ea58b11c906d4f4624bb8ea332acebc0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ea58b11c906d4f4624bb8ea332acebc0N.exe
Size

4.8MB
MD5

ea58b11c906d4f4624bb8ea332acebc0
SHA1

f8d72e2b53835d59e519daa7b35469f091a7e73b
SHA256

306b5c49800c94361a27b77f57da2a98f5308a33dc787ceb9d2e86925be3650b
SHA512

3c0c09c8a8c07337cd665bb5b1be5c903e18dead0167306d2112680a5ef79f38d80ffabfdf7b4569e1c9ed1d39f14f86ba711f7d4718ff22140104b2a4a9c96e
SSDEEP

98304:G9bNU6UUWfgKrnTivmX5zTVoCJDqFkO8g8BatM6mB6KF1PNgVl0DL0lH:G9bNU6UNfgiG2zTVoAfO87sM6mhLNgVd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/youkupage.exe	upx

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
ea58b11c906d4f4624bb8ea332acebc0N.exe
unpack001/$PLUGINSDIR/BgWorker.dll
unpack001/$PLUGINSDIR/GetVersion.dll
unpack001/$PLUGINSDIR/Rfshdktp.dll
unpack001/$PLUGINSDIR/SkinBtn.dll
unpack001/$PLUGINSDIR/SkinProgress.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/WebCtrl.dll
unpack001/$PLUGINSDIR/WndSubclass.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/$PLUGINSDIR/nsProcess.dll
unpack001/nplayer/avcodec-56.dll
unpack002/out.upx

Files

ea58b11c906d4f4624bb8ea332acebc0N.exe
.exe windows:5 windows x86 arch:x86

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BgWorker.dll
.dll windows:4 windows x86 arch:x86

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
CloseHandle
SetThreadPriority
CreateThread

user32

IsWindowUnicode
PostMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects

Exports

Exports

CallAndWait

Sections

.text
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/GetVersion.dll
.dll windows:4 windows x86 arch:x86

5e41893d1528e7648e03f81030aca366

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
lstrcmpiA
GetSystemInfo
GlobalAlloc
lstrcpynA
GetModuleHandleA
lstrcatA
GetVersionExA

user32

wsprintfA
GetSystemMetrics

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

WindowsName
WindowsPlatformArchitecture
WindowsPlatformId
WindowsServerName
WindowsServicePack
WindowsServicePackBuild
WindowsServicePackMajor
WindowsServicePackMinor
WindowsType
WindowsVersion

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ProgressBarfb.bmp
$PLUGINSDIR/Rfshdktp.dll
.dll windows:4 windows x86 arch:x86

042f3c184e7c0923b6325ab1dc09aed7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetSpecialFolderLocation
SHChangeNotify

Exports

Exports

refreshDesktop

Sections

.text
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinBtn.dll
.dll windows:4 windows x86 arch:x86

baf2d405231cd43dae48df474a521d01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpynA
GetModuleHandleA
GlobalFree

user32

InvalidateRect
GetParent
SetWindowLongA
CallWindowProcA
GetPropA
SendMessageA
DrawTextA
DrawStateA
LoadImageA
RemovePropA
GetWindowLongA
SetPropA

gdi32

GetObjectA
CreateCompatibleDC
DeleteObject
SelectObject
DeleteDC
SetBkMode

msimg32

TransparentBlt

comctl32

_TrackMouseEvent

Exports

Exports

Init
Set
onClick

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 947B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinProgress.dll
.dll windows:4 windows x86 arch:x86

df38729be926f91d3390389029adf53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalAlloc
GlobalFree
GetModuleHandleA

user32

GetWindowRect
BeginPaint
GetWindowDC
CallWindowProcA
ReleaseDC
EndPaint
GetWindowLongA
GetPropA
SetPropA
SetWindowLongA
RemovePropA
LoadImageA
SendMessageA

gdi32

DeleteDC
BitBlt
CreateCompatibleBitmap
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteObject

Exports

Exports

Set

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 797B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WebCtrl.dll
.dll windows:4 windows x86 arch:x86

edf01e434638f2238a21d45d26ed9a7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalAlloc
MultiByteToWideChar
GlobalFree

user32

DefWindowProcA
GetWindowLongA
GetClientRect
SetWindowLongA

ole32

OleCreate
OleSetContainedObject
OleUninitialize
OleInitialize

oleaut32

VariantInit
VariantClear
SafeArrayCreate
SafeArrayAccessData
SafeArrayDestroy
SysAllocString

Exports

Exports

ShowWebInCtrl

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WndSubclass.dll
.dll windows:4 windows x86 arch:x86

2ec59a729805f86a974bca3a2fda3a40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalAlloc
GlobalFree

user32

wsprintfA
RemovePropA
CallWindowProcA
DefWindowProcA
GetPropA
SetWindowLongA
SetPropA

Exports

Exports

C
S

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/btn_OK.bmp
$PLUGINSDIR/btn_browser.bmp
$PLUGINSDIR/btn_close.bmp
$PLUGINSDIR/btn_close1.bmp
$PLUGINSDIR/btn_close3.bmp
$PLUGINSDIR/btn_finish.bmp
$PLUGINSDIR/btn_install.bmp
$PLUGINSDIR/btn_min.bmp
$PLUGINSDIR/btn_min1.bmp
$PLUGINSDIR/btn_min3.bmp
$PLUGINSDIR/btn_success.bmp
$PLUGINSDIR/btn_whitebg_install.bmp
$PLUGINSDIR/btn_xieyi.bmp
$PLUGINSDIR/btn_zidingyi.bmp
$PLUGINSDIR/chk_selected.bmp
$PLUGINSDIR/chk_selected_bd.bmp
$PLUGINSDIR/chk_unselect.bmp
$PLUGINSDIR/chk_unselect_bd.bmp
$PLUGINSDIR/directory.bmp
$PLUGINSDIR/finish.bmp
$PLUGINSDIR/header1.bmp
$PLUGINSDIR/header2.bmp
$PLUGINSDIR/header3.bmp
$PLUGINSDIR/header_win10.bmp
$PLUGINSDIR/img_Startupruniku.bmp
$PLUGINSDIR/img_guanlian.bmp
$PLUGINSDIR/img_kuaijiefangshi.bmp
$PLUGINSDIR/img_youjiancaidan.bmp
$PLUGINSDIR/index.htm
.html .js polyglot
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

3f1149a3053980fe6b461521d2b55a2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_mbschr
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
strtoul
memset
_mbsstr
strtol

kernel32

CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrlenA
WriteFile
ReadFile
lstrcmpA
lstrcpynA
GetLastError
GlobalFree
lstrcmpiA
DeleteFileA
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize
CreateFileA

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
GetWindowTextA
IsWindow
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
IsWindowVisible
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
SendMessageA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
InternetErrorDlg
HttpOpenRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/install_protocol.htm
.html
$PLUGINSDIR/installation.bmp
$PLUGINSDIR/jsScroll.js
.js
$PLUGINSDIR/loading1.bmp
$PLUGINSDIR/loading2.bmp
$PLUGINSDIR/loading_pic1.bmp
$PLUGINSDIR/loading_pic2.bmp
$PLUGINSDIR/loading_pic3.bmp
$PLUGINSDIR/loading_pic4.bmp
$PLUGINSDIR/loading_pic5.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:5 windows x86 arch:x86

9ea5bdc8c90dfcffe309465c26c89758

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
MulDiv
lstrlenW
HeapFree
GetProcessHeap
lstrcmpiW
HeapReAlloc
lstrcpynW
GetFileAttributesW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapAlloc
GlobalFree

user32

LoadCursorW
RemovePropW
DrawFocusRect
GetPropW
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetCursor
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
GetClientRect
CharPrevW
CallWindowProcW
SetPropW
DestroyWindow
MapDialogRect
CharNextW
SendMessageW
GetWindowLongW

gdi32

SetTextColor

shell32

SHGetPathFromIDListW
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:5 windows x86 arch:x86

8700d0ebbb41c81ea52718af1ab70a93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW
MultiByteToWideChar
lstrlenA
lstrcmpiW
lstrlenW
ExitProcess
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
lstrcpynW
GetCommandLineW
Sleep
TerminateProcess
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
GetModuleHandleW
GetTickCount
GetStartupInfoW
CreatePipe
GetVersionExW
GlobalLock
DeleteFileW
lstrcatW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateFileW
CopyFileW
GetTempFileNameW
GlobalFree
GlobalAlloc
GetModuleFileNameW
GetProcAddress
PeekNamedPipe
GetCurrentProcess

user32

CharPrevW
CharNextW
SendMessageW
FindWindowExW
wsprintfW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:4 windows x86 arch:x86

c9fc7f6df8fedf8f8f1f9f820c072664

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
CloseHandle
TerminateProcess
OpenProcess
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryA
GetVersionExA
GlobalFree
lstrcpynA
GlobalAlloc

Exports

Exports

_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/tongyi.bmp
$PLUGINSDIR/welcome.bmp
$PLUGINSDIR/xieyibg.bmp
WebServe.exe
.exe windows:5 windows x86 arch:x86

544c528c966c2fd0f192c74a20170560

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

40:ef:58:6f:ba:65:9c:86:4b:6e:a6:eb:bd:11:4a:16
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

28/10/2014, 02:06

Not After

28/12/2017, 02:06

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:da:df:ef:f0:66:1b:d2:64:2a:f4:6e:cb:b2:79:40
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

95:cd:35:7f:b4:60:4b:8d:ad:0a:ae:73:1f:f8:c2:14:01:86:7e:7b
Signer

Actual PE Digest

95:cd:35:7f:b4:60:4b:8d:ad:0a:ae:73:1f:f8:c2:14:01:86:7e:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\iku_code\trunk3\tools\WinServer\Release\WebServe.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

CreateEventW
WaitForMultipleObjects
CreateIoCompletionPort
OpenProcess
LoadLibraryA
Process32FirstW
ProcessIdToSessionId
Process32NextW
WTSGetActiveConsoleSessionId
CreateToolhelp32Snapshot
GetCurrentProcess
GetModuleHandleA
QueryPerformanceCounter
GetModuleHandleW
GetTickCount
GetCurrentThreadId
GetProcessHeap
HeapAlloc
QueueUserAPC
TerminateProcess
GetCurrentProcessId
ReleaseSemaphore
OutputDebugStringA
SystemTimeToFileTime
CreateFileW
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
LocalFree
ResetEvent
ResumeThread
CreateWaitableTimerA
RemoveDirectoryW
DeleteFileW
SetLastError
VerifyVersionInfoW
TerminateThread
TlsSetValue
SleepEx
WaitForSingleObject
VerSetConditionMask
GetQueuedCompletionStatus
SetWaitableTimer
OpenMutexW
MultiByteToWideChar
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
GetModuleFileNameW
TlsFree
CloseHandle
TlsAlloc
PostQueuedCompletionStatus
GlobalMemoryStatusEx
InterlockedExchangeAdd
EnterCriticalSection
GetProcAddress
GetLastError
InterlockedExchange
LeaveCriticalSection
GetSystemTimeAsFileTime
Sleep
SetEvent
CreateEventA
InterlockedDecrement
InterlockedIncrement
TlsGetValue
OpenEventA
DeviceIoControl
FormatMessageA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSetInformation
DecodePointer
EncodePointer
AreFileApisANSI
GetFileAttributesW
HeapFree

user32

GetSystemMetrics

advapi32

ImpersonateLoggedOnUser
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
SetNamedSecurityInfoA
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
ConvertSidToStringSidW
RevertToSelf
RegQueryValueExW
DuplicateTokenEx
LookupPrivilegeValueW
LookupAccountNameW
CreateProcessAsUserW
GetTokenInformation
GetUserNameW
OpenProcessToken
ControlService
RegisterServiceCtrlHandlerW
SetServiceStatus
QueryServiceStatus
OpenServiceW
StartServiceCtrlDispatcherW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
RegCloseKey

ole32

CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

msvcp100

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?classic@locale@std@@SAABV12@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@UAE@XZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Incref@facet@locale@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
_Mbrtowc
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEDD@Z
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?_BADOFF@std@@3_JB
?id@?$numpunct@D@std@@2V0locale@2@A
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?do_length@?$codecvt@_WDH@std@@MBEHABHPBD1I@Z
??1?$codecvt@_WDH@std@@MAE@XZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?_Id_cnt@id@locale@std@@0HA
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??0_Locimp@locale@std@@AAE@ABV012@@Z
??1_Locimp@locale@std@@MAE@XZ
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??0?$codecvt@_WDH@std@@QAE@I@Z

ws2_32

listen
ioctlsocket
WSARecv
freeaddrinfo
bind
WSASocketW
getaddrinfo
ntohs
WSASend
WSACleanup
WSAStartup
closesocket
WSAGetLastError
setsockopt
shutdown
WSASetLastError

mswsock

GetAcceptExSockaddrs
AcceptEx

msvcr100

fputc
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
_gmtime64
sscanf
memmove
_unlock_file
ungetc
fgetpos
_fseeki64
memchr
fflush
fgetc
vsprintf_s
tolower
fsetpos
setvbuf
_lock_file
??_V@YAXPAX@Z
_purecall
??3@YAXPAX@Z
memcpy_s
fwrite
fclose
??2@YAPAXI@Z
_stricmp
wcsncpy_s
wprintf
??0exception@std@@QAE@XZ
??8type_info@@QBE_NABV0@@Z
sprintf
free
malloc
_time64
atoi
_beginthreadex
sprintf_s
printf
strstr
toupper
_wrename
_localtime64
_wtoi
_itow_s
__CxxFrameHandler3
memcpy
_CxxThrowException
strerror
memset
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
__winitenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_vsnprintf
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

iphlpapi

GetExtendedTcpTable
GetAdaptersInfo

wininet

InternetConnectW
HttpOpenRequestW
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
InternetOpenW

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
YoukuDesktop.exe
.exe windows:5 windows x86 arch:x86

761f14c8aecc18eedf2307f8d368d74c

Code Sign

60:bc:17:a0:63:d1:09:a9:0e:f3:61:6b:5f:10:53:3d
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:19

Not After

06/01/2018, 03:19

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:6f:04:d2:13:44:d0:37:09:e8:c1:9c:c7:ed:12:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:28

Not After

06/01/2018, 03:28

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3e:bd:5f:ef:46:78:a3:0c:69:58:a7:69:0b:ef:5d:b8:89:5f:af:da:b0:42:8a:ee:4b:d7:00:04:ce:ac:5a:56
Signer

Actual PE Digest

3e:bd:5f:ef:46:78:a3:0c:69:58:a7:69:0b:ef:5d:b8:89:5f:af:da:b0:42:8a:ee:4b:d7:00:04:ce:ac:5a:56

Digest Algorithm

sha256

PE Digest Matches

true

c2:59:e1:3a:a0:eb:6b:b0:35:f4:4f:12:92:50:05:bc:1e:2d:7d:15
Signer

Actual PE Digest

c2:59:e1:3a:a0:eb:6b:b0:35:f4:4f:12:92:50:05:bc:1e:2d:7d:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SVN\install.v3\src\ikucmc_v700\build_vs2013\bin\Publish\YoukuDesktop.pdb

Imports

user32

GetSystemMetrics
LoadStringA
SendMessageTimeoutW
PostThreadMessageW
PeekMessageW
FindWindowW
GetMessageW
ExitWindowsEx
PostMessageW
wsprintfW

psapi

GetModuleFileNameExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW

advapi32

CheckTokenMembership
GetTokenInformation
RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
CryptDestroyHash
CryptHashData
CryptCreateHash
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
CryptGetHashParam
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegSetValueA
GetUserNameA
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
SetNamedSecurityInfoA
CreateWellKnownSid

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW
SHChangeNotify
ord680
SHGetFolderPathW

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize

msvcp120

?fail@ios_base@std@@QBE_NXZ
?bad@ios_base@std@@QBE_NXZ
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?eof@ios_base@std@@QBE_NXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
_Mbrtowc
?id@?$numpunct@_W@std@@2V0locale@2@A
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??_7?$codecvt@_WDH@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7codecvt_base@std@@6B@
??_7facet@locale@std@@6B@
??_7_Facet_base@std@@6B@
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
??0_Container_base12@std@@QAE@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?do_length@?$codecvt@_WDH@std@@MBEHAAHPBD1I@Z
??1?$codecvt@_WDH@std@@MAE@XZ
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
_FInf
_FNan
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?ws@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@1@AAV21@@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
_Mtx_destroy
_Mtx_init
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setf@ios_base@std@@QAEHH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setf@ios_base@std@@QAEHHH@Z
?flags@ios_base@std@@QAEHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_BADOFF@std@@3_JB
_Nan
_Inf
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?precision@ios_base@std@@QAE_J_J@Z
?unsetf@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QBEHXZ
?exceptions@ios_base@std@@QAEXH@Z
?good@ios_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?uncaught_exception@std@@YA_NXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
??0id@locale@std@@QAE@I@Z
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?c_str@?$_Yarn@D@std@@QBEPBDXZ
?classic@locale@std@@SAABV12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?_Winerror_map@std@@YAPBDH@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

ws2_32

WSAAddressToStringW
shutdown
WSAStringToAddressW
gethostname
listen
accept
sendto
recvfrom
freeaddrinfo
getaddrinfo
WSAIoctl
ntohs
getsockname
getpeername
ioctlsocket
WSASend
WSAGetLastError
setsockopt
WSASetLastError
closesocket
WSAStartup
WSACleanup
getsockopt
htons
select
WSASocketW
WSARecv
htonl
bind
__WSAFDIsSet
inet_ntoa
inet_addr
recv
socket
gethostbyname
send
connect
ntohl

msvcr120

fgets
fputs
qsort
strtoll
wcschr
wcsncpy
_errno
isalpha
isxdigit
strtoul
__sys_nerr
_lseeki64
_fstat64
_stat64
isupper
islower
isprint
isgraph
_ftelli64
modf
_vsnprintf
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
_except1
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_wcsdup
calloc
strtol
strchr
ispunct
_wcsnicmp
_unlock
_lock
strncpy_s
_wtol
wcstod
strcpy
_set_invalid_parameter_handler
iswdigit
_vscprintf
iswspace
towlower
getenv
_strnicmp
_findfirst64i32
_wsplitpath
wcsstr
_findnext64i32
vswprintf_s
isdigit
isspace
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??0exception@std@@QAE@XZ
_stricmp
strerror
strcat_s
wcscat_s
_strdup
_vsnprintf_s
_atoi64
?terminate@@YAXXZ
strftime
wmemcpy_s
memmove_s
fopen
ferror
realloc
feof
strncmp
sprintf
fprintf
_localtime64_s
ftell
_wtoi64
_wtoi
_itow_s
wcscpy
wcscat
__RTDynamicCast
sprintf_s
_findclose
_time64
_localtime64
tolower
toupper
_wfindnext64i32
_wfindfirst64i32
_wrename
_waccess
_wrmdir
_wmkdir
_wchdir
malloc
free
srand
rand
_strtoui64
atoi
atof
abs
_wcsicmp
wcscpy_s
wcscmp
strrchr
strncpy
memcpy_s
_unlock_file
_lock_file
_wremove
_wfopen_s
_vswprintf_c_l
swprintf_s
ungetc
sscanf
setvbuf
printf
fwrite
_fseeki64
fseek
fsetpos
freopen
fread
fputc
fgetpos
fgetc
fflush
fclose
__iob_func
__CxxFrameHandler3
_CxxThrowException
isalnum
memset
vsprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
strcmp
strcpy_s
??_V@YAXPAX@Z
_beginthreadex
vsprintf_s
_wassert
wcslen
_exit
memchr
strstr
strlen
memcmp
memmove
??8type_info@@QBE_NABV0@@Z
_gmtime64
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
memcpy
_read
_write
_close
_open

iphlpapi

GetAdaptersInfo
NotifyAddrChange

oleaut32

VariantInit
SysStringLen
VariantClear
SysFreeString
SysAllocString

wininet

InternetOpenW
InternetReadFile
InternetTimeToSystemTimeA
InternetTimeFromSystemTimeA
InternetConnectW
InternetCloseHandle
InternetSetCookieA
HttpQueryInfoW
HttpQueryInfoA
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW
InternetSetFilePointer

kernel32

MapViewOfFile
SystemTimeToFileTime
GetSystemTime
SetFilePointer
WriteFile
GetFileSize
GlobalFree
GlobalAlloc
VerifyVersionInfoW
TlsSetValue
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
QueueUserAPC
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
TerminateThread
InterlockedCompareExchange
VerSetConditionMask
LoadLibraryA
OpenMutexW
CreateMutexW
ReadProcessMemory
GetCurrentProcessId
GetProcessHeap
HeapFree
HeapAlloc
SetConsoleOutputCP
SetConsoleTitleW
FreeConsole
AllocConsole
SetConsoleCtrlHandler
GetACP
SetInformationJobObject
AssignProcessToJobObject
CreateJobObjectW
MoveFileExW
CopyFileW
FindNextFileW
FindFirstFileW
FindFirstFileA
CreateFileW
GetDiskFreeSpaceExW
GetTempPathW
GetSystemDirectoryW
GetDriveTypeW
FindResourceW
OutputDebugStringW
CreateProcessW
GetModuleHandleW
GetModuleFileNameW
GetTickCount
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
DeviceIoControl
GetLogicalDrives
SizeofResource
LoadResource
Sleep
LockResource
FreeResource
WideCharToMultiByte
UnmapViewOfFile
TlsFree
CloseHandle
TlsAlloc
LocalFree
GetCurrentThreadId
CreateToolhelp32Snapshot
CreateWaitableTimerW
Process32NextW
Module32FirstW
PostQueuedCompletionStatus
CreateEventW
InterlockedExchangeAdd
Process32FirstW
EnterCriticalSection
GetProcAddress
GetLastError
InterlockedExchange
TerminateProcess
LeaveCriticalSection
GetSystemTimeAsFileTime
SetEvent
WaitForSingleObject
GetCurrentProcess
CreateEventA
LoadLibraryW
OpenProcess
SleepEx
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
SetWaitableTimer
FreeLibrary
TlsGetValue
InitializeCriticalSection
GetLocalTime
GetVersionExA
QueryPerformanceFrequency
ReleaseMutex
DeleteFileA
GetModuleHandleA
GetEnvironmentVariableW
GetThreadContext
GetFileAttributesW
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
PeekNamedPipe
GetStdHandle
GetFileType
GetThreadLocale
DuplicateHandle
CreateSemaphoreA
CreateFileMappingA
SuspendThread
ResumeThread
FormatMessageA
OpenEventA
ReleaseSemaphore
ResetEvent
CreateWaitableTimerA
GetCurrentThread
OpenFileMappingA
DeleteFileW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
GetVersionExW
IsWow64Process
lstrcatW
ReadFile
GetExitCodeProcess
GetStartupInfoW
CreatePipe
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
lstrlenA
HeapReAlloc
GetSystemInfo
CreateFileA
LCMapStringA
GetUserDefaultLCID
GetStringTypeExA
HeapDestroy
RaiseException
HeapSize
DecodePointer
GlobalMemoryStatus
VirtualQuery
FindResourceExW
OutputDebugStringA
MultiByteToWideChar
SetUnhandledExceptionFilter

shlwapi

PathCanonicalizeA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 594KB - Virtual size: 593KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
YoukuDoctor.exe
.exe windows:5 windows x86 arch:x86

75609f412e95d797a19fa905170ed31a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

40:ef:58:6f:ba:65:9c:86:4b:6e:a6:eb:bd:11:4a:16
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

28/10/2014, 02:06

Not After

28/12/2017, 02:06

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:da:df:ef:f0:66:1b:d2:64:2a:f4:6e:cb:b2:79:40
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ff:06:a7:7f:56:57:bd:d4:fb:da:df:b4:b2:ea:32:c2:ac:22:a7:96
Signer

Actual PE Digest

ff:06:a7:7f:56:57:bd:d4:fb:da:df:b4:b2:ea:32:c2:ac:22:a7:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetFullPathNameA
GetDriveTypeA
GetDateFormatA
GetTimeFormatA
HeapFree
GetProcessHeap
TlsSetValue
SetFilePointer
InterlockedCompareExchange
GetQueuedCompletionStatus
WaitForMultipleObjects
SystemTimeToFileTime
GetFileSize
TerminateThread
QueueUserAPC
VerSetConditionMask
VerifyVersionInfoW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateIoCompletionPort
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
CreateFileW
GlobalAlloc
GlobalFree
SetLastError
HeapAlloc
OpenMutexW
TerminateProcess
CreateMutexW
FileTimeToSystemTime
FileTimeToLocalFileTime
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
GetDriveTypeW
GetTickCount
GetModuleFileNameW
FindClose
Sleep
EncodePointer
DecodePointer
InitializeCriticalSection
LocalFree
FormatMessageA
GetModuleHandleA
ReleaseSemaphore
OpenEventA
ResetEvent
ResumeThread
CreateWaitableTimerA
SetEndOfFile
RemoveDirectoryW
DeleteFileW
DeviceIoControl
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileInformationByHandle
CreateDirectoryW
AreFileApisANSI
QueryPerformanceFrequency
ReleaseMutex
GlobalMemoryStatus
VirtualQuery
SetUnhandledExceptionFilter
GetCurrentThread
GetCurrentProcess
GetLocalTime
GetVersionExA
GetEnvironmentVariableW
GetThreadContext
ReadProcessMemory
GetEnvironmentVariableA
GetModuleFileNameA
GetCurrentDirectoryA
SuspendThread
OutputDebugStringA
PeekNamedPipe
ReadFile
CreatePipe
ExitProcess
GlobalLock
GlobalUnlock
FindResourceExW
ExitThread
CreateThread
GetCommandLineW
HeapSetInformation
GetStartupInfoW
SetEnvironmentVariableW
FindFirstFileExA
MoveFileW
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
HeapReAlloc
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
HeapSize
GetStdHandle
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
SetStdHandle
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
DosDateTimeToFileTime
DuplicateHandle
MulDiv
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GlobalMemoryStatusEx
ExpandEnvironmentStringsA
GetModuleHandleW
GetACP
AssignProcessToJobObject
CreateProcessW
SetInformationJobObject
CreateJobObjectW
MultiByteToWideChar
WideCharToMultiByte
TlsFree
CloseHandle
TlsAlloc
GetCurrentThreadId
CreateWaitableTimerW
PostQueuedCompletionStatus
CreateEventW
InterlockedExchangeAdd
EnterCriticalSection
GetProcAddress
GetLastError
InterlockedExchange
LeaveCriticalSection
GetSystemTimeAsFileTime
SetEvent
WaitForSingleObject
CreateEventA
LoadLibraryW
SleepEx
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
SetWaitableTimer
FreeLibrary
TlsGetValue

user32

SetCursor
IntersectRect
CharNextW
IsZoomed
SetWindowRgn
GetWindowTextLengthW
GetWindowTextW
CreateCaret
ShowCaret
HideCaret
SetCaretPos
ClientToScreen
GetSysColor
GetCaretPos
FillRect
DrawTextW
SetRect
CharPrevW
InvalidateRgn
CreateAcceleratorTableW
MoveWindow
ExitWindowsEx
CallWindowProcW
RegisterClassExW
GetClassInfoExW
RegisterClassW
LoadCursorW
SendMessageW
GetSystemMetrics
LoadImageW
MonitorFromWindow
GetMonitorInfoW
GetParent
GetWindowRect
DispatchMessageW
TranslateMessage
SetFocus
GetMessageW
EnableWindow
GetWindow
wvsprintfW
IsWindow
CreateWindowExW
DefWindowProcW
CloseClipboard
SetTimer
SetClipboardData
EmptyClipboard
OpenClipboard
KillTimer
SetWindowPos
GetClientRect
IsIconic
IsWindowVisible
SetForegroundWindow
PostQuitMessage
MessageBoxW
SetWindowTextW
GetWindowLongW
SetWindowLongW
GetPropW
AdjustWindowRectEx
GetMenu
wsprintfW
PtInRect
ReleaseCapture
SendMessageTimeoutW
FindWindowW
SetCapture
GetFocus
PostMessageW
GetKeyState
DestroyWindow
ReleaseDC
GetDC
GetCursorPos
ScreenToClient
MapWindowPoints
InvalidateRect
IsRectEmpty
UnionRect
InflateRect
ShowWindow
OffsetRect
GetUpdateRect
BeginPaint
EndPaint
SetPropW

shell32

ShellExecuteA
SHGetSpecialFolderPathW

ole32

OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoInitialize

ws2_32

getpeername
WSAIoctl
__WSAFDIsSet
recv
send
getsockname
socket
gethostbyname
connect
WSASend
htonl
WSAGetLastError
setsockopt
WSASetLastError
closesocket
getaddrinfo
WSARecv
select
htons
ntohs
bind
freeaddrinfo
getsockopt
listen
accept
WSAStringToAddressA
ntohl
WSAStartup
WSACleanup
WSAAddressToStringA
recvfrom
WSASocketW
sendto
gethostname
ioctlsocket
inet_ntoa

iphlpapi

GetNetworkParams
GetAdaptersInfo
NotifyAddrChange

wininet

HttpQueryInfoA
InternetTimeToSystemTimeA
InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetOpenA

comctl32

_TrackMouseEvent
ord17

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA

advapi32

RegOpenKeyExA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetNamedSecurityInfoA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
GetUserNameA
RegQueryValueExA
CryptGetHashParam

gdi32

GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
GdiFlush
ExtTextOutW
GetObjectW
SetBkColor
SetStretchBltMode
StretchBlt
CreateDIBSection
CombineRgn
ExtSelectClipRgn
RoundRect
GetClipBox
SelectClipRgn
GetDeviceCaps
CreateSolidBrush
RectVisible
StretchDIBits
CreateBitmap
LineTo
MoveToEx
CreateRectRgnIndirect
SetTextColor
SetBkMode
CreateRoundRectRgn
GetTextMetricsW
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
CreatePen
CreateFontIndirectW
GetStockObject
CreatePenIndirect

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

shlwapi

PathRemoveFileSpecW
PathAppendW
PathCombineW

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

Exports

Exports

??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboBoxUI@DuiLib@@QAE@ABV01@@Z
??0CComboBoxUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@_W@Z
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListBodyUI@DuiLib@@QAE@ABV01@@Z
??0CListBodyUI@DuiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkup@DuiLib@@QAE@PB_W@Z
??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@DuiLib@@AAE@XZ
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CPoint@DuiLib@@QAE@HH@Z
??0CPoint@DuiLib@@QAE@J@Z
??0CPoint@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CSize@DuiLib@@QAE@HH@Z
??0CSize@DuiLib@@QAE@UtagRECT@@@Z
??0CSize@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CStdPtrArray@DuiLib@@QAE@ABV01@@Z
??0CStdPtrArray@DuiLib@@QAE@H@Z
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??0CStdValArray@DuiLib@@QAE@HH@Z
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??1CActiveXUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboBoxUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListBodyUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMarkup@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CStdPtrArray@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??1CStdValArray@DuiLib@@QAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CDuiString@DuiLib@@QAEABV01@_W@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??8DuiLib@@YA_NABVCDuiString@0@0@Z
??8DuiLib@@YA_NABVCDuiString@0@PB_W@Z
??8DuiLib@@YA_NPB_WABVCDuiString@0@@Z
??9CDuiString@DuiLib@@QBE_NPB_W@Z
??ACDuiString@DuiLib@@QBE_WH@Z
??ACStdPtrArray@DuiLib@@QBEPAXH@Z
??ACStdStringPtrMap@DuiLib@@QBEPB_WH@Z
??ACStdValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPB_WXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z
??MCDuiString@DuiLib@@QBE_NPB_W@Z
??NCDuiString@DuiLib@@QBE_NPB_W@Z
??OCDuiString@DuiLib@@QBE_NPB_W@Z
??PCDuiString@DuiLib@@QBE_NPB_W@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCDuiString@DuiLib@@QAEABV01@_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboBoxUI@DuiLib@@6B@
??_7CComboBoxUI@DuiLib@@6BCControlUI@1@@
??_7CComboBoxUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CEditUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CLabelUI@DuiLib@@6B@
??_7CListBodyUI@DuiLib@@6BCControlUI@1@@
??_7CListBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_B?1??get_instance@?$singleton@VCDoctorTaskImp@doctor@@@serialization@boost@@CAAAVCDoctorTaskImp@doctor@@XZ@51
??_FCMarkup@DuiLib@@QAEXXZ
??_FCStdPtrArray@DuiLib@@QAEXXZ
??_FCStdStringPtrMap@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CStdPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CStdValArray@DuiLib@@QAE_NPBX@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@0@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z
?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPB_W0@Z
?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@PB_WH_N11@Z
?AddFontAt@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@HPB_WH_N11@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_W0K@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PB_WPAUHBITMAP__@@HH_N@Z
?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPB_WPAVCControlUI@2@@Z
?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddRef@CWebBrowserUI@DuiLib@@UAGKXZ
?AddTranslateAccelerator@CPaintManagerUI@DuiLib@@QAE_NPAVITranslateAccelerator@2@@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?AdjustColor@CRenderEngine@DuiLib@@SAKKFFF@Z
?Append@CDuiString@DuiLib@@QAEXPB_W@Z
?AppendText@CRichEditUI@DuiLib@@QAEHPB_W_N@Z
?ApplyAttributeList@CControlUI@DuiLib@@QAEPAV12@PB_W@Z
?Assign@CDuiString@DuiLib@@QAEXPB_WH@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?BeforeNavigate2@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@1111AAPAF@Z
?CalLocation@CTreeNodeUI@DuiLib@@AAEPAV12@PAV12@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CharFromPos@CRichEditUI@DuiLib@@QBEHVCPoint@2@@Z
?CheckBoxSelected@CTreeNodeUI@DuiLib@@QAEX_N@Z
?Clear@CRichEditUI@DuiLib@@QAEXXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?CommandStateChange@CWebBrowserUI@DuiLib@@IAEXJF@Z
?Compare@CDuiString@DuiLib@@QBEHPB_W@Z
?CompareNoCase@CDuiString@DuiLib@@QBEHPB_W@Z
?Copy@CRichEditUI@DuiLib@@QAEXXZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@PAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKUtagRECT@@PAUHMENU__@@@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NPB_W@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NU_GUID@@@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?CreateDuiWindow@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKK@Z
?Cut@CRichEditUI@DuiLib@@QAEXXZ
?DUI__Trace@DuiLib@@YAXPB_WZZ
?DUI__TraceMsg@DuiLib@@YAPB_WI@Z
?Deflate@CDuiRect@DuiLib@@QAEXHH@Z
?DoCreateControl@CActiveXUI@DuiLib@@MAE_NXZ
?DoCreateControl@CWebBrowserUI@DuiLib@@UAE_NXZ
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CComboUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CDateTimeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListBodyUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListContainerElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListHeaderItemUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListLabelElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListTextElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CRichEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CScrollBarUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CSliderUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTreeNodeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CComboUI@DuiLib@@UAEXXZ
?DoInit@CControlUI@DuiLib@@UAEXXZ
?DoInit@CRichEditUI@DuiLib@@UAEXXZ
?DoPaint@CActiveXUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CComboUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CRichEditUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CScrollBarUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?Download@CWebBrowserUI@DuiLib@@UAGJPAUIMoniker@@PAUIBindCtx@@KJPAU_tagBINDINFO@@PB_W3I@Z
?DrawColor@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@K@Z
?DrawGradient@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@KK_NH@Z
?DrawHtmlText@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PB_WKPAU5@PAVCDuiString@2@AAHI@Z
?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@PB_W1@Z
?DrawImage@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAUHBITMAP__@@ABUtagRECT@@222_NE333@Z
?DrawImageString@CRenderEngine@DuiLib@@SA_NPAUHDC__@@PAVCPaintManagerUI@2@ABUtagRECT@@2PB_W3@Z
?DrawItemBk@CListContainerElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemBk@CListElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListTextElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawLine@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HKH@Z
?DrawRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HK@Z
?DrawRoundRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HHHK@Z
?DrawTextW@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PB_WKHI@Z
?Empty@CDuiRect@DuiLib@@QAEXXZ
?Empty@CDuiString@DuiLib@@QAEXXZ
?Empty@CStdPtrArray@DuiLib@@QAEXXZ
?Empty@CStdValArray@DuiLib@@QAEXXZ
?EmptyUndoBuffer@CRichEditUI@DuiLib@@QAEXXZ
?EnableModeless@CWebBrowserUI@DuiLib@@UAGJH@Z
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EnableScrollBar@CListUI@DuiLib@@UAEX_N0@Z
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CListUI@DuiLib@@UAEXXZ
?EndDown@CRichEditUI@DuiLib@@UAEXXZ
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?EndRight@CListUI@DuiLib@@UAEXXZ
?EndRight@CRichEditUI@DuiLib@@UAEXXZ
?EnsureVisible@CListUI@DuiLib@@QAEXH@Z
?Equals@CDelegateBase@DuiLib@@QBE_NABV12@@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CComboUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CEditUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListHeaderItemUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListHeaderUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListLabelElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListTextElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@COptionUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CRichEditUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CTextUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Exec@CWebBrowserUI@DuiLib@@UAGJPBU_GUID@@KKPAUtagVARIANT@@1@Z
?Expand@CListContainerElementUI@DuiLib@@UAE_N_N@Z
?Expand@CListElementUI@DuiLib@@UAE_N_N@Z
?ExpandItem@CListUI@DuiLib@@UAE_NH_N@Z
?FilterDataObject@CWebBrowserUI@DuiLib@@UAGJPAUIDataObject@@PAPAU3@@Z
?Find@CDuiString@DuiLib@@QBEHPB_WH@Z
?Find@CDuiString@DuiLib@@QBEH_WH@Z
?Find@CStdPtrArray@DuiLib@@QBEHPAX@Z
?Find@CStdStringPtrMap@DuiLib@@QBEPAXPB_W_N@Z
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?FindFont@CPaintManagerUI@DuiLib@@QAE_NPAUHFONT__@@@Z
?FindFont@CPaintManagerUI@DuiLib@@QAE_NPB_WH_N11@Z
?FindId@CWebBrowserUI@DuiLib@@SAJPAUIDispatch@@PA_W@Z
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z
?FindSubControlByClass@CPaintManagerUI@DuiLib@@QAEPAVCControlUI@2@PAV32@PB_WH@Z
?FindSubControlByName@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@PB_W@Z
?FindSubControlByPoint@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@UtagPOINT@@@Z
?FindSubControlsByClass@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PAVCControlUI@2@PB_W@Z
?Format@CDuiString@DuiLib@@QAAHPB_WZZ
?FreeImage@CRenderEngine@DuiLib@@SAXPBUtagTImageInfo@2@@Z
?GenerateBitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAVCPaintManagerUI@2@PAVCControlUI@2@UtagRECT@@@Z
?GenerateClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@AAV12@@Z
?GenerateRoundClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@1HHAAV12@@Z
?GetAdjustColor@CControlUI@DuiLib@@QAEKK@Z
?GetAt@CDuiString@DuiLib@@QBE_WH@Z
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?GetAt@CStdStringPtrMap@DuiLib@@QBEPB_WH@Z
?GetAt@CStdValArray@DuiLib@@QBEPAXH@Z
?GetAttributeCount@CMarkupNode@DuiLib@@QAEHXZ
?GetAttributeName@CMarkupNode@DuiLib@@QAEPB_WH@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAEPB_WH@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAEPB_WPB_W@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAE_NHPA_WK@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAE_NPB_WPA_WK@Z
?GetAutoURLDetect@CRichEditUI@DuiLib@@QBE_NXZ
?GetBkColor2@CControlUI@DuiLib@@QBEKXZ
?GetBkColor3@CControlUI@DuiLib@@QBEKXZ
?GetBkColor@CControlUI@DuiLib@@QBEKXZ
?GetBkDisabledImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetBkHotImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetBkImage@CControlUI@DuiLib@@QAEPB_WXZ
?GetBkNormalImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetBkPushedImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetBorderColor@CControlUI@DuiLib@@QBEKXZ
?GetBorderRound@CControlUI@DuiLib@@QBE?AUtagSIZE@@XZ
?GetBorderSize@CControlUI@DuiLib@@QBEHXZ
?GetBorderStyle@CControlUI@DuiLib@@QBEHXZ
?GetBottomBorderSize@CControlUI@DuiLib@@QBEHXZ
?GetButton1DisabledImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton1HotImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton1NormalImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton1PushedImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton2DisabledImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton2HotImage@CScrollBarUI@DuiLib@@QAEPB_WXZ
?GetButton2NormalImage@CScrollBarUI@DuiLib@@QAEPB_WXZ

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iku_startpic.exe
.exe windows:5 windows x86 arch:x86

465d5960baf3b84b8eb0c70eb29cde9f

Code Sign

60:bc:17:a0:63:d1:09:a9:0e:f3:61:6b:5f:10:53:3d
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:19

Not After

06/01/2018, 03:19

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:6f:04:d2:13:44:d0:37:09:e8:c1:9c:c7:ed:12:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:28

Not After

06/01/2018, 03:28

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7a:a3:16:8a:2b:f9:6a:57:1f:66:78:10:4a:e6:b0:7c:f7:50:58:e1:48:bf:74:15:a3:c7:f2:6a:90:66:01:5f
Signer

Actual PE Digest

7a:a3:16:8a:2b:f9:6a:57:1f:66:78:10:4a:e6:b0:7c:f7:50:58:e1:48:bf:74:15:a3:c7:f2:6a:90:66:01:5f

Digest Algorithm

sha256

PE Digest Matches

true

44:6d:09:2c:13:e4:8e:db:34:8e:04:bf:3c:e0:f1:51:db:16:6f:0e
Signer

Actual PE Digest

44:6d:09:2c:13:e4:8e:db:34:8e:04:bf:3c:e0:f1:51:db:16:6f:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

qt5core

?setObjectName@QObject@@QAEXABVQString@@@Z
?objectName@QObject@@QBE?AVQString@@XZ
?killTimer@QObject@@QAEXH@Z
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PBV1@PAPAX01PAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PBHPBU3@@Z
?translate@QCoreApplication@@SA?AVQString@@PBD00H@Z
?quit@QCoreApplication@@SAXXZ
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
??1QString@@QAE@XZ
??0QString@@QAE@XZ
??1Connection@QMetaObject@@QAE@XZ
?startTimer@QObject@@QAEHHW4TimerType@Qt@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
??1QByteArray@@QAE@XZ
?remove@QByteArray@@QAEAAV1@HH@Z
??BQByteRef@@QBEDXZ
?append@QString@@QAEAAV1@ABV1@@Z
?fromUtf8@QString@@SA?AV1@ABVQByteArray@@@Z
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
?close@QFileDevice@@UAEXXZ
??0QFile@@QAE@ABVQString@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?qRegisterResourceData@@YA_NHPBE00@Z
?qUnregisterResourceData@@YA_NHPBE00@Z
?connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z

qt5gui

??1QPixmap@@UAE@XZ
??1QCursor@@QAE@XZ
??0QPainter@@QAE@PAVQPaintDevice@@@Z
??1QPainter@@QAE@XZ
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?drawPixmap@QPainter@@QAEXABVQRectF@@ABVQPixmap@@0@Z
??0QMovie@@QAE@PAVQObject@@@Z
??1QMovie@@UAE@XZ
?setFileName@QMovie@@QAEXABVQString@@@Z
?start@QMovie@@QAEXXZ
?devType@QPixmap@@UBEHXZ
?initPainter@QPaintDevice@@MBEXPAVQPainter@@@Z
?metaObject@QMovie@@UBEPBUQMetaObject@@XZ
?metric@QPixmap@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z
?paintEngine@QPixmap@@UBEPAVQPaintEngine@@XZ
?qt_metacall@QMovie@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMovie@@UAEPAXPBD@Z
?redirected@QPaintDevice@@MBEPAV1@PAVQPoint@@@Z
?sharedPainter@QPaintDevice@@MBEPAVQPainter@@XZ
??0QCursor@@QAE@W4CursorShape@Qt@@@Z

qt5widgets

?mousePressEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?minimumSizeHint@QWidget@@UBE?AVQSize@@XZ
?minimumSizeHint@QPushButton@@UBE?AVQSize@@XZ
?minimumSizeHint@QLabel@@UBE?AVQSize@@XZ
?metric@QWidget@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z
?metaObject@QWidget@@UBEPBUQMetaObject@@XZ
?metaObject@QPushButton@@UBEPBUQMetaObject@@XZ
?metaObject@QLabel@@UBEPBUQMetaObject@@XZ
?leaveEvent@QWidget@@MAEXPAVQEvent@@@Z
?keyReleaseEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?keyReleaseEvent@QAbstractButton@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QPushButton@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QLabel@@MAEXPAVQKeyEvent@@@Z
?inputMethodQuery@QWidget@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QWidget@@MAEXPAVQInputMethodEvent@@@Z
?initPainter@QWidget@@MBEXPAVQPainter@@@Z
?hitButton@QAbstractButton@@MBE_NABVQPoint@@@Z
?hideEvent@QWidget@@MAEXPAVQHideEvent@@@Z
?heightForWidth@QWidget@@UBEHH@Z
?heightForWidth@QLabel@@UBEHH@Z
?hasHeightForWidth@QWidget@@UBE_NXZ
?focusOutEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?focusOutEvent@QPushButton@@MAEXPAVQFocusEvent@@@Z
?focusOutEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?focusNextPrevChild@QWidget@@MAE_N_N@Z
?focusNextPrevChild@QLabel@@MAE_N_N@Z
?focusInEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QPushButton@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?event@QPushButton@@MAE_NPAVQEvent@@@Z
?event@QLabel@@MAE_NPAVQEvent@@@Z
?enterEvent@QWidget@@MAEXPAVQEvent@@@Z
?dropEvent@QWidget@@MAEXPAVQDropEvent@@@Z
?dragMoveEvent@QWidget@@MAEXPAVQDragMoveEvent@@@Z
?dragLeaveEvent@QWidget@@MAEXPAVQDragLeaveEvent@@@Z
?dragEnterEvent@QWidget@@MAEXPAVQDragEnterEvent@@@Z
?devType@QWidget@@UBEHXZ
?createPopupMenu@QMainWindow@@UAEPAVQMenu@@XZ
?contextMenuEvent@QWidget@@MAEXPAVQContextMenuEvent@@@Z
?contextMenuEvent@QMainWindow@@MAEXPAVQContextMenuEvent@@@Z
?contextMenuEvent@QLabel@@MAEXPAVQContextMenuEvent@@@Z
?closeEvent@QWidget@@MAEXPAVQCloseEvent@@@Z
?mouseReleaseEvent@QAbstractButton@@MAEXPAVQMouseEvent@@@Z
?changeEvent@QWidget@@MAEXPAVQEvent@@@Z
?changeEvent@QLabel@@MAEXPAVQEvent@@@Z
?changeEvent@QAbstractButton@@MAEXPAVQEvent@@@Z
?actionEvent@QWidget@@MAEXPAVQActionEvent@@@Z
??1QPushButton@@UAE@XZ
??0QPushButton@@QAE@PAVQWidget@@@Z
?clicked@QAbstractButton@@QAEX_N@Z
?setText@QAbstractButton@@QAEXABVQString@@@Z
?setMovie@QLabel@@QAEXPAVQMovie@@@Z
?setText@QLabel@@QAEXABVQString@@@Z
??1QLabel@@UAE@XZ
??0QLabel@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?setCentralWidget@QMainWindow@@QAEXPAVQWidget@@@Z
??1QMainWindow@@UAE@XZ
??0QMainWindow@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
?mouseReleaseEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?event@QWidget@@MAE_NPAVQEvent@@@Z
?setAttribute@QWidget@@QAEXW4WidgetAttribute@Qt@@_N@Z
?setWindowFlags@QWidget@@QAEXV?$QFlags@W4WindowType@Qt@@@@@Z
?setGeometry@QWidget@@QAEXABVQRect@@@Z
?resize@QWidget@@QAEXABVQSize@@@Z
?raise@QWidget@@QAEXXZ
?close@QWidget@@QAE_NXZ
?setWindowTitle@QWidget@@QAEXABVQString@@@Z
?setCursor@QWidget@@QAEXABVQCursor@@@Z
?setFixedHeight@QWidget@@QAEXH@Z
?setFixedWidth@QWidget@@QAEXH@Z
?rect@QWidget@@QBE?AVQRect@@XZ
?winId@QWidget@@QBEIXZ
??1QWidget@@UAE@XZ
??0QWidget@@QAE@PAV0@V?$QFlags@W4WindowType@Qt@@@@@Z
?mouseReleaseEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?moveEvent@QWidget@@MAEXPAVQMoveEvent@@@Z
?nativeEvent@QWidget@@MAE_NABVQByteArray@@PAXPAJ@Z
?nextCheckState@QAbstractButton@@MAEXXZ
?paintEngine@QWidget@@UBEPAVQPaintEngine@@XZ
?paintEvent@QLabel@@MAEXPAVQPaintEvent@@@Z
?paintEvent@QPushButton@@MAEXPAVQPaintEvent@@@Z
?paintEvent@QWidget@@MAEXPAVQPaintEvent@@@Z
?qt_metacall@QLabel@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@QPushButton@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacall@QWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QLabel@@UAEPAXPBD@Z
?qt_metacast@QPushButton@@UAEPAXPBD@Z
?qt_metacast@QWidget@@UAEPAXPBD@Z
?redirected@QWidget@@MBEPAVQPaintDevice@@PAVQPoint@@@Z
?staticMetaObject@QMainWindow@@2UQMetaObject@@B
?qt_metacall@QMainWindow@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QMainWindow@@UAEPAXPBD@Z
?screenGeometry@QDesktopWidget@@QBE?BVQRect@@H@Z
?setStyleSheet@QApplication@@QAEXABVQString@@@Z
?exec@QApplication@@SAHXZ
?desktop@QApplication@@SAPAVQDesktopWidget@@XZ
??1QApplication@@UAE@XZ
??0QApplication@@QAE@AAHPAPADH@Z
?move@QWidget@@QAEXABVQPoint@@@Z
?show@QWidget@@QAEXXZ
?staticMetaObject@QAbstractButton@@2UQMetaObject@@B
?wheelEvent@QWidget@@MAEXPAVQWheelEvent@@@Z
?timerEvent@QAbstractButton@@MAEXPAVQTimerEvent@@@Z
?tabletEvent@QWidget@@MAEXPAVQTabletEvent@@@Z
?sizeHint@QWidget@@UBE?AVQSize@@XZ
?resizeEvent@QWidget@@MAEXPAVQResizeEvent@@@Z
?setVisible@QWidget@@UAEX_N@Z
?sharedPainter@QWidget@@MBEPAVQPainter@@XZ
?showEvent@QWidget@@MAEXPAVQShowEvent@@@Z
?sizeHint@QPushButton@@UBE?AVQSize@@XZ
?sizeHint@QLabel@@UBE?AVQSize@@XZ
?checkStateSet@QAbstractButton@@MAEXXZ

kernel32

SetEndOfFile
RemoveDirectoryW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FormatMessageA
CreateWaitableTimerA
ResumeThread
DeleteFileW
SetFilePointerEx
LocalFree
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
SetWaitableTimer
TlsSetValue
WaitForMultipleObjects
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
QueueUserAPC
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
TerminateThread
InterlockedCompareExchange
DuplicateHandle
ReleaseSemaphore
CreateSemaphoreA
GetSystemTimeAsFileTime
OutputDebugStringA
SystemTimeToFileTime
GetSystemTime
SetFilePointer
WriteFile
GetFileSize
GlobalFree
GlobalAlloc
VerifyVersionInfoW
GetModuleHandleA
VerSetConditionMask
SetConsoleOutputCP
SetConsoleTitleW
FreeConsole
SetConsoleCtrlHandler
GetACP
SetInformationJobObject
AssignProcessToJobObject
CreateJobObjectW
QueryPerformanceCounter
MoveFileExW
CopyFileW
FindNextFileW
FindFirstFileW
FindFirstFileA
CreateFileW
GetDiskFreeSpaceExW
GetTempPathW
GetSystemDirectoryW
GetDriveTypeW
FindResourceW
OutputDebugStringW
CreateProcessW
GetModuleHandleW
GetModuleFileNameW
GetTickCount
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
DeviceIoControl
SizeofResource
LoadResource
Sleep
GetCurrentThreadId
LockResource
FreeResource
WideCharToMultiByte
MultiByteToWideChar
TlsGetValue
HeapFree
HeapAlloc
GetProcessHeap
ResetEvent
GetCurrentProcessId
WaitForSingleObject
OpenEventA
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
LoadLibraryW
TlsFree
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetLastError
GetCurrentProcess
GetProcAddress
FreeLibrary
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
SetEvent
CloseHandle
CreateEventA
AreFileApisANSI
EncodePointer
DecodePointer
IsDebuggerPresent
GetLogicalDrives
IsProcessorFeaturePresent
lstrlenA
GetCommandLineW
AllocConsole

user32

wsprintfW
PostMessageW
ExitWindowsEx
SetWindowPos

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
SetNamedSecurityInfoA
CheckTokenMembership
CreateWellKnownSid
GetTokenInformation
RegSetValueExW

shell32

CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
ord680
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

oleaut32

VariantClear
SysFreeString
SysAllocString

msvcp120

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Nan
_Inf
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setf@ios_base@std@@QAEHHH@Z
?flags@ios_base@std@@QAEHH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
_Getcvt
??0_Locinfo@std@@QAE@PBD@Z
??1_Locinfo@std@@QAE@XZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
??Bid@locale@std@@QAEIXZ
??0facet@locale@std@@IAE@I@Z
??1facet@locale@std@@MAE@XZ
?classic@locale@std@@SAABV12@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??_7_Facet_base@std@@6B@
??_7facet@locale@std@@6B@
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?_Xout_of_range@std@@YAXPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
??0id@locale@std@@QAE@I@Z
??Bios_base@std@@QBE_NXZ
?exceptions@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QBEHXZ
?unsetf@ios_base@std@@QAEXH@Z
?precision@ios_base@std@@QAE_J_J@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??_7codecvt_base@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ

ws2_32

WSACleanup
WSAStartup

msvcr120

??2@YAPAXI@Z
??3@YAXPAX@Z
memchr
memmove
??_V@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
localeconv
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
isdigit
isspace
tolower
sprintf_s
??0exception@std@@QAE@XZ
??8type_info@@QBE_NABV0@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
_localtime64
_wcsnicmp
_time64
memcpy_s
fclose
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
sprintf
_lock_file
_unlock_file
memcmp
strlen
wcslen
isalnum
__iob_func
fread
freopen
fseek
printf
sscanf
vsprintf_s
swprintf_s
_vswprintf_c_l
_wfopen_s
_wremove
strcmp
strncpy
strrchr
strstr
wcscmp
wcscpy_s
_wcsicmp
abs
atof
atoi
_strtoui64
rand
srand
free
malloc
_wchdir
_wmkdir
_wrmdir
_waccess
_wrename
_wfindfirst64i32
_wfindnext64i32
toupper
_findclose
wcscat
wcscpy
_itow_s
_wtoi
_wtoi64
_gmtime64
_beginthreadex
strerror
_stricmp
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except1
_vsnprintf
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_strdup
_purecall

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
InternetOpenW
InternetTimeToSystemTimeA
InternetConnectW
InternetSetCookieA
HttpQueryInfoW
InternetReadFile
InternetSetFilePointer
InternetSetOptionW
HttpOpenRequestW
HttpSendRequestW
HttpQueryInfoA
InternetTimeFromSystemTimeA

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
netmonitor.dll
.dll windows:5 windows x86 arch:x86

ec81070214376ebc07c88c1edefebb23

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

40:ef:58:6f:ba:65:9c:86:4b:6e:a6:eb:bd:11:4a:16
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

28/10/2014, 02:06

Not After

28/12/2017, 02:06

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

6b:da:df:ef:f0:66:1b:d2:64:2a:f4:6e:cb:b2:79:40
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8c:0e:de:d5:31:12:08:6c:32:94:b6:b1:bf:b6:5f:bb:02:02:bc:33
Signer

Actual PE Digest

8c:0e:de:d5:31:12:08:6c:32:94:b6:b1:bf:b6:5f:bb:02:02:bc:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\iku\ikucmc\trunk3\tools\netmonitorserver\Release\netmonitor.pdb

Imports

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

ws2_32

WSAStartup
WSACleanup

packet

PacketAllocatePacket
PacketSetReadTimeout
PacketSetBuff
PacketSetHwFilter
PacketOpenAdapter
PacketGetAdapterNames
PacketInitPacket
PacketGetStats
PacketFreePacket
PacketCloseAdapter
PacketReceivePacket

kernel32

CreateEventA
CloseHandle
SetEvent
HeapAlloc
GetProcessHeap
HeapFree
LoadLibraryW
GetProcAddress
Sleep
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
GetLastError
LoadLibraryA
ProcessIdToSessionId
WideCharToMultiByte
CreateWaitableTimerA
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
WaitForSingleObject
InterlockedExchange
GetModuleHandleA
TlsAlloc
TlsFree
SetWaitableTimer
WaitForMultipleObjects
LocalFree
FormatMessageA
EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
GetCurrentThreadId
ReleaseSemaphore
TlsGetValue
SystemTimeToFileTime
ResumeThread
TlsSetValue
ResetEvent
OpenEventA
GetCurrentProcessId

advapi32

DuplicateTokenEx
LookupPrivilegeValueW
CreateProcessAsUserW
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_gmtime64
_except_handler4_common
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
memmove
??_V@YAXPAX@Z
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
_time64
isprint
_stricmp
memcpy
memset
__CxxFrameHandler3
_CxxThrowException
_beginthreadex
strerror
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nplayer/YoukuNplayer.exe
.exe windows:5 windows x86 arch:x86

73f9244e1046bb5ce8b39b6f1c4d0446

Code Sign

60:bc:17:a0:63:d1:09:a9:0e:f3:61:6b:5f:10:53:3d
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:19

Not After

06/01/2018, 03:19

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:6f:04:d2:13:44:d0:37:09:e8:c1:9c:c7:ed:12:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:28

Not After

06/01/2018, 03:28

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7d:b4:bf:3c:7f:0a:12:bd:48:4f:58:9d:7d:b3:f9:5c:39:51:00:7d:27:73:b8:a8:8b:3a:eb:9e:81:20:67:8e
Signer

Actual PE Digest

7d:b4:bf:3c:7f:0a:12:bd:48:4f:58:9d:7d:b3:f9:5c:39:51:00:7d:27:73:b8:a8:8b:3a:eb:9e:81:20:67:8e

Digest Algorithm

sha256

PE Digest Matches

true

86:63:c3:a6:68:6e:77:41:95:85:16:7a:46:21:bb:09:76:17:82:45
Signer

Actual PE Digest

86:63:c3:a6:68:6e:77:41:95:85:16:7a:46:21:bb:09:76:17:82:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SVN\install.v3\src\nplayer_branch20160405\ykplayer\build_using_vs2010\bin\Publish\YoukuNplayer.pdb

Imports

avfilter-5

av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_params_alloc
av_buffersrc_add_frame
av_buffersrc_add_frame_flags
av_buffersrc_add_ref
avfilter_get_by_name
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse2
avfilter_graph_parse_ptr
avfilter_graph_request_oldest
avfilter_init_str
avfilter_inout_alloc
avfilter_inout_free
avfilter_link
avfilter_pad_get_type
avfilter_register_all

avformat-56

av_dump_format
av_find_best_stream
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_interleaved_write_frame
av_read_frame
av_read_pause
av_read_play
av_register_all
av_seek_frame
av_stream_get_r_frame_rate
av_write_trailer
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_find_stream_info
avformat_free_context
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_write_header
avio_alloc_context
avio_close
avio_open2
url_feof

avcodec-56

av_codec_get_max_lowres
av_codec_set_lowres
av_copy_packet
av_free_packet
av_init_packet
avcodec_alloc_context3
avcodec_close
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_encode_video2
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_flush_buffers
avcodec_get_frame_defaults
avcodec_open2
avcodec_register_all
avsubtitle_free

swscale-3

sws_freeContext
sws_getCachedContext
sws_getContext
sws_scale

swresample-1

swr_alloc_set_opts
swr_convert
swr_free
swr_init
swr_set_compensation

avutil-54

av_dict_free
av_dict_get
av_dict_set
av_fast_malloc
av_frame_alloc
av_frame_clone
av_frame_free
av_frame_get_best_effort_timestamp
av_frame_get_buffer
av_frame_get_channels
av_frame_get_pkt_pos
av_frame_ref
av_frame_unref
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_default_channel_layout
av_get_packed_sample_fmt
av_get_pix_fmt_name
av_get_sample_fmt_name
av_image_alloc
av_image_copy
av_log
av_log_set_callback
av_malloc
av_opt_set_int
av_pix_fmt_get_chroma_sub_sample
av_rescale_q
av_samples_get_buffer_size
av_strdup
av_strlcatf

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

RtlUnwind
HeapReAlloc
GetDateFormatA
GetTimeFormatA
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateThread
ExitThread
FindFirstFileExA
GetDriveTypeA
lstrlenA
AreFileApisANSI
CreateDirectoryW
SetFileAttributesW
SetFileTime
GetFileTime
MoveFileW
FlushFileBuffers
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryExW
GetFullPathNameW
DeleteFileW
RemoveDirectoryW
CreateFileA
CreateWaitableTimerA
GetSystemInfo
FindFirstFileExW
LCMapStringA
GetStringTypeExW
GetStringTypeExA
GetUserDefaultLCID
FormatMessageA
DecodePointer
EncodePointer
GetStringTypeW
SetEnvironmentVariableW
GetFileAttributesExW
GetCPInfo
SetStdHandle
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoW
IsProcessorFeaturePresent
HeapSize
ExitProcess
HeapCreate
HeapDestroy
GetFullPathNameA
PeekNamedPipe
GetSystemTime
SetFilePointer
SystemTimeToFileTime
GetFileSize
GlobalFree
GetLogicalDrives
GetDriveTypeW
GetDiskFreeSpaceExW
FatalAppExitA
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
InterlockedPushEntrySList
VirtualFree
VirtualAlloc
InterlockedPopEntrySList
GetConsoleCP
GetConsoleMode
LCMapStringW
SetHandleCount
GetFileInformationByHandle
FreeLibrary
LoadLibraryA
GetProcAddress
Sleep
CreateEventW
WaitForSingleObject
CloseHandle
GetCurrentProcessId
CreateEventA
SetEvent
ReleaseSemaphore
DuplicateHandle
GetCurrentProcess
CreateSemaphoreA
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
LoadLibraryW
CreateFileW
GetModuleFileNameW
GetCurrentThreadId
GetCurrentThread
VirtualProtect
WriteProcessMemory
SetUnhandledExceptionFilter
VirtualQuery
GetLocalTime
GlobalMemoryStatus
GetVersionExA
TlsFree
TlsAlloc
InterlockedExchange
InterlockedIncrement
ReadFile
PostQueuedCompletionStatus
InterlockedCompareExchange
TlsGetValue
WriteFile
InterlockedDecrement
QueueUserAPC
TerminateThread
InterlockedExchangeAdd
WaitForMultipleObjects
GetQueuedCompletionStatus
SetLastError
SetWaitableTimer
TlsSetValue
SleepEx
CreateIoCompletionPort
InitializeCriticalSectionAndSpinCount
VerifyVersionInfoW
VerSetConditionMask
SetEndOfFile
GetProcessHeap
HeapFree
HeapAlloc
CreateWaitableTimerW
SetThreadUILanguage
GlobalAlloc
MultiByteToWideChar
lstrlenW
RaiseException
LoadResource
SizeofResource
FindResourceW
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
FlushInstructionCache
lstrcmpW
MulDiv
GlobalLock
GlobalUnlock
OutputDebugStringA
DeleteFileA
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
FindFirstFileA
FindNextFileA
FindClose
SetFilePointerEx
OpenEventA
ResetEvent
WideCharToMultiByte
GetFileAttributesW
GetEnvironmentVariableW
GetCurrentDirectoryA
GetModuleFileNameA
GetEnvironmentVariableA
SuspendThread
GetThreadContext
ResumeThread
ReadProcessMemory
FreeResource
MapViewOfFile
UnmapViewOfFile
OpenMutexW
CreateFileMappingA
OpenFileMappingA
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
SetConsoleOutputCP
GetACP
AllocConsole
FreeConsole
DeviceIoControl
MoveFileExW
GetSystemDirectoryW
LockResource
SetConsoleTitleW
FileTimeToSystemTime
FileTimeToLocalFileTime
SetConsoleCtrlHandler
FindNextFileW
FindFirstFileW
CopyFileW
GetTempPathW
AssignProcessToJobObject
CreateProcessW
SetInformationJobObject
CreateJobObjectW
OutputDebugStringW

user32

MoveWindow
SetWindowPos
BringWindowToTop
GetClientRect
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetTimer
EnableWindow
SetCapture
SetFocus
GetWindow
IsChild
GetParent
GetDlgItem
GetMenu
AdjustWindowRectEx
GetClassNameW
GetSysColor
DestroyAcceleratorTable
GetFocus
FillRect
CreateAcceleratorTableW
ReleaseCapture
DefWindowProcW
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetSystemMetrics
EmptyClipboard
SetClipboardData
CloseClipboard
PostThreadMessageW
PostQuitMessage
LoadIconW
EnumDisplaySettingsW
CallWindowProcW
SetRect
wsprintfW
ExitWindowsEx
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow
CreateWindowExW
GetWindowLongW
SetWindowLongW
CharNextW
ShowWindow
TranslateMessage
DispatchMessageW
GetMessageW
LoadStringA
LoadStringW
UnregisterClassA
IsWindow
PostMessageW
GetDesktopWindow
OpenClipboard

gdi32

CreateFontA
TextOutA
GetDeviceCaps
SelectObject
DeleteObject
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
GetStockObject
GetObjectW
GetTextExtentPoint32A
SetTextColor
SetBkMode
CreateDIBSection

advapi32

RegCreateKeyExW
RegOpenKeyExW
GetUserNameA
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
SetNamedSecurityInfoA
RegQueryValueExA
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CheckTokenMembership
GetTokenInformation
CreateWellKnownSid
RegDeleteKeyW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
ShellExecuteExW
ord680
ExtractIconW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitialize
CLSIDFromString
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
OleInitialize
OleUninitialize
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleLockRunning

oleaut32

VariantInit
VariantClear
VarUI4FromStr
SysFreeString
SysAllocStringByteLen
SysAllocString
SetErrorInfo
VariantChangeType
GetErrorInfo
CreateErrorInfo
SysStringByteLen
SysAllocStringLen
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysStringLen

ws2_32

WSASendTo
WSARecvFrom
getsockopt
WSAIoctl
getsockname
accept
select
__WSAFDIsSet
WSARecv
connect
shutdown
WSAAddressToStringA
bind
WSASocketW
listen
WSASend
setsockopt
ioctlsocket
closesocket
htonl
ntohl
ntohs
htons
WSAStringToAddressA
freeaddrinfo
WSASetLastError
getaddrinfo
WSAGetLastError
WSAStartup
WSACleanup

mswsock

GetAcceptExSockaddrs
AcceptEx

winmm

timeGetTime

gdiplus

GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRect
GdipFree
GdipCloneImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipCreateFromHDC
GdipAlloc
GdiplusStartup
GdiplusShutdown

iphlpapi

GetAdaptersInfo

wininet

InternetOpenW
InternetSetOptionW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetTimeFromSystemTimeA
InternetSetCookieA
InternetReadFile
HttpQueryInfoW
HttpQueryInfoA
InternetTimeToSystemTimeA
InternetCloseHandle

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
nplayer/avcodec-56.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.text
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
soku.html
.js
youkupage.exe
.exe windows:5 windows x86 arch:x86

Code Sign

60:bc:17:a0:63:d1:09:a9:0e:f3:61:6b:5f:10:53:3d
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:19

Not After

06/01/2018, 03:19

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:6f:04:d2:13:44:d0:37:09:e8:c1:9c:c7:ed:12:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:28

Not After

06/01/2018, 03:28

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:2e:1b:1d:98:5b:a7:97:70:7e:bd:25:0b:f2:a9:bc:65:74:18:b7:c9:6a:e5:ed:66:c5:ff:46:c3:3b:6c:9b
Signer

Actual PE Digest

81:2e:1b:1d:98:5b:a7:97:70:7e:bd:25:0b:f2:a9:bc:65:74:18:b7:c9:6a:e5:ed:66:c5:ff:46:c3:3b:6c:9b

Digest Algorithm

sha256

PE Digest Matches

true

0c:c7:d9:b7:a5:90:47:97:eb:72:00:a1:2a:d4:34:12:c5:31:46:eb
Signer

Actual PE Digest

0c:c7:d9:b7:a5:90:47:97:eb:72:00:a1:2a:d4:34:12:c5:31:46:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 858KB - Virtual size: 860KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ytpage.exe
.exe windows:5 windows x86 arch:x86

69871d2cbc64e2ff75eab3ce5324ceb2

Code Sign

60:bc:17:a0:63:d1:09:a9:0e:f3:61:6b:5f:10:53:3d
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:19

Not After

06/01/2018, 03:19

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1f:6f:04:d2:13:44:d0:37:09:e8:c1:9c:c7:ed:12:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

06/04/2016, 03:28

Not After

06/01/2018, 03:28

Subject

CN=合一网络技术（北京）有限公司,O=合一网络技术（北京）有限公司,L=北京市,ST=北京市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/11/2014, 00:58

Not After

08/11/2029, 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:b4:3e:8e:97:9b:56:17:f0:24:31:47:be:af:a5:de:c8:d1:fe:84:4f:e7:bf:35:9b:d7:48:0e:51:29:51:68
Signer

Actual PE Digest

1a:b4:3e:8e:97:9b:56:17:f0:24:31:47:be:af:a5:de:c8:d1:fe:84:4f:e7:bf:35:9b:d7:48:0e:51:29:51:68

Digest Algorithm

sha256

PE Digest Matches

true

0b:c3:82:13:d6:40:18:68:44:7b:a6:22:71:d1:34:51:b7:df:e5:bf
Signer

Actual PE Digest

0b:c3:82:13:d6:40:18:68:44:7b:a6:22:71:d1:34:51:b7:df:e5:bf

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SVN\install.v3\src\ikucmc_v700\build_vs2013\bin\Publish\ytpage.pdb

Imports

qt5core

?toStdString@QByteArray@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??1QString@@QAE@XZ
?toLatin1@QString@@QBE?AVQByteArray@@XZ
??0QString@@QAE@ABVQByteArray@@@Z
?fromStdWString@QString@@SA?AV1@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??0QDate@@QAE@HHH@Z
??0QDateTime@@QAE@ABVQDate@@@Z
??1QDateTime@@QAE@XZ
??6QDebug@@QAEAAV0@D@Z
??6QTextStream@@QAEAAV0@D@Z
?toByteArray@QVariant@@QBE?AVQByteArray@@XZ
??0QVariant@@QAE@ABVQByteArray@@@Z
??0QVariant@@QAE@XZ
??6@YA?AVQDebug@@V0@ABVQUrl@@@Z
??1QByteArray@@QAE@XZ
??8@YA_NABVQString@@0@Z
?append@QByteArray@@QAEAAV1@ABV1@@Z
?append@QByteArray@@QAEAAV1@PBD@Z
?deallocate@QArrayData@@SAXPAU1@II@Z
?shared_null@QListData@@2UData@1@B
?start@QTimer@@QAEXH@Z
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QFile@@UAE@XZ
??0QFile@@QAE@ABVQString@@@Z
??0QMessageLogger@@QAE@PBDH0@Z
?debug@QMessageLogger@@QBE?AVQDebug@@XZ
?fromStdString@QString@@SA?AV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1QDebug@@QAE@XZ
??6QDebug@@QAEAAV0@ABVQByteArray@@@Z
??0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z
??1QSettings@@UAE@XZ
?setValue@QSettings@@QAEXABVQString@@ABVQVariant@@@Z
?value@QSettings@@QBE?AVQVariant@@ABVQString@@ABV2@@Z
??6QDebug@@QAEAAV0@PBD@Z
?shared_null@QArrayData@@2QBU1@B
?detach@QListData@@QAEPAUData@1@H@Z
??0QByteArray@@QAE@XZ
?close@QFileDevice@@UAEXXZ
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
?compare_helper@QString@@CAHPBVQChar@@HPBDHW4CaseSensitivity@Qt@@@Z
?toStdWString@QString@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?toStdString@QString@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0QString@@QAE@PBD@Z
?constData@QString@@QBEPBVQChar@@XZ
??0QString@@QAE@$$QAV0@@Z
?append@QListData@@QAEPAPAXXZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
??6QDebug@@QAEAAV0@H@Z
?toString@QUrl@@QBE?AVQString@@V?$QUrlTwoFlags@W4UrlFormattingOption@QUrl@@W4ComponentFormattingOption@2@@@@Z
??1QUrl@@QAE@XZ
??0QUrl@@QAE@ABVQString@@W4ParsingMode@0@@Z
?toString@QVariant@@QBE?AVQString@@XZ
??1QVariant@@QAE@XZ
?connect@QObject@@SA?AVConnection@QMetaObject@@PBV1@PBD01W4ConnectionType@Qt@@@Z
?replace@QString@@QAEAAV1@ABV1@0W4CaseSensitivity@Qt@@@Z
?append@QString@@QAEAAV1@ABV1@@Z
?simplified@QString@@QBE?AV1@XZ
??4QString@@QAEAAV0@$$QAV0@@Z
?dispose@QListData@@SAXPAUData@1@@Z
?staticMetaObject@QTimer@@2UQMetaObject@@B
??6QDebug@@QAEAAV0@ABVQString@@@Z
?dynamicMetaObject@QObjectData@@QBEPAUQMetaObject@@XZ
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
??0QString@@QAE@ABV0@@Z
??4QString@@QAEAAV0@ABV0@@Z
??0QUrl@@QAE@ABV0@@Z
?qRegisterResourceData@@YA_NHPBE00@Z
?qUnregisterResourceData@@YA_NHPBE00@Z
?connectSlotsByName@QMetaObject@@SAXPAVQObject@@@Z
??1Connection@QMetaObject@@QAE@XZ
??0QChar@@QAE@UQLatin1Char@@@Z
??0QString@@QAE@XZ
?arg@QString@@QBE?AV1@HHHVQChar@@@Z
?fromUtf8@QString@@SA?AV1@PBDH@Z
?fromAscii_helper@QString@@CAPAU?$QTypedArrayData@G@@PBDH@Z
?objectName@QObject@@QBE?AVQString@@XZ
?setObjectName@QObject@@QAEXABVQString@@@Z
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PBV1@PAPAX01PAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PBHPBU3@@Z
?translate@QCoreApplication@@SA?AVQString@@PBD00H@Z
??0QTimer@@QAE@PAVQObject@@@Z
??1QTimer@@UAE@XZ
?setInterval@QTimer@@QAEXH@Z
?start@QTimer@@QAEXXZ
?stop@QTimer@@QAEXXZ
?timeout@QTimer@@QAEXUQPrivateSignal@1@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?connectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXABVQMetaMethod@@@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?metaObject@QTimer@@UBEPBUQMetaObject@@XZ
?qt_metacall@QTimer@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QTimer@@UAEPAXPBD@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?timerEvent@QTimer@@MAEXPAVQTimerEvent@@@Z

qt5gui

?setParent@QWindow@@QAEXPAV1@@Z
?focusObject@QGuiApplication@@SAPAVQObject@@XZ
?focusWindow@QGuiApplication@@SAPAVQWindow@@XZ
?drawRects@QPainter@@QAEXPBVQRect@@H@Z
?setBrush@QPainter@@QAEXABVQBrush@@@Z
?setPen@QPainter@@QAEXABVQPen@@@Z
??1QPainter@@QAE@XZ
??0QPainter@@QAE@PAVQPaintDevice@@@Z
??1QPen@@QAE@XZ
??0QPen@@QAE@ABVQBrush@@NW4PenStyle@Qt@@W4PenCapStyle@3@W4PenJoinStyle@3@@Z
??1QBrush@@QAE@XZ
??0QBrush@@QAE@ABVQColor@@W4BrushStyle@Qt@@@Z
?invalidate@QColor@@AAEXXZ
??4QColor@@QAEAAV0@ABV0@@Z
?setRgb@QColor@@QAEXHHHH@Z
??1QPixmap@@UAE@XZ
??0QPixmap@@QAE@ABVQString@@PBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?fromWinId@QWindow@@SAPAV1@I@Z

qt5webkit

?setAttribute@QWebSettings@@QAEXW4WebAttribute@1@_N@Z
?canGoBack@QWebHistory@@QBE_NXZ

qt5webkitwidgets

?mouseReleaseEvent@QWebView@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QWebView@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QWebView@@MAEXPAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QWebView@@MAEXPAVQMouseEvent@@@Z
?keyReleaseEvent@QWebView@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QWebView@@MAEXPAVQKeyEvent@@@Z
?javaScriptPrompt@QWebPage@@MAE_NPAVQWebFrame@@ABVQString@@1PAV3@@Z
?javaScriptConfirm@QWebPage@@MAE_NPAVQWebFrame@@ABVQString@@@Z
?inputMethodQuery@QWebView@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?inputMethodEvent@QWebView@@MAEXPAVQInputMethodEvent@@@Z
?focusOutEvent@QWebView@@MAEXPAVQFocusEvent@@@Z
?focusNextPrevChild@QWebView@@MAE_N_N@Z
?sizeHint@QWebView@@UBE?AVQSize@@XZ
?extension@QWebPage@@UAE_NW4Extension@1@PBVExtensionOption@1@PAVExtensionReturn@1@@Z
?event@QWebView@@UAE_NPAVQEvent@@@Z
?event@QWebPage@@UAE_NPAVQEvent@@@Z
?dropEvent@QWebView@@MAEXPAVQDropEvent@@@Z
?dragMoveEvent@QWebView@@MAEXPAVQDragMoveEvent@@@Z
?dragLeaveEvent@QWebView@@MAEXPAVQDragLeaveEvent@@@Z
?dragEnterEvent@QWebView@@MAEXPAVQDragEnterEvent@@@Z
?createWindow@QWebView@@MAEPAV1@W4WebWindowType@QWebPage@@@Z
?createWindow@QWebPage@@MAEPAV1@W4WebWindowType@1@@Z
?createPlugin@QWebPage@@MAEPAVQObject@@ABVQString@@ABVQUrl@@ABVQStringList@@2@Z
?contextMenuEvent@QWebView@@MAEXPAVQContextMenuEvent@@@Z
?chooseFile@QWebPage@@MAE?AVQString@@PAVQWebFrame@@ABV2@@Z
?paintEvent@QWebView@@MAEXPAVQPaintEvent@@@Z
?evaluateJavaScript@QWebFrame@@QAE?AVQVariant@@ABVQString@@@Z
?setScrollBarValue@QWebFrame@@QAEXW4Orientation@Qt@@H@Z
?setScrollBarPolicy@QWebFrame@@QAEXW4Orientation@Qt@@W4ScrollBarPolicy@3@@Z
?addToJavaScriptWindowObject@QWebFrame@@QAEXABVQString@@PAVQObject@@W4ValueOwnership@1@@Z
?reload@QWebView@@QAEXXZ
?back@QWebView@@QAEXXZ
?settings@QWebView@@QBEPAVQWebSettings@@XZ
?load@QWebView@@QAEXABVQUrl@@@Z
?setPage@QWebView@@QAEXPAVQWebPage@@@Z
?page@QWebView@@QBEPAVQWebPage@@XZ
??1QWebView@@UAE@XZ
??0QWebView@@QAE@PAVQWidget@@@Z
?userAgentForUrl@QWebPage@@MBE?AVQString@@ABVQUrl@@@Z
?acceptNavigationRequest@QWebPage@@MAE_NPAVQWebFrame@@ABVQNetworkRequest@@W4NavigationType@1@@Z
?setLinkDelegationPolicy@QWebPage@@QAEXW4LinkDelegationPolicy@1@@Z
?networkAccessManager@QWebPage@@QBEPAVQNetworkAccessManager@@XZ
?mainFrame@QWebPage@@QBEPAVQWebFrame@@XZ
??1QWebPage@@UAE@XZ
??0QWebPage@@QAE@PAVQObject@@@Z
?staticMetaObject@QWebView@@2UQMetaObject@@B
?staticMetaObject@QWebPage@@2UQMetaObject@@B
?qt_metacall@QWebView@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QWebView@@UAEPAXPBD@Z
?qt_metacall@QWebPage@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QWebPage@@UAEPAXPBD@Z
?resizeEvent@QWebView@@MAEXPAVQResizeEvent@@@Z
?changeEvent@QWebView@@MAEXPAVQEvent@@@Z
?shouldInterruptJavaScript@QWebPage@@UAE_NXZ
?supportsExtension@QWebPage@@UBE_NW4Extension@1@@Z
?triggerAction@QWebPage@@UAEXW4WebAction@1@_N@Z
?wheelEvent@QWebView@@MAEXPAVQWheelEvent@@@Z
?history@QWebPage@@QBEPAVQWebHistory@@XZ
?setHtml@QWebView@@QAEXABVQString@@ABVQUrl@@@Z
?focusInEvent@QWebView@@MAEXPAVQFocusEvent@@@Z

qt5widgets

?qt_metacall@QWidget@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?staticMetaObject@QWidget@@2UQMetaObject@@B
??0QWidget@@QAE@PAV0@V?$QFlags@W4WindowType@Qt@@@@@Z
??1QWidget@@UAE@XZ
?winId@QWidget@@QBEIXZ
?style@QWidget@@QBEPAVQStyle@@XZ
?setMinimumSize@QWidget@@QAEXHH@Z
?setMaximumSize@QWidget@@QAEXHH@Z
?setFixedSize@QWidget@@QAEXABVQSize@@@Z
?setWindowTitle@QWidget@@QAEXABVQString@@@Z
?setStyleSheet@QWidget@@QAEXABVQString@@@Z
?update@QWidget@@QAEXXZ
?show@QWidget@@QAEXXZ
?hide@QWidget@@QAEXXZ
?move@QWidget@@QAEXABVQPoint@@@Z
?resize@QWidget@@QAEXABVQSize@@@Z
?setGeometry@QWidget@@QAEXABVQRect@@@Z
?setWindowFlags@QWidget@@QAEXV?$QFlags@W4WindowType@Qt@@@@@Z
?setAttribute@QWidget@@QAEXW4WidgetAttribute@Qt@@_N@Z
?resizeEvent@QWidget@@MAEXPAVQResizeEvent@@@Z
??0QLabel@@QAE@PAVQWidget@@V?$QFlags@W4WindowType@Qt@@@@@Z
??1QLabel@@UAE@XZ
?setAlignment@QLabel@@QAEXV?$QFlags@W4AlignmentFlag@Qt@@@@@Z
?setText@QLabel@@QAEXABVQString@@@Z
?setPixmap@QLabel@@QAEXABVQPixmap@@@Z
?actionEvent@QWidget@@MAEXPAVQActionEvent@@@Z
?changeEvent@QLabel@@MAEXPAVQEvent@@@Z
?changeEvent@QWidget@@MAEXPAVQEvent@@@Z
?closeEvent@QWidget@@MAEXPAVQCloseEvent@@@Z
?contextMenuEvent@QLabel@@MAEXPAVQContextMenuEvent@@@Z
?contextMenuEvent@QWidget@@MAEXPAVQContextMenuEvent@@@Z
?devType@QWidget@@UBEHXZ
?dragEnterEvent@QWidget@@MAEXPAVQDragEnterEvent@@@Z
?dragLeaveEvent@QWidget@@MAEXPAVQDragLeaveEvent@@@Z
?dragMoveEvent@QWidget@@MAEXPAVQDragMoveEvent@@@Z
?dropEvent@QWidget@@MAEXPAVQDropEvent@@@Z
?enterEvent@QWidget@@MAEXPAVQEvent@@@Z
?qt_metacast@QWidget@@UAEPAXPBD@Z
?event@QWidget@@MAE_NPAVQEvent@@@Z
?focusInEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?focusInEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?focusNextPrevChild@QLabel@@MAE_N_N@Z
?focusNextPrevChild@QWidget@@MAE_N_N@Z
?focusOutEvent@QLabel@@MAEXPAVQFocusEvent@@@Z
?focusOutEvent@QWidget@@MAEXPAVQFocusEvent@@@Z
?hasHeightForWidth@QWidget@@UBE_NXZ
?heightForWidth@QLabel@@UBEHH@Z
?heightForWidth@QWidget@@UBEHH@Z
?hideEvent@QWidget@@MAEXPAVQHideEvent@@@Z
?initPainter@QWidget@@MBEXPAVQPainter@@@Z
?inputMethodEvent@QWidget@@MAEXPAVQInputMethodEvent@@@Z
?inputMethodQuery@QWidget@@UBE?AVQVariant@@W4InputMethodQuery@Qt@@@Z
?keyPressEvent@QLabel@@MAEXPAVQKeyEvent@@@Z
?keyPressEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?keyReleaseEvent@QWidget@@MAEXPAVQKeyEvent@@@Z
?leaveEvent@QWidget@@MAEXPAVQEvent@@@Z
?metaObject@QLabel@@UBEPBUQMetaObject@@XZ
?metric@QWidget@@MBEHW4PaintDeviceMetric@QPaintDevice@@@Z
?minimumSizeHint@QLabel@@UBE?AVQSize@@XZ
?minimumSizeHint@QWidget@@UBE?AVQSize@@XZ
?mouseDoubleClickEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseMoveEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?windowHandle@QWidget@@QBEPAVQWindow@@XZ
?setAutoFillBackground@QWidget@@QAEX_N@Z
?raise@QWidget@@QAEXXZ
?clearFocus@QWidget@@QAEXXZ
?activateWindow@QWidget@@QAEXXZ
?event@QLabel@@MAE_NPAVQEvent@@@Z
?isActiveWindow@QWidget@@QBE_NXZ
?rect@QWidget@@QBE?AVQRect@@XZ
?setContextMenuPolicy@QWidget@@QAEXW4ContextMenuPolicy@Qt@@@Z
?exec@QApplication@@SAHXZ
??1QApplication@@UAE@XZ
??0QApplication@@QAE@AAHPAPADH@Z
?wheelEvent@QWidget@@MAEXPAVQWheelEvent@@@Z
?tabletEvent@QWidget@@MAEXPAVQTabletEvent@@@Z
?sizeHint@QWidget@@UBE?AVQSize@@XZ
?sizeHint@QLabel@@UBE?AVQSize@@XZ
?showEvent@QWidget@@MAEXPAVQShowEvent@@@Z
?sharedPainter@QWidget@@MBEPAVQPainter@@XZ
?setVisible@QWidget@@UAEX_N@Z
?redirected@QWidget@@MBEPAVQPaintDevice@@PAVQPoint@@@Z
?mousePressEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mousePressEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QLabel@@MAEXPAVQMouseEvent@@@Z
?mouseReleaseEvent@QWidget@@MAEXPAVQMouseEvent@@@Z
?moveEvent@QWidget@@MAEXPAVQMoveEvent@@@Z
?nativeEvent@QWidget@@MAE_NABVQByteArray@@PAXPAJ@Z
?paintEngine@QWidget@@UBEPAVQPaintEngine@@XZ
?paintEvent@QLabel@@MAEXPAVQPaintEvent@@@Z
?paintEvent@QWidget@@MAEXPAVQPaintEvent@@@Z
?qt_metacall@QLabel@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QLabel@@UAEPAXPBD@Z

qt5network

?setCacheDirectory@QNetworkDiskCache@@QAEXABVQString@@@Z
?setMaximumCacheSize@QNetworkDiskCache@@QAEX_J@Z
?cacheSize@QNetworkDiskCache@@UBE_JXZ
?clear@QNetworkDiskCache@@UAEXXZ
?data@QNetworkDiskCache@@UAEPAVQIODevice@@ABVQUrl@@@Z
?expire@QNetworkDiskCache@@MAE_JXZ
?insert@QNetworkDiskCache@@UAEXPAVQIODevice@@@Z
?metaData@QNetworkDiskCache@@UAE?AVQNetworkCacheMetaData@@ABVQUrl@@@Z
?metaObject@QNetworkDiskCache@@UBEPBUQMetaObject@@XZ
?prepare@QNetworkDiskCache@@UAEPAVQIODevice@@ABVQNetworkCacheMetaData@@@Z
?qt_metacall@QNetworkDiskCache@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QNetworkDiskCache@@UAEPAXPBD@Z
?remove@QNetworkDiskCache@@UAE_NABVQUrl@@@Z
??1QNetworkDiskCache@@UAE@XZ
??0QNetworkCookieJar@@QAE@PAVQObject@@@Z
??1QNetworkCookieJar@@UAE@XZ
?setCookiesFromUrl@QNetworkCookieJar@@UAE_NABV?$QList@VQNetworkCookie@@@@ABVQUrl@@@Z
?allCookies@QNetworkCookieJar@@IBE?AV?$QList@VQNetworkCookie@@@@XZ
?isSessionCookie@QNetworkCookie@@QBE_NXZ
?toRawForm@QNetworkCookie@@QBE?AVQByteArray@@W4RawForm@1@@Z
?parseCookies@QNetworkCookie@@SA?AV?$QList@VQNetworkCookie@@@@ABVQByteArray@@@Z
??6@YA?AVQDebug@@V0@ABVQNetworkCookie@@@Z
?cookiesForUrl@QNetworkCookieJar@@UBE?AV?$QList@VQNetworkCookie@@@@ABVQUrl@@@Z
?deleteCookie@QNetworkCookieJar@@UAE_NABVQNetworkCookie@@@Z
?insertCookie@QNetworkCookieJar@@UAE_NABVQNetworkCookie@@@Z
?updateCookie@QNetworkCookieJar@@UAE_NABVQNetworkCookie@@@Z
?validateCookie@QNetworkCookieJar@@MBE_NABVQNetworkCookie@@ABVQUrl@@@Z
??0QNetworkDiskCache@@QAE@PAVQObject@@@Z
?url@QNetworkRequest@@QBE?AVQUrl@@XZ
?value@QNetworkCookie@@QBE?AVQByteArray@@XZ
?setCookieJar@QNetworkAccessManager@@QAEXPAVQNetworkCookieJar@@@Z
?setCache@QNetworkAccessManager@@QAEXPAVQAbstractNetworkCache@@@Z
?staticMetaObject@QNetworkCookieJar@@2UQMetaObject@@B
?qt_metacall@QNetworkCookieJar@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qt_metacast@QNetworkCookieJar@@UAEPAXPBD@Z
?setValue@QNetworkCookie@@QAEXABVQByteArray@@@Z
?setName@QNetworkCookie@@QAEXABVQByteArray@@@Z
?name@QNetworkCookie@@QBE?AVQByteArray@@XZ
?setPath@QNetworkCookie@@QAEXABVQString@@@Z
?setDomain@QNetworkCookie@@QAEXABVQString@@@Z
?setExpirationDate@QNetworkCookie@@QAEXABVQDateTime@@@Z
??4QNetworkCookie@@QAEAAV0@ABV0@@Z
??1QNetworkCookie@@QAE@XZ
??0QNetworkCookie@@QAE@ABV0@@Z
?updateMetaData@QNetworkDiskCache@@UAEXABVQNetworkCacheMetaData@@@Z
??0QNetworkCookie@@QAE@ABVQByteArray@@0@Z

kernel32

AreFileApisANSI
CreateDirectoryExW
SetLastError
SetFileTime
SetFilePointerEx
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
GetFullPathNameW
GetFileTime
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetStringTypeExA
GetUserDefaultLCID
LCMapStringA
LCMapStringW
GetStringTypeExW
LoadLibraryA
FreeConsole
AllocConsole
SetConsoleCtrlHandler
GetACP
SetInformationJobObject
AssignProcessToJobObject
CreateJobObjectW
QueryPerformanceCounter
MoveFileExW
CopyFileW
FindNextFileW
FindFirstFileW
FindFirstFileA
GetDiskFreeSpaceExW
GetTempPathW
GetSystemDirectoryW
GetDriveTypeW
FindResourceW
FormatMessageA
CreateProcessW
GetModuleHandleW
TlsFree
TlsAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
DeviceIoControl
GetLogicalDrives
SizeofResource
LoadResource
GetLastError
LockResource
FreeResource
InterlockedDecrement
OpenFileMappingW
SetUnhandledExceptionFilter
WideCharToMultiByte
GetModuleHandleA
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
GetTickCount
Sleep
WaitForSingleObject
GetVersionExA
CreateFileW
GetModuleFileNameW
LoadLibraryW
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
VirtualQuery
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetSystemTime
SystemTimeToFileTime
OpenMutexW
CreateFileMappingA
OutputDebugStringA
OpenFileMappingA
LocalFree
lstrlenA
lstrlenW
GetCommandLineW
SetConsoleTitleW
SetConsoleOutputCP
InterlockedIncrement
InterlockedExchange
InterlockedExchangeAdd
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
GlobalAlloc
GlobalFree
GetFileSize
WriteFile
SetFilePointer
OutputDebugStringW
PostQueuedCompletionStatus

user32

GetWindowRect
SendMessageTimeoutW
InvalidateRect
GetParent
UpdateWindow
wsprintfW
PostMessageW
IsWindow
LoadStringA
LoadStringW

advapi32

RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExA
SetNamedSecurityInfoA
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantInit
VariantChangeType
SetErrorInfo
CreateErrorInfo
VariantClear

msvcp120

?id@?$codecvt@DDH@std@@2V0locale@2@A
??_7?$codecvt@_WDH@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7codecvt_base@std@@6B@
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?rdstate@ios_base@std@@QBEHXZ
?setf@ios_base@std@@QAEHH@Z
?setf@ios_base@std@@QAEHHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Nan
_Inf
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?precision@ios_base@std@@QAE_J_J@Z
?unsetf@ios_base@std@@QAEXH@Z
?flags@ios_base@std@@QBEHXZ
?exceptions@ios_base@std@@QAEXH@Z
?good@ios_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
?c_str@?$_Yarn@D@std@@QBEPBDXZ
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?uncaught_exception@std@@YA_NXZ
??0id@locale@std@@QAE@I@Z
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
??_7facet@locale@std@@6B@
??_7_Facet_base@std@@6B@
?_Incref@facet@locale@std@@UAEXXZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?classic@locale@std@@SAABV12@XZ
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
_Getcvt
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_BADOFF@std@@3_JB
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

iphlpapi

GetAdaptersInfo

msvcr120

freopen
fread
__iob_func
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_hypot
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
sprintf
memset
memchr
memcpy_s
strstr
fclose
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
swprintf_s
_lock_file
_unlock_file
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
fseek
printf
sscanf
vsprintf_s
_vswprintf_c_l
_wfopen_s
_wremove
strcmp
strncpy
strrchr
wcscmp
wcscpy_s
_wcsicmp
abs
atof
atoi
_strtoui64
rand
srand
free
malloc
_wchdir
_wmkdir
_wrmdir
_waccess
_wrename
_wfindfirst64i32
_wfindnext64i32
toupper
tolower
_localtime64
_time64
_findclose
wcscat
wcscpy
??0exception@std@@QAE@ABQBDH@Z
signal
_itow_s
_wtoi
_wtoi64
modf
strchr
sprintf_s
fprintf
strpbrk
towupper
towlower
??8type_info@@QBE_NABV0@@Z
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except1
?terminate@@YAXXZ
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_beginthreadex
_getpid
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
strerror
??_V@YAXPAX@Z
localeconv
memcmp
strlen
wcslen
_strdup
_stricmp
_wcsnicmp
isalnum

ws2_32

WSACleanup
WSAStartup

wininet

InternetOpenW
InternetSetCookieA
HttpQueryInfoW
HttpQueryInfoA
HttpSendRequestW
HttpOpenRequestW
InternetSetOptionW
InternetSetFilePointer
InternetTimeFromSystemTimeA
InternetTimeToSystemTimeA
InternetCloseHandle
InternetConnectW
InternetReadFile

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 637KB - Virtual size: 637KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 3.8MB

.rsrc Size: 198KB - Virtual size: 198KB

.reloc Size: 4KB - Virtual size: 3KB

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 987B

.reloc Size: 512B - Virtual size: 66B

5e41893d1528e7648e03f81030aca366

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 16B

.reloc Size: 512B - Virtual size: 374B

042f3c184e7c0923b6325ab1dc09aed7

Headers

File Characteristics

Imports

shell32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 84B

.rdata Size: 512B - Virtual size: 206B

.data Size: - Virtual size: 20B

.reloc Size: 512B - Virtual size: 48B

baf2d405231cd43dae48df474a521d01

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comctl32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 947B

.data Size: - Virtual size: 24B

.reloc Size: 512B - Virtual size: 284B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 3.8MB

.rsrc
Size: 198KB - Virtual size: 198KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 1024B - Virtual size: 987B

.reloc
Size: 512B - Virtual size: 66B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 374B

.text
Size: 512B - Virtual size: 84B

.rdata
Size: 512B - Virtual size: 206B

.data
Size: - Virtual size: 20B

.reloc
Size: 512B - Virtual size: 48B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 947B

.data
Size: - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 284B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 797B

.data
Size: - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 254B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 828B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 348B

.text
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 36B

.reloc
Size: 512B - Virtual size: 144B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 2KB