d5341f6808f3bb6f3eef603425c85855578b4c69f87169fda536565eb6e994d7[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

d5341f6808f3bb6f3eef603425c85855578b4c69f87169fda536565eb6e994d7.exe
Size

40.0MB
MD5

4a8da625b5fa22dc66fc243a07304422
SHA1

d6e1d6152ff60cee2e86059cb77c9fed5c29c5d8
SHA256

d5341f6808f3bb6f3eef603425c85855578b4c69f87169fda536565eb6e994d7
SHA512

9df6a14170b8137d238556ef32838d08a683478bc63d9100bef1fc1cb038dcee11dbcb9f1c8752681a939180a2fd45c518d6bcd99059014191cc53d9f57d31d2
SSDEEP

786432:pCBQ6+bJ46ddNLkzoYO9FcYXRasIp+gf/8WNie/lL60DtKMQVrae2i:pCWfb6yIzoPFcYhVoHl24KMQYFi

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 4 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/NJEDITXP.DLL.xxx	acprotect
static1/unpack001/NJEDITXP.dll	acprotect
static1/unpack001/libcurl.dll	acprotect
static1/unpack001/njcrybto.dll	acprotect

UPX packed file 7 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/NJEDITXP.DLL.xxx	upx
static1/unpack001/NJEDITXP.dll	upx
static1/unpack001/NJSTARJ.EXE.xxx	upx
static1/unpack001/NJStarJ.exe	upx
static1/unpack001/libcurl.dll	upx
static1/unpack001/njcrybto.dll	upx
static1/unpack001/update.dll	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/Registry.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsDialogs.dll

Files

d5341f6808f3bb6f3eef603425c85855578b4c69f87169fda536565eb6e994d7.exe
.exe windows:4 windows x86 arch:x86

c05041e01f84e1ccca9c4451f3b6a383

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ea:0d:ac:2e:c8:4a:26:50:b0:c0:be:55:0a:a8:b1:c6:70:d9:88:0a:ff:ed:b2:fb:48:b9:9d:2d:e2:6c:05:ef
Signer

Actual PE Digest

ea:0d:ac:2e:c8:4a:26:50:b0:c0:be:55:0a:a8:b1:c6:70:d9:88:0a:ff:ed:b2:fb:48:b9:9d:2d:e2:6c:05:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/NJStar/NJStar Japanese WP6/Template/Vertical-Layout.NJX
$PLUGINSDIR/Registry.dll
.dll windows:4 windows x86 arch:x86

421a02aae559045e04759aae146087eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessA
CreateProcessW
GlobalAlloc
SearchPathA
SearchPathW
GetFileAttributesA
GetFileAttributesW
CreateFileA
CreateFileW
WriteFile
WideCharToMultiByte
GetWindowsDirectoryW
lstrlenA
lstrlenW
MultiByteToWideChar
GlobalFree

user32

FindWindowExA
SetWindowTextA
SetWindowTextW
MessageBoxW
GetDlgItem

advapi32

RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueA
RegEnumValueW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
RegSetValueExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExW

Exports

Exports

_Close
_CopyKey
_CopyValue
_CreateKey
_DeleteKey
_DeleteKeyEmpty
_DeleteValue
_Find
_HexToStrA
_HexToStrW
_KeyExists
_MoveKey
_MoveValue
_Open
_Read
_ReadExtra
_RestoreKey
_SaveKey
_StrToHexA
_StrToHexW
_Unload
_Write
_WriteExtra

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

5e62e8e248e7364886b604bd1fcf4c13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW

kernel32

GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BackupDataFiles.ini
FILE_ID.DIZ
HTML/body_bg.jpg
.jpg
HTML/reminder.htm
.html
HanzInfo.ucd
JMDictX
JMDictX.DUT
JMDictX.E2J
JMDictX.FRE
JMDictX.GER
JMDictX.J2E
JMDictX.K2E
JMDictX.LNX
JMDictX.RUS
JMDictX.SPA
JMDictX.SWE
JMDictX.TAG
JMdict.VER
KANAKAN6.UJD
KanjiLvl.txt
LICENSE.txt
NGDIPlus.DLL.xxx
.dll windows:5 windows x86 arch:x86

6bc8326e1621dfdc02822becdc8bafba

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:a8:05:b4:0f:ec:cd:96:05:66:be:50:df:9c:ef:bc:ef:41:d0:5a
Signer

Actual PE Digest

82:a8:05:b4:0f:ec:cd:96:05:66:be:50:df:9c:ef:bc:ef:41:d0:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\Release\NGDIPlus.pdb

Imports

kernel32

GlobalAlloc
lstrlenW
GlobalUnlock
VerifyVersionInfoW
GetProcAddress
GlobalFree
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GlobalLock
GlobalSize
GetSystemTimeAsFileTime
VerSetConditionMask

user32

GetDC
ReleaseDC

gdi32

DeleteObject
GetObjectW
GetDIBits

gdiplus

GdipSaveImageToFile
GdipCreateFromHDC
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipSetPageUnit
GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipCreateMetafileFromWmf
GdipGetImageVerticalResolution
GdipSetSmoothingMode
GdipCreateMetafileFromEmf
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipGetImageHorizontalResolution
GdipFree
GdipSaveImageToStream
GdiplusShutdown
GdipCloneImage
GdiplusStartup
GdipAlloc
GdipGetMetafileHeaderFromMetafile
GdipCreateHBITMAPFromBitmap

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
malloc
free
memmove

Exports

Exports

SgpBmp2Image
SgpBmp2Jpeg
SgpBmp2Png
SgpDrawEnhMetafile
SgpDrawImage
SgpDrawMetafile
SgpImage2Bmp
SgpImage2Bmp2
WEP

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NGDIPlus.dll
.dll windows:5 windows x86 arch:x86

6bc8326e1621dfdc02822becdc8bafba

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

82:a8:05:b4:0f:ec:cd:96:05:66:be:50:df:9c:ef:bc:ef:41:d0:5a
Signer

Actual PE Digest

82:a8:05:b4:0f:ec:cd:96:05:66:be:50:df:9c:ef:bc:ef:41:d0:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\Release\NGDIPlus.pdb

Imports

kernel32

GlobalAlloc
lstrlenW
GlobalUnlock
VerifyVersionInfoW
GetProcAddress
GlobalFree
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GlobalLock
GlobalSize
GetSystemTimeAsFileTime
VerSetConditionMask

user32

GetDC
ReleaseDC

gdi32

DeleteObject
GetObjectW
GetDIBits

gdiplus

GdipSaveImageToFile
GdipCreateFromHDC
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipSetPageUnit
GdipCreateBitmapFromFile
GdipDisposeImage
GdipGetImageEncodersSize
GdipCreateMetafileFromWmf
GdipGetImageVerticalResolution
GdipSetSmoothingMode
GdipCreateMetafileFromEmf
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipGetImageHorizontalResolution
GdipFree
GdipSaveImageToStream
GdiplusShutdown
GdipCloneImage
GdiplusStartup
GdipAlloc
GdipGetMetafileHeaderFromMetafile
GdipCreateHBITMAPFromBitmap

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
malloc
free
memmove

Exports

Exports

SgpBmp2Image
SgpBmp2Jpeg
SgpBmp2Png
SgpDrawEnhMetafile
SgpDrawImage
SgpDrawMetafile
SgpImage2Bmp
SgpImage2Bmp2
WEP

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJB52UC.CNV.xxx
NJB52UC.cnv
NJB5H2UC.CNV.xxx
NJB5H2UC.cnv
NJCNS2UC.CNV
NJCNS2UC.CNV.xxx
NJDBCS.DLL.xxx
.dll windows:5 windows x86 arch:x86

ad1cbba034e5cc1284868b993b28042f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:18:3e:f0:93:3b:52:41:01:70:bf:44:a4:5e:00:10:d5:0b:66:80
Signer

Actual PE Digest

28:18:3e:f0:93:3b:52:41:01:70:bf:44:a4:5e:00:10:d5:0b:66:80

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
CloseHandle
MapViewOfFile
UnmapViewOfFile
lstrcpyW
CreateFileMappingW
OpenFileMappingW
GetModuleFileNameW
GetModuleHandleW
CreateFileW
SearchPathW
IsBadWritePtr
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime

user32

MessageBeep
MessageBoxW
OemToCharBuffW
CharToOemBuffW
GetActiveWindow
wsprintfW
MessageBoxA
wsprintfA

msvcr120

__CppXcptFilter
free
malloc
wcsrchr
memmove
strchr
strstr
wcschr
_except_handler4_common
fread
fseek
_wfopen
atoi
_strnicmp
toupper
_stricmp
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
fclose
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal

Exports

Exports

CJKcode
CNS_EUC_To_UCS2
CNS_ISO_To_UCS2
CNS_To_UCS4_Char
CNS_To_UCS4_String
Conv_7Bit_To_CurrentCode
Conv_8Bit_To_CurrentCode
Conv_8Bit_To_CurrentCode2
Conv_Big5_To_GBK_Char
Conv_Big5_To_GBK_Str
Conv_Big5_To_GB_Char
Conv_Big5_To_GB_Str
Conv_Chinese_Auto_Detect
Conv_CurrentCode_To_7Bit
Conv_CurrentCode_To_7Bit_Wraped
Conv_CurrentCode_To_ExCode
Conv_DBCS_To_DBCS
Conv_EUC_To_ShiftJIS_Char
Conv_EUC_To_ShiftJIS_Str
Conv_GBK_To_Big5_Char
Conv_GBK_To_Big5_Str
Conv_GBK_To_GB_Char
Conv_GBK_To_GB_Str
Conv_GB_To_Big5_Char
Conv_GB_To_Big5_Str
Conv_GB_To_GBK_Char
Conv_GB_To_GBK_Str
Conv_HZ_To_GB_Str
Conv_HZ_To_Internal_Str
Conv_ISO2022_To_EUC_Str
Conv_ISO2022_To_EUC_StrEx
Conv_JIS7Bit_To_EUC_Str
Conv_JIS7Bit_To_Internal_Str
Conv_Japanese_Auto_Detect
Conv_MIME_To_EUC_Str
Conv_SetPrevNextChar
Conv_ShiftJIS_FullKana2HalfKana
Conv_ShiftJIS_HalfKana2FullKana
Conv_ShiftJIS_To_EUC_Char
Conv_ShiftJIS_To_EUC_Str
Conv_ShiftJIS_To_EUC_Str2
Conv_UC_SC2TC
Conv_UC_SC2TC_Str
Conv_UC_TC2SC
Conv_UC_TC2SC_Str
DBCS2Unicode
DBCS2UnicodeChar
DBCS2Unicode_Ex
DBCSDefChar
DBCSDefCharEx
DBCSNext
DBCSNextChar
DBCSNextCharEx
DBCSNextEx
DBCSPrev
DBCSPrevChar
DBCSPrevCharEx
DBCSPrevEx
DbcsIsCurrentCode
DbcsIsCurrentCode2
DecodeUnicodeHex
EACC_MARC21_To_MARC8
EACC_MARC8_To_MARC21
EACC_To_UCS4_Char
EACC_To_UCS4_String
EncodeUnicodeHex
FormatDBCSDate
FormatDBCSNumber
FormatDBCSTime
GetDBCSByte
GetDBCSByteEx
GetDBCSWord
GetDBCSWordEx
GetDBCoding
HKSCS_PUA2UC
HKSCS_PUA2UC_Ex
HKSCS_PUA2UC_Str
HKSCS_PUA2UC_Str_Ex
HKSCS_UC2PUA
HKSCS_UC2PUA_Ex
HKSCS_UC2PUA_Str
HKSCS_UC2PUA_Str_Ex
HTML_decode
Hash2FullQuWei
Hash2FullQuWeiEx
HashFullDBCS
HashFullDBCSEx
IndexBig5
IndexBig5HK
IndexBig5x
IndexDBCS
IndexDBCSEx
IndexDBCSFont
IndexDBCSFontEx
IndexEucJIS
IndexGB
IndexGB18030
IndexGBK
IndexKS
IndexShiftJIS
IsCNSCodeA
IsCNSCodeExA
IsCNSCodeW
IsDBCS1stByte
IsDBCS1stByteEx
IsDBCS1stByteExIgnoreNbsp
IsDBCS1stByteIgnoreNbsp
IsDBCS2ndByte
IsDBCS2ndByteEx
IsDBCSValid
IsDBCSValidEx
IsDBCSValidExIgnoreNbsp
IsDBCSValidIgnoreNbsp
IsDBCString
IsDBCStringEx
IsDBCStringW
IsDBCStringWEx
IsDBCursorChar
IsDBCursorCharEx
IsEaccA
IsEaccW
IsFollowingChar
IsFollowingCharEx
IsFollowingCharW
IsHanziValid
IsHanziValidEx
IsLeadingChar
IsLeadingCharEx
IsLeadingCharW
IsNumberChar
IsNumberCharEx
IsNumberCharW
IsOverflowChar
IsOverflowCharEx
IsOverflowCharW
IsStrictDBStringEx
IsUTF8
IsUTF8Ex
IsoEACC_To_Unicode
OemExtAsciiToUnicode
Pinyin_Number2Tone
Pinyin_Number2ToneEx
Pinyin_Tone2Number
Pinyin_Tone2NumberEx
PunyCode_To_UCS2
SetDBCoding
UCS2_IsSurrogateText
UCS2_SurrogatePair_To_UCS4
UCS2_To_CNS_EUC
UCS2_To_CNS_ISO
UCS2_To_DBCS
UCS2_To_PunyCode
UCS2_To_UCS4
UCS2_To_UHTML
UCS2_To_UTF5
UCS2_To_UTF7
UCS2_To_UTF8
UCS4_To_CNS_Char
UCS4_To_CNS_EUC
UCS4_To_CNS_String
UCS4_To_EACC_Char
UCS4_To_EACC_String
UCS4_To_UCS2
UCS4_To_UCS2_SurrogatePair
UCS4_To_UTF7
UCS4_To_UTF8
UCS4_To_UTF8_Char
UHTML_To_UCS2A
UHTML_To_UCS2A_Ex
UHTML_To_UCS2W
UHTML_To_UCS2W_Ex
UTF5_To_UCS2
UTF7_To_UCS2
UTF7_To_UCS4
UTF8_To_UCS2
UTF8_To_UCS4
UTF8_To_UCS4_Char
UniCJKcode
UniCJKcodeEx
Unicode2DBCS
Unicode2DBCS_Ex
Unicode2DBCS_wc2mb
Unicode2DBCS_wc2mb_Ex
UnicodeChar2DBCStr
UnicodeHEX_To_UCS2
UnicodeToOemExtAscii
Unicode_To_IsoEACC
hash2QuWei
hash2QuWeiEx
hashDBCS
hashDBCSEx

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJEDITXP.DLL.xxx
.dll windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b7:01:a8:97:5e:85:f3:6d:bf:8e:4d:e8:33:31:28:03:17:21:c0:bb:e7:b3:f0:60:02:3f:de:dd:84:46:81:98
Signer

Actual PE Digest

b7:01:a8:97:5e:85:f3:6d:bf:8e:4d:e8:33:31:28:03:17:21:c0:bb:e7:b3:f0:60:02:3f:de:dd:84:46:81:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Bits_Count
Bits_Get
Bits_Init
Bits_Set
BookmarkParam
CellBorderColorParam
CellBorderParam
CellColorParam
CellRotationParam
CellShadingParam
CellVertAlignParam
CellWidthFlagParam
CellWidthParam
CharScaleXParam
CharSpaceParam
CheckBoxFieldParam
ClearAllTabs
ClearTab
CloseNed
CreateNedWindow
CtlDlgFn
CtlFlags
CtlInfo
CtlStyle
CustomControlInfo
CustomControlSizeToText
CustomControlStyle
DataFieldParam
DateParam
DeleteCellsParam
DeselectNedText
DeselectNedTextEx
DrawObjectParam
EditInputFieldParam
EditPictureParam
EditStyleParam
FontParam
FootnoteParam
FormFieldSubclass
GetFontInfo
GetFontInfo2
GetNedBuffer
GetNedCursorPos
GetNedFields
GetNedFieldsAlt
GetNedLine
GetNedPagePos
HandleToIntArray
HandleToStr
HandleToStrInChunks
HandleToStrU
HookGetMsgProc
HyperlinkParam
InputFieldParam
InsertNedText
InsertNedTextA
InsertObjectParam
InsertRtfBuf
InsertRtfBufU
JumpParam
ListLevelParam
ListOrPropParam
ListOrSelectParam
ListParaParam
ListPropParam
ListSelectParam
LoadNedControl
MergeEnumMetafile
NedAbsToRowCol
NedAcceptChanges
NedAddAnimPict
NedAddAutoCompWord
NedAddImageMapRect
NedAddToolbarIcon
NedAddToolbarItem
NedAdjustHtmlTable
NedAdjustUserColor
NedAnd
NedAppendText
NedAppendTextEx
NedAppendTextEx2
NedAppendTextU
NedAppendTextU2
NedApplyComment
NedApplyHyperlink
NedApplyHyperlinkU
NedBmp2Png
NedBulletToText
NedCanSort
NedCancelEditStyle
NedCellBorder
NedCellBorder2
NedCellBorderColor
NedCellColor
NedCellRotateText
NedCellShading
NedCellVertAlign
NedCellWidth
NedChangeField
NedChangeFieldRtf
NedChangeFieldRtfU
NedChangeFieldU
NedChangeToolbarIcon
NedClearAutoCompList
NedClosePrinter
NedColBreak
NedCommand
NedCommand2
NedConnectTextBoxes
NedConvertChinese
NedCopyHeadersFooters
NedCreateBulletId
NedCreateBulletId2
NedCreateBulletId3
NedCreateCellId
NedCreateFirstHdrFtr
NedCreateFont
NedCreateFont2
NedCreateFont3
NedCreateFont4
NedCreateHtmlRule
NedCreateHtmlRule2
NedCreateImageMap
NedCreateLeftRightHdrFtr
NedCreateListBulletId
NedCreateListBulletId2
NedCreateOcxObject
NedCreateOcxObject2
NedCreateParaFrameId
NedCreateParaId
NedCreateParaIdEx
NedCreateShape
NedCreateTabId
NedCreateTable
NedCreateTable2
NedCreateWindowAlt
NedDataVersion
NedDeleteBlock
NedDeleteBlock2
NedDeleteBookmark
NedDeleteCellText
NedDeleteCells
NedDeleteField
NedDeleteFirstHdrFtr
NedDeleteHdrFtr
NedDeleteHypertext
NedDeleteIDispatch
NedDeleteMenuItem
NedDeleteObject
NedDeleteReviewer
NedDeleteStyle
NedDeleteStyleU
NedDeleteTag
NedDifTableRows
NedDisableDragDrop
NedDocName
NedDrawImage
NedDrawImage2
NedEditComment
NedEditList
NedEditListLevel
NedEditListOr
NedEditStyle
NedEditStyleU
NedEditTooltip
NedEnableDashes
NedEnableDragDrop
NedEnableHScrollBar
NedEnableMbcs
NedEnableRefresh
NedEnableScrollBar
NedEnableSpeedKey
NedEnableTracking
NedEngageCaret
NedEnumFontFamiliesEx
NedEnumFonts
NedEquateHtmlTable
NedExchangeAttrib
NedExit
NedExpandWidthToFit
NedFieldToText
NedFileToMem
NedFileToMem2
NedFindHlinkField
NedFindNextChange
NedFlushUndo
NedFontMap_CreateFontIndirect
NedGetAppMemory
NedGetBaseLineY
NedGetBkPictId
NedGetBookmark
NedGetBufferDC
NedGetBulletInfo
NedGetBulletInfo2
NedGetBulletInfo3
NedGetCaretPos
NedGetCellBorderColor
NedGetCellBorderWidth
NedGetCellInfo
NedGetCellInfo2
NedGetCellParam
NedGetCellParam2
NedGetCharDim
NedGetCheckboxInfo
NedGetColors
NedGetComboboxInfo
NedGetComment
NedGetControlId
NedGetControlPos
NedGetCurFont
NedGetCurParaNum
NedGetCurSelection
NedGetDeviceRes
NedGetDevmode
NedGetDispPageNo
NedGetDrawObjectInfo
NedGetDropDataObject
NedGetEffectiveFont
NedGetField
NedGetFieldFont
NedGetFieldFontU
NedGetFieldU
NedGetFlowFont
NedGetFontAux1Id
NedGetFontFieldCode
NedGetFontFieldCodeU
NedGetFontFieldId
NedGetFontLang
NedGetFontNameAndSize
NedGetFontParam
NedGetFontSpace
NedGetFontStyleId
NedGetFrameParam
NedGetFrameSize
NedGetHdrFtrPos
NedGetHtmlDocTitle
NedGetHypertext
NedGetHypertext2
NedGetHypertextEx
NedGetHypertextU
NedGetHypertextU2
NedGetIDispatch
NedGetImageMapInfo
NedGetImageMapRectInfo
NedGetInputFieldId
NedGetInputFieldInfo
NedGetLastMessage
NedGetLastMessage2
NedGetLevelCell
NedGetLine
NedGetLineCol
NedGetLineEx
NedGetLineInfo
NedGetLineParam
NedGetLineParamStr
NedGetLineU
NedGetLineWidth
NedGetLineWidth2
NedGetListId
NedGetListInfo
NedGetListInfo2
NedGetListLevelInfo
NedGetListLevelInfoU
NedGetListLine
NedGetListOrInfo
NedGetMarginEx
NedGetMousePos
NedGetMouseText
NedGetMsgCallback
NedGetNextControlPos
NedGetOleClass
NedGetOlePtr
NedGetOrigPictSize
NedGetOverrideBin
NedGetPageBorderDim
NedGetPageCount
NedGetPageFirstLine
NedGetPageNumFmt
NedGetPageOffset
NedGetPageOrient
NedGetPageOrient2
NedGetPageOrientEx
NedGetPageParam
NedGetPagePos
NedGetPageSect
NedGetPageSize
NedGetParaAux1Id
NedGetParaCount
NedGetParaInfo
NedGetParaInfo2
NedGetParaInfo3
NedGetParaInfo4
NedGetParaParam
NedGetParam
NedGetParentPtr
NedGetPdfPageCount
NedGetPictCropping
NedGetPictFrame
NedGetPictInfo
NedGetPictMapId
NedGetPictOffset
NedGetPrevControlPos
NedGetPrinter
NedGetReadOnly
NedGetRefParam
NedGetRefParamStr
NedGetReviewerInfo
NedGetRowCellCount
NedGetRowInfo
NedGetRowParam
NedGetRtfDocInfo
NedGetRtfDocInfoU
NedGetRtfSel
NedGetSectAuxId
NedGetSectBins
NedGetSectColWidth
NedGetSectInfo
NedGetSectParam
NedGetSelection
NedGetSeqSect
NedGetStyleId
NedGetStyleIdU
NedGetStyleInfo
NedGetStyleInfoU
NedGetStyleParam
NedGetStylesInfo
NedGetTabStop
NedGetTabStop2
NedGetTableId
NedGetTableLevel
NedGetTablePos
NedGetTablePos2
NedGetTag
NedGetTagEx
NedGetTagName
NedGetTagPos
NedGetTagPos2
NedGetTextColor
NedGetTextFieldInfo
NedGetTextHeight
NedGetTextSel
NedGetTextSelNR
NedGetTextSelU
NedGetTextSelUNR
NedGetTrackChangesSetting
NedGetUniqueHanzi
NedGetVbxCallback
NedGetVersion
NedGetVisibleCol
NedGetWordCount
NedGetZoom
NedHasFormatInfo
NedHdrFtrExists
NedHideToolbarIcon
NedHideWindow
NedHigh16Bits
NedHtmlCellWidthFlag
NedHtmlCharSet
NedHtmlGetBasePictFile
NedHtmlNegativeIndent
NedHtmlSetBasePictFile
NedIgnoreCommand
NedImageMapNameToId
NedInServer
NedInit
NedInputFieldToTextBox
NedInsertArrowLineObject
NedInsertBookmark
NedInsertCheckBoxField
NedInsertComboBoxField
NedInsertControl
NedInsertDateTime
NedInsertDrawObject
NedInsertDrawObject2
NedInsertDrawObject3
NedInsertDynamicField
NedInsertEnhMetafile
NedInsertField
NedInsertFieldU
NedInsertFootnote
NedInsertFootnote2
NedInsertHyperlink
NedInsertHyperlinkU
NedInsertHyperlinkU2
NedInsertLine
NedInsertLineObject
NedInsertLineU
NedInsertObjectId
NedInsertOleFile
NedInsertOleObject
NedInsertPageRef
NedInsertParaFrame
NedInsertPictureFile
NedInsertPictureFileXY
NedInsertPictureFileXY2
NedInsertPictureFromMemory
NedInsertRtfFile
NedInsertTableCol
NedInsertTableRow
NedInsertText
NedInsertTextA
NedInsertTextInputField
NedInsertTextU
NedInsertToc
NedInsertToc2
NedInsertUserField
NedInternetClose
NedInternetGet
NedInternetOpen
NedInternetPut
NedInvertTextRect
NedInvokeOcx
NedInvokeOcx2
NedIsAvailableFont
NedIsBlankPage
NedIsDeletedLine
NedIsInIE
NedIsMixPara
NedIsModified
NedIsPrinting
NedIsSspAvail
NedIsTableSelected
NedIsTableWider
NedLineInfoFlags
NedLineSelected
NedLineSpaceAfter
NedLoadExtFont
NedLocateAuxIdChar
NedLocateChangedChar
NedLocateChangedChar2
NedLocateChangedChar3
NedLocateField
NedLocateFieldChar
NedLocateFieldChar2
NedLocateFontFlags
NedLocateFontId
NedLocateInputField
NedLocateStyle
NedLocateStyleChar
NedLow16Bits
NedLparam2String
NedMarkCells
NedMenuEnable
NedMenuEnable2
NedMenuSelect
NedMenuSelect2
NedMergeFields
NedMergePrint
NedMergePrintMeta
NedMergePrintMeta2
NedMergePrintRE
NedMergePrintRep
NedMergePrintRep2
NedMergePrintRep3
NedMergePrintVB
NedMoveParaFrame
NedMoveParaFrame2
NedMovePictFrame
NedMovePictFrame2
NedNeedMouseMessage
NedNewDivId
NedNewDivId2
NedNormalizeBlock
NedOcxPropInfo
NedOcxPropInfo2
NedOr
NedOverridePageCount
NedOverridePageSize
NedOverrideStyles
NedPageBitmapHin
NedPageBitmapHin2
NedPageBreak
NedPageFromLine
NedPageMetafileHin
NedPaintFormat
NedPastePicture
NedPdcEnd
NedPdcEnd2
NedPdcPrintPage
NedPdcPrintPage2
NedPdcPrintPage3
NedPdcPrintPage4
NedPdcStart
NedPdcStart2
NedPdfEnd
NedPdfPrintPage
NedPdfSetDllName
NedPdfStart
NedPdfStart2
NedPdfStart3
NedPdfStart4
NedPickBknd
NedPictAltInfo
NedPictLinkName
NedPictureFromEmf
NedPictureFromFile
NedPictureFromGif
NedPictureFromJpg
NedPictureFromOther
NedPictureFromPng

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 684KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NJEDITXP.dll
.dll windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b7:01:a8:97:5e:85:f3:6d:bf:8e:4d:e8:33:31:28:03:17:21:c0:bb:e7:b3:f0:60:02:3f:de:dd:84:46:81:98
Signer

Actual PE Digest

b7:01:a8:97:5e:85:f3:6d:bf:8e:4d:e8:33:31:28:03:17:21:c0:bb:e7:b3:f0:60:02:3f:de:dd:84:46:81:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Bits_Count
Bits_Get
Bits_Init
Bits_Set
BookmarkParam
CellBorderColorParam
CellBorderParam
CellColorParam
CellRotationParam
CellShadingParam
CellVertAlignParam
CellWidthFlagParam
CellWidthParam
CharScaleXParam
CharSpaceParam
CheckBoxFieldParam
ClearAllTabs
ClearTab
CloseNed
CreateNedWindow
CtlDlgFn
CtlFlags
CtlInfo
CtlStyle
CustomControlInfo
CustomControlSizeToText
CustomControlStyle
DataFieldParam
DateParam
DeleteCellsParam
DeselectNedText
DeselectNedTextEx
DrawObjectParam
EditInputFieldParam
EditPictureParam
EditStyleParam
FontParam
FootnoteParam
FormFieldSubclass
GetFontInfo
GetFontInfo2
GetNedBuffer
GetNedCursorPos
GetNedFields
GetNedFieldsAlt
GetNedLine
GetNedPagePos
HandleToIntArray
HandleToStr
HandleToStrInChunks
HandleToStrU
HookGetMsgProc
HyperlinkParam
InputFieldParam
InsertNedText
InsertNedTextA
InsertObjectParam
InsertRtfBuf
InsertRtfBufU
JumpParam
ListLevelParam
ListOrPropParam
ListOrSelectParam
ListParaParam
ListPropParam
ListSelectParam
LoadNedControl
MergeEnumMetafile
NedAbsToRowCol
NedAcceptChanges
NedAddAnimPict
NedAddAutoCompWord
NedAddImageMapRect
NedAddToolbarIcon
NedAddToolbarItem
NedAdjustHtmlTable
NedAdjustUserColor
NedAnd
NedAppendText
NedAppendTextEx
NedAppendTextEx2
NedAppendTextU
NedAppendTextU2
NedApplyComment
NedApplyHyperlink
NedApplyHyperlinkU
NedBmp2Png
NedBulletToText
NedCanSort
NedCancelEditStyle
NedCellBorder
NedCellBorder2
NedCellBorderColor
NedCellColor
NedCellRotateText
NedCellShading
NedCellVertAlign
NedCellWidth
NedChangeField
NedChangeFieldRtf
NedChangeFieldRtfU
NedChangeFieldU
NedChangeToolbarIcon
NedClearAutoCompList
NedClosePrinter
NedColBreak
NedCommand
NedCommand2
NedConnectTextBoxes
NedConvertChinese
NedCopyHeadersFooters
NedCreateBulletId
NedCreateBulletId2
NedCreateBulletId3
NedCreateCellId
NedCreateFirstHdrFtr
NedCreateFont
NedCreateFont2
NedCreateFont3
NedCreateFont4
NedCreateHtmlRule
NedCreateHtmlRule2
NedCreateImageMap
NedCreateLeftRightHdrFtr
NedCreateListBulletId
NedCreateListBulletId2
NedCreateOcxObject
NedCreateOcxObject2
NedCreateParaFrameId
NedCreateParaId
NedCreateParaIdEx
NedCreateShape
NedCreateTabId
NedCreateTable
NedCreateTable2
NedCreateWindowAlt
NedDataVersion
NedDeleteBlock
NedDeleteBlock2
NedDeleteBookmark
NedDeleteCellText
NedDeleteCells
NedDeleteField
NedDeleteFirstHdrFtr
NedDeleteHdrFtr
NedDeleteHypertext
NedDeleteIDispatch
NedDeleteMenuItem
NedDeleteObject
NedDeleteReviewer
NedDeleteStyle
NedDeleteStyleU
NedDeleteTag
NedDifTableRows
NedDisableDragDrop
NedDocName
NedDrawImage
NedDrawImage2
NedEditComment
NedEditList
NedEditListLevel
NedEditListOr
NedEditStyle
NedEditStyleU
NedEditTooltip
NedEnableDashes
NedEnableDragDrop
NedEnableHScrollBar
NedEnableMbcs
NedEnableRefresh
NedEnableScrollBar
NedEnableSpeedKey
NedEnableTracking
NedEngageCaret
NedEnumFontFamiliesEx
NedEnumFonts
NedEquateHtmlTable
NedExchangeAttrib
NedExit
NedExpandWidthToFit
NedFieldToText
NedFileToMem
NedFileToMem2
NedFindHlinkField
NedFindNextChange
NedFlushUndo
NedFontMap_CreateFontIndirect
NedGetAppMemory
NedGetBaseLineY
NedGetBkPictId
NedGetBookmark
NedGetBufferDC
NedGetBulletInfo
NedGetBulletInfo2
NedGetBulletInfo3
NedGetCaretPos
NedGetCellBorderColor
NedGetCellBorderWidth
NedGetCellInfo
NedGetCellInfo2
NedGetCellParam
NedGetCellParam2
NedGetCharDim
NedGetCheckboxInfo
NedGetColors
NedGetComboboxInfo
NedGetComment
NedGetControlId
NedGetControlPos
NedGetCurFont
NedGetCurParaNum
NedGetCurSelection
NedGetDeviceRes
NedGetDevmode
NedGetDispPageNo
NedGetDrawObjectInfo
NedGetDropDataObject
NedGetEffectiveFont
NedGetField
NedGetFieldFont
NedGetFieldFontU
NedGetFieldU
NedGetFlowFont
NedGetFontAux1Id
NedGetFontFieldCode
NedGetFontFieldCodeU
NedGetFontFieldId
NedGetFontLang
NedGetFontNameAndSize
NedGetFontParam
NedGetFontSpace
NedGetFontStyleId
NedGetFrameParam
NedGetFrameSize
NedGetHdrFtrPos
NedGetHtmlDocTitle
NedGetHypertext
NedGetHypertext2
NedGetHypertextEx
NedGetHypertextU
NedGetHypertextU2
NedGetIDispatch
NedGetImageMapInfo
NedGetImageMapRectInfo
NedGetInputFieldId
NedGetInputFieldInfo
NedGetLastMessage
NedGetLastMessage2
NedGetLevelCell
NedGetLine
NedGetLineCol
NedGetLineEx
NedGetLineInfo
NedGetLineParam
NedGetLineParamStr
NedGetLineU
NedGetLineWidth
NedGetLineWidth2
NedGetListId
NedGetListInfo
NedGetListInfo2
NedGetListLevelInfo
NedGetListLevelInfoU
NedGetListLine
NedGetListOrInfo
NedGetMarginEx
NedGetMousePos
NedGetMouseText
NedGetMsgCallback
NedGetNextControlPos
NedGetOleClass
NedGetOlePtr
NedGetOrigPictSize
NedGetOverrideBin
NedGetPageBorderDim
NedGetPageCount
NedGetPageFirstLine
NedGetPageNumFmt
NedGetPageOffset
NedGetPageOrient
NedGetPageOrient2
NedGetPageOrientEx
NedGetPageParam
NedGetPagePos
NedGetPageSect
NedGetPageSize
NedGetParaAux1Id
NedGetParaCount
NedGetParaInfo
NedGetParaInfo2
NedGetParaInfo3
NedGetParaInfo4
NedGetParaParam
NedGetParam
NedGetParentPtr
NedGetPdfPageCount
NedGetPictCropping
NedGetPictFrame
NedGetPictInfo
NedGetPictMapId
NedGetPictOffset
NedGetPrevControlPos
NedGetPrinter
NedGetReadOnly
NedGetRefParam
NedGetRefParamStr
NedGetReviewerInfo
NedGetRowCellCount
NedGetRowInfo
NedGetRowParam
NedGetRtfDocInfo
NedGetRtfDocInfoU
NedGetRtfSel
NedGetSectAuxId
NedGetSectBins
NedGetSectColWidth
NedGetSectInfo
NedGetSectParam
NedGetSelection
NedGetSeqSect
NedGetStyleId
NedGetStyleIdU
NedGetStyleInfo
NedGetStyleInfoU
NedGetStyleParam
NedGetStylesInfo
NedGetTabStop
NedGetTabStop2
NedGetTableId
NedGetTableLevel
NedGetTablePos
NedGetTablePos2
NedGetTag
NedGetTagEx
NedGetTagName
NedGetTagPos
NedGetTagPos2
NedGetTextColor
NedGetTextFieldInfo
NedGetTextHeight
NedGetTextSel
NedGetTextSelNR
NedGetTextSelU
NedGetTextSelUNR
NedGetTrackChangesSetting
NedGetUniqueHanzi
NedGetVbxCallback
NedGetVersion
NedGetVisibleCol
NedGetWordCount
NedGetZoom
NedHasFormatInfo
NedHdrFtrExists
NedHideToolbarIcon
NedHideWindow
NedHigh16Bits
NedHtmlCellWidthFlag
NedHtmlCharSet
NedHtmlGetBasePictFile
NedHtmlNegativeIndent
NedHtmlSetBasePictFile
NedIgnoreCommand
NedImageMapNameToId
NedInServer
NedInit
NedInputFieldToTextBox
NedInsertArrowLineObject
NedInsertBookmark
NedInsertCheckBoxField
NedInsertComboBoxField
NedInsertControl
NedInsertDateTime
NedInsertDrawObject
NedInsertDrawObject2
NedInsertDrawObject3
NedInsertDynamicField
NedInsertEnhMetafile
NedInsertField
NedInsertFieldU
NedInsertFootnote
NedInsertFootnote2
NedInsertHyperlink
NedInsertHyperlinkU
NedInsertHyperlinkU2
NedInsertLine
NedInsertLineObject
NedInsertLineU
NedInsertObjectId
NedInsertOleFile
NedInsertOleObject
NedInsertPageRef
NedInsertParaFrame
NedInsertPictureFile
NedInsertPictureFileXY
NedInsertPictureFileXY2
NedInsertPictureFromMemory
NedInsertRtfFile
NedInsertTableCol
NedInsertTableRow
NedInsertText
NedInsertTextA
NedInsertTextInputField
NedInsertTextU
NedInsertToc
NedInsertToc2
NedInsertUserField
NedInternetClose
NedInternetGet
NedInternetOpen
NedInternetPut
NedInvertTextRect
NedInvokeOcx
NedInvokeOcx2
NedIsAvailableFont
NedIsBlankPage
NedIsDeletedLine
NedIsInIE
NedIsMixPara
NedIsModified
NedIsPrinting
NedIsSspAvail
NedIsTableSelected
NedIsTableWider
NedLineInfoFlags
NedLineSelected
NedLineSpaceAfter
NedLoadExtFont
NedLocateAuxIdChar
NedLocateChangedChar
NedLocateChangedChar2
NedLocateChangedChar3
NedLocateField
NedLocateFieldChar
NedLocateFieldChar2
NedLocateFontFlags
NedLocateFontId
NedLocateInputField
NedLocateStyle
NedLocateStyleChar
NedLow16Bits
NedLparam2String
NedMarkCells
NedMenuEnable
NedMenuEnable2
NedMenuSelect
NedMenuSelect2
NedMergeFields
NedMergePrint
NedMergePrintMeta
NedMergePrintMeta2
NedMergePrintRE
NedMergePrintRep
NedMergePrintRep2
NedMergePrintRep3
NedMergePrintVB
NedMoveParaFrame
NedMoveParaFrame2
NedMovePictFrame
NedMovePictFrame2
NedNeedMouseMessage
NedNewDivId
NedNewDivId2
NedNormalizeBlock
NedOcxPropInfo
NedOcxPropInfo2
NedOr
NedOverridePageCount
NedOverridePageSize
NedOverrideStyles
NedPageBitmapHin
NedPageBitmapHin2
NedPageBreak
NedPageFromLine
NedPageMetafileHin
NedPaintFormat
NedPastePicture
NedPdcEnd
NedPdcEnd2
NedPdcPrintPage
NedPdcPrintPage2
NedPdcPrintPage3
NedPdcPrintPage4
NedPdcStart
NedPdcStart2
NedPdfEnd
NedPdfPrintPage
NedPdfSetDllName
NedPdfStart
NedPdfStart2
NedPdfStart3
NedPdfStart4
NedPickBknd
NedPictAltInfo
NedPictLinkName
NedPictureFromEmf
NedPictureFromFile
NedPictureFromGif
NedPictureFromJpg
NedPictureFromOther
NedPictureFromPng

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 684KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NJEDTFRA.DLL.xxx
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:30:7c:f0:93:7c:24:e3:bf:12:9d:5d:25:a1:d9:7d:e3:2f:a0:88
Signer

Actual PE Digest

15:30:7c:f0:93:7c:24:e3:bf:12:9d:5d:25:a1:d9:7d:e3:2f:a0:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJEDITXP\NJRES.FRA\Release\NJEDTFRA.pdb

Sections

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJEDTFRA.dll
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:30:7c:f0:93:7c:24:e3:bf:12:9d:5d:25:a1:d9:7d:e3:2f:a0:88
Signer

Actual PE Digest

15:30:7c:f0:93:7c:24:e3:bf:12:9d:5d:25:a1:d9:7d:e3:2f:a0:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJEDITXP\NJRES.FRA\Release\NJEDTFRA.pdb

Sections

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJEDTJPN.DLL.xxx
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:6c:18:87:99:d2:c3:79:22:96:35:e0:92:05:82:a2:bd:d1:a8:2d
Signer

Actual PE Digest

08:6c:18:87:99:d2:c3:79:22:96:35:e0:92:05:82:a2:bd:d1:a8:2d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJEDITXP\NJRES.JPN\Release\NJEDTJPN.pdb

Sections

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJEDTJPN.dll
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:6c:18:87:99:d2:c3:79:22:96:35:e0:92:05:82:a2:bd:d1:a8:2d
Signer

Actual PE Digest

08:6c:18:87:99:d2:c3:79:22:96:35:e0:92:05:82:a2:bd:d1:a8:2d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJEDITXP\NJRES.JPN\Release\NJEDTJPN.pdb

Sections

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJGB2UC.CNV.xxx
NJGB2UC.cnv
NJGBK2UC.CNV.xxx
NJGBK2UC.cnv
NJJINPUT.DLL.xxx
.dll windows:5 windows x86 arch:x86

8c727d80d5a207c38762a7ec36f6aa5b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fe:41:fd:59:bb:42:a9:16:7b:71:f7:0c:1d:e3:1b:4e:7c:e3:0f:02:cd:4c:9a:65:f1:2d:b5:8b:7f:78:cb:9e
Signer

Actual PE Digest

fe:41:fd:59:bb:42:a9:16:7b:71:f7:0c:1d:e3:1b:4e:7c:e3:0f:02:cd:4c:9a:65:f1:2d:b5:8b:7f:78:cb:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ReadFile
CloseHandle
lstrcpyW
lstrlenW
GetFileSize
CopyFileW
GetPrivateProfileIntW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime

user32

SendMessageW
CharToOemBuffA
MessageBeep
GetKeyState
wsprintfW
GetFocus

njdbcs

DBCS2UnicodeChar
Conv_UC_TC2SC
Conv_UC_SC2TC
UCS2_SurrogatePair_To_UCS4
UCS4_To_UCS2_SurrogatePair

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
strchr
_wcsdup
_wcsicmp
feof
fprintf
free
malloc
memmove
wcsncmp
wcsncpy
swscanf
srand
_time64
_libm_sse2_sqrt_precise
memset
toupper
wcsstr
_calloc_crt
wcsrchr
_wfopen
fclose
fgets
fread
fseek
fwrite
isupper
tolower
_wcslwr
_strdup
strncmp
ftell
strncpy
wcschr
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock

Exports

Exports

IME_AddGlossary
IME_AddLianxiang
IME_AddPinyin
IME_DelGlossary
IME_DelayLoadAllDic
IME_DisplayCode
IME_FullSize2Ascii
IME_GetCharFrequency
IME_GetCharRanking
IME_GetCurrentKeyboardMap
IME_GetGlossary
IME_GetOption
IME_GetOptions
IME_GetStatus
IME_GetUcFrequency
IME_GetWordFrequency
IME_Glossary
IME_Hanzi2Code
IME_Hanzi2Pinyin
IME_IncreaseWordFrequency
IME_Init
IME_IsLimitedChineseType
IME_KeyInput
IME_Lianxiang
IME_Pinyin2Zhuyin
IME_ReadGlossary
IME_ReloadAllDic
IME_SaveAllDic
IME_SaveGlossary
IME_SearchGlossary
IME_SetInputMethod
IME_SetOptions
IME_SetUniImeOptions
IME_SetWordFrequency
IME_SortGlossary
IME_Terminate
IME_ToggleOption
IME_UCHanzi

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJJRESFRA.DLL.xxx
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:3d:27:a5:05:9f:24:e1:05:70:83:c6:53:9d:bf:77:ce:d1:be:41
Signer

Actual PE Digest

45:3d:27:a5:05:9f:24:e1:05:70:83:c6:53:9d:bf:77:ce:d1:be:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\NJJRES.FRA\Release\NJJRESFRA.pdb

Sections

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJJRESFRA.dll
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:3d:27:a5:05:9f:24:e1:05:70:83:c6:53:9d:bf:77:ce:d1:be:41
Signer

Actual PE Digest

45:3d:27:a5:05:9f:24:e1:05:70:83:c6:53:9d:bf:77:ce:d1:be:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\NJJRES.FRA\Release\NJJRESFRA.pdb

Sections

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJJRESJPN.DLL.xxx
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:5f:66:27:8c:da:e4:66:dd:09:b1:67:51:39:a7:fa:f9:d2:66:41
Signer

Actual PE Digest

e0:5f:66:27:8c:da:e4:66:dd:09:b1:67:51:39:a7:fa:f9:d2:66:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\NJJRES.JPN\Release\NJJRESJPN.pdb

Sections

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJJRESJPN.dll
.dll windows:5 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:5f:66:27:8c:da:e4:66:dd:09:b1:67:51:39:a7:fa:f9:d2:66:41
Signer

Actual PE Digest

e0:5f:66:27:8c:da:e4:66:dd:09:b1:67:51:39:a7:fa:f9:d2:66:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\NJStarWP\NJJRES.JPN\Release\NJJRESJPN.pdb

Sections

.rdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJJS2UC.CNV.xxx
NJJS2UC.cnv
NJKSX2UC.CNV.xxx
NJKSX2UC.cnv
NJSPELL.dll
.dll windows:5 windows x86 arch:x86

27a95c3a0d3a0b9cb8258080647b12c3

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:f5:b3:f0:ca:76:81:0c:c9:08:84:3f:e1:58:cb:c6:86:7d:ef:69
Signer

Actual PE Digest

fe:f5:b3:f0:ca:76:81:0c:c9:08:84:3f:e1:58:cb:c6:86:7d:ef:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentThreadId
ExpandEnvironmentStringsA
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetProfileStringW
GetModuleFileNameW
lstrlenW
lstrcmpiW
MultiByteToWideChar
lstrcmpW
GetCurrentProcessId
GetTempFileNameW
GetTempPathW
OpenMutexW
CreateMutexW
CloseHandle
WaitForSingleObject
QueryPerformanceCounter
GetSystemTimeAsFileTime

user32

LoadCursorW
LoadStringW
DialogBoxParamW
GetWindowTextLengthW
EndDialog
GetDlgItem
EnableWindow
SetWindowTextW
GetWindowTextW
GetSysColor
ShowWindow
MoveWindow
SetDlgItemTextW
GetDlgItemTextW
SetFocus
SetTimer
KillTimer
GetClassNameW
GetDesktopWindow
PtInRect
OffsetRect
ClientToScreen
GetWindowRect
EnumChildWindows
SetCursor
ShowCursor
MessageBoxW
SendMessageW
wsprintfW
GetSystemMetrics

gdi32

SetBkColor
DeleteObject
CreateSolidBrush
GetObjectW
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
ungetc
fgetwc
_waccess
_wtol
wcsrchr
tolower
_wremove
_wrename
free
malloc
wcschr
memmove
memcpy
bsearch
fclose
fprintf
fwprintf
vfwprintf
_wfopen
_ctime64
_localtime64
_time64
memset
_wstat64i32
fread
fseek
ftell
fwrite
towlower

Exports

Exports

EditLexDlgProc
NJSE_AddToLex
NJSE_CheckBlock
NJSE_CheckBlockDlg
NJSE_CheckBlockDlgTmplt
NJSE_CheckCtrlDlg
NJSE_CheckCtrlDlgTmplt
NJSE_CheckWord
NJSE_ClearLex
NJSE_CloseBlock
NJSE_CloseLex
NJSE_CloseSession
NJSE_CompressLexAbort
NJSE_CompressLexEnd
NJSE_CompressLexFile
NJSE_CompressLexInit
NJSE_CreateLex
NJSE_DelBlockText
NJSE_DelBlockWord
NJSE_DelFromLex
NJSE_EditLexDlg
NJSE_EditLexDlgTmplt
NJSE_FindLexWord
NJSE_GetAutoCorrect
NJSE_GetBlock
NJSE_GetBlockInfo
NJSE_GetBlockWord
NJSE_GetHelpFile
NJSE_GetLex
NJSE_GetLexId
NJSE_GetLexInfo
NJSE_GetMainLexFiles
NJSE_GetMainLexPath
NJSE_GetMinSuggestDepth
NJSE_GetOption
NJSE_GetRegTreeName
NJSE_GetSelUserLexFile
NJSE_GetSid
NJSE_GetStatistics
NJSE_GetStringTableName
NJSE_GetUserLexFiles
NJSE_GetUserLexPath
NJSE_InsertBlockText
NJSE_NextBlockWord
NJSE_OpenBlock
NJSE_OpenLex
NJSE_OpenSession
NJSE_OptionsDlg
NJSE_OptionsDlgTmplt
NJSE_ReplaceBlockWord
NJSE_ResetLex
NJSE_SetAutoCorrect
NJSE_SetBlockCursor
NJSE_SetDebugFile
NJSE_SetDialogOrigin
NJSE_SetHelpFile
NJSE_SetIniFile
NJSE_SetMainLexFiles
NJSE_SetMainLexPath
NJSE_SetMinSuggestDepth
NJSE_SetOption
NJSE_SetRegTreeName
NJSE_SetSelUserLexFile
NJSE_SetStringTableName
NJSE_SetUILanguageId
NJSE_SetUserLexFiles
NJSE_SetUserLexPath
NJSE_Suggest
NJSE_Version
NewLexDlgProc
OptionsDlgProc
SndMsgEnumCb
SpellCheckDlgProc

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJSPELL.dll.xxx
.dll windows:5 windows x86 arch:x86

27a95c3a0d3a0b9cb8258080647b12c3

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:f5:b3:f0:ca:76:81:0c:c9:08:84:3f:e1:58:cb:c6:86:7d:ef:69
Signer

Actual PE Digest

fe:f5:b3:f0:ca:76:81:0c:c9:08:84:3f:e1:58:cb:c6:86:7d:ef:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCurrentThreadId
ExpandEnvironmentStringsA
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetProfileStringW
GetModuleFileNameW
lstrlenW
lstrcmpiW
MultiByteToWideChar
lstrcmpW
GetCurrentProcessId
GetTempFileNameW
GetTempPathW
OpenMutexW
CreateMutexW
CloseHandle
WaitForSingleObject
QueryPerformanceCounter
GetSystemTimeAsFileTime

user32

LoadCursorW
LoadStringW
DialogBoxParamW
GetWindowTextLengthW
EndDialog
GetDlgItem
EnableWindow
SetWindowTextW
GetWindowTextW
GetSysColor
ShowWindow
MoveWindow
SetDlgItemTextW
GetDlgItemTextW
SetFocus
SetTimer
KillTimer
GetClassNameW
GetDesktopWindow
PtInRect
OffsetRect
ClientToScreen
GetWindowRect
EnumChildWindows
SetCursor
ShowCursor
MessageBoxW
SendMessageW
wsprintfW
GetSystemMetrics

gdi32

SetBkColor
DeleteObject
CreateSolidBrush
GetObjectW
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
ungetc
fgetwc
_waccess
_wtol
wcsrchr
tolower
_wremove
_wrename
free
malloc
wcschr
memmove
memcpy
bsearch
fclose
fprintf
fwprintf
vfwprintf
_wfopen
_ctime64
_localtime64
_time64
memset
_wstat64i32
fread
fseek
ftell
fwrite
towlower

Exports

Exports

EditLexDlgProc
NJSE_AddToLex
NJSE_CheckBlock
NJSE_CheckBlockDlg
NJSE_CheckBlockDlgTmplt
NJSE_CheckCtrlDlg
NJSE_CheckCtrlDlgTmplt
NJSE_CheckWord
NJSE_ClearLex
NJSE_CloseBlock
NJSE_CloseLex
NJSE_CloseSession
NJSE_CompressLexAbort
NJSE_CompressLexEnd
NJSE_CompressLexFile
NJSE_CompressLexInit
NJSE_CreateLex
NJSE_DelBlockText
NJSE_DelBlockWord
NJSE_DelFromLex
NJSE_EditLexDlg
NJSE_EditLexDlgTmplt
NJSE_FindLexWord
NJSE_GetAutoCorrect
NJSE_GetBlock
NJSE_GetBlockInfo
NJSE_GetBlockWord
NJSE_GetHelpFile
NJSE_GetLex
NJSE_GetLexId
NJSE_GetLexInfo
NJSE_GetMainLexFiles
NJSE_GetMainLexPath
NJSE_GetMinSuggestDepth
NJSE_GetOption
NJSE_GetRegTreeName
NJSE_GetSelUserLexFile
NJSE_GetSid
NJSE_GetStatistics
NJSE_GetStringTableName
NJSE_GetUserLexFiles
NJSE_GetUserLexPath
NJSE_InsertBlockText
NJSE_NextBlockWord
NJSE_OpenBlock
NJSE_OpenLex
NJSE_OpenSession
NJSE_OptionsDlg
NJSE_OptionsDlgTmplt
NJSE_ReplaceBlockWord
NJSE_ResetLex
NJSE_SetAutoCorrect
NJSE_SetBlockCursor
NJSE_SetDebugFile
NJSE_SetDialogOrigin
NJSE_SetHelpFile
NJSE_SetIniFile
NJSE_SetMainLexFiles
NJSE_SetMainLexPath
NJSE_SetMinSuggestDepth
NJSE_SetOption
NJSE_SetRegTreeName
NJSE_SetSelUserLexFile
NJSE_SetStringTableName
NJSE_SetUILanguageId
NJSE_SetUserLexFiles
NJSE_SetUserLexPath
NJSE_Suggest
NJSE_Version
NewLexDlgProc
OptionsDlgProc
SndMsgEnumCb
SpellCheckDlgProc

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJSTAR.NJS
NJSTARJ.EXE.xxx
.exe windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:60:c3:92:ad:17:72:f8:01:c3:72:a2:07:5e:7b:2f:aa:50:66:ac:3f:cc:9d:19:27:cc:0a:27:4e:07:ad:4a
Signer

Actual PE Digest

3c:60:c3:92:ad:17:72:f8:01:c3:72:a2:07:5e:7b:2f:aa:50:66:ac:3f:cc:9d:19:27:cc:0a:27:4e:07:ad:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 470KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NJSTARJ.chm
.chm
NJStarJ.exe
.exe windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3c:60:c3:92:ad:17:72:f8:01:c3:72:a2:07:5e:7b:2f:aa:50:66:ac:3f:cc:9d:19:27:cc:0a:27:4e:07:ad:4a
Signer

Actual PE Digest

3c:60:c3:92:ad:17:72:f8:01:c3:72:a2:07:5e:7b:2f:aa:50:66:ac:3f:cc:9d:19:27:cc:0a:27:4e:07:ad:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 470KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NJStarj.icns
NJStrokeJ.ncf.xxx
NJStrokeS.ncf.xxx
NJUC2B5.CNV.xxx
NJUC2B5.cnv
NJUC2B5H.CNV.xxx
NJUC2B5H.cnv
NJUC2GB.CNV.xxx
NJUC2GB.cnv
NJUC2GBK.CNV.xxx
NJUC2GBK.cnv
NJUC2JS.CNV.xxx
NJUC2JS.cnv
NJUC2KSX.CNV.xxx
NJUC2KSX.cnv
NJUCFREQ.ujd
NJZIP.dll
.dll windows:5 windows x86 arch:x86

ff86180ebffaee7333dd06d57ff4f116

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:67:42:d7:fa:9e:74:bd:25:e0:0f:e8:e5:e3:07:97:0d:ec:6b:b4
Signer

Actual PE Digest

69:67:42:d7:fa:9e:74:bd:25:e0:0f:e8:e5:e3:07:97:0d:ec:6b:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
WriteFile
ReadFile
SetFilePointer
CloseHandle
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetFileTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrcpyW
CreateDirectoryW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
FindFirstFileW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetConsoleCP
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetModuleFileNameW
SetLastError
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateSemaphoreW
SetStdHandle
FlushFileBuffers
WriteConsoleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
HeapReAlloc
GetStringTypeW
SetEndOfFile
HeapSize
LCMapStringW
SetFileAttributesW
GetFileSize
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateThread
ExitThread
RaiseException

Exports

Exports

NJZIP01
NJZIP02
NJZIP03
NJZIP04
NJZIP05
NJZIP06
NJZIP07
NJZIP08
NJZIP09
NJZIP11
NJZIP12
NJZIP13
NJZIP14
NJZIP15
NJZIP16
NJZIP17
NJZIP18
NJZIP21
NJZIP22
NJZIP23
NJZIP24
NJZIP25
NJZIP26
NJZIP31
NJZIP32
NJZIP33
NJZIP34
NJZIP35
NJZIP36
NJZIP41
NJZIP42
NJZIP43
NJZIP44
NJZIP45
NJZIP46
NJZIP47
NJZIP48
NJZIP71
NJZIP72
NJZIP73
NJZIP74
NJZIP75
NJZIP76
NJZIP77

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NJZIP.dll.xxx
.dll windows:5 windows x86 arch:x86

ff86180ebffaee7333dd06d57ff4f116

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:67:42:d7:fa:9e:74:bd:25:e0:0f:e8:e5:e3:07:97:0d:ec:6b:b4
Signer

Actual PE Digest

69:67:42:d7:fa:9e:74:bd:25:e0:0f:e8:e5:e3:07:97:0d:ec:6b:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
WriteFile
ReadFile
SetFilePointer
CloseHandle
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetFileTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
lstrcpyW
CreateDirectoryW
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
FindFirstFileW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetConsoleCP
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetModuleFileNameW
SetLastError
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateSemaphoreW
SetStdHandle
FlushFileBuffers
WriteConsoleW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
HeapReAlloc
GetStringTypeW
SetEndOfFile
HeapSize
LCMapStringW
SetFileAttributesW
GetFileSize
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateThread
ExitThread
RaiseException

Exports

Exports

NJZIP01
NJZIP02
NJZIP03
NJZIP04
NJZIP05
NJZIP06
NJZIP07
NJZIP08
NJZIP09
NJZIP11
NJZIP12
NJZIP13
NJZIP14
NJZIP15
NJZIP16
NJZIP17
NJZIP18
NJZIP21
NJZIP22
NJZIP23
NJZIP24
NJZIP25
NJZIP26
NJZIP31
NJZIP32
NJZIP33
NJZIP34
NJZIP35
NJZIP36
NJZIP41
NJZIP42
NJZIP43
NJZIP44
NJZIP45
NJZIP46
NJZIP47
NJZIP48
NJZIP71
NJZIP72
NJZIP73
NJZIP74
NJZIP75
NJZIP76
NJZIP77

Sections

.text
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Njdbcs.dll
.dll windows:5 windows x86 arch:x86

ad1cbba034e5cc1284868b993b28042f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:18:3e:f0:93:3b:52:41:01:70:bf:44:a4:5e:00:10:d5:0b:66:80
Signer

Actual PE Digest

28:18:3e:f0:93:3b:52:41:01:70:bf:44:a4:5e:00:10:d5:0b:66:80

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
CloseHandle
MapViewOfFile
UnmapViewOfFile
lstrcpyW
CreateFileMappingW
OpenFileMappingW
GetModuleFileNameW
GetModuleHandleW
CreateFileW
SearchPathW
IsBadWritePtr
GetACP
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime

user32

MessageBeep
MessageBoxW
OemToCharBuffW
CharToOemBuffW
GetActiveWindow
wsprintfW
MessageBoxA
wsprintfA

msvcr120

__CppXcptFilter
free
malloc
wcsrchr
memmove
strchr
strstr
wcschr
_except_handler4_common
fread
fseek
_wfopen
atoi
_strnicmp
toupper
_stricmp
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
fclose
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal

Exports

Exports

CJKcode
CNS_EUC_To_UCS2
CNS_ISO_To_UCS2
CNS_To_UCS4_Char
CNS_To_UCS4_String
Conv_7Bit_To_CurrentCode
Conv_8Bit_To_CurrentCode
Conv_8Bit_To_CurrentCode2
Conv_Big5_To_GBK_Char
Conv_Big5_To_GBK_Str
Conv_Big5_To_GB_Char
Conv_Big5_To_GB_Str
Conv_Chinese_Auto_Detect
Conv_CurrentCode_To_7Bit
Conv_CurrentCode_To_7Bit_Wraped
Conv_CurrentCode_To_ExCode
Conv_DBCS_To_DBCS
Conv_EUC_To_ShiftJIS_Char
Conv_EUC_To_ShiftJIS_Str
Conv_GBK_To_Big5_Char
Conv_GBK_To_Big5_Str
Conv_GBK_To_GB_Char
Conv_GBK_To_GB_Str
Conv_GB_To_Big5_Char
Conv_GB_To_Big5_Str
Conv_GB_To_GBK_Char
Conv_GB_To_GBK_Str
Conv_HZ_To_GB_Str
Conv_HZ_To_Internal_Str
Conv_ISO2022_To_EUC_Str
Conv_ISO2022_To_EUC_StrEx
Conv_JIS7Bit_To_EUC_Str
Conv_JIS7Bit_To_Internal_Str
Conv_Japanese_Auto_Detect
Conv_MIME_To_EUC_Str
Conv_SetPrevNextChar
Conv_ShiftJIS_FullKana2HalfKana
Conv_ShiftJIS_HalfKana2FullKana
Conv_ShiftJIS_To_EUC_Char
Conv_ShiftJIS_To_EUC_Str
Conv_ShiftJIS_To_EUC_Str2
Conv_UC_SC2TC
Conv_UC_SC2TC_Str
Conv_UC_TC2SC
Conv_UC_TC2SC_Str
DBCS2Unicode
DBCS2UnicodeChar
DBCS2Unicode_Ex
DBCSDefChar
DBCSDefCharEx
DBCSNext
DBCSNextChar
DBCSNextCharEx
DBCSNextEx
DBCSPrev
DBCSPrevChar
DBCSPrevCharEx
DBCSPrevEx
DbcsIsCurrentCode
DbcsIsCurrentCode2
DecodeUnicodeHex
EACC_MARC21_To_MARC8
EACC_MARC8_To_MARC21
EACC_To_UCS4_Char
EACC_To_UCS4_String
EncodeUnicodeHex
FormatDBCSDate
FormatDBCSNumber
FormatDBCSTime
GetDBCSByte
GetDBCSByteEx
GetDBCSWord
GetDBCSWordEx
GetDBCoding
HKSCS_PUA2UC
HKSCS_PUA2UC_Ex
HKSCS_PUA2UC_Str
HKSCS_PUA2UC_Str_Ex
HKSCS_UC2PUA
HKSCS_UC2PUA_Ex
HKSCS_UC2PUA_Str
HKSCS_UC2PUA_Str_Ex
HTML_decode
Hash2FullQuWei
Hash2FullQuWeiEx
HashFullDBCS
HashFullDBCSEx
IndexBig5
IndexBig5HK
IndexBig5x
IndexDBCS
IndexDBCSEx
IndexDBCSFont
IndexDBCSFontEx
IndexEucJIS
IndexGB
IndexGB18030
IndexGBK
IndexKS
IndexShiftJIS
IsCNSCodeA
IsCNSCodeExA
IsCNSCodeW
IsDBCS1stByte
IsDBCS1stByteEx
IsDBCS1stByteExIgnoreNbsp
IsDBCS1stByteIgnoreNbsp
IsDBCS2ndByte
IsDBCS2ndByteEx
IsDBCSValid
IsDBCSValidEx
IsDBCSValidExIgnoreNbsp
IsDBCSValidIgnoreNbsp
IsDBCString
IsDBCStringEx
IsDBCStringW
IsDBCStringWEx
IsDBCursorChar
IsDBCursorCharEx
IsEaccA
IsEaccW
IsFollowingChar
IsFollowingCharEx
IsFollowingCharW
IsHanziValid
IsHanziValidEx
IsLeadingChar
IsLeadingCharEx
IsLeadingCharW
IsNumberChar
IsNumberCharEx
IsNumberCharW
IsOverflowChar
IsOverflowCharEx
IsOverflowCharW
IsStrictDBStringEx
IsUTF8
IsUTF8Ex
IsoEACC_To_Unicode
OemExtAsciiToUnicode
Pinyin_Number2Tone
Pinyin_Number2ToneEx
Pinyin_Tone2Number
Pinyin_Tone2NumberEx
PunyCode_To_UCS2
SetDBCoding
UCS2_IsSurrogateText
UCS2_SurrogatePair_To_UCS4
UCS2_To_CNS_EUC
UCS2_To_CNS_ISO
UCS2_To_DBCS
UCS2_To_PunyCode
UCS2_To_UCS4
UCS2_To_UHTML
UCS2_To_UTF5
UCS2_To_UTF7
UCS2_To_UTF8
UCS4_To_CNS_Char
UCS4_To_CNS_EUC
UCS4_To_CNS_String
UCS4_To_EACC_Char
UCS4_To_EACC_String
UCS4_To_UCS2
UCS4_To_UCS2_SurrogatePair
UCS4_To_UTF7
UCS4_To_UTF8
UCS4_To_UTF8_Char
UHTML_To_UCS2A
UHTML_To_UCS2A_Ex
UHTML_To_UCS2W
UHTML_To_UCS2W_Ex
UTF5_To_UCS2
UTF7_To_UCS2
UTF7_To_UCS4
UTF8_To_UCS2
UTF8_To_UCS4
UTF8_To_UCS4_Char
UniCJKcode
UniCJKcodeEx
Unicode2DBCS
Unicode2DBCS_Ex
Unicode2DBCS_wc2mb
Unicode2DBCS_wc2mb_Ex
UnicodeChar2DBCStr
UnicodeHEX_To_UCS2
UnicodeToOemExtAscii
Unicode_To_IsoEACC
hash2QuWei
hash2QuWeiEx
hashDBCS
hashDBCSEx

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NjinputH.ujd
NjinputI.ujd
NjinputN.ujd
NjinputO.ujd
NjinputP.ujd
NjinputQ.ujd
Njjinput.dll
.dll windows:5 windows x86 arch:x86

8c727d80d5a207c38762a7ec36f6aa5b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fe:41:fd:59:bb:42:a9:16:7b:71:f7:0c:1d:e3:1b:4e:7c:e3:0f:02:cd:4c:9a:65:f1:2d:b5:8b:7f:78:cb:9e
Signer

Actual PE Digest

fe:41:fd:59:bb:42:a9:16:7b:71:f7:0c:1d:e3:1b:4e:7c:e3:0f:02:cd:4c:9a:65:f1:2d:b5:8b:7f:78:cb:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
ReadFile
CloseHandle
lstrcpyW
lstrlenW
GetFileSize
CopyFileW
GetPrivateProfileIntW
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime

user32

SendMessageW
CharToOemBuffA
MessageBeep
GetKeyState
wsprintfW
GetFocus

njdbcs

DBCS2UnicodeChar
Conv_UC_TC2SC
Conv_UC_SC2TC
UCS2_SurrogatePair_To_UCS4
UCS4_To_UCS2_SurrogatePair

msvcr120

_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
strchr
_wcsdup
_wcsicmp
feof
fprintf
free
malloc
memmove
wcsncmp
wcsncpy
swscanf
srand
_time64
_libm_sse2_sqrt_precise
memset
toupper
wcsstr
_calloc_crt
wcsrchr
_wfopen
fclose
fgets
fread
fseek
fwrite
isupper
tolower
_wcslwr
_strdup
strncmp
ftell
strncpy
wcschr
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock

Exports

Exports

IME_AddGlossary
IME_AddLianxiang
IME_AddPinyin
IME_DelGlossary
IME_DelayLoadAllDic
IME_DisplayCode
IME_FullSize2Ascii
IME_GetCharFrequency
IME_GetCharRanking
IME_GetCurrentKeyboardMap
IME_GetGlossary
IME_GetOption
IME_GetOptions
IME_GetStatus
IME_GetUcFrequency
IME_GetWordFrequency
IME_Glossary
IME_Hanzi2Code
IME_Hanzi2Pinyin
IME_IncreaseWordFrequency
IME_Init
IME_IsLimitedChineseType
IME_KeyInput
IME_Lianxiang
IME_Pinyin2Zhuyin
IME_ReadGlossary
IME_ReloadAllDic
IME_SaveAllDic
IME_SaveGlossary
IME_SearchGlossary
IME_SetInputMethod
IME_SetOptions
IME_SetUniImeOptions
IME_SetWordFrequency
IME_SortGlossary
IME_Terminate
IME_ToggleOption
IME_UCHanzi

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OrderForm.NJS
Products.TXT
RADICALS.UCD
RADICALX.UCD
SPELL/Html.tlx
SPELL/Ssceam.tlx
.vbs
SPELL/Sscebr.tlx
.vbs
SPELL/accent.tlx
SPELL/correct.tlx
SPELL/ssceam2.clx
SPELL/sscebr2.clx
SPELL/ssceca.tlx
.vbs
SPELL/ssceca2.clx
SPELL/ssceda.tlx
.vbs
SPELL/ssceda2.clx
SPELL/sscedu.tlx
SPELL/sscedu2.clx
SPELL/sscefi.tlx
SPELL/sscefi2.clx
SPELL/sscefr.tlx
SPELL/sscefr2.clx
SPELL/sscege.tlx
SPELL/sscege2.clx
SPELL/sscegn.tlx
SPELL/sscegn2.clx
SPELL/ssceit.tlx
SPELL/ssceit2.clx
SPELL/sscela.tlx
SPELL/sscela2.clx
SPELL/sscelb.tlx
SPELL/sscelb2.clx
SPELL/sscema.tlx
SPELL/sscema2.clx
SPELL/sscemb.tlx
SPELL/sscemb2.clx
SPELL/sscenb.tlx
SPELL/sscenb2.clx
SPELL/sscepb.tlx
SPELL/sscepb2.clx
SPELL/sscepo.tlx
SPELL/sscepo2.clx
SPELL/sscesp.tlx
SPELL/sscesp2.clx
SPELL/sscesw.tlx
SPELL/sscesw2.clx
SPELL/tech.tlx
SPELL/userdic.tlx
SYMBOLS.UJD
Tutorial.NJS
UserImages.bmp
UserImages_x24.bmp
UserImages_x32.bmp
VENDOR.TXT
WHATSNEW.TXT
enamdict
enamdict.E2J
enamdict.J2E
enamdict.K2E
enamdict.LNX
enamdict.VER
libcurl.dll
.dll windows:6 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:53:da:d8:3a:4a:50:d7:25:87:57:81:ed:89:49:59:c0:09:ae:72
Signer

Actual PE Digest

27:53:da:d8:3a:4a:50:d7:25:87:57:81:ed:89:49:59:c0:09:ae:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

UPX0
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
libcurl.txt
msvcr120.DLL.xxx
.dll windows:6 windows x86 arch:x86

aa8d086deb6960b10f8791df466a5610

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88
Signer

Actual PE Digest

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88

Digest Algorithm

sha256

PE Digest Matches

true

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78
Signer

Actual PE Digest

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr120.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
IsProcessorFeaturePresent
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z
??0_Interruption_exception@details@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@Concurrency@@QAE@PBD@Z
??0task_canceled@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??3@YAXPAXHPBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
??_V@YAXPAXHPBDH@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrSwap@@YAXPAX0@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBE_NABV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FCbuild
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active

Sections

.text
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr120.dll
.dll windows:6 windows x86 arch:x86

aa8d086deb6960b10f8791df466a5610

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88
Signer

Actual PE Digest

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88

Digest Algorithm

sha256

PE Digest Matches

true

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78
Signer

Actual PE Digest

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr120.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
IsProcessorFeaturePresent
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z
??0_Interruption_exception@details@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@Concurrency@@QAE@PBD@Z
??0task_canceled@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??3@YAXPAXHPBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
??_V@YAXPAXHPBDH@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrSwap@@YAXPAX0@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBE_NABV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FCbuild
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active

Sections

.text
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
njcrybto.dll
.dll windows:6 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e5:34:b3:72:58:ac:a7:8c:51:77:46:e2:f7:e2:5d:84:87:10:8f:a8
Signer

Actual PE Digest

e5:34:b3:72:58:ac:a7:8c:51:77:46:e2:f7:e2:5d:84:87:10:8f:a8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Base32_Decode
Base32_Encode
Base64_Decode
Base64_Encode
Crypto_Free_Key
Crypto_Get_Key_Size
Crypto_Get_PrivateKey
Crypto_Get_PublicKey
Crypto_MD5
Crypto_Open
Crypto_Private_Decrypt
Crypto_Private_Encrypt
Crypto_Public_Decrypt
Crypto_Public_Encrypt
Crypto_RC4
Crypto_SHA1
Crypto_Seal
Crypto_Seal_Ex
Crypto_Sign
Crypto_Verify
Hex_Decode
Hex_Encode

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
njstrokej.ncf
njstrokes.ncf
uMakJMDicIndex.exe
.exe windows:6 windows x86 arch:x86

c4787760dfda36e5c406b6334c596932

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/06/2016, 00:00

Not After

02/06/2021, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,POSTALCODE=2121,STREET=101/2 Pembroke Street,L=Epping,ST=NSW,C=AU,2.5.4.18=#1309504f20426f78203430

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:d5:ee:15:44:31:12:2b:eb:69:a5:ae:52:0a:36:34:8f:0a:01:ca
Signer

Actual PE Digest

96:d5:ee:15:44:31:12:2b:eb:69:a5:ae:52:0a:36:34:8f:0a:01:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleMode
SetFilePointerEx
ReadConsoleW
GetTimeZoneInformation
GetStringTypeW
OutputDebugStringW
IsValidCodePage
LCMapStringW
WriteConsoleW
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoW
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
lstrlenA
GetModuleHandleExW
ExitProcess
ExitThread
CreateThread
GetConsoleCP
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineW
FindResourceExW
VirtualProtect
SearchPathW
GetProfileIntW
GetTickCount
Sleep
GetTempPathW
GetTempFileNameW
VerifyVersionInfoW
VerSetConditionMask
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
GetACP
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
GlobalFlags
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalFindAtomW
GetSystemDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
EncodePointer
LoadLibraryA
GetCurrentProcessId
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetVersionExW
GetCurrentThread
ResumeThread
SuspendThread
SetThreadPriority
GetCurrentThreadId
CreateEventW
WaitForSingleObject
SetEvent
CloseHandle
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
FreeResource
OutputDebugStringA
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
SetLastError
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
WideCharToMultiByte

user32

CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
ToUnicodeEx
LockWindowUpdate
SetRect
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
PostThreadMessageW
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetWindowRgn
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
SetParent
UnionRect
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
GetAsyncKeyState
GetIconInfo
DrawIconEx
IsRectEmpty
DrawFocusRect
GetNextDlgGroupItem
ReuseDDElParam
UnpackDDElParam
LoadImageW
OffsetRect
SetRectEmpty
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
GetMenuDefaultItem
CreatePopupMenu
IntersectRect
LoadMenuW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
CharUpperW
DestroyIcon
InvalidateRect
KillTimer
SetTimer
DeleteMenu
CopyImage
RealChildWindowFromPoint
LoadCursorW
GetSysColorBrush
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
AdjustWindowRectEx
GetWindowRect
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
SendDlgItemMessageA
GetWindow
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
SystemParametersInfoW
InflateRect
GetMenuItemInfoW
DestroyMenu
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
UnhookWindowsHookEx
CopyRect
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageW
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
RegisterClipboardFormatW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongW
SetCursorPos
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetMonitorInfoW
GetKeyboardState
IsWindowVisible
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetDesktopWindow
GetWindowLongW
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
IsWindow
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
RemoveMenu
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
UnregisterClassW
LoadIconW
GetClientRect
DrawIcon
AppendMenuW
GetSystemMenu
GetSystemMetrics
EnableWindow
IsIconic
SendMessageW
wsprintfA
MessageBeep
wsprintfW

gdi32

GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
CombineRgn
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
GetRgnBox
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
SetROP2
SetPolyFillMode
GetLayout
SetTextAlign
Ellipse
CopyMetaFileW
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
BitBlt
PatBlt
CreateRectRgnIndirect
CreateBitmap
GetDeviceCaps
CreateDCW
SetTextColor

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHBrowseForFolderW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
SHAppBarMessage
DragFinish
DragQueryFileW

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

DrawThemeParentBackground
GetWindowTheme
GetThemeSysColor
IsAppThemed
DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetCurrentThemeName
OpenThemeData
CloseThemeData
GetThemeColor

ole32

OleLockRunning
DoDragDrop
CreateStreamOnHGlobal
CoDisconnectObject
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitialize

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe.nsis
update.dll
.exe windows:5 windows x86 arch:x86

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

03/06/2021, 00:00

Not After

02/06/2024, 23:59

Subject

CN=NJStar Software Pty Ltd,O=NJStar Software Pty Ltd,L=Epping,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5d:64:41:79:e0:c6:48:f7:eb:33:ce:a5:1b:a9:d1:11:d8:d1:c4:45:bb:6b:41:31:25:2f:92:d2:7d:b1:cf:13
Signer

Actual PE Digest

5d:64:41:79:e0:c6:48:f7:eb:33:ce:a5:1b:a9:d1:11:d8:d1:c4:45:bb:6b:41:31:25:2f:92:d2:7d:b1:cf:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
update.ini
.xml

Sharing

General

Malware Config

Signatures

Files

c05041e01f84e1ccca9c4451f3b6a383

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

ea:0d:ac:2e:c8:4a:26:50:b0:c0:be:55:0a:a8:b1:c6:70:d9:88:0a:ff:ed:b2:fb:48:b9:9d:2d:e2:6c:05:efSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 168KB

.rsrc Size: 9KB - Virtual size: 8KB

421a02aae559045e04759aae146087eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 322KB

.reloc Size: 2KB - Virtual size: 1KB

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 648B

5e62e8e248e7364886b604bd1fcf4c13

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

b2:61:6e:2c:78:53:4d:e1:81:4f:36:3c:71:1b:f2:92
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

ea:0d:ac:2e:c8:4a:26:50:b0:c0:be:55:0a:a8:b1:c6:70:d9:88:0a:ff:ed:b2:fb:48:b9:9d:2d:e2:6c:05:ef
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 168KB

.rsrc
Size: 9KB - Virtual size: 8KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 322KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

.text
Size: 1024B - Virtual size: 714B

.rdata
Size: 1024B - Virtual size: 705B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

82:a8:05:b4:0f:ec:cd:96:05:66:be:50:df:9c:ef:bc:ef:41:d0:5a
Signer

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 684B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

96:69:9d:b5:ba:5b:95:38:af:1b:67:ac:8a:55:ef:f6
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate