4b188fc4d490d8a9b6ed7a124f8d6fc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4b188fc4d490d8a9b6ed7a124f8d6fc2_JaffaCakes118
Size

3.4MB
MD5

4b188fc4d490d8a9b6ed7a124f8d6fc2
SHA1

9c208ac453ee3d9cce108f6e99c7de962cc33877
SHA256

936870d3d11ada58c437491ce9ee210366f7d587c08f36a3daea48e849f6fc35
SHA512

d2395297750a082bb0d53fb96cc8074f02a99824c0bcf8af33425340ceabc8a1c930cb80bb9762ea3f25cd4ace0c5c681211e81c88fe138975e8cc0ebf907f0c
SSDEEP

98304:z4bILBK4jQFmfwadSGfzkFj1tblnw59ra3E3uPzAwjemJm:zmFmfwadSGfzkbvq+PzAwjRA

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/play.ocx	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/tv/cctv/CCTVPlayer.ocx	upx

Unsigned PE 35 IoCs

Checks for missing Authenticode signature.

resource
4b188fc4d490d8a9b6ed7a124f8d6fc2_JaffaCakes118
unpack001/$PLUGINSDIR/Base64.dll
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/blowfish.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/EThread.fne
unpack001/ExtMenu.fne
unpack001/HtmlView.fne
unpack001/OPenGL.fne
unpack001/QVOD/Codecs/RealMediaSplitter.ax
unpack001/QVOD/Codecs/asfsplliter.ax
unpack001/QVOD/Codecs/atrc.dll
unpack001/QVOD/Codecs/cook.dll
unpack001/QVOD/Codecs/drvc.dll
unpack001/QVOD/Codecs/raac.dll
unpack001/QVOD/Lang/en_US.dll
unpack001/QVOD/Lang/zh_TW.dll
unpack001/RegEx.fne
unpack001/YunImage.fne
unpack001/com.run
unpack001/eAPI.fne
unpack001/eLIB.fne
unpack001/eMMedia.fne
unpack001/iext.fnr
unpack001/iext5.fne
unpack001/internet.fne
unpack001/krnln.fnr
unpack001/play.exe
unpack001/play.ocx
unpack001/shell.fne
unpack001/shellEx.fne
unpack001/spec.fne
unpack001/tv/cctv/CCTVPlayer.ocx

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

4b188fc4d490d8a9b6ed7a124f8d6fc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Base64.dll
.dll windows:4 windows x86 arch:x86

1ba6926a1ee4e4cda118768081f528d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
TerminateProcess

msvcr80

memset
atoi
_crt_debugger_hook

Exports

Exports

Decrypt
Encrypt

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/blowfish.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Decrypt
Encrypt

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

3f1149a3053980fe6b461521d2b55a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
GetLastError
GlobalFree
lstrcmpiA
DeleteFileA
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
CreateFileA

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
GetWindowTextA
IsWindow
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
SendMessageA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
EThread.fne
.dll windows:4 windows x86 arch:x86

361f7eaba33f73d14391191507c2ce2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
CreateThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

GetNewInf

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtMenu.fne
.dll windows:4 windows x86 arch:x86

85e55ca982fd8dda15c0ccd8ff47baae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

GradientFill
TransparentBlt
AlphaBlend

kernel32

TerminateProcess
HeapSize
GetTimeZoneInformation
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
ExitProcess
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
GetCommandLineA
RtlUnwind
WritePrivateProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalAlloc
GetCurrentThread
GetFileTime
GetFileSize
GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
lstrlenA
lstrcmpA
GlobalLock
MulDiv
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetVersion
GetVersionExA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GlobalUnlock
GlobalReAlloc
GetCurrentProcess
FlushInstructionCache
FreeEnvironmentStringsW

user32

CharUpperA
SetCursor
ValidateRect
TranslateMessage
GetMessageA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
IsDialogMessageA
SetWindowTextA
ShowWindow
UnregisterClassA
GetClassNameA
DestroyMenu
LoadStringA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
EndPaint
BeginPaint
ClientToScreen
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
GetClientRect
IsWindowVisible
GetTopWindow
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextA
TabbedTextOutA
FillRect
WindowFromDC
GetWindowLongA
SystemParametersInfoA
GetDesktopWindow
GetDC
IsMenu
GetMenuItemID
CopyRect
OffsetRect
GetSysColor
MessageBoxA
PostQuitMessage
GetMenuItemRect
GetSubMenu
GetMenuItemCount
GetMenu
ReleaseDC
SendMessageA
GetMenuItemInfoA
PtInRect
KillTimer
DrawMenuBar
RemovePropA
SetTimer
CallWindowProcA
GetCursorPos
GetPropA
SetWindowLongA
GetNextDlgTabItem
SetPropA
InvalidateRect
EnableWindow
GetWindowRect
LoadBitmapA
GetSystemMetrics
PostMessageA
GetSysColorBrush
LoadCursorA
GetWindowDC
SetWindowsHookExA

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
MoveToEx
LineTo
GetTextExtentPoint32A
GetStockObject
GetDeviceCaps
CreatePen
RestoreDC
SaveDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetPixelV
GetPixel
GetClipBox
CreateBitmap
CreateCompatibleDC
SelectObject
BitBlt
StretchBlt
SetBkColor
SetTextColor
CreateSolidBrush
DeleteObject
GetObjectA
CreateFontIndirectA
CreateCompatibleBitmap
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Read
ImageList_Draw
ImageList_Duplicate

Exports

Exports

GetNewInf

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HtmlView.fne
.dll windows:4 windows x86 arch:x86

7a1f3f7ebb7f027393fa36fd3eaa9c10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
TerminateProcess
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetTimeZoneInformation
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
GetCommandLineA
RtlUnwind
GetTickCount
WritePrivateProfileStringA
FormatMessageA
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GlobalFlags
GetProcessVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetCurrentThread
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetLastError
GetModuleFileNameA
GetThreadLocale
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
MultiByteToWideChar
SetEndOfFile
UnlockFile
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
MulDiv
lstrlenA
GlobalUnlock
IsBadWritePtr
GlobalReAlloc

user32

MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
LoadStringA
DestroyMenu
GetDesktopWindow
PtInRect
GetClassNameA
GetSysColorBrush
UnregisterClassA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
CharNextA
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
ClientToScreen
GetDC
ReleaseDC
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CharUpperA
LoadIconA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
CopyRect
PostThreadMessageA
GetTopWindow
MessageBoxA
IsChild
GetSysColor
SetWindowLongA
GetWindowLongA
IsWindow
GetClientRect
LoadCursorA
wsprintfA
EnableWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
EndDialog
CreateDialogIndirectParamA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
GetNextDlgTabItem
GetParent
GetFocus
EnableMenuItem
SendMessageA
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
OffsetRect
RegisterWindowMessageA
SetWindowPos
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
IsWindowVisible
RegisterClipboardFormatA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetMapMode
DPtoLP
LPtoDP
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
GetBkColor
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject

olepro32

ord253

oleaut32

VariantClear
SysFreeString
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
VariantCopy
SysAllocString
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
SysStringLen

Exports

Exports

GetNewInf

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OPenGL.fne
.dll windows:4 windows x86 arch:x86

a333508d5f27dea1048beb646039661a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetOEMCP
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
ExitThread
RaiseException
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCPInfo
FatalAppExitA
LCMapStringA
LCMapStringW
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
IsBadReadPtr
IsBadCodePtr
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetProcessVersion
FindResourceA
LoadResource
LockResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
GetModuleHandleA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
MulDiv
GetVersion
lstrlenA
FreeLibrary
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
IsDBCSLeadByte
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
IsBadWritePtr

user32

GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
SetWindowPlacement
TrackPopupMenu
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
IsChild
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
AdjustWindowRectEx
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
CharUpperA
DestroyMenu
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
SetForegroundWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
OemToCharA
CharToOemA
GetMenuStringA
DeleteMenu
InsertMenuA
GetMenuItemCount
wsprintfA
GetDesktopWindow
GetWindowTextA
SetWindowTextA
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
ReleaseDC
RegisterWindowMessageA
GetWindowTextLengthA
OffsetRect
MessageBoxA
GetDC
EnableWindow
SetCursor
ShowOwnedPopups
SendMessageA
PostMessageA
PostQuitMessage
ShowCursor
GetWindow

gdi32

SelectPalette
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
GetStockObject
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetDCOrgEx
GetObjectA
SelectObject
RestoreDC
SaveDC
StartDocA
DeleteDC
DeleteObject
CreateBitmap
SwapBuffers
SetPixelFormat
SetArcDirection
ChoosePixelFormat

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragAcceptFiles
SHGetFileInfoA

comctl32

ord17

Exports

Exports

GetNewInf

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/AddIn/VisLrc.dll
.dll windows:4 windows x86 arch:x86

405f85e6c10ba505edbac8ea83c4ca8c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

82:8d:a3:bb:cc:60:a2:4e:27:69:84:46:83:19:5d:c9:43:8e:c5:b2
Signer

Actual PE Digest

82:8d:a3:bb:cc:60:a2:4e:27:69:84:46:83:19:5d:c9:43:8e:c5:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DebugBreak
OutputDebugStringW
GetLastError
MulDiv
FindClose
FindFirstFileW
CompareStringW
CompareStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
CreateFileA
GetCPInfo
LCMapStringW
LCMapStringA
CreateFileW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
MultiByteToWideChar
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
WriteFile
ExitProcess
SetFilePointer
ReadFile
CloseHandle
GetModuleFileNameW
WideCharToMultiByte
lstrlenA
InterlockedDecrement
DeleteCriticalSection
GetCurrentProcess
FlushInstructionCache
lstrlenW
lstrcmpW
InterlockedIncrement
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetPrivateProfileStringW
WritePrivateProfileStringW
GetModuleHandleA
GetProcAddress
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
HeapAlloc
HeapFree
GetVersion
GetCommandLineA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetPrivateProfileIntW
HeapCreate
SetEnvironmentVariableA

user32

SetWindowPos
CreateWindowExW
GetClientRect
SetRectEmpty
RegisterClassExW
LoadCursorW
GetClassInfoExW
RegisterWindowMessageW
DefWindowProcW
GetWindow
SetWindowLongW
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
DrawTextW
PostMessageW
CharLowerW
LoadStringW
CharNextW
wvsprintfW
InvalidateRgn
InvalidateRect
SetCapture
SetWindowTextW
CreateAcceleratorTableW
GetDesktopWindow
RedrawWindow
GetParent
GetClassNameW
ReleaseCapture
GetFocus
IsChild
SetFocus
GetDC
ReleaseDC
BeginPaint
FillRect
EndPaint
CallWindowProcW
GetDlgItem
SendMessageW
GetSysColor
IsWindow
DestroyWindow
wsprintfW
LoadImageW
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW

gdi32

SetBkMode
SetTextColor
GetMapMode
SetMapMode
GetWindowExtEx
GetViewportExtEx
CreateFontIndirectW
GetStockObject
GetObjectW
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetTextExtentPoint32W

ole32

CoInitialize
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning

oleaut32

SysStringLen
OleCreateFontIndirect
OleLoadPicture
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
LoadRegTypeLi

comctl32

InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

Exports

Exports

VisCurTime_
VisDraw_
VisFileName_
VisFree_
VisGetProperty_
VisInit_
VisSetFormat_
VisSetProperty_
VisTotalTime_

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/ColorFilter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

d6358db2b2f2325d29c23c3433a0656f

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

59:35:f8:c6:6b:8f:ff:73:21:78:55:34:38:c4:3d:7f:45:58:10:6f
Signer

Actual PE Digest

59:35:f8:c6:6b:8f:ff:73:21:78:55:34:38:c4:3d:7f:45:58:10:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__dllonexit
_adjust_fdiv
malloc
_initterm
??3@YAXPAX@Z
free
__CxxFrameHandler
wcslen
sscanf
strncmp
strncpy
_filelength
_read
_purecall
_open
_close
_CIpow
atoi
sprintf
strstr
fflush
fwrite
fclose
fopen
fseek
_ftol
??2@YAPAXI@Z
_onexit

winmm

timeSetEvent
timeGetTime

kernel32

GetCurrentThread
GetThreadPriority
SetThreadPriority
GetModuleHandleA
CreateThread
InterlockedExchange
SetErrorMode
lstrcmpiA
CreateEventA
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetACP
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
SystemTimeToTzSpecificLocalTime
GetSystemTime
InterlockedIncrement
InterlockedDecrement
ResetEvent
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
lstrlenA
MultiByteToWideChar
GetLastError
GetModuleFileNameA
GetVersionExA
DisableThreadLibraryCalls
GetTickCount

advapi32

RegOpenKeyExA
RegCreateKeyA
RegSetValueA
RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegSetValueExA

user32

ShowWindow
DestroyWindow
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
wvsprintfA
PostThreadMessageA
RegisterWindowMessageA
GetQueueStatus
DispatchMessageA
LoadStringA
LoadStringW
GetWindowRect
InvalidateRect
SetWindowLongA
GetWindowLongA
wsprintfA
DrawTextA
SetDlgItemInt
CheckRadioButton
GetParent
CreateWindowExA
GetDlgItem
SendMessageA
SetDlgItemTextA
GetDlgItemTextA
MoveWindow
GetDesktopWindow
CreateDialogParamA

gdi32

ExtTextOutA
SelectObject
GetTextExtentPoint32A
SetBkColor
SetTextColor
CreateDIBitmap
GetDIBits
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
DeleteDC

comctl32

ord16
ord17

ole32

CoInitialize
CoFreeUnusedLibraries
CoUninitialize
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/RealMediaSplitter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

092c362fafa1e9277558c0e5612fdfba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\vcexample\guliverkli\guliverkli\trunk\guliverkli\src\filters\parser\realmediasplitter\Release\RealMediaSplitter.pdb

Imports

kernel32

GetFileAttributesA
GetFileSize
GetFileTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcatA
SetErrorMode
GlobalFlags
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetCPInfo
GetOEMCP
RtlUnwind
VirtualQuery
HeapAlloc
HeapFree
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GlobalAddAtomA
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
DeleteFileA
Sleep
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
CreateThread
GetTickCount
GetCurrentThread
SetThreadPriority
GetModuleHandleA
VirtualAlloc
CreateSemaphoreA
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
VirtualFree
GetSystemInfo
ReleaseSemaphore
WaitForSingleObject
ResetEvent
SetEvent
CreateEventA
CloseHandle
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
RaiseException
LoadResource
LockResource
SizeofResource
FindResourceA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenA
lstrcmpiA
WideCharToMultiByte
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
VirtualProtect

user32

DestroyMenu
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
LoadCursorA
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
GetClassNameA
GetSystemMetrics
UnhookWindowsHookEx
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
WinHelpA
EnableWindow
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendMessageA
SetCursor
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PostMessageA
PostQuitMessage
SetRect
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
wsprintfA
UnregisterClassA
CharUpperA
SetWindowTextA

gdi32

DeleteDC
GetStockObject
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
CreateBitmap
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecA
PathAddBackslashA
PathIsUNCA
PathStripToRootA

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString

oleaut32

VariantInit
VariantChangeType
SysAllocString
SysFreeString
VariantClear
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/asfsplliter.ax
.dll regsvr32 windows:4 windows x86 arch:x86

61540ae4d5f1fe29babe6b430f77a241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wmvcore

WMCreateReader

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA

user32

wsprintfA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

free
??1type_info@@UAE@XZ
_CxxThrowException
_ftol
__CxxFrameHandler
??2@YAPAXI@Z
_adjust_fdiv
malloc
_initterm

kernel32

DisableThreadLibraryCalls
LocalFree
GetModuleFileNameA
lstrlenA
GetVersionExA
GetLastError
SetThreadPriority
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
CreateThread
FreeLibrary
ReleaseSemaphore
CreateSemaphoreA
CreateEventA
InterlockedIncrement
SetEvent
EnterCriticalSection
ResetEvent
LeaveCriticalSection
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/atrc.dll
.dll windows:4 windows x86 arch:x86

5132cde9ac8899a69f40dfaacc320c4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

_ftol
??3@YAXPAX@Z
memmove
calloc
free
malloc
_CIpow
floor
??2@YAPAXI@Z
_assert
_except_handler3
_purecall
_initterm
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/cook.dll
.dll windows:4 windows x86 arch:x86

7186ef18b8145b9efacd73914d40cee0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

free
??3@YAXPAX@Z
memmove
_purecall
_CIpow
malloc
??2@YAPAXI@Z
_ftol
_initterm
_adjust_fdiv

Exports

Exports

RACloseCodec
RACreateEncoderInstance
RADecode
RAEncode
RAFlush
RAFreeDecoder
RAFreeEncoder
RAGetBackend
RAGetDecoderBackendGUID
RAGetFlavorProperty
RAGetGUID
RAGetNumberOfFlavors
RAGetNumberOfFlavors2
RAInitDecoder
RAInitEncoder
RAOpenCodec
RAOpenCodec2
RASetComMode
RASetFlavor
_RASetPwd@8

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/drvc.dll
.dll windows:4 windows x86 arch:x86

5d841dc9603dda4e7058b842c1dedbfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

__CxxFrameHandler
memmove
_ftol
_purecall
malloc
free
??3@YAXPAX@Z
_initterm
_adjust_fdiv
_beginthreadex
??2@YAPAXI@Z

kernel32

WaitForMultipleObjects
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileIntA
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetSystemInfo
CreateEventA
QueryPerformanceCounter
SetEvent
QueryPerformanceFrequency
ResetEvent

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

?GetGUID@@YGJPAE@Z
RV40toYUV420CustomMessage
RV40toYUV420Free
RV40toYUV420HiveMessage
RV40toYUV420Init
RV40toYUV420Transform

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Codecs/f4v.swf
QVOD/Codecs/raac.dll
.dll windows:4 windows x86 arch:x86

2569b16af6a5e82c06ef6aed87f5e148

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

??2@YAPAXI@Z
memmove
_CxxThrowException
calloc
free
malloc
exp
fputs
printf
pow
??3@YAXPAX@Z
__CxxFrameHandler
strncpy
log10
atan
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_iob
log
_purecall
_except_handler3

kernel32

DisableThreadLibraryCalls
IsBadReadPtr

Exports

Exports

RACloseCodec
RACreateDecoderInstance
RACreateEncoderInstance
RADecode
RAFlush
RAFreeDecoder
RAGetBackend
RAGetFlavorProperty
RAGetGUID
RAInitDecoder
RAOpenCodec2
RASetComMode

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Lang/en_US.dll
.dll windows:4 windows x86 arch:x86

5c54715227e960c5019e7a45d4b9d02a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Lang/zh_TW.dll
.dll windows:4 windows x86 arch:x86

5c54715227e960c5019e7a45d4b9d02a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/NetAgent.dll
.dll windows:4 windows x86 arch:x86

f618d4cb4d41a461355f2eab6ae077ff

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

10:0a:b5:d6:6a:3b:83:25:44:3d:1c:58:79:b2:91:65:cf:37:18:92
Signer

Actual PE Digest

10:0a:b5:d6:6a:3b:83:25:44:3d:1c:58:79:b2:91:65:cf:37:18:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAWaitForMultipleEvents
WSAEnumNetworkEvents
closesocket
WSACloseEvent
recv
WSAGetLastError
send
socket
WSACreateEvent
connect
WSAEventSelect
htons
gethostbyname

kernel32

GetStdHandle
LCMapStringW
LCMapStringA
CreateEventA
WaitForSingleObject
SetEvent
RtlUnwind
GetLastError
MoveFileW
DeleteFileW
CreateDirectoryW
CloseHandle
GetFileType
CreateFileW
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetCommandLineA
GetVersion
HeapFree
RaiseException
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetFilePointer
HeapAlloc
SetStdHandle
SetHandleCount
GetStartupInfoA
SetEndOfFile
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
HeapSize
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

Exports

Exports

CreateAndRunAgent
GetDownloadLen
GetFileLen
Seek
Terminate

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/QvodBand.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0e32a3b828b41920c248142fcbc590d3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

02:c7:4f:c2:b1:d8:13:17:21:31:17:2e:f8:ad:32:ff:12:0b:61:b8
Signer

Actual PE Digest

02:c7:4f:c2:b1:d8:13:17:21:31:17:2e:f8:ad:32:ff:12:0b:61:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetModuleFileNameA
CreateProcessA
GetTickCount
GetFileAttributesA
CloseHandle
Sleep
FlushFileBuffers
SetStdHandle
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
RaiseException
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryA

user32

LoadStringA
InsertMenuItemA
LoadImageA
FindWindowA
SendMessageA

gdi32

DeleteObject

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

DragQueryFileA

ole32

CoTaskMemFree
StringFromIID
ReleaseStgMedium

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/QvodExtend.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5fa4c601c60be9d7e5a41cb73948ac64

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

53:b3:6c:52:9a:39:5e:55:5d:4f:12:01:a6:ec:e5:a6:75:e8:1c:67
Signer

Actual PE Digest

53:b3:6c:52:9a:39:5e:55:5d:4f:12:01:a6:ec:e5:a6:75:e8:1c:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetModuleFileNameA
MultiByteToWideChar
InterlockedDecrement
RaiseException
LocalFree
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
InterlockedIncrement
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetStdHandle
FlushFileBuffers
CloseHandle
HeapSize

advapi32

RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

ole32

CoTaskMemFree
StringFromIID

oleaut32

SysAllocString
SysFreeString
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/QvodInsert.dll
.dll regsvr32 windows:4 windows x86 arch:x86

512da446183fb702675cbe4761220c96

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:91:d3:b7:71:d5:b9:79:1c:56:f0:4e:83:ec:ad:7d:cd:0b:e0
Signer

Actual PE Digest

09:c0:91:d3:b7:71:d5:b9:79:1c:56:f0:4e:83:ec:ad:7d:cd:0b:e0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
DisableThreadLibraryCalls
HeapDestroy
lstrcpyW
lstrcatW
LocalFree
SetEnvironmentVariableA
GetLocaleInfoW
SetConsoleCtrlHandler
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
CreateFileW
IsBadCodePtr
IsBadReadPtr
CreateFileA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
FlushFileBuffers
GetModuleHandleW
LCMapStringW
LCMapStringA
CompareStringW
CompareStringA
UnhandledExceptionFilter
GetModuleHandleA
HeapSize
TerminateProcess
SetLastError
TlsFree
TlsAlloc
SetFilePointer
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ReadFile
FatalAppExitA
ExitProcess
RaiseException
GetVersion
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
ExitThread
TlsGetValue
TlsSetValue
ResumeThread
RtlUnwind
GetCurrentThread
GetThreadPriority
SetThreadPriority
CreateThread
InterlockedExchange
VirtualFree
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
DuplicateHandle
GetShortPathNameW
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetLocalTime
GetSystemDefaultLangID
OpenMutexW
OpenSemaphoreW
GetSystemTime
CreateProcessW
GetFileAttributesW
CreateDirectoryW
SetEnvironmentVariableW
CopyFileW
GetTickCount
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
DeleteFileW
FindNextFileW
GetLastError
WaitForSingleObject
ResetEvent
FindFirstFileW
FindClose
Sleep
DeleteCriticalSection
CloseHandle
CreateEventW
SetEvent
InitializeCriticalSection
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
lstrlenA
OutputDebugStringW
DebugBreak
InterlockedIncrement
WideCharToMultiByte
GetModuleFileNameW
LoadLibraryW
GetVersionExW
GetProcAddress
InterlockedDecrement
lstrlenW
GetUserDefaultLangID
WriteFile

user32

LoadStringW
GetClientRect
FillRect
GetDC
ReleaseDC
SendMessageW
IsWindow
SetCapture
CharNextW
SetWindowPos
CreateWindowExW
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
ReleaseCapture
wvsprintfW
GetActiveWindow
DrawTextW
DialogBoxParamW
ClientToScreen
FindWindowW
CreateMenu
GetSubMenu
CharLowerW
UnionRect
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
GetQueueStatus
DispatchMessageW
DestroyWindow
SetTimer
SetRectEmpty
MoveWindow
InvalidateRect
ShowWindow
FindWindowExW
PostMessageW
SetWindowTextW
BringWindowToTop
ShowCursor
GetDesktopWindow
GetCursorPos
ScreenToClient
PtInRect
GetWindowRect
SetSysColors
GetSysColor
EnumChildWindows
LoadImageW
GetClassNameW
LoadBitmapW
GetParent
GetKeyState
MessageBoxW
SetDlgItemInt
GetDlgItemTextW
CheckRadioButton
SetDlgItemTextW
GetDlgCtrlID
EndDialog
CopyRect
SetRect
GetSystemMetrics
SystemParametersInfoW
SetParent
EnumDisplayDevicesW
EnumDisplaySettingsW
RegisterHotKey
UnregisterHotKey
KillTimer
TrackPopupMenu
EnableWindow
CreateDialogParamW
CreatePopupMenu
AppendMenuW
DestroyMenu
GetMenuItemCount
InsertMenuW
GetDlgItem
InvalidateRgn
CreateAcceleratorTableW
RedrawWindow
BeginPaint
EndPaint
IsChild
GetFocus
SetFocus
wsprintfW
GetWindowTextLengthW
GetWindowTextW
GetWindow
RegisterWindowMessageW
GetClassInfoExW
RegisterClassExW
SetCursor
LoadCursorW

gdi32

TextOutW
GetStockObject
GetDeviceCaps
GetObjectW
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetTextAlign
CreateSolidBrush
BitBlt
DeleteDC
CreateFontIndirectW
DeleteObject
SetDIBits
CreatePatternBrush
Rectangle
SetBkMode
GetDIBits
SetTextColor
StretchDIBits
SetStretchBltMode
CreateDIBSection
RestoreDC
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
SelectObject
CreateDCW
CreateMetaFileW

comdlg32

ChooseColorW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW

advapi32

RegQueryInfoKeyW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegCreateKeyW
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW

shell32

ShellExecuteW

ole32

CreateOleAdviseHolder
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoInitializeEx
OleLockRunning
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemFree
CoInitialize
StringFromCLSID
CoCreateInstance
OleRegGetMiscStatus
WriteClassStm
CoUninitialize
CoFreeUnusedLibraries
OleSaveToStream
CreateDataAdviseHolder
OleLoadFromStream

oleaut32

CreateErrorInfo
SetErrorInfo
GetErrorInfo
VariantChangeType
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
DispCallFunc
SysStringLen
LoadRegTypeLi
OleCreatePropertyFrame
SysStringByteLen
SysAllocStringByteLen
VariantInit
SafeArrayCreate
SafeArrayPutElement
VariantCopy
VariantClear
SysAllocString
SysFreeString

ws2_32

WSAStartup
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
htonl
connect
recv
inet_addr
htons
send
WSAEventSelect
setsockopt
closesocket
socket
WSAGetLastError
ntohs
ntohl
gethostbyname
inet_ntoa

winmm

timeGetTime
timeSetEvent

quartz

AMGetErrorTextW

comctl32

ImageList_LoadImageW
_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ord16

msimg32

AlphaBlend
TransparentBlt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/QvodPlayer.exe
.exe windows:4 windows x86 arch:x86

355dee5b1674aca2dd7968a22943adc3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

23:50:c3:27:eb:1b:4e:db:fa:3d:1d:88:74:c5:d2:37:fb:0f:4a:6b
Signer

Actual PE Digest

23:50:c3:27:eb:1b:4e:db:fa:3d:1d:88:74:c5:d2:37:fb:0f:4a:6b

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationW
GlobalSize
CreateProcessW
OpenSemaphoreW
GetDiskFreeSpaceExW
SystemTimeToTzSpecificLocalTime
RemoveDirectoryW
FileTimeToSystemTime
GetWindowsDirectoryA
CompareFileTime
SystemTimeToFileTime
MoveFileW
GetTickCount
GetTempPathW
CreateMutexW
OpenMutexW
HeapDestroy
LocalFree
SetEnvironmentVariableA
GetOEMCP
GetACP
LoadLibraryA
GetStringTypeW
GetStringTypeA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
SetEndOfFile
GetStartupInfoA
GetStdHandle
SetHandleCount
FindNextChangeNotification
CompareStringW
CompareStringA
IsBadWritePtr
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
LCMapStringW
LCMapStringA
SetFilePointer
ReadFile
UnhandledExceptionFilter
HeapSize
TerminateProcess
WriteFile
SetLastError
TlsAlloc
ExitProcess
GetVersion
GetStartupInfoW
GetModuleHandleA
HeapReAlloc
CreateFileA
GetFileType
GetFileAttributesA
ExitThread
TlsGetValue
TlsSetValue
ResumeThread
GetTimeZoneInformation
RtlUnwind
CreateThread
InterlockedExchange
VirtualFree
VirtualAlloc
GetSystemInfo
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
FindCloseChangeNotification
GetLocaleInfoW
GetLogicalDriveStringsW
GetModuleHandleW
GetDriveTypeW
GetVolumeInformationW
SetSystemPowerState
SetThreadExecutionState
lstrcpynA
lstrcpynW
SetEnvironmentVariableW
GetSystemDirectoryW
CopyFileW
GetSystemTime
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
CreateFileW
DeviceIoControl
GetProcessHeap
HeapAlloc
HeapFree
lstrcpyW
lstrcmpW
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
WaitForSingleObject
ResetEvent
Sleep
GetWindowsDirectoryW
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
CreateEventW
SetEvent
EnterCriticalSection
LeaveCriticalSection
FindFirstFileW
GetFileAttributesW
FindNextFileW
FindClose
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetModuleFileNameW
CreateDirectoryW
SetFileAttributesW
GetLocalTime
DeleteFileW
InterlockedIncrement
GetUserDefaultLangID
lstrlenW
GetProcAddress
InterlockedDecrement
GetVersionExW
FreeLibrary
LoadLibraryW
SetStdHandle
RaiseException

user32

GetDlgCtrlID
CheckRadioButton
SetDlgItemTextW
GetDlgItemTextW
EndDialog
DialogBoxParamW
ClientToScreen
EnumDisplayDevicesW
EnumDisplaySettingsW
SetParent
GetMenuItemInfoW
SetMenuItemInfoW
DeleteMenu
EnableWindow
ExitWindowsEx
SetDlgItemInt
GetActiveWindow
DrawTextW
IsMenu
CloseClipboard
GetClipboardData
OpenClipboard
GetDlgItemInt
GetDlgItemTextA
OffsetRect
UpdateWindow
SetForegroundWindow
MoveWindow
ShowWindow
PostMessageW
DestroyAcceleratorTable
CallNextHookEx
GetWindowRect
GetDesktopWindow
MessageBoxW
LoadStringW
CharNextW
CopyAcceleratorTableW
LoadAcceleratorsW
CreateMenu
MessageBeep
PeekMessageW
RemoveMenu
WindowFromPoint
GetKeyState
DestroyIcon
UnionRect
DispatchMessageW
TranslateMessage
GetMessageW
GetScrollInfo
GetMenuStringW
ModifyMenuW
GetMenuItemID
DefWindowProcW
GetClientRect
ReleaseDC
FillRect
GetDC
SendMessageW
wsprintfW
IsWindow
SetCapture
ReleaseCapture
SetWindowPos
CreateWindowExW
SetWindowLongW
GetWindowLongW
CallWindowProcW
DestroyWindow
SetRectEmpty
LoadCursorW
SetTimer
RegisterClassExW
GetClassInfoExW
InvalidateRect
FindWindowExW
ShowCursor
CharLowerW
LoadMenuW
SetRect
RegisterWindowMessageW
GetWindow
GetSystemMetrics
GetSystemMenu
TrackPopupMenu
SystemParametersInfoW
CopyRect
IsZoomed
IsIconic
UnregisterHotKey
FindWindowW
LoadIconW
CheckMenuItem
CheckMenuRadioItem
EnableMenuItem
CreateDialogParamW
GetSubMenu
RegisterHotKey
TranslateAcceleratorW
UnhookWindowsHookEx
SetWindowsHookExW
CreateAcceleratorTableW
SetWindowTextW
GetWindowTextW
GetKeyboardState
MapWindowPoints
TrackPopupMenuEx
IsWindowVisible
PostQuitMessage
LoadStringA
CreatePopupMenu
AppendMenuW
DestroyMenu
GetMenuItemCount
InsertMenuW
InvalidateRgn
RedrawWindow
GetFocus
IsChild
SetFocus
BeginPaint
EndPaint
GetDlgItem
SetWindowRgn
LoadBitmapW
GetClassNameW
LoadImageW
EnumChildWindows
GetSysColor
SetSysColors
GetParent
SetCursor
GetCursorPos
ScreenToClient
PtInRect
BringWindowToTop
KillTimer
GetWindowTextLengthW

gdi32

SetViewportOrgEx
Rectangle
CreatePatternBrush
GetTextExtentPoint32W
SetDIBits
SetBkColor
ExtTextOutW
GetCurrentObject
GetPixel
CreatePen
MoveToEx
LineTo
CreateDIBSection
SetStretchBltMode
StretchDIBits
SetTextColor
GetDIBits
SetBkMode
CreateFontIndirectW
GetStockObject
GetDeviceCaps
CreateRectRgn
CombineRgn
GetObjectW
StretchBlt
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
BitBlt
DeleteDC
RoundRect
CreateCompatibleDC
DeleteObject

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW

shell32

SHFileOperationW
Shell_NotifyIconW
SHChangeNotify
SHAppBarMessage
ExtractIconW
DragFinish
DragAcceptFiles
ShellExecuteW
SHBrowseForFolderW
DragQueryFileW
SHGetPathFromIDListW

ole32

CLSIDFromProgID
CoTaskMemFree
OleUninitialize
CLSIDFromString
CreateStreamOnHGlobal
CoInitialize
StringFromCLSID
CoCreateInstance
CoTaskMemAlloc
OleLockRunning
CoFreeUnusedLibraries
CoUninitialize
CoInitializeSecurity
OleInitialize

oleaut32

SysFreeString
OleCreateFontIndirect
SysAllocStringLen
DispCallFunc
LoadRegTypeLi
SysStringLen
OleCreatePropertyFrame
VariantInit
VariantCopy
VariantClear
SysAllocString
GetErrorInfo

ws2_32

gethostbyname
inet_ntoa
ntohl
WSACleanup
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAEventSelect
gethostname
htonl
inet_addr
htons
recv
send
WSAGetLastError
socket
setsockopt
connect
closesocket
ntohs
WSAStartup

winmm

mciSendStringW
timeGetTime

quartz

AMGetErrorTextW

iphlpapi

GetAdaptersInfo

comctl32

_TrackMouseEvent
ord16
ImageList_Destroy
ImageList_Draw
ImageList_GetImageInfo
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_DragMove
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_BeginDrag
ImageList_LoadImageW
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt

urlmon

CoInternetGetSession

Sections

.text
Size: 992KB - Virtual size: 989KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QVOD/QvodTerminal.exe
.exe windows:4 windows x86 arch:x86

9232d0b3056ac0dcec0880d50328a24b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e9:34:39:b2:e3:4b:fc:27:f2:54:29:cb:64:e6:6d:5e:b0:a0:23:26
Signer

Actual PE Digest

e9:34:39:b2:e3:4b:fc:27:f2:54:29:cb:64:e6:6d:5e:b0:a0:23:26

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
inet_addr
recvfrom
getpeername
inet_ntoa
ntohs
gethostbyname
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
htonl
connect
select
setsockopt
socket
htons
bind
listen
WSACreateEvent
WSAEventSelect
ntohl
send
WSAJoinLeaf
WSASocketA
ioctlsocket
gethostname
recv
WSAStartup
WSAGetLastError
WSACloseEvent
sendto
closesocket

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

iphlpapi

GetAdaptersInfo

ole32

CoCreateInstance
CoCreateGuid
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysStringLen
SysFreeString

kernel32

InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetOEMCP
GetACP
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapReAlloc
GetStdHandle
SetHandleCount
SetEndOfFile
SetStdHandle
SetLastError
TlsAlloc
GetCurrentThreadId
GetVersion
GetCommandLineA
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MoveFileExA
Sleep
MultiByteToWideChar
CreateEventA
CloseHandle
SetEvent
GetTickCount
WaitForSingleObject
GetTempPathA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTime
InterlockedIncrement
CopyFileA
CreateSemaphoreA
OpenSemaphoreA
HeapFree
HeapAlloc
GetProcessHeap
MoveFileA
LocalFree
LocalAlloc
GetSystemDirectoryA
GetVersionExA
GetModuleFileNameA
GetLocalTime
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
GetDiskFreeSpaceExA
GetLastError
TerminateProcess
ReadFile
PeekNamedPipe
GetWindowsDirectoryA
GetStartupInfoA
CreatePipe
GetProcAddress
LoadLibraryA
lstrlenA
lstrlenW
CreateThread
RtlUnwind
GetFileType
CreateFileA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetFilePointer
ResumeThread
TlsSetValue
TlsGetValue
ExitThread
CreateDirectoryW
CreateFileW
GetTimeZoneInformation
GetSystemTimeAsFileTime
RaiseException
ExitProcess
GetCurrentProcess

user32

CreateWindowExA
LoadIconA
DefWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
LoadCursorA
RegisterClassExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostQuitMessage

advapi32

RegOpenKeyA
RegCloseKey

Sections

.text
Size: 416KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QVOD/ShareModule.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4d31033905b7f9799eebc95dce22db30

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:d1:ad:9b:16:f2:f2:1b:66:64:ab:8b:27:1f:d5:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/06/2009, 00:00

Not After

02/06/2011, 23:59

Subject

CN=Shenzhen QVOD Technology Co.\,Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shenzhen QVOD Technology Co.\,Ltd,L=Shenzhen,ST=Shenzhen,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:1c:2a:76:28:e8:f5:f2:8b:66:2d:3b:b5:1d:16:15:75:9f:39:d4
Signer

Actual PE Digest

f6:1c:2a:76:28:e8:f5:f2:8b:66:2d:3b:b5:1d:16:15:75:9f:39:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetFileAttributesW
OpenMutexW
DebugBreak
OutputDebugStringW
GetModuleFileNameW
HeapFree
HeapAlloc
GetProcessHeap
DeviceIoControl
CreateFileW
GetShortPathNameW
GetModuleHandleW
FreeLibrary
SizeofResource
LoadResource
WaitForSingleObject
GetLastError
LoadLibraryExW
lstrcmpiW
lstrcpynW
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
lstrcatW
GetProcAddress
LoadLibraryW
SetEnvironmentVariableA
LoadLibraryA
GetOEMCP
ResetEvent
CloseHandle
CreateEventW
SetEvent
lstrlenW
MultiByteToWideChar
lstrlenA
Sleep
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileIntW
FindResourceW
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
FlushFileBuffers
WriteFile
RaiseException
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
CompareStringW
CompareStringA
UnhandledExceptionFilter
GetFileType
CreateFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
HeapReAlloc
GetCommandLineA
GetVersion
ReadFile
SetFilePointer
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
SetEndOfFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
HeapSize
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError

user32

LoadStringW
CharNextW
wvsprintfW
CharLowerW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
RegEnumValueW

shell32

ShellExecuteW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoInitializeEx

oleaut32

RegisterTypeLi
SysFreeString
SysAllocString
VariantClear
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen

ws2_32

setsockopt
socket
htons
ntohs
closesocket
WSAStartup
ntohl
WSAGetLastError
recv
send
htonl
inet_addr
connect

iphlpapi

GetAdaptersInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QVOD/Skin/Default.xml
QVOD/Skin/Default/back.bmp
QVOD/Skin/Default/backleft.bmp
QVOD/Skin/Default/backmid.bmp
QVOD/Skin/Default/backright.bmp
QVOD/Skin/Default/bgline.bmp
QVOD/Skin/Default/bleft1.bmp
QVOD/Skin/Default/bottom.bmp
QVOD/Skin/Default/bottomleft.bmp
QVOD/Skin/Default/bottomright.bmp
QVOD/Skin/Default/bright1.bmp
QVOD/Skin/Default/caption.bmp
QVOD/Skin/Default/close.bmp
QVOD/Skin/Default/full.bmp
QVOD/Skin/Default/icon.bmp
QVOD/Skin/Default/info.bmp
QVOD/Skin/Default/infofull.bmp
QVOD/Skin/Default/left.bmp
QVOD/Skin/Default/left1.bmp
QVOD/Skin/Default/listbutton.bmp
QVOD/Skin/Default/listbutton2.bmp
QVOD/Skin/Default/listsplit.bmp
QVOD/Skin/Default/lsearchb1.bmp
QVOD/Skin/Default/lsearchb2.bmp
QVOD/Skin/Default/lsearchbg.bmp
QVOD/Skin/Default/lsearchbg1.bmp
QVOD/Skin/Default/max.bmp
QVOD/Skin/Default/media_del.bmp
QVOD/Skin/Default/media_files.bmp
QVOD/Skin/Default/media_files_2.bmp
QVOD/Skin/Default/media_fill.bmp
QVOD/Skin/Default/media_info.bmp
QVOD/Skin/Default/media_search.bmp
QVOD/Skin/Default/media_sham.bmp
QVOD/Skin/Default/media_sham_2.bmp
QVOD/Skin/Default/mediaeditdel.bmp
QVOD/Skin/Default/mediare.bmp
QVOD/Skin/Default/mediatolist.bmp
QVOD/Skin/Default/mediatree.bmp
QVOD/Skin/Default/menu.bmp
QVOD/Skin/Default/min.bmp
QVOD/Skin/Default/mtk.bmp
QVOD/Skin/Default/mute.bmp
QVOD/Skin/Default/mute2.bmp
QVOD/Skin/Default/next.bmp
QVOD/Skin/Default/nowplay.bmp
QVOD/Skin/Default/open.bmp
QVOD/Skin/Default/pause.bmp
QVOD/Skin/Default/play.bmp
QVOD/Skin/Default/playlist_toolbar.bmp
QVOD/Skin/Default/pre.bmp
QVOD/Skin/Default/processp.bmp
QVOD/Skin/Default/progress.bmp
QVOD/Skin/Default/progress_point_a.bmp
QVOD/Skin/Default/progress_point_b.bmp
QVOD/Skin/Default/progress_thumb.bmp
QVOD/Skin/Default/reold.bmp
QVOD/Skin/Default/right.bmp
QVOD/Skin/Default/right1.bmp
QVOD/Skin/Default/scroll_back.bmp
QVOD/Skin/Default/scroll_back_h.bmp
QVOD/Skin/Default/scroll_down.bmp
QVOD/Skin/Default/scroll_left.bmp
QVOD/Skin/Default/scroll_limit.bmp
QVOD/Skin/Default/scroll_limit_h.bmp
QVOD/Skin/Default/scroll_right.bmp
QVOD/Skin/Default/scroll_up.bmp
QVOD/Skin/Default/search_botton.bmp
QVOD/Skin/Default/search_icon.bmp
QVOD/Skin/Default/stop.bmp
QVOD/Skin/Default/tab.bmp
QVOD/Skin/Default/tab1.bmp
QVOD/Skin/Default/tabs_fill.bmp
QVOD/Skin/Default/tabs_left.bmp
QVOD/Skin/Default/tabs_mid.bmp
QVOD/Skin/Default/tabs_right.bmp
QVOD/Skin/Default/tabs_search_fill.bmp
QVOD/Skin/Default/tabs_search_left.bmp
QVOD/Skin/Default/top.bmp
QVOD/Skin/Default/topleft.bmp
QVOD/Skin/Default/topleft1.bmp
QVOD/Skin/Default/topright.bmp
QVOD/Skin/Default/topright1.bmp
QVOD/Skin/Default/volume.bmp
QVOD/Skin/Default/volumeb.bmp
QVOD/Skin/Default/volumep.bmp
QVOD/Skin/Logo.bmp
QVOD/Skin/MiNi/back.bmp
QVOD/Skin/MiNi/info.bmp
QVOD/Skin/MiNi/mute.bmp
QVOD/Skin/MiNi/mute2.bmp
QVOD/Skin/MiNi/next.bmp
QVOD/Skin/MiNi/open.bmp
QVOD/Skin/MiNi/pause.bmp
QVOD/Skin/MiNi/play.bmp
QVOD/Skin/MiNi/pre.bmp
QVOD/Skin/MiNi/processp.bmp
QVOD/Skin/MiNi/progress.bmp
QVOD/Skin/MiNi/progress_thumb.bmp
QVOD/Skin/MiNi/progressd.bmp
QVOD/Skin/MiNi/volume.bmp
QVOD/Skin/MiNi/volumeb.bmp
QVOD/Skin/MiNi/volumep.bmp
QVOD/Skin/Mini.xml
RegEx.fne
.dll windows:4 windows x86 arch:x86

17065b5c253ba1d2ebb061964e090d5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetUserDefaultLCID
GetStringTypeExA
FreeLibrary
LCMapStringA
LCMapStringW
LoadLibraryA
Sleep
InterlockedCompareExchange
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
WriteFile
GetStdHandle
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetLocaleInfoA
InitializeCriticalSection
GetStringTypeA
GetStringTypeW

user32

LoadStringA

Exports

Exports

GetNewInf

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skins/ADbg.bmp
Skins/Logo.bmp
Skins/PlayProgress1.bmp
Skins/PlayProgress2.bmp
Skins/PlayProgress3.bmp
Skins/PlayProgress_left.bmp
Skins/PlayProgress_right.bmp
Skins/PlayThumb.bmp
Skins/SliderThumb.bmp
Skins/bg.bmp
Skins/bg_bot.bmp
Skins/bg_bot_1.bmp
Skins/bg_left.bmp
Skins/bg_right.bmp
Skins/bg_top.bmp
Skins/close.bmp
Skins/close_hover.bmp
Skins/fullscreen.bmp
Skins/kz.bmp
Skins/list_table_down.bmp
Skins/list_table_down2.bmp
Skins/list_table_down3.bmp
Skins/list_table_down4.bmp
Skins/loading.bmp
Skins/loading.gif
.gif
Skins/login.bmp
Skins/login1.bmp
Skins/login2.bmp
Skins/login3.bmp
Skins/login4.bmp
Skins/login5.bmp
Skins/login6.bmp
Skins/lrbg.bmp
Skins/max.bmp
Skins/menu.bmp
Skins/mili/BG.bmp
Skins/mili/bottom_fill.bmp
Skins/mili/full.bmp
Skins/mili/mute.bmp
Skins/mili/mute1.bmp
Skins/mili/next.bmp
Skins/mili/pause.bmp
Skins/mili/play.bmp
Skins/mili/pre.bmp
Skins/mili/resize1001.bmp
Skins/mili/resize1002.bmp
Skins/mili/resize1501.bmp
Skins/mili/resize1502.bmp
Skins/mili/resize2001.bmp
Skins/mili/resize2002.bmp
Skins/mili/resizeback.bmp
Skins/mili/resizemini1.bmp
Skins/mili/resizemini2.bmp
Skins/mili/resizenotop1.bmp
Skins/mili/resizenotop2.bmp
Skins/mili/resizetop1.bmp
Skins/mili/resizetop2.bmp
Skins/mili/stop.bmp
Skins/mili/unfullscreen.bmp
Skins/mili/volume.bmp
Skins/mili/volumep.bmp
Skins/min.bmp
Skins/min_down.bmp
Skins/min_hover.bmp
Skins/mode.bmp
Skins/next.bmp
Skins/pause.bmp
Skins/play.bmp
Skins/previous.bmp
Skins/restore.bmp
Skins/search.bmp
Skins/skin.ini
Skins/sound_1.bmp
Skins/sound_2.bmp
Skins/sound_3.bmp
Skins/stop.bmp
Skins/un_sound_1.bmp
Skins/un_sound_2.bmp
Skins/un_sound_3.bmp
Skins/vol_bar1.bmp
Skins/vol_bar2.bmp
YunImage.fne
.dll windows:4 windows x86 arch:x86

bbf8bed51a41b39c330cd51b1dbdee09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord342
ord1243
ord1197
ord1570
ord1253
ord3738
ord6467
ord1578
ord600
ord826
ord269
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord1182
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord1116
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord1577
ord1168
ord1575
ord1176
ord500
ord6142
ord772
ord823
ord815
ord2976
ord561
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord1255
ord825

msvcrt

_setmode
_read
_write
_lseek
_close
_strdup
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
isprint
printf
__CxxLongjmpUnwind
_setjmp3
longjmp
_CIfmod
ceil
_cabs
rand
qsort
_CIacos
div
sprintf
_ftol
floor
_CxxThrowException
strncpy
strncmp
realloc
malloc
_mbsnbcpy
_CIpow
__CxxFrameHandler
getc
fputc
fflush
ftell
fseek
fwrite
fread
fopen
fclose
_purecall
free
calloc
_except_handler3
abort
fprintf
_iob
strtod
exit
sscanf
getenv
strcpy
strlen
memcpy
memset
memmove
pow
exp
log
sqrt
fabs
atan2
strstr
tmpnam
vsprintf
_pctype
_isctype
__mb_cur_max
atoi
atof
strchr
vfprintf
strtok
_open
_unlink

kernel32

LocalFree
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LoadResource
LockResource
MulDiv
LocalAlloc

user32

GetSysColor
DrawTextA
GetIconInfo
GetDC
ReleaseDC

gdi32

CreateDIBSection
CreateDIBitmap
GetDeviceCaps
GetStockObject
GetObjectA
CreateCompatibleDC
GetDIBits
RealizePalette
SelectObject
DeleteObject
BitBlt
SetDIBitsToDevice
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
StretchBlt
SetBkColor
CreateBitmap
CreateCompatibleBitmap
RectVisible
StretchDIBits
SetBkMode
SetTextColor
CreateFontIndirectA
CombineRgn
CreateRectRgn
PlayEnhMetaFile
SelectPalette
CreatePalette
GetEnhMetaFilePaletteEntries
ExtTextOutA
DeleteEnhMetaFile
SetWinMetaFileBits
GetEnhMetaFileHeader
SetEnhMetaFileBits
DeleteDC

Exports

Exports

??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBDK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxImageTIF@@QAE@ABV0@@Z
??0CxImageTIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxImageTIF@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxImageTIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?Alloc@CxMemFile@@IAEXK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?Colorize@CxImage@@QAE_NEEM@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CompareColors@CxImage@@KAHPBX0@Z
?Contour@CxImage@@QAE_NXZ
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Crop@CxImage@@QAE_NABUtagRECT@@PAV1@@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?CropRotatedRectangle@CxImage@@QAE_NJJJJMPAV1@@Z
?CrossSection@CxRect2@@QBE?AV1@ABV1@@Z
?DFT@CxImage@@IAE_NHJPAN000@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Decode@CxImageTIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageTIF@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@H@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Destroy@CxImage@@QAE_NXZ
?Dilate@CxImage@@QAE_NJ@Z
?DiscardAllButExif@CxExifInfo@CxImageJPG@@QAEXXZ
?Distance@CxPoint2@@QAEMMM@Z
?Distance@CxPoint2@@QAEMV1@@Z
?Dither@CxImage@@QAE_NJ@Z
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Edge@CxImage@@QAE_NJ@Z
?Enable@CxImage@@QAEX_N@Z
?Encode2RGBA@CxImage@@QAE_NAAPAEAAJ@Z
?Encode2RGBA@CxImage@@QAE_NPAVCxFile@@@Z
?Encode@CxImage@@QAE_NAAPAEAAJK@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@PAPAV1@HK@Z
?Encode@CxImage@@QAE_NPAVCxFile@@K@Z
?Encode@CxImage@@QAE_NPAVCxFile@@PAPAV1@HK@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H_N@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N@Z
?Encode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@_N@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@_N@Z
?EncodeBody@CxImageGIF@@IAEXPAVCxFile@@_N@Z
?EncodeBody@CxImageTIF@@IAE_NPAUtiff@@_NHH@Z
?EncodeComment@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeHeader@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeLoopExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeRGB@CxImageGIF@@IAE_NPAVCxFile@@@Z
?EncodeSafeCheck@CxImage@@IAE_NPAVCxFile@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Erode@CxImage@@QAE_NJ@Z
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Expand@CxImage@@QAE_NJJJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?FFT2@CxImage@@QAE_NPAV1@000J_N1@Z
?FFT@CxImage@@IAE_NHHPAN0@Z
?Filter@CxImage@@QAE_NPAJJJJ@Z
?FindSection@CxExifInfo@CxImageJPG@@IAEPAXH@Z
?Flip@CxImage@@QAE_NXZ
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?Gamma@CxImage@@QAE_NM@Z
?Get16m@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get16u@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get32s@CxExifInfo@CxImageJPG@@IAEJPAX@Z
?Get32u@CxExifInfo@CxImageJPG@@IAEKPAX@Z
?GetAreaColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetDIB@CxImage@@QBEPAXXZ
?GetDisposalMethod@CxImageGIF@@QAEJXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImage@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@QAU2@@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
?GetVersion@CxImage@@QAEPBDXZ
?GetVersionNumber@CxImage@@QAE?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPAV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Height@CxRect2@@QBEMXZ
?Histogram@CxImage@@QAEJPAJ000J@Z
?HistogramEqualize@CxImage@@QAE_NXZ
?HistogramLog@CxImage@@QAE_NXZ
?HistogramNormalize@CxImage@@QAE_NXZ
?HistogramRoot@CxImage@@QAE_NXZ
?HistogramStretch@CxImage@@QAE_NJ@Z
?HuePalette@CxImage@@QAEXM@Z
?HueToRGB@CxImage@@KAMMMM@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsPowerof2@CxImage@@IAE_NJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Jitter@CxImage@@QAE_NJ@Z
?KernelBSpline@CxImage@@SAMM@Z
?KernelBessel@CxImage@@SAMM@Z
?KernelBessel_J1@CxImage@@SAMM@Z
?KernelBessel_Order1@CxImage@@SAMM@Z
?KernelBessel_P1@CxImage@@SAMM@Z
?KernelBessel_Q1@CxImage@@SAMM@Z
?KernelBlackman@CxImage@@SAMM@Z
?KernelBox@CxImage@@SAMM@Z
?KernelCatrom@CxImage@@SAMM@Z
?KernelCubic@CxImage@@SAMM@Z
?KernelGaussian@CxImage@@SAMM@Z
?KernelGeneralizedCubic@CxImage@@SAMMM@Z
?KernelHamming@CxImage@@SAMM@Z
?KernelHermite@CxImage@@SAMM@Z
?KernelLanczosSinc@CxImage@@SAMMM@Z
?KernelLinear@CxImage@@SAMM@Z
?KernelMitchell@CxImage@@SAMM@Z
?KernelQuadratic@CxImage@@SAMM@Z
?KernelSinc@CxImage@@SAMM@Z
?Light@CxImage@@QAE_NJJ@Z
?Load@CxImage@@QAE_NPBDK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?Lut@CxImage@@QAE_NPAE000@Z
?Lut@CxImage@@QAE_NPAE@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mean@CxImage@@QAEMXZ
?Median@CxImage@@QAE_NJ@Z
?Mirror@CxImage@@QAE_NXZ
?Mix@CxImage@@QAEXAAV1@W4ImageOpType@1@JJ_N@Z
?MixFrom@CxImage@@QAEXAAV1@JJ@Z
?Negative@CxImage@@QAE_NXZ
?Noise@CxImage@@QAE_NJ@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?OverflowCoordinates@CxImage@@QAEXAAJ0W4OverflowMethod@1@@Z
?OverflowCoordinates@CxImage@@QAEXAAM0W4OverflowMethod@1@@Z
?ProcessExifDir@CxExifInfo@CxImageJPG@@IAE_NPAE0IQAUtag_ExifInfo@2@QAPAE@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?Putword@CxImageGIF@@IAEXHPAVCxFile@@@Z
?QIShrink@CxImage@@QAE_NJJQAV1@@Z
?RGBQUADtoRGB@CxImage@@SAKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoHSL@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?RGBtoXYZ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYIQ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYUV@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?RedEyeRemove@CxImage@@QAE_NXZ
?Repair@CxImage@@QAE_NMJJ@Z
?RepairChannel@CxImage@@IAE_NPAV1@M@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?Resample@CxImage@@QAE_NJJHPAV1@@Z
?Rotate180@CxImage@@QAE_NPAV1@@Z
?Rotate2@CxImage@@QAE_NMPAV1@W4InterpolationMethod@1@W4OverflowMethod@1@PAUtagRGBQUAD@@_N4@Z
?Rotate@CxImage@@QAE_NMPAV1@@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Save@CxImage@@QAE_NPBDK@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SelectionAddColor@CxImage@@QAE_NUtagRGBQUAD@@@Z
?SelectionAddEllipse@CxImage@@QAE_NUtagRECT@@@Z
?SelectionAddPixel@CxImage@@QAE_NHH@Z
?SelectionAddPolygon@CxImage@@QAE_NPAUtagPOINT@@J@Z
?SelectionAddRect@CxImage@@QAE_NUtagRECT@@@Z
?SelectionClear@CxImage@@QAE_NXZ
?SelectionCopy@CxImage@@QAE_NAAV1@@Z
?SelectionCreate@CxImage@@QAE_NXZ
?SelectionDelete@CxImage@@QAE_NXZ
?SelectionGetBox@CxImage@@QAEXAAUtagRECT@@@Z
?SelectionInvert@CxImage@@QAE_NXZ
?SelectionIsInside@CxImage@@QAE_NJJ@Z
?SelectionIsValid@CxImage@@QAE_NXZ
?SelectionSplit@CxImage@@QAE_NPAV1@@Z
?SelectionToHRGN@CxImage@@QAE_NAAPAUHRGN__@@@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAE_NKK@Z
?SetComment@CxImageGIF@@QAEXPBD@Z
?SetDisposalMethod@CxImageGIF@@QAEXH@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetLoops@CxImageGIF@@QAEXH@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@1@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?ShiftRGB@CxImage@@QAE_NJJJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Skew@CxImage@@QAE_NMMJJ_N@Z
?SplitCMYK@CxImage@@QAE_NPAV1@000@Z
?SplitHSL@CxImage@@QAE_NPAV1@00@Z
?SplitRGB@CxImage@@QAE_NPAV1@00@Z
?SplitXYZ@CxImage@@QAE_NPAV1@00@Z
?SplitYIQ@CxImage@@QAE_NPAV1@00@Z
?SplitYUV@CxImage@@QAE_NPAV1@00@Z
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJK@Z
?Surface@CxRect2@@QBEMXZ
?SwapIndex@CxImage@@QAEXEE@Z
?TIFFCloseEx@CxImageTIF@@QAEXPAUtiff@@@Z
?TIFFOpenEx@CxImageTIF@@QAEPAUtiff@@PAVCxFile@@@Z
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Threshold@CxImage@@QAE_NE@Z
?Thumbnail@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?TileToStrip@CxImageTIF@@IAEXPAE0KKHH@Z
?Transfer@CxImage@@QAE_NAAV1@@Z
?UnsharpMask@CxImage@@QAE_NMMH@Z
?Width@CxRect2@@QBEMXZ
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?XYZtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YIQtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YUVtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?blur_line@CxImage@@IAEXPAM0HPAE1HJ@Z
?char_out@CxImageGIF@@IAEXH@Z
?cl_hash@CxImageGIF@@IAEXJ@Z
?compressLZW@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressNONE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressRLE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?decoder@CxImageGIF@@IAEFPAVCxFile@@PAVCImageIterator@@FAAH@Z
?flush_char@CxImageGIF@@IAEXXZ
?gen_convolve_matrix@CxImage@@IAEHMPAPAM@Z
?gen_lookup_table@CxImage@@IAEPAMPAMH@Z
?get_byte@CxImageGIF@@IAEHPAVCxFile@@@Z
?get_next_code@CxImageGIF@@IAEFPAVCxFile@@@Z
?get_num_frames@CxImageGIF@@IAEHPAVCxFile@@PAUtag_TabCol@1@PAUtag_dscgif@1@@Z
?init_exp@CxImageGIF@@IAEFF@Z
?out_line@CxImageGIF@@IAEHPAVCImageIterator@@PAEH@Z
?output@CxImageGIF@@IAEXF@Z
?process_COM@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?process_EXIF@CxExifInfo@CxImageJPG@@IAE_NPAEI@Z
?process_SOFn@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?rle_block_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_block_out@CxImageGIF@@IAEXEPAUtag_RLE@1@@Z
?rle_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_compute_triangle_count@CxImageGIF@@IAEIII@Z
?rle_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_flush_clearorrep@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_fromclear@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_withtable@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_isqrt@CxImageGIF@@IAEII@Z
?rle_output@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_output_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_output_plain@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_reset_out_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_write_block@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?seek_next_image@CxImageGIF@@IAEJPAVCxFile@@J@Z
GetNewInf

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
com.run
.dll windows:4 windows x86 arch:x86

1e7533366a641f8159cfe207ceac1e3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessVersion
GetLastError
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalUnlock
MulDiv
SetLastError
GetThreadLocale
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
LockResource
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetProcAddress
GlobalAlloc
GlobalFree
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetVersionExA
LoadLibraryA
LoadLibraryExA
FreeLibrary
lstrlenW
lstrlenA
GetFileType
GetUserDefaultLCID

user32

CreateDialogIndirectParamA
EndDialog
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
LoadStringA
GetSysColorBrush
GetDesktopWindow
PtInRect
GetClassNameA
UnregisterClassA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadIconA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
wsprintfA
LoadBitmapA
IsWindow
GetClientRect
LoadCursorA
EnableWindow
SetFocus
GetSysColor
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UnhookWindowsHookEx
PostThreadMessageA
RegisterClipboardFormatA
MapDialogRect
SetWindowPos
IsRectEmpty
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
MessageBoxA
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
SetWindowContextHelpId
GetWindow
CharUpperA
DestroyMenu

gdi32

GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
ExtTextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
TextOutA
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetBkColor
GetTextColor
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
PatBlt
CreateCompatibleDC
BitBlt
GetObjectA
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CreateStreamOnHGlobal
StringFromIID
CoTaskMemFree
IIDFromString
CLSIDFromString
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord252
ord253
ord250

oleaut32

LoadRegTypeLi
SysFreeString
VariantClear
VariantChangeType
VariantInit
VariantCopyInd
GetRecordInfoFromTypeInfo
SysAllocString
VariantCopy
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen

Exports

Exports

InitCtl
InitCtl2

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
config.inf
eAPI.fne
.dll windows:4 windows x86 arch:x86

d0090138d80c47735b70f81ce3f6c2b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

SendARP
GetAdaptersInfo

shlwapi

PathAppendA
PathFileExistsA
SHDeleteValueA
SHDeleteKeyA

mpr

WNetAddConnection2A
WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum
WNetCancelConnection2A

winmm

waveOutGetDevCapsA
mciSendStringA
waveOutGetNumDevs

ws2_32

closesocket
inet_ntoa
gethostname
gethostbyname
inet_addr
WSAStartup
gethostbyaddr
WSACleanup
connect
htons
socket
sendto

version

VerLanguageNameA
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
MulDiv
lstrcpynA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFullPathNameA
GetFileTime
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GetCurrentThreadId
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
HeapSize
GetACP
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetCurrentProcessId
WinExec
lstrcatA
WriteProfileStringA
SetLastError
GetProfileStringA
CreateDirectoryA
GetSystemDirectoryA
EnumResourceNamesA
CopyFileA
Sleep
GetWindowsDirectoryA
GetTempPathA
GlobalMemoryStatus
Module32First
Module32Next
OpenProcess
InterlockedExchange
TerminateProcess
GetDriveTypeA
GetVolumeInformationA
GetLastError
GetFileSize
FindFirstFileA
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
FindNextFileA
FindClose
DeleteFileA
MultiByteToWideChar
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
ReadProcessMemory
VirtualFreeEx
GetExitCodeThread
GlobalAlloc
LoadLibraryExA
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
CreateToolhelp32Snapshot
Process32First
Process32Next
WriteFile
ReadFile
SetFilePointer
GetLocaleInfoA
GetSystemDefaultLangID
GetTimeZoneInformation
CreateFileA
DeviceIoControl
CloseHandle
lstrlenA
GetModuleHandleA
GetVersion
GetVersionExA
LoadLibraryA
GetProcAddress
GetCurrentProcess
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GlobalHandle

user32

IsDialogMessageA
SetWindowPos
SetFocus
GetWindowPlacement
IsIconic
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
CharUpperA
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
EnableWindow
SetCursor
PostMessageA
PostQuitMessage
WindowFromPoint
GetParent
GetWindow
PtInRect
IsWindowVisible
GetWindowLongA
EnumWindows
IsWindow
FindWindowExA
IsRectEmpty
GetCursorPos
SetWindowLongA
GetDlgItem
ShowWindow
UpdateWindow
SystemParametersInfoA
ChangeDisplaySettingsA
EnumDisplaySettingsA
SendMessageTimeoutA
GetKeyboardState
FindWindowA
GetWindowThreadProcessId
SetCursorPos
mouse_event
keybd_event
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetClassNameA
GetWindowTextA
GetDesktopWindow
GetWindowRect
ReleaseCapture
SetCapture
GetSystemMetrics
LoadImageA
VkKeyScanExA
GetDC
ReleaseDC
GetKeyboardLayout
wsprintfA
SendDlgItemMessageA
GetMenuItemCount
SetWindowTextA
GetDlgCtrlID
LoadStringA
UnregisterClassA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
LoadBitmapA
DestroyWindow
SendMessageA

gdi32

Escape
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetStockObject
GetObjectA
EnumFontFamiliesExA
AddFontResourceA
RemoveFontResourceA
GetDeviceCaps
GetPixel
CreateCompatibleBitmap
CreateDCA
GetDIBits
RealizePalette
SelectPalette
CreateBitmap
SaveDC
RestoreDC
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
DeleteObject

comdlg32

PrintDlgA
GetFileTitleA

winspool.drv

GetPrinterA
ClosePrinter
SetPrinterA
DocumentPropertiesA
OpenPrinterA
EnumPrintersA

advapi32

RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegSetKeySecurity
RegOpenKeyExA
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
AddAce
InitializeAcl
FreeSid
AllocateAndInitializeSid
RegGetKeySecurity
RegSetValueExA
RegCreateKeyExA
GetUserNameA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA

shell32

SHGetSpecialFolderPathA
SHEmptyRecycleBinA
SHChangeNotify
ShellExecuteA

comctl32

ord17

ole32

CoCreateInstance
CoCreateGuid

wininet

InternetOpenUrlA
InternetOpenA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
InternetGetConnectedState

Exports

Exports

GetNewInf

Sections

.text
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eLIB.fne
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetNewInf

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
eMMedia.fne
.dll regsvr32 windows:4 windows x86 arch:x86

213df7f2cb71a3ab004de868df9fd83c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

UuidFromStringA
UuidToStringA
RpcStringFreeA

kernel32

GetProcessVersion
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
WritePrivateProfileStringA
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
CreateThread
ExitThread
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetTimeZoneInformation
GetACP
SetUnhandledExceptionFilter
SetHandleCount
GlobalFlags
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalFree
TlsAlloc
LocalAlloc
GlobalAlloc
GetCurrentThread
SuspendThread
SetThreadPriority
GetFileTime
GetFileSize
GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
lstrcmpA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
InterlockedDecrement
GlobalLock
GlobalUnlock
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
ResumeThread
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
lstrcmpiA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
GetStdHandle

user32

LoadStringA
PtInRect
GetClassNameA
UnregisterClassA
SetCursor
PostQuitMessage
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
CharUpperA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
SetWindowTextA
DestroyMenu
LoadIconA
PostMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetSysColorBrush
LoadCursorA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
SetTimer
IsWindow
EnableWindow
LoadBitmapA
GetClientRect
FillRect

gdi32

GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
Escape
DeleteObject
CreateCompatibleDC
GetObjectA
ExtTextOutA
BitBlt
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysAllocStringLen

winmm

waveInGetPosition
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInGetNumDevs
waveInGetDevCapsA
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
midiOutGetDevCapsA
midiOutGetNumDevs
mciSendStringA
mciSendCommandA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerSetControlDetails
mixerGetControlDetailsA
mixerClose
midiOutGetErrorTextA
midiOutUnprepareHeader
midiOutOpen
midiOutClose
midiOutShortMsg

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
GetNewInf

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iext.fnr
.dll windows:4 windows x86 arch:x86

f86e54dbf86fab2a0484cdc838c093a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
ExitProcess
GetCommandLineA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GlobalFree
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
HeapAlloc
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
SetLastError
lstrcpynA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
VirtualAlloc

user32

SetFocus
MapWindowPoints
LoadIconA
SetWindowTextA
ShowWindow
CharUpperA
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
AdjustWindowRectEx
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostMessageA
PostQuitMessage
SendMessageA
GetFocus
IsWindow
DestroyIcon
LoadCursorA
GetParent
GetWindowLongA
SetWindowLongA
GetSysColor
EnableWindow
OffsetRect
GetClientRect
UpdateWindow
GetTopWindow
GetWindow
ScreenToClient
GetDlgCtrlID
IsWindowVisible
GetWindowRect
IntersectRect
IsRectEmpty
RedrawWindow
ClientToScreen
FillRect
InvalidateRect
CopyRect

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
OffsetViewportOrgEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateFontIndirectA
GetCurrentObject
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ImageList_Destroy
ImageList_SetBkColor
ImageList_GetIcon
ImageList_Read
ord17
ImageList_GetImageCount
ImageList_Duplicate

Exports

Exports

GetNewInf

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iext5.fne
.dll windows:4 windows x86 arch:x86

2cc11dbc00e8912d9e9e4d405d729709

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
GetACP
HeapSize
TerminateProcess
ExitProcess
GetCommandLineA
RaiseException
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetLastError
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
LocalFree
SetLastError
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
InterlockedExchange
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcpynA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GetTickCount
Beep
GetWindowsDirectoryA
LoadLibraryA
MulDiv
lstrcpyA
lstrcatA
lstrlenA
WinExec
LoadLibraryExA
FreeLibrary
CreateFileA
WriteFile
LCMapStringW
CloseHandle

user32

AdjustWindowRectEx
SetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
LoadIconA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
IsDialogMessageA
ShowWindow
DestroyMenu
CharUpperA
UnregisterClassA
GetSysColorBrush
GetScrollPos
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetSubMenu
GetWindowTextLengthA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
ValidateRect
PeekMessageA
GetLastActivePopup
MessageBoxA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
PostQuitMessage
SetWindowLongA
GetDlgCtrlID
GetKeyState
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetClientRect
LoadBitmapA
EnableWindow
PostMessageA
GetMenuItemCount
GetMenuItemID
GetMenuState
IsRectEmpty
GetParent
WindowFromPoint
SetWindowRgn
SetTimer
KillTimer
EqualRect
GetCursorPos
IsWindow
ScreenToClient
ClientToScreen
SetRectEmpty
GetClassInfoA
SendMessageA
GetClassNameA
InvalidateRect
SetWindowTextA
GetWindowTextA
GetIconInfo
DefWindowProcA
GetWindowLongA
GetWindowRect
LoadCursorA
GetSystemMetrics
OffsetRect
InflateRect
SetRect
SetCursor
PtInRect
SystemParametersInfoA
GetSysColor
SetWindowPos
LoadStringA
LoadImageA
DestroyCursor
CopyIcon
DestroyIcon
CopyRect
FillRect
CreateIconIndirect
GetDC
ReleaseDC
IsWindowVisible

gdi32

ExtTextOutA
SetBkColor
DPtoLP
GetClipBox
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
CombineRgn
OffsetRgn
FillRgn
SelectClipRgn
FrameRgn
GetDeviceCaps
GetTextExtentPoint32A
CreateFontIndirectA
GetTextMetricsA
CreatePen
MoveToEx
LineTo
SetTextColor
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap
StretchBlt
GetObjectA
CreateDIBSection
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA

shell32

ShellExecuteA

comctl32

ImageList_GetImageInfo
ImageList_GetIcon
ImageList_Destroy
ImageList_Read
ord17
ImageList_GetImageCount
ImageList_Duplicate

Exports

Exports

GetNewInf

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
internet.fne
.dll windows:4 windows x86 arch:x86

bb1de696285da31ebe47c3114fbd7f81

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rasapi32

RasDialA
RasHangUpA
RasEnumConnectionsA
RasEnumEntriesA
RasGetEntryDialParamsA
RasGetConnectStatusA

kernel32

TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
lstrcatA
GetVersion
GlobalFlags
WritePrivateProfileStringA
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
RaiseException
ExitProcess
TerminateProcess
GlobalHandle
GetLocalTime
GetACP
HeapSize
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree
TlsAlloc
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalUnlock
WaitForSingleObject
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
LocalAlloc
FreeLibrary
lstrcpyA
EnterCriticalSection
lstrcpynA
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
SetLastError
GetTimeZoneInformation
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetTickCount
Sleep
GetSystemTime

user32

CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
wsprintfA
GetWindowTextA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
ShowWindow
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
IsWindow
SetWindowTextA
InvalidateRect
PtInRect

gdi32

GetDeviceCaps
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
PtVisible
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

wsock32

setsockopt
socket
WSASetLastError
gethostbyname
ioctlsocket
htons
connect
send
recv
closesocket
select
gethostname
WSACleanup
WSAStartup

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
FtpFindFirstFileA
InternetFindNextFileA
FtpGetFileA
FtpPutFileA
FtpGetCurrentDirectoryA
FtpSetCurrentDirectoryA
FtpRemoveDirectoryA
FtpCreateDirectoryA
FtpRenameFileA
FtpDeleteFileA
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetOpenA

Exports

Exports

GetNewInf

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
krnln.fnr
.dll windows:4 windows x86 arch:x86

1021c4a553644f3ae1cb67958917960d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPrepareHeader
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
midiStreamRestart
waveOutUnprepareHeader

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
FormatMessageA
lstrcmpA
GetCurrentThread
SetThreadPriority
SuspendThread
CreateMutexA
ReleaseMutex
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
HeapSize
GetACP
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
GetFileTime
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
SetLastError
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
WriteFile
ReadFile
PurgeComm
WaitCommEvent
ClearCommError
GetLastError
WaitForMultipleObjects
GetOverlappedResult
GetCommModemStatus
SetEvent
GetProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetComputerNameA
EscapeCommFunction
CreateEventA
ResetEvent
OutputDebugStringA
ExpandEnvironmentStringsA
GlobalAlloc
GetTempPathA
SetFileAttributesA
GetFileAttributesA
MoveFileA
CopyFileA
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
SetLocalTime
GetCommandLineA
CreateProcessA
SetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetModuleHandleA
GlobalSize
GlobalLock
GlobalFree
lstrcatA
WinExec
lstrcpyA
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
ExitProcess
HeapAlloc
WaitForSingleObject
GetProcessHeap
FindResourceA
LoadResource
LockResource
CreateThread
DeleteFileA
RemoveDirectoryA
FindNextFileA
GetModuleFileNameA
Sleep
MulDiv
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
lstrlenW
lstrlenA
GetUserDefaultLCID
GetTickCount
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
ExitThread

user32

UnregisterClassA
LoadStringA
GetSysColorBrush
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetSystemMenu
DeleteMenu
GetClassInfoA
DefWindowProcA
GetDesktopWindow
LoadIconA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
GetMessageA
SetRectEmpty
RegisterClipboardFormatA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
SetCursor
InvertRect
ScrollDC
TrackPopupMenu
SetForegroundWindow
ValidateRect
LockWindowUpdate
MessageBeep
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
WaitForInputIdle
SetCursorPos
SetMenu
SetFocus
PeekMessageA
IsIconic
SetActiveWindow
DestroyMenu
SetWindowPos
GetActiveWindow
GetTopWindow
GetWindow
DestroyAcceleratorTable
DestroyCursor
SetWindowRgn
ScreenToClient
ChildWindowFromPointEx
WinHelpA
KillTimer
SetTimer
PostMessageA
GetScrollRange
SetScrollRange
SetScrollPos
SetParent
IsWindowVisible
GetWindowLongA
SetWindowLongA
TranslateMessage
DispatchMessageA
UpdateWindow
GetDC
ReleaseDC
EnumDisplaySettingsA
LoadImageA
MessageBoxA
LoadBitmapA
GetKeyState
DestroyIcon
IsChild
IsRectEmpty
GetFocus
IntersectRect
EqualRect
GetMenu
GetSubMenu
EnableMenuItem
AdjustWindowRect
LoadCursorA
GetCapture
ClientToScreen
wsprintfA
GetDlgCtrlID
InvalidateRect
GetClassNameA
WindowFromPoint
CharUpperA
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
IsClipboardFormatAvailable

gdi32

StartDocA
CreateRectRgnIndirect
ExtCreateRegion
SetPixel
CreateDIBSection
GetDIBits
SelectPalette
GetSystemPaletteEntries
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetClipBox
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetBkColor
GetPixel
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetROP2
GetStretchBltMode
GetPolyFillMode
StartPage
EndPage
CreateDCA
DPtoLP
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
Ellipse
RoundRect
FillRgn
GetCurrentObject
CombineRgn
CreateRectRgn
GetClipRgn
CreatePolygonRgn
SetPixelV
LPtoDP
Pie
GetViewportOrgEx
GetWindowOrgEx
PatBlt
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Chord
Arc
Polygon
EndDoc
GetTextColor
Rectangle
SelectClipRgn
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
GetWindowExtEx
GetBkMode

comdlg32

PrintDlgA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA
CommDlgExtendedError

winspool.drv

EnumFormsA
AddFormA
DeleteFormA
GetFormA
SetFormA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

ole32

OleInitialize
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
OleRun
CoCreateInstance

olepro32

ord252
ord253

oleaut32

SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
UnRegisterTypeLi
SysAllocString
VariantCopyInd
VariantInit
VariantChangeType
VariantClear
GetActiveObject
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
VarDateFromStr

ws2_32

getpeername
listen
recv
connect
ioctlsocket
recvfrom
sendto
setsockopt
socket
htonl
bind
htons
WSAAsyncSelect
closesocket
send
select
gethostbyname
inet_ntoa
inet_addr
accept
gethostbyaddr
gethostname
WSACleanup
WSAStartup

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 776KB - Virtual size: 773KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
play.exe
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 541KB - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
play.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
shell.fne
.dll windows:4 windows x86 arch:x86

5c5d113b6e7adb5168ea190de24145c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetLastError
GetCurrentProcess
GetVersionExA
SetSystemPowerState
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
VirtualAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP

user32

EnableWindow
ExitWindowsEx
SetForegroundWindow
SetActiveWindow
GetActiveWindow
IsWindow
GetForegroundWindow
IsWindowEnabled
GetParent

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shell32

SHGetMalloc
SHFileOperationA
SHGetSpecialFolderPathA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA

ole32

CoCreateInstance

Exports

Exports

GetNewInf

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shellEx.fne
.dll windows:4 windows x86 arch:x86

57d8c267f92579f0eedd02f56bfbc0c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatA
MulDiv
lstrcpyA
GetModuleHandleA

user32

UnregisterHotKey
SetWindowLongA
SetCapture
SendMessageA
ScreenToClient
RegisterHotKey
LoadBitmapA
GetSysColor
GetDC
GetCursorPos
CreateWindowExA
CallWindowProcA
wsprintfA
ReleaseCapture

shell32

DragFinish
DragQueryFileA
DragAcceptFiles

comctl32

InitCommonControls
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_Add

gdi32

CreateFontA
DeleteObject
GetDeviceCaps
TranslateCharsetInfo

Exports

Exports

GetNewInf

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
spec.fne
.dll windows:4 windows x86 arch:x86

e8f0f9711aea5ab77d2e45faf8f46dd7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetTimer
KillTimer

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
HeapFree
HeapAlloc
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
RtlUnwind
GetLastError
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

GetNewInf

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tv/cctv/CCTVPlayer.ocx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 592KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 327KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 12KB - Virtual size: 12KB

1ba6926a1ee4e4cda118768081f528d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 828B

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 166B

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 992B

.rdata Size: 1024B - Virtual size: 839B

.data Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 828B

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 166B

.text
Size: 1024B - Virtual size: 992B

.rdata
Size: 1024B - Virtual size: 839B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

CODE
Size: 13KB - Virtual size: 13KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 906B

.edata
Size: 512B - Virtual size: 89B

.reloc
Size: 1024B - Virtual size: 880B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 79KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 20KB - Virtual size: 16KB