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
WideCharToMultiByte
lstrlenW
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetStringTypeW
OpenProcess
CloseHandle
Process32FirstW
CreateToolhelp32Snapshot
WritePrivateProfileStringW
DeleteFileW
GetFileAttributesW
GetSystemTime
WaitForSingleObject
LocalFree
FormatMessageW
Sleep
FindClose
FileTimeToLocalFileTime
FindFirstFileW
ReadFile
GetFileSize
FileTimeToDosDateTime
CreateFileW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetEndOfFile
CreateFileA
GetStartupInfoA
GetFileType
SetHandleCount
SetFilePointer
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
Process32NextW
GetModuleFileNameA
GetStdHandle
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
MoveFileA
ExitThread
CreateThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStartupInfoW
HeapCreate
VirtualFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile

user32

UnregisterClassA
CharNextW
DestroyWindow
PostQuitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
DefWindowProcW

advapi32

RegDeleteValueW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

netapi32

Netbios

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Krnlmodule.dll
.dll windows:4 windows x86 arch:x86

2497a275eb5b5bdd94580808572969aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\Krnlmodule.pdb

Imports

kernel32

DisableThreadLibraryCalls
GetProcAddress
FindFirstFileA
GetFullPathNameA
FreeLibrary
InterlockedIncrement
GetModuleFileNameA
FindClose
DebugBreak
FindNextFileA
lstrlenA
SetLastError
InterlockedDecrement
LoadLibraryA
OutputDebugStringA
FlushFileBuffers
CloseHandle
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
HeapReAlloc
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
WriteFile
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

user32

LoadStringA
CharNextA
UnregisterClassA

Exports

Exports

KeCreateInstance
KeModuleStart
KeModuleStartSpec
KeModuleStop

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Language-chs.xml
Language-eng.xml
P2PCore.dll
.dll windows:4 windows x86 arch:x86

ebcc3e35362a4b8de1327ef662b34cde

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\Build\P2PCore.pdb

Imports

kernel32

GetLocalTime
LoadResource
CreateFileA
WideCharToMultiByte
WriteFile
CloseHandle
FlushFileBuffers
LockResource
SizeofResource
FindResourceExW
FindResourceW
SetFilePointer
MultiByteToWideChar
GetFileAttributesExA
GetModuleFileNameA
LocalFree
FormatMessageW
GetVolumeInformationA
GetLastError
lstrlenW
GetFileSize
ReadFile
GetModuleFileNameW
GetSystemDirectoryA
CreateFileW
RaiseException
DeleteFileW
GetFileSizeEx
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
WaitForSingleObject
CreateEventW
GetTickCount
DisableThreadLibraryCalls
lstrlenA
IsBadCodePtr
GlobalAlloc
SetEvent
GlobalFree
Sleep
GetPrivateProfileStringW
GetCurrentProcessId
GetCommandLineA
WritePrivateProfileStringW
GetSystemDirectoryW
IsBadWritePtr
FileTimeToSystemTime
CopyFileW
SystemTimeToTzSpecificLocalTime
WaitForMultipleObjects
ReadFileEx
CancelIo
WaitForMultipleObjectsEx
InterlockedIncrement
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileType
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetHandleCount
LoadLibraryA
GetConsoleMode
LCMapStringW
LCMapStringA
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
RtlUnwind
VirtualFree
VirtualAlloc
HeapCreate
GetModuleHandleA
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetStartupInfoA

ws2_32

inet_addr
inet_ntoa
htonl
WSAEventSelect
setsockopt
sendto
WSACleanup
htons
WSAStartup
bind
closesocket
WSAWaitForMultipleEvents
recvfrom
ntohl
WSAGetLastError
gethostbyname
ntohs
socket

shlwapi

PathFileExistsA

iphlpapi

GetAdaptersInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

user32

UnregisterClassA

Exports

Exports

create_p2p_task
delete_p2p_task
get_p2p_id
get_p2phandle_peerinfo
get_p2phandle_serverlist
get_p2phandle_serverlog
my_gethostbyname
p2p_add_share
p2p_delete_share
p2p_find_share
p2p_get_handle_info
p2p_get_netinfo
p2p_get_share_filelist
p2p_get_uplist
p2p_initialize
p2p_move_share
p2p_notify_new_finish
p2p_pause_share
p2p_pause_upload
p2p_reload_option
p2p_task_limit_speed
p2p_uninitialize
set_auto_reload_sharelist
set_p2p_allow_add_share
set_p2p_app_path
set_p2p_debug_flag
set_p2p_debug_supernode
set_p2p_downloader_mode
set_p2p_ini_filename
set_p2p_local_share
set_p2p_no_submit_share
set_p2p_temp_mode
set_p2p_upload_english_ver
set_p2p_upload_speed_control
set_p2p_upload_speed_max
set_p2p_uploader_mode
start_p2p_task

Sections

.text
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
P2SCore.dll
.dll windows:4 windows x86 arch:x86

bd28687cc906074dd51d06514d6a81da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\build\P2SCore.pdb

Imports

kernel32

EnterCriticalSection
LoadLibraryW
GetExitCodeThread
InitializeCriticalSection
CloseHandle
CreateEventW
LockResource
FindResourceExW
WideCharToMultiByte
FindResourceW
Sleep
LoadResource
MultiByteToWideChar
WaitForMultipleObjects
SizeofResource
lstrlenW
GetLastError
ReadFile
CreateFileMappingW
GetOverlappedResult
SetFilePointer
CreateFileW
FlushFileBuffers
WriteFile
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
GetFileSize
lstrlenA
GetLocalTime
SetEvent
GetUserDefaultLCID
RaiseException
VirtualFree
FindFirstFileW
VirtualAlloc
FindNextFileW
GetOEMCP
FindClose
GetCurrentProcess
GetModuleFileNameW
CreateDirectoryW
OutputDebugStringW
OutputDebugStringA
GetDiskFreeSpaceExW
InterlockedIncrement
DeleteFileW
GetCurrentThreadId
ResetEvent
InterlockedDecrement
SetFileTime
MoveFileW
SystemTimeToFileTime
DisableThreadLibraryCalls
GetFileAttributesW
SetLastError
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetCommandLineA
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
GetTickCount
WaitForSingleObject
SetEndOfFile
FreeLibrary
GetTimeZoneInformation
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateThread
ExitThread
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
TlsAlloc
HeapFree
HeapAlloc
HeapDestroy
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
LoadLibraryA
GetVersionExA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
GetStdHandle
HeapCreate
IsValidCodePage
ExitProcess
TlsSetValue
TlsFree

user32

MessageBoxW
GetScrollPos
SendMessageW
SetWindowTextW
GetWindowTextW
PostMessageW
UnregisterClassA

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegCloseKey
LookupPrivilegeValueW
RegQueryValueExW
RegOpenKeyExW

shlwapi

StrStrIA
PathIsDirectoryW
UrlGetPartA
StrTrimA
StrRChrA
PathStripPathA
PathFileExistsW

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetTimeToSystemTimeA
InternetGetCookieA

ws2_32

htonl
WSAGetLastError
WSAStartup
bind
WSASend
WSAAccept
WSASocketW
closesocket
listen
getsockname
WSAEventSelect
ioctlsocket
htons
WSAConnect
ntohs
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
setsockopt
inet_ntoa
WSACleanup
gethostbyname
inet_addr
ntohl
WSARecv

p2pcore

get_p2phandle_serverlog
delete_p2p_task
get_p2phandle_serverlist
p2p_get_handle_info
p2p_task_limit_speed
get_p2p_id
set_p2p_downloader_mode
set_p2p_ini_filename
ord2
p2p_move_share
set_p2p_no_submit_share
ord1
start_p2p_task
set_p2p_local_share
set_p2p_app_path
set_p2p_upload_speed_control
p2p_find_share
p2p_pause_upload
set_p2p_uploader_mode
set_p2p_temp_mode
set_p2p_upload_speed_max
my_gethostbyname
get_p2phandle_peerinfo
create_p2p_task
p2p_get_netinfo
p2p_add_share

winmm

timeGetTime

Exports

Exports

??0P2SP@@QAE@XZ
??1P2SP@@QAE@XZ
??4P2SP@@QAEAAV0@ABV0@@Z
?AsyncReportPartHash@P2SP@@SAHPAE0_J0H@Z
?CheckFinish@P2SP@@QAE_N_JHPAD_N@Z
?DebugDisableLoadLive@P2SP@@SAXXZ
?DelResumeInfo@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?DelTempFile@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?Delete@P2SP@@QAE_NXZ
?GetBlockInfo@P2SP@@QAEHPAHHAAH@Z
?GetFilenameByURL@P2SP@@SAXPB_WPA_WH@Z
?GetFilesizeByURL@P2SP@@SA_JPB_W@Z
?GetServerList@P2SP@@QAEKPAUtagP2SServerItem@@K@Z
?GetServerLog@P2SP@@QAEKPA_WK@Z
?GetSourceList@P2SP@@QAEKPAUP2SP_SOURCE_LIST@@K@Z
?GetSourceLog@P2SP@@QAEKPA_WKH@Z
?GetTaskLog@P2SP@@QAEHPA_WHAAK1AAH@Z
?GetTaskPartHash@P2SP@@QAEKPAEH@Z
?Init@P2SP@@SAHXZ
?InitOther@P2SP@@SAXXZ
?LimitDownloadSpeed@P2SP@@QAEXH@Z
?NotifyExternalSpeed@P2SP@@QAEXH@Z
?ParseResume@P2SP@@SAHPA_W0AAUst_TASK_PARAMS@@AAUst_TASK_INFO@@@Z
?Quit@P2SP@@SAXXZ
?SearchTest@P2SP@@SAXPB_WAAUP2S_SEARCH_RESULT@@@Z
?SendLiveStat@P2SP@@QAEHPAULIVE_INFO_CORE_STAT@@@Z
?SetCacheSize@P2SP@@SAXH@Z
?SetDU@P2SP@@SAXH@Z
?SetP2sTz@P2SP@@QAEXXZ
?SetProxy@P2SP@@SAXHIPA_W00@Z
?SetRetry@P2SP@@SAXHHH@Z
?SetUseServerTime@P2SP@@SAXH@Z
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?StopAsync@P2SP@@QAEXXZ
?StopSync@P2SP@@QAEXXZ
?UpdateDebugConsole@P2SP@@QAEKPA_WK@Z
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?get_complete@P2SP@@QAEPAEAAH@Z
?get_p2p_user_complete@P2SP@@QAEHKPA_J0HAAH@Z
p2s_GetFilenameByURL
p2s_UrlNormalize
p2s_enable_p4s
p2s_get_p2p_id
p2s_get_sharefile_url
p2s_hash_cid
p2s_make_upload
p2s_p2p_add_share
p2s_p2p_get_network_traffic
p2s_p2p_get_upload_speed
p2s_p2p_move_share
p2s_p2p_no_submit_share
p2s_p2p_pause_upload
p2s_p2p_set_app_path
p2s_p2p_set_downloader_mode
p2s_p2p_set_ini_filename
p2s_p2p_set_local_share
p2s_p2p_set_temp_mode
p2s_p2p_set_upload_speed_control
p2s_p2p_set_upload_speed_max
p2s_p2p_set_uploader_mode
p2s_report_url_fgid

Sections

.text
Size: 416KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SysOptimize.exe
.exe windows:4 windows x86 arch:x86

4b521f9de139bcaff71d4695c49c1a66

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
SetFilePointer
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
CompareStringA
lstrcmpiA
ExitProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
IsDBCSLeadByte
SetLastError
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
OutputDebugStringA
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
HeapSize
HeapCreate
HeapDestroy
GetStdHandle
WriteFile
GetStringTypeW
GetStringTypeA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
RtlUnwind
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetLastError
DebugBreak
InterlockedIncrement
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileA
GetFileSize
ReadFile
lstrlenA
InterlockedDecrement
RaiseException
GetVersion
LoadLibraryA
GetProcAddress
FreeLibrary
CreateRemoteThread
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCurrentProcess
CloseHandle
GetTickCount

user32

CharNextA
ExitWindowsEx
MessageBoxA
LoadStringA
SetWindowLongA
CreateWindowExA
GetWindowLongA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
SendMessageA
SetWindowPos
DestroyWindow
CallWindowProcA
FindWindowA
CreateDialogParamA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
GetSystemMetrics
LoadImageA
SetForegroundWindow
GetSysColor
GetFocus
GetCapture
ReleaseCapture
EndPaint
BeginPaint
GetCursorPos
SetCursor
DrawFocusRect
FillRect
PtInRect
UnregisterClassA
GetDlgCtrlID
SetCapture
IsWindowEnabled
InvalidateRect
UpdateWindow
ScreenToClient
GetClassNameA
LoadCursorA
SetRectEmpty
IsDialogMessageA
OffsetRect
ReleaseDC
GetDC
DefWindowProcA
PostQuitMessage
EnableWindow
SetFocus
DrawTextA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
IsWindow
GetDlgItem
GetParent
SetDlgItemTextA
GetDlgItemTextA
GetClientRect

gdi32

SetTextColor
SetBkMode
GetStockObject
CreateFontIndirectA
SelectObject
GetObjectA
DeleteObject

advapi32

RegDeleteKeyA
LookupPrivilegeValueA
OpenProcessToken
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsA

comctl32

InitCommonControlsEx
_TrackMouseEvent

imagehlp

CheckSumMappedFile
ImageNtHeader

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
adns.dll
.dll windows:4 windows x86 arch:x86

5ce2a94a3785640706550e7640f4c432

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\adns\bin\adns.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
SystemTimeToFileTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SetEvent
CloseHandle
ResetEvent
WaitForMultipleObjects
CreateEventA
SetEndOfFile
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
CreateFileA
SetStdHandle
ReadFile
GetLocaleInfoA
GetStringTypeW
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
RaiseException
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
SetFilePointer
FlushFileBuffers
GetStringTypeA
MultiByteToWideChar

iphlpapi

GetNetworkParams

ws2_32

sendto
ioctlsocket
ntohl
htonl
__WSAFDIsSet
recvfrom
ntohs
inet_ntoa
recv
getprotobyname
socket
htons
connect
closesocket
inet_addr
WSASetLastError
send
WSAGetLastError

Exports

Exports

adns_lib_init
adns_lib_quit
adns_lib_resolve
adns_lib_result
adns_lib_result2

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assistbutton.bmp
btcoreu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6152bb4574de409f45f66b9817c336e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\Build\btcoreu.pdb

Imports

ws2_32

ioctlsocket
inet_addr
socket
sendto
setsockopt
closesocket
WSAGetLastError
ntohl
htons
bind
accept
inet_ntoa
WSACleanup
WSAStartup
WSASetLastError
htonl
listen
getsockname
connect
recv
send
gethostname
gethostbyname
select
recvfrom
ntohs

rpcrt4

UuidCreate

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetGetCookieW

iphlpapi

GetIfEntry
GetBestInterface
GetAdaptersInfo

kernel32

LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetDateFormatA
GetTimeFormatA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
GetModuleHandleA
GetCPInfo
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
IsValidCodePage
GetACP
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
LoadLibraryW
FreeLibrary
GetTickCount
GlobalMemoryStatus
GetVolumeInformationW
GetDiskFreeSpaceExW
Sleep
CopyFileW
FileTimeToSystemTime
GetFileAttributesExW
lstrlenW
WaitForSingleObject
GetCurrentThread
IsBadReadPtr
ReleaseMutex
CreateMutexW
CloseHandle
GetCurrentThreadId
GetFileAttributesW
GetLastError
GetLocaleInfoW
GetModuleFileNameW
WriteFile
CreateFileW
SetFilePointer
GetFileSize
GetLocalTime
DeleteFileW
ReadFile
FlushFileBuffers
SetEndOfFile
GetSystemInfo
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetOverlappedResult
DeviceIoControl
SetFileAttributesW
MoveFileW
IsBadWritePtr
GetFileTime
CompareFileTime
CreateEventW
ResetEvent
SetEvent
MultiByteToWideChar
WideCharToMultiByte
GetVersionExW
lstrcatW
GetSystemDirectoryW
GetUserDefaultLangID
GetOEMCP
RemoveDirectoryW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceW
CreateSemaphoreW
ResumeThread
SetThreadPriority
CreateThread
SystemTimeToTzSpecificLocalTime
LCMapStringW
LCMapStringA
GetProcessHeap
HeapAlloc
GetVersionExA
GetCommandLineA
ExitThread
HeapFree
GetSystemTimeAsFileTime
GetTimeZoneInformation
RtlUnwind
RaiseException
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CompareStringA
CompareStringW
CreateDirectoryW
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess

user32

SetTimer
IsWindow
EnumThreadWindows
GetClassNameW
GetWindowTextW
GetDlgItem
CharNextW
MessageBoxW
PostMessageW
SendMessageW
KillTimer

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
OpenProcessToken

shell32

SHGetSpecialFolderPathW
SHFileOperationW

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantClear
VariantInit

shlwapi

PathStripPathW
PathFileExistsW

p2pcore

delete_p2p_task
ord1
ord2
p2p_add_share
get_p2phandle_serverlist
get_p2phandle_serverlog
p2p_task_limit_speed
get_p2phandle_peerinfo
start_p2p_task
create_p2p_task
my_gethostbyname

p2score

?GetSourceList@P2SP@@QAEKPAUP2SP_SOURCE_LIST@@K@Z
p2s_p2p_get_network_traffic
?GetTaskPartHash@P2SP@@QAEKPAEH@Z
?AsyncReportPartHash@P2SP@@SAHPAE0_J0H@Z
??1P2SP@@QAE@XZ
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z
?StopAsync@P2SP@@QAEXXZ
?StopSync@P2SP@@QAEXXZ
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?LimitDownloadSpeed@P2SP@@QAEXH@Z
??0P2SP@@QAE@XZ

Exports

Exports

BITS_AddProxy
BITS_ClearMakeThreads
BITS_CoreInfo
BITS_CreateConfiguration
BITS_DeleteDownload
BITS_FindProxyByName
BITS_FreeBuffer
BITS_FreeHandle
BITS_FreeString
BITS_GapDump
BITS_GetDefaultProfile
BITS_GetDownloadInfo
BITS_GetDownloadUploadSpeed
BITS_GetFileItem
BITS_GetFileListByTorrent
BITS_GetFileStatus
BITS_GetFileStatusByID
BITS_GetFinishedBitField
BITS_GetGapList
BITS_GetJobProfile
BITS_GetLogLine
BITS_GetMemoryUsage
BITS_GetPartialPiece
BITS_GetPeerCount
BITS_GetPeerIdList
BITS_GetPeerInfo
BITS_GetPeerLog
BITS_GetPeerPiece
BITS_GetPeerStatus
BITS_GetPieceBlock
BITS_GetPieceGap
BITS_GetPieceStatus
BITS_GetPreferrence
BITS_GetRunning
BITS_GetServerInfo
BITS_GetStatusDescription
BITS_GetTorrentInfo
BITS_GetTrackerLog
BITS_GetTrackerStatus
BITS_GetUniqueID
BITS_GetUniqueID16
BITS_Initialize
BITS_IsJobActive
BITS_MakeTorrent
BITS_ObjDel
BITS_ObjNew
BITS_PackMemoryPool
BITS_ParseTorrent
BITS_ParseTorrentFile
BITS_ParseTorrentFileList
BITS_ParseTorrentInfo
BITS_RegisterCallback
BITS_ReleaseTagFileByID
BITS_ResetDownloadPath
BITS_SetBitTorrentId
BITS_SetDefaultProfile
BITS_SetDownloadFlags
BITS_SetDownloadPath
BITS_SetFileSelection
BITS_SetFileSelectionByID
BITS_SetJobProfile
BITS_SetJobTrackers
BITS_SetLogDevice
BITS_SetPreferrence
BITS_SetProtocol
BITS_SetProxyActive
BITS_SetSpeed
BITS_StartDownload
BITS_StartDownloadByHandle
BITS_StartDownloadByTorrent
BITS_StopDownload
BITS_Uninitialize
BITS_UpdateProxy
BITS_WriteFile
DllRegisterServer

Sections

.text
Size: 928KB - Virtual size: 926KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
corestat.dll
.dll windows:4 windows x86 arch:x86

0257b9cf7b9776ccc203b3b2ce24d9f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\ProtKrnl\src\build\corestat.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
lstrlenA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetTickCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
CreateThread
SetEvent
WriteFile
CreateFileA
GetLocalTime
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
CreateEventA
GetModuleHandleA
ResumeThread
SetThreadPriority
WritePrivateProfileStringA
GetCurrentDirectoryA
GetPrivateProfileStringA
GetFileSize
GetTimeFormatA
FreeLibrary
Sleep
DeleteFileA
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
SetLastError
GetVolumeInformationA
GetWindowsDirectoryA
GetCurrentProcess
WaitForSingleObject
ReadFile
GetSystemDirectoryA
SetFilePointer
GetVersionExA
LocalFree
FormatMessageA
SetEndOfFile
GetUserDefaultLangID
GetSystemInfo
GetCurrentProcessId
GetExitCodeThread
WaitForMultipleObjects
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualAlloc
HeapAlloc
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
MoveFileA
GetDateFormatA
ExitThread
GetCommandLineA
VirtualFree
HeapCreate
ExitProcess
InterlockedExchange
IsBadReadPtr
GetACP
GetLocaleInfoA
GetThreadLocale
GetCurrentThreadId
RaiseException
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetOEMCP
GetCPInfo
InterlockedDecrement

user32

DestroyWindow
SendMessageTimeoutA
RegisterClassExA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
IsWindow
SetTimer
KillTimer
MessageBoxA
SendMessageA
GetMessageA
TranslateMessage
PostQuitMessage
PostMessageA
DispatchMessageA
UnregisterClassA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

shlwapi

PathFileExistsA
UrlUnescapeA

ws2_32

inet_ntoa
gethostbyname
inet_addr
closesocket
bind
socket
sendto
htons
setsockopt
recvfrom
ioctlsocket
WSASetLastError
ntohs
recv
send
connect
getpeername
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
ntohl
accept
WSAAsyncSelect
WSAAsyncGetHostByName
WSACancelAsyncRequest
htonl
listen
shutdown
WSAGetLastError

netapi32

Netbios

iphlpapi

GetIfEntry
GetBestInterface
GetTcpTable
GetTcpStatistics
GetNetworkParams
GetAdaptersInfo

pdh

PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhSetDefaultRealTimeDataSource
PdhGetFormattedCounterValue
PdhCollectQueryData

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetCookieA

Exports

Exports

??0Ccore_stat@@QAE@XZ
??4Ccore_stat@@QAEAAV0@ABV0@@Z
?fncore_stat@@YAHXZ
?ncore_stat@@3HA
CheckTaskStat
CreateProxyHandle
CreateTaskStat
DeleteProxyHandle
GetClientPerfInfo
GetCoreConfig
GetProcessPageUsage
GetProxyResult
InitStatProduct
InitUserID
IsStatMgrRunning
IsTaskStatValid
MedTagRequest
MedTagSend
RemoveTaskStat
STBackErrSrcInfo
STCloseTask
STCreateTask
STGetCltSrcInfo
STInitialize
STIsOverLimit
STPostCltSrcInfo
STReportAddFiles
STReportLogInfo
STReportOnlyLog
STSetAddress
STSetCDNInfo
STSetCltCallBack
STTerminate
SendPFPPacket
SendProxyRequest
SendStatPacket
StatCreateBT
StatCreateP2S
StatGetChannelID
StatReportClickFile
StatReportErrorP2S
StatReportFinishP2S
StatReportP2SRename
StatReportTorrentRename
StatReportTorrentUrl
StatSendEmuleCreate
StatSendEmuleInfo
StatSendLiveStat
StatSendPageClick
StatSendPageLoadInfo
StatSendPaneClick
StatShareFileInfo
StatUpdateMemory
StatUpdateSpeed
StopStatMgr
UpdateBTTaskStat
UpdateLinkTaskStat
UpdateP2PSession

Sections

.text
Size: 336KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dbghelp.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumerateLoadedModules
EnumerateLoadedModules64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindExecutableImage
FindExecutableImageEx
FindFileInPath
FindFileInSearchPath
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MapDebugInformation
MiniDumpReadDumpStream
MiniDumpWriteDump
SearchTreeForFile
StackWalk
StackWalk64
SymCleanup
SymEnumSourceFiles
SymEnumSym
SymEnumSymbols
SymEnumTypes
SymEnumerateModules
SymEnumerateModules64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindFileInPath
SymFromAddr
SymFromName
SymFunctionTableAccess
SymFunctionTableAccess64
SymGetFileLineOffsets64
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromName
SymGetLineFromName64
SymGetLineNext
SymGetLineNext64
SymGetLinePrev
SymGetLinePrev64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOptions
SymGetSearchPath
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetTypeFromName
SymGetTypeInfo
SymInitialize
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymMatchFileName
SymMatchString
SymRegisterCallback
SymRegisterCallback64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSetContext
SymSetOptions
SymSetSearchPath
SymSetSymWithAddr64
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnmapDebugInformation
WinDbgExtensionDllInit
dbghelp
dh
lm
lmi
omap
srcfiles
sym
vc7fpo

Sections

UPX0
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
help/change_log.txt
image/AssistBack.png
.png
image/AssistBackDown.png
.png
image/AssistFirst.png
.png
image/ComboBoxDown.bmp
image/CoverFlow/scroll_array_left.png
.png
image/CoverFlow/scroll_array_right.png
.png
image/CoverFlow/scroll_background.png
.png
image/CoverFlow/scroll_bar.png
.png
image/FB.ico
image/MiniFlashGet.ico
image/MiniFlashgetLogo.bmp
image/MiniFlashgetLogo_eng.bmp
image/NewTaskAdvanceBack.bmp
image/NewTaskSimpleBack.bmp
image/Num.png
.png
image/OptionBackground.bmp
image/ProgressLeft.png
.png
image/ProgressMiddle.png
.png
image/ProgressRight.png
.png
image/SkinTabBackground.png
.png
image/SkinTabIcons.png
.png
image/SkinTabSelectBack.png
.png
image/SkinTabSelectBack_eng.png
.png
image/SmallTaskBackLeft.png
.png
image/SmallTaskBackMiddle.png
.png
image/SmallTaskBackRight.png
.png
image/TaskBackLeft.png
.png
image/TaskBackMiddle.png
.png
image/TaskBackRight.png
.png
image/TreeSelectBackLeft.bmp
image/TreeSelectBackMiddle.bmp
image/TreeSelectBackRight.bmp
image/VistaStyleListItems.bmp
image/Watch.png
.png
image/WatchFlex.PNG
.png
image/assistbutton.bmp
image/barbutton_left.png
.png
image/barbutton_middle.png
.png
image/barbutton_right.png
.png
image/baritem_contents.png
.png
image/baritem_delete.png
.png
image/baritem_new.png
.png
image/baritem_open.png
.png
image/baritem_option.png
.png
image/baritem_pause.png
.png
image/baritem_play.png
.png
image/btn_button.bmp
image/btn_check.bmp
image/downloadListBack.png
.png
image/jc.ico
image/jccfg.ico
image/notify.wav
image/option_mini_tree.bmp
image/searchbutton.bmp
image/searchfilebutton.bmp
image/suspendicons.png
.png
image/task_status.bmp
image/task_status.png
.png
image/torrent.ico
libMiniBHO.dll
.dll regsvr32 windows:4 windows x86 arch:x86

bb872033cfc4d6243e499d8f0e568136

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

29/06/2009, 00:00

Not After

29/06/2011, 23:59

Subject

CN=Trend Media Corporation Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Trend Media Corporation Limited,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\libMiniBHO.pdb

Imports

kernel32

UnmapViewOfFile
IsBadWritePtr
CloseHandle
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
SetThreadLocale
GetThreadLocale
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
GetCurrentThreadId
SetLastError
GetSystemDefaultLangID
lstrcmpW
MulDiv
GlobalUnlock
GlobalLock
GlobalFree
GlobalHandle
GetPrivateProfileStringW
GetCurrentProcessId
IsProcessorFeaturePresent
InterlockedCompareExchange
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
lstrlenA
GetStringTypeW
GetStringTypeA
LoadLibraryA
InterlockedExchange
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
Sleep
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
WideCharToMultiByte
IsBadReadPtr
lstrlenW
GetModuleHandleW
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetLastError
lstrcmpiW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocaleInfoA

user32

GetFocus
CharNextW
PostMessageW
IsWindow
SetFocus
DestroyWindow
SetWindowLongW
GetWindowLongW
KillTimer
DefWindowProcW
FindWindowW
LoadStringW
SetWindowsHookExW
CreateWindowExW
SetWindowPos
CharUpperBuffW
MapDialogRect
GetWindowRect
UnregisterClassA
GetWindowDC
ReleaseDC
InvalidateRect
UnhookWindowsHookEx
CallNextHookEx
GetWindowModuleFileNameW
SendMessageTimeoutW
PtInRect
WindowFromPoint
GetWindowThreadProcessId
CopyRect
CreatePopupMenu
AppendMenuW
TrackPopupMenu
GetCursorPos
GetSystemMetrics
CreateDialogIndirectParamW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
GetDC
ScreenToClient
ClientToScreen
GetClientRect
MoveWindow
GetSysColor
LoadBitmapW
SendMessageW
SetWindowContextHelpId
GetWindow
SendDlgItemMessageW
SetTimer
IsWindowVisible
ShowWindow

gdi32

GetDeviceCaps
CreateCompatibleBitmap
GetObjectW
CreateSolidBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetStockObject

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoGetClassObject
ProgIDFromCLSID
OleUninitialize
OleInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

CreateErrorInfo
SetErrorInfo
OleCreateFontIndirect
DispCallFunc
VarBstrCmp
SysAllocStringLen
VariantChangeType
VariantCopy
RegisterTypeLi
UnRegisterTypeLi
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
VARIANT_UserFree
VARIANT_UserUnmarshal
VARIANT_UserMarshal
VARIANT_UserSize
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserSize
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VarUI4FromStr
LoadRegTypeLi
LoadTypeLi
SafeArrayUnlock
SafeArrayLock

rpcrt4

NdrOleAllocate
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer2_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
NdrStubForwardingFunction
NdrOleFree
NdrStubCall2

shlwapi

PathRemoveFileSpecW

comctl32

_TrackMouseEvent

urlmon

CoInternetGetSession

oleacc

ObjectFromLresult

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libScheduler.dll
.dll windows:4 windows x86 arch:x86

956868ad6a9838e834e97307bbb3baca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\libScheduler.pdb

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
IsBadReadPtr
GetModuleHandleW
lstrlenW
FindResourceW
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceExW
VirtualAlloc
VirtualFree
WaitForSingleObject
CloseHandle
QueueUserWorkItem
GetModuleFileNameA
GetWindowsDirectoryW
ExitProcess
CreateEventW
SetEvent
DisableThreadLibraryCalls
IsBadWritePtr
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
HeapReAlloc
HeapFree
HeapAlloc
ReadFile
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
GetVersionExA
RaiseException
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetCPInfo
HeapCreate
GetStdHandle
WriteFile
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcessHeap
GetProcAddress
GetModuleHandleA
RtlUnwind
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

user32

FindWindowW
TranslateMessage
DispatchMessageW
GetActiveWindow
MessageBoxA
IsWindow
RegisterClassExW
UnregisterClassA
DefWindowProcW
PostMessageW
CreateWindowExW
GetMessageW

shlwapi

PathFileExistsW

btcoreu

ord33
ord32
ord19
ord15
ord14
ord9
ord27
ord53
ord51
ord18
ord72
ord24
ord26
ord12
ord6
ord1
ord2
ord16
ord11

p2score

p2s_p2p_set_upload_speed_max
?SetProxy@P2SP@@SAXHIPA_W00@Z
?SetUseServerTime@P2SP@@SAXH@Z
??1P2SP@@QAE@XZ
?Delete@P2SP@@QAE_NXZ
?Quit@P2SP@@SAXXZ
?Init@P2SP@@SAHXZ
??0P2SP@@QAE@XZ
?LimitDownloadSpeed@P2SP@@QAEXH@Z
?UpdateInfo@P2SP@@QAEXAAUst_TASK_INFO@@@Z
?DelTempFile@P2SP@@SAHAAUst_TASK_PARAMS@@@Z
?StopSync@P2SP@@QAEXXZ
?Start@P2SP@@QAEXAAUst_TASK_PARAMS@@@Z

Exports

Exports

DllGetClassObjectEx
DllQueryInterface

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libSkinX.dll
.dll windows:4 windows x86 arch:x86

ffa176d12af41de8e09c77b511bbadae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\libSkinX.pdb

Imports

kernel32

lstrlenA
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
ReadFile
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapCreate
LCMapStringW
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
Sleep
SetLastError
GetFileSize
CloseHandle
CreateFileW
MultiByteToWideChar
MulDiv
lstrlenW
GetTickCount
GetModuleHandleW
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
DisableThreadLibraryCalls
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
lstrcmpiW
FlushInstructionCache
GetCurrentProcess
IsBadWritePtr
TlsFree
TlsSetValue
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleA
TlsGetValue
TlsAlloc

user32

GetWindowDC
DrawIconEx
PtInRect
GetWindowRect
OffsetRect
CharUpperW
SetRectEmpty
IsZoomed
GetSystemMetrics
ReleaseDC
GetCursorPos
SetRect
GetDC
PostMessageW
GetSystemMenu
UnionRect
GetAsyncKeyState
LoadImageW
GetMonitorInfoW
MonitorFromPoint
CopyRect
TrackPopupMenu
IsMenu
IsIconic
DestroyMenu
IsWindow
GetWindowTextLengthW
GetWindowTextW
CallWindowProcW
GetWindowLongW
GetParent
SetWindowsHookExW
UnhookWindowsHookEx
DefWindowProcW
RedrawWindow
SetWindowPos
SetWindowRgn
SystemParametersInfoW
IsWindowEnabled
SetWindowLongW
SendMessageW
GetDlgItem
GetClassNameW
CallNextHookEx
RegisterWindowMessageW
GetClientRect
UnregisterClassA

gdi32

ExtTextOutW
SetTextColor
SelectObject
DeleteDC
StretchBlt
DPtoLP
GetDeviceCaps
GetObjectW
GetTextExtentPoint32W
ExcludeClipRect
SelectClipRgn
SetStretchBltMode
SetBkMode
GetStockObject
CombineRgn
BitBlt
CreateRoundRectRgn
CreateEllipticRgnIndirect
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateSolidBrush
DeleteObject

Exports

Exports

DllGetClassObjectEx
DllQueryInterface

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libStatistics.dll
.dll windows:4 windows x86 arch:x86

f5a703fcfebdd37892170702bd1e2d5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\MiniFlashGet.root\pdb\libStatistics.pdb

Imports

kernel32

lstrlenA
MultiByteToWideChar
GetLastError
FindResourceW
SizeofResource
lstrlenW
LockResource
GetTickCount
WideCharToMultiByte
LoadResource
FindResourceExW
GetWindowsDirectoryW
ExitProcess
CloseHandle
GetProcAddress
IsBadStringPtrW
LoadLibraryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
DisableThreadLibraryCalls
IsBadWritePtr
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
QueueUserWorkItem
IsBadReadPtr
VirtualAlloc
VirtualFree
GetStartupInfoA
GetFileType
SetHandleCount
LCMapStringW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
HeapCreate
Sleep
GetEnvironmentStringsW

user32

MessageBoxA
GetActiveWindow
UnregisterClassA

advapi32

RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueExW

shlwapi

PathIsURLW

ws2_32

WSARecv
shutdown
closesocket
WSAGetLastError

wininet

InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetGetConnectedState
InternetCrackUrlW

Exports

Exports

DllGetClassObjectEx
DllQueryInterface

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skin.xml
.xml
uninst.exe.nsis
zlib.dll
.dll windows:4 windows x86 arch:x86

e5c5650f0b0c0414d7e983aacdedc6c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crtdll

fwrite
fread
_errno
fclose
free
vsprintf
fflush
fseek
rewind
fputc
malloc
ftell
fprintf
_fdopen
fopen
sprintf
calloc
_initterm

kernel32

GlobalAlloc
GetVersion
GlobalFree

Exports

Exports

adler32
compress
compress2
crc32
deflate
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflateReset
deflateSetDictionary
get_crc_table
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzwrite
inflate
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzReadCurrentFile
unzStringFileNameCompare
unzeof
unztell
zError
zipClose
zipCloseFileInZip
zipCloseFileInZipRaw
zipOpen
zipOpenNewFileInZip
zipOpenNewFileInZip2
zipWriteInFileInZip
zlibVersion

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

4d17be67c8d0394c5c1b8e725359ed89

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8dCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 108KB

.ndata Size: - Virtual size: 48KB

.rsrc Size: 25KB - Virtual size: 24KB

d6f4df271b4944d59aecc37e687347f1

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

xpcom

nspr4

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 968B

.reloc Size: 4KB - Virtual size: 2KB

bb872033cfc4d6243e499d8f0e568136

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8dCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 108KB

.ndata
Size: - Virtual size: 48KB

.rsrc
Size: 25KB - Virtual size: 24KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 4KB - Virtual size: 2KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

15:e8:ac:e7:89:3d:48:73:8c:35:06:a5:02:ac:63:8d
Certificate

.text
Size: 184KB - Virtual size: 180KB

.orpc
Size: 4KB - Virtual size: 844B

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 20KB - Virtual size: 18KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 994B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

CODE
Size: 200KB - Virtual size: 200KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 147B

.rdata
Size: 512B - Virtual size: 47B

.reloc
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 5KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate