706ef2d8f5fee6aa7bb9dfe64270e7ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

706ef2d8f5fee6aa7bb9dfe64270e7ba_JaffaCakes118
Size

5.8MB
MD5

706ef2d8f5fee6aa7bb9dfe64270e7ba
SHA1

aae19734209a77ce1af80ec0c5f244d6b001a212
SHA256

d4388b61d40db20fdb972ea989800b21fe13bc1f883e90f51db332087735bf67
SHA512

33557a8a0af56921920d6880854f8f88cdae82e1767433ad9b95f3a4ab2dbf2ce60533fe4731fccc170a1329fc255595f06e2ba4f9e907175b7bf2588b159269
SSDEEP

98304:ddw0MsWfwEr/9V5efuWV43NNpWxPco3v0sWnSAy4u+gZzolgnt4W:JgfwC9Vkfum433AxPR3v0sWScgFoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$R2/NSIS.Library.RegTool.v2.$HWNDPARENT.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

706ef2d8f5fee6aa7bb9dfe64270e7ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/06/2006, 00:00

Not After

05/06/2008, 23:59

Subject

CN=SightSpeed Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=SightSpeed Inc.,L=Berkeley,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

1221406604d6fef21b4469a58a9cf427

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
lstrcpynA
lstrlenA
lstrcatA
GlobalAlloc
GlobalFree
lstrcpyA
GetTickCount
DeleteFileA
Sleep
WriteFile
CreateFileA
CreateThread
WaitForSingleObject
MulDiv
CloseHandle

user32

CharPrevA
SetWindowLongA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExA
SetWindowTextA
SendMessageA
wsprintfA
SetDlgItemTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

gethostbyname
inet_addr
ioctlsocket
htons
socket
closesocket
shutdown
connect
__WSAFDIsSet
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R0
.dll windows:4 windows x86 arch:x86

a4d2443050a5b105af84b31cad4ffaf2

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

06/06/2006, 00:00

Not After

05/06/2008, 23:59

Subject

CN=SightSpeed Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=SightSpeed Inc.,L=Berkeley,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
RaiseException
DisableThreadLibraryCalls
GetACP
CompareStringW
CompareStringA
WideCharToMultiByte
GetVersionExA
GetTimeFormatW
GetTimeFormatA
GetDateFormatW
GetDateFormatA
GetLocalTime
GetSystemTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
CreateEventW
CreateMutexW
LoadLibraryW
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetLogicalDrives
GetLastError
FormatMessageA
GetModuleFileNameA
LocalFree
GetFileAttributesW
GetFileAttributesA
GetLocaleInfoW
LocalAlloc
GetUserDefaultLangID
GetModuleFileNameW
GetCurrentThread
GetThreadPriority
SetThreadPriority
ResumeThread
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
TerminateThread
CreateThread
SetEvent
ReleaseMutex
CreateMutexA
CreateEventA
GetCurrentProcess
CreatePipe
DuplicateHandle
CreateProcessW
CreateProcessA
WriteFile
WaitForSingleObject
GetExitCodeProcess
PeekNamedPipe
ReadFile
TerminateProcess
CloseHandle
lstrlenW
GlobalFree
IsValidLocale
GetCurrentThreadId
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoA
OutputDebugStringA
ExitProcess
SetErrorMode
GetModuleHandleW
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement

user32

SystemParametersInfoA
GetDoubleClickTime
SetDoubleClickTime
GetCaretBlinkTime
SystemParametersInfoW
PeekMessageW
PostMessageW
PeekMessageA
PostMessageA
GetSysColor
GetDC
MessageBeep
ReleaseCapture
SetCaretBlinkTime
RegisterWindowMessageA
RegisterWindowMessageW
SetCursor
GetParent
WindowFromPoint
SetWindowPos
SetCapture
ScreenToClient
EndPaint
BeginPaint
GetUpdateRect
GetUpdateRgn
SetWindowTextA
SetWindowTextW
IsIconic
UnregisterClassA
UnregisterClassW
GetCursorPos
ReleaseDC
InvalidateRect
GetWindowRgn
DefWindowProcA
DefWindowProcW
GetClientRect
IsChild
GetFocus
GetSystemMetrics
ClientToScreen
TrackPopupMenuEx
IsZoomed
EnableMenuItem
GetSystemMenu
RegisterClassA
LoadIconA
RegisterClassW
LoadIconW
GetClassInfoA
GetClassInfoW
MapVirtualKeyA
MapVirtualKeyW
GetClipboardOwner
ChangeClipboardChain
SetClipboardViewer
CloseClipboard
EnumClipboardFormats
OpenClipboard
SetClipboardData
EmptyClipboard
GetClipboardData
SendMessageA
SendMessageW
DestroyCursor
SetCursorPos
LoadCursorA
LoadCursorW
CreateCursor
CreateIconIndirect
GetMessageA
GetMessageW
PostThreadMessageA
PostThreadMessageW
KillTimer
SetTimer
DispatchMessageA
DispatchMessageW
TranslateMessage
RegisterClipboardFormatA
GetWindowThreadProcessId
EnumWindows
GetWindowDC
DrawFocusRect
SetRect
CallNextHookEx
UnhookWindowsHookEx
DestroyIcon
DestroyWindow
SetCaretPos
HideCaret
CreateCaret
SetWindowsHookExA
SetForegroundWindow
ShowWindow
UpdateWindow
GetWindowLongW
SetWindowLongW
ScrollWindowEx
SetWindowRgn
GetWindowRect
SetWindowLongA
GetWindowLongA
IsWindowVisible
MoveWindow
CreateWindowExA
CreateWindowExW
GetDesktopWindow
SetParent
ValidateRect
IsRectEmpty
ValidateRgn
SetFocus
GetActiveWindow
DrawIconEx
GetKeyState

gdi32

GetSystemPaletteEntries
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
UpdateColors
ResizePalette
SetPaletteEntries
UnrealizeObject
GetDeviceCaps
PtInRegion
SelectPalette
RealizePalette
CreateRectRgn
DeleteObject
BitBlt
GetStockObject
GetObjectW
GetObjectA
CreateDCA
ResetDCA
CreateDCW
ResetDCW
SetBkMode
SetTextAlign
OffsetViewportOrgEx
GetViewportOrgEx
StartPage
EndPage
GetBkMode
CreateDIBitmap
EndDoc
AbortDoc
StartDocW
MaskBlt
SetBkColor
SetTextColor
CreatePen
CreateCompatibleDC
CreateHatchBrush
CreatePatternBrush
SetROP2
SetBrushOrgEx
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SelectClipRgn
Polyline
Polygon
SetPixelV
MoveToEx
LineTo
StrokePath
EndPath
BeginPath
GetBkColor
FillPath
GetCurrentPositionEx
GetWindowExtEx
SetWindowOrgEx
Rectangle
RoundRect
Ellipse
SetPixel
Arc
Pie
Chord
SetPolyFillMode
PolyBezier
OffsetRgn
EqualRgn
CombineRgn
ExtCreateRegion
RectInRegion
GetRgnBox
GetRegionData
DeleteDC
GetCharABCWidthsFloatW
GetCharABCWidthsA
GetCharABCWidthsW
SelectObject
CreateSolidBrush
PatBlt
GdiFlush
CreateBitmap
CreateCompatibleBitmap
CreateDIBSection
StretchDIBits
GetDIBits
SetDIBitsToDevice
StretchBlt
SetStretchBltMode
SetViewportExtEx
SetWindowExtEx
ExtCreatePen
StartDocA
SetPixelFormat
SwapBuffers
ChoosePixelFormat
DescribePixelFormat
GetTextFaceW
GetTextFaceA
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextCharsetInfo
CreateFontIndirectW
CreateFontIndirectA
TextOutA
ExtTextOutW
TextOutW
FillRgn
GetTextMetricsW
GetTextMetricsA
GetFontData
GetTextExtentPoint32W
GetGlyphOutlineW
GetGlyphOutlineA
GetClipRgn
CreatePolygonRgn
CreateEllipticRgn
SetMapMode

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegFlushKey
RegCreateKeyExA
RegCreateKeyExW
RegSetValueExA
RegSetValueExW
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegDeleteValueW
RegEnumValueW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW

shell32

SHBrowseForFolderA
SHGetMalloc
ExtractIconExA
SHGetPathFromIDListA

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoGetMalloc
CoCreateInstance
DoDragDrop
RegisterDragDrop
ReleaseStgMedium
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
OleInitialize
CoCreateGuid

imm32

ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmAssociateContext
ImmGetContext

winspool.drv

OpenPrinterA
GetPrinterA
OpenPrinterW
GetPrinterW
ClosePrinter
DeviceCapabilitiesA
DeviceCapabilitiesW

msvcr71

?terminate@@YAXXZ
fgets
wcslen
mktime
localtime
atof
_atoi64
_getdrive
_wgetdcwd
_getdcwd
_wopen
_open
_wfopen
_wremove
remove
_write
_read
_wstat
_stat
_lseek
_fstat
_close
_wmkdir
_mkdir
_wgetcwd
_getcwd
_wchdir
_chdir
_wrename
rename
_waccess
_access
_wrmdir
_rmdir
fopen
_fdopen
ftell
strcat
fputc
fseek
_vsnprintf
fclose
_errno
gmtime
strtod
fabs
abort
_iob
fprintf
fread
fflush
fwrite
_setjmp3
longjmp
pow
tan
abs
isprint
exit
_HUGE
qsort
atan
atan2
strchr
sprintf
strcpy
sscanf
atoi
strncpy
calloc
memmove
realloc
isdigit
tolower
strstr
bsearch
strncmp
sqrt
acos
_beginthreadex
_endthreadex
cos
sin
_wcsdup
getenv
memcmp
memset
malloc
free
strcmp
_flushall
isspace
??2@YAPAXI@Z
toupper
strrchr
memcpy
_purecall
??3@YAXPAX@Z
strlen
ungetc
strerror
getc
isupper
isalpha
_clearfp
_control87
isxdigit
??1type_info@@UAE@XZ
_CxxThrowException
strtol
__dllonexit
_onexit
_initterm
_except_handler3
__CppXcptFilter
_adjust_fdiv
putc

Exports

Exports

??0?$QAsciiDict@UQMetaData@@@@QAE@ABV0@@Z
??0?$QAsciiDict@UQMetaData@@@@QAE@H_N0@Z
??0?$QAsciiDict@VQConnectionList@@@@QAE@ABV0@@Z
??0?$QAsciiDict@VQConnectionList@@@@QAE@H_N0@Z
??0?$QAsciiDictIterator@VQConnectionList@@@@QAE@ABV0@@Z
??0?$QAsciiDictIterator@VQConnectionList@@@@QAE@ABV?$QAsciiDict@VQConnectionList@@@@@Z
??0?$QDict@VQLibrary@@@@QAE@ABV0@@Z
??0?$QDict@VQLibrary@@@@QAE@H_N@Z
??0?$QDict@VQStyleSheetItem@@@@QAE@ABV0@@Z
??0?$QDict@VQStyleSheetItem@@@@QAE@H_N@Z
??0?$QDict@VQTextFormat@@@@QAE@ABV0@@Z
??0?$QDict@VQTextFormat@@@@QAE@H_N@Z
??0?$QGuardedPtr@VQAccessibleObject@@@@QAE@ABV0@@Z
??0?$QGuardedPtr@VQAccessibleObject@@@@QAE@PAVQAccessibleObject@@@Z
??0?$QGuardedPtr@VQAccessibleObject@@@@QAE@XZ
??0?$QGuardedPtr@VQObject@@@@QAE@ABV0@@Z
??0?$QGuardedPtr@VQObject@@@@QAE@PAVQObject@@@Z
??0?$QGuardedPtr@VQObject@@@@QAE@XZ
??0?$QGuardedPtr@VQWidget@@@@QAE@ABV0@@Z
??0?$QGuardedPtr@VQWidget@@@@QAE@PAVQWidget@@@Z
??0?$QGuardedPtr@VQWidget@@@@QAE@XZ
??0?$QIntDict@H@@QAE@ABV0@@Z
??0?$QIntDict@H@@QAE@H@Z
??0?$QIntDict@VQWidget@@@@QAE@ABV0@@Z
??0?$QIntDict@VQWidget@@@@QAE@H@Z
??0?$QIntDictIterator@VQWidget@@@@QAE@ABV0@@Z
??0?$QIntDictIterator@VQWidget@@@@QAE@ABV?$QIntDict@VQWidget@@@@@Z
??0?$QMap@HH@@QAE@ABV0@@Z
??0?$QMap@HH@@QAE@XZ
??0?$QMap@HPAUQTextLineStart@@@@QAE@ABV0@@Z
??0?$QMap@HPAUQTextLineStart@@@@QAE@XZ
??0?$QMap@HUQTextDocumentSelection@@@@QAE@ABV0@@Z
??0?$QMap@HUQTextDocumentSelection@@@@QAE@XZ
??0?$QMap@HUQTextParagraphSelection@@@@QAE@ABV0@@Z
??0?$QMap@HUQTextParagraphSelection@@@@QAE@XZ
??0?$QMap@HVQColor@@@@QAE@ABV0@@Z
??0?$QMap@HVQColor@@@@QAE@XZ
??0?$QMap@HVQString@@@@QAE@ABV0@@Z
??0?$QMap@HVQString@@@@QAE@XZ
??0?$QMap@H_N@@QAE@ABV0@@Z
??0?$QMap@H_N@@QAE@XZ
??0?$QMap@PAVQTextCursor@@H@@QAE@ABV0@@Z
??0?$QMap@PAVQTextCursor@@H@@QAE@XZ
??0?$QMap@VQString@@H@@QAE@ABV0@@Z
??0?$QMap@VQString@@H@@QAE@XZ
??0?$QMap@VQString@@V1@@@QAE@ABV0@@Z
??0?$QMap@VQString@@V1@@@QAE@XZ
??0?$QMemArray@D@@IAE@HH@Z
??0?$QMemArray@D@@QAE@ABV0@@Z
??0?$QMemArray@D@@QAE@H@Z
??0?$QMemArray@D@@QAE@XZ
??0?$QMemArray@H@@IAE@HH@Z
??0?$QMemArray@H@@QAE@ABV0@@Z
??0?$QMemArray@H@@QAE@H@Z
??0?$QMemArray@H@@QAE@XZ
??0?$QMemArray@VQPoint@@@@IAE@HH@Z
??0?$QMemArray@VQPoint@@@@QAE@ABV0@@Z
??0?$QMemArray@VQPoint@@@@QAE@H@Z
??0?$QMemArray@VQPoint@@@@QAE@XZ
??0?$QMemArray@VQTextStringChar@@@@IAE@HH@Z
??0?$QMemArray@VQTextStringChar@@@@QAE@ABV0@@Z
??0?$QMemArray@VQTextStringChar@@@@QAE@H@Z
??0?$QMemArray@VQTextStringChar@@@@QAE@XZ
??0?$QMemArray@_N@@IAE@HH@Z
??0?$QMemArray@_N@@QAE@ABV0@@Z
??0?$QMemArray@_N@@QAE@H@Z
??0?$QMemArray@_N@@QAE@XZ
??0?$QPtrList@D@@QAE@ABV0@@Z
??0?$QPtrList@D@@QAE@XZ
??0?$QPtrList@UQPostEvent@@@@QAE@ABV0@@Z
??0?$QPtrList@UQPostEvent@@@@QAE@XZ
??0?$QPtrList@VQCanvasItem@@@@QAE@ABV0@@Z
??0?$QPtrList@VQCanvasItem@@@@QAE@XZ
??0?$QPtrList@VQCanvasView@@@@QAE@ABV0@@Z
??0?$QPtrList@VQCanvasView@@@@QAE@XZ
??0?$QPtrList@VQConnection@@@@QAE@ABV0@@Z
??0?$QPtrList@VQConnection@@@@QAE@XZ
??0?$QPtrList@VQDockWindow@@@@QAE@ABV0@@Z
??0?$QPtrList@VQDockWindow@@@@QAE@XZ
??0?$QPtrList@VQObject@@@@QAE@ABV0@@Z
??0?$QPtrList@VQObject@@@@QAE@XZ
??0?$QPtrList@VQTableSelection@@@@QAE@ABV0@@Z
??0?$QPtrList@VQTableSelection@@@@QAE@XZ
??0?$QPtrList@VQTextCommand@@@@QAE@ABV0@@Z
??0?$QPtrList@VQTextCommand@@@@QAE@XZ
??0?$QPtrList@VQTextCustomItem@@@@QAE@ABV0@@Z
??0?$QPtrList@VQTextCustomItem@@@@QAE@XZ
??0?$QPtrList@VQTextDocument@@@@QAE@ABV0@@Z
??0?$QPtrList@VQTextDocument@@@@QAE@XZ
??0?$QPtrList@VQTextTableCell@@@@QAE@ABV0@@Z
??0?$QPtrList@VQTextTableCell@@@@QAE@XZ
??0?$QPtrList@VQWidget@@@@QAE@ABV0@@Z
??0?$QPtrList@VQWidget@@@@QAE@XZ
??0?$QPtrListIterator@D@@QAE@ABV0@@Z
??0?$QPtrListIterator@D@@QAE@ABV?$QPtrList@D@@@Z
??0?$QPtrListIterator@UQPostEvent@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@UQPostEvent@@@@QAE@ABV?$QPtrList@UQPostEvent@@@@@Z
??0?$QPtrListIterator@VQCanvasItem@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQCanvasItem@@@@QAE@ABV?$QPtrList@VQCanvasItem@@@@@Z
??0?$QPtrListIterator@VQCanvasView@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQCanvasView@@@@QAE@ABV?$QPtrList@VQCanvasView@@@@@Z
??0?$QPtrListIterator@VQConnection@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQConnection@@@@QAE@ABV?$QPtrList@VQConnection@@@@@Z
??0?$QPtrListIterator@VQDockWindow@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQDockWindow@@@@QAE@ABV?$QPtrList@VQDockWindow@@@@@Z
??0?$QPtrListIterator@VQObject@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQObject@@@@QAE@ABV?$QPtrList@VQObject@@@@@Z
??0?$QPtrListIterator@VQWidget@@@@QAE@ABV0@@Z
??0?$QPtrListIterator@VQWidget@@@@QAE@ABV?$QPtrList@VQWidget@@@@@Z
??0?$QPtrVector@H@@QAE@ABV0@@Z
??0?$QPtrVector@H@@QAE@I@Z
??0?$QPtrVector@H@@QAE@XZ
??0?$QPtrVector@VQConnectionList@@@@QAE@ABV0@@Z
??0?$QPtrVector@VQConnectionList@@@@QAE@I@Z
??0?$QPtrVector@VQConnectionList@@@@QAE@XZ
??0?$QPtrVector@VQStyleSheetItem@@@@QAE@ABV0@@Z
??0?$QPtrVector@VQStyleSheetItem@@@@QAE@I@Z
??0?$QPtrVector@VQStyleSheetItem@@@@QAE@XZ
??0?$QPtrVector@VQTableItem@@@@QAE@ABV0@@Z
??0?$QPtrVector@VQTableItem@@@@QAE@I@Z
??0?$QPtrVector@VQTableItem@@@@QAE@XZ
??0?$QPtrVector@VQWidget@@@@QAE@ABV0@@Z
??0?$QPtrVector@VQWidget@@@@QAE@I@Z
??0?$QPtrVector@VQWidget@@@@QAE@XZ
??0?$QValueList@H@@QAE@ABV0@@Z
??0?$QValueList@H@@QAE@XZ
??0?$QValueList@PAVQCanvasItem@@@@QAE@ABV0@@Z
??0?$QValueList@PAVQCanvasItem@@@@QAE@XZ
??0?$QValueList@PAVQTextParagraph@@@@QAE@ABV0@@Z
??0?$QValueList@PAVQTextParagraph@@@@QAE@XZ
??0?$QValueList@V?$QPtrVector@VQStyleSheetItem@@@@@@QAE@ABV0@@Z
??0?$QValueList@V?$QPtrVector@VQStyleSheetItem@@@@@@QAE@XZ
??0?$QValueList@VQRect@@@@QAE@ABV0@@Z
??0?$QValueList@VQRect@@@@QAE@XZ
??0?$QValueList@VQString@@@@QAE@ABV0@@Z
??0?$QValueList@VQString@@@@QAE@XZ
??0?$QValueList@W4ListStyle@QStyleSheetItem@@@@QAE@ABV0@@Z
??0?$QValueList@W4ListStyle@QStyleSheetItem@@@@QAE@XZ
??0?$QValueList@_N@@QAE@ABV0@@Z
??0?$QValueList@_N@@QAE@XZ
??0?$QValueListIterator@H@@QAE@ABV0@@Z
??0?$QValueListIterator@H@@QAE@PAV?$QValueListNode@H@@@Z
??0?$QValueListIterator@H@@QAE@XZ
??0?$QValueListIterator@PAVQCanvasItem@@@@QAE@ABV0@@Z
??0?$QValueListIterator@PAVQCanvasItem@@@@QAE@PAV?$QValueListNode@PAVQCanvasItem@@@@@Z
??0?$QValueListIterator@PAVQCanvasItem@@@@QAE@XZ
??0?$QValueListIterator@VQRect@@@@QAE@ABV0@@Z
??0?$QValueListIterator@VQRect@@@@QAE@PAV?$QValueListNode@VQRect@@@@@Z
??0?$QValueListIterator@VQRect@@@@QAE@XZ
??0?$QValueListIterator@VQString@@@@QAE@ABV0@@Z
??0?$QValueListIterator@VQString@@@@QAE@PAV?$QValueListNode@VQString@@@@@Z
??0?$QValueListIterator@VQString@@@@QAE@XZ
??0?$QValueListIterator@_N@@QAE@ABV0@@Z
??0?$QValueListIterator@_N@@QAE@PAV?$QValueListNode@_N@@@Z
??0?$QValueListIterator@_N@@QAE@XZ
??0?$QValueStack@H@@QAE@ABV0@@Z
??0?$QValueStack@H@@QAE@XZ
??0?$QValueStack@PAVQTextParagraph@@@@QAE@ABV0@@Z
??0?$QValueStack@PAVQTextParagraph@@@@QAE@XZ
??0?$QValueStack@_N@@QAE@ABV0@@Z
??0?$QValueStack@_N@@QAE@XZ
??0DockData@@QAE@PAVQDockWindow@@ABVQRect@@@Z
??0DockData@@QAE@XZ
??0Focus@QTextDocument@@QAE@ABU01@@Z
??0Focus@QTextDocument@@QAE@XZ
??0ImgElement@@QAE@ABU0@@Z
??0ImgElement@@QAE@XZ
??0MailServer@QDns@@QAE@ABV01@@Z
??0MailServer@QDns@@QAE@ABVQString@@G@Z
??0PixElement@@QAE@ABU0@@Z
??0PixElement@@QAE@XZ
??0QAccel@@QAE@ABV0@@Z
??0QAccel@@QAE@PAVQWidget@@PAVQObject@@PBD@Z
??0QAccel@@QAE@PAVQWidget@@PBD@Z
??0QAccessibleFactoryInterface@@QAE@ABU0@@Z
??0QAccessibleFactoryInterface@@QAE@XZ
??0QAccessibleInterface@@QAE@ABU0@@Z
??0QAccessibleInterface@@QAE@XZ
??0QAccessibleObject@@QAE@ABV0@@Z
??0QAccessibleObject@@QAE@PAVQObject@@@Z
??0QAction@@QAE@ABV0@@Z
??0QAction@@QAE@ABVQIconSet@@ABVQString@@VQKeySequence@@PAVQObject@@PBD@Z
??0QAction@@QAE@ABVQString@@0VQKeySequence@@PAVQObject@@PBD_N@Z
??0QAction@@QAE@ABVQString@@ABVQIconSet@@0VQKeySequence@@PAVQObject@@PBD_N@Z
??0QAction@@QAE@ABVQString@@VQKeySequence@@PAVQObject@@PBD@Z
??0QAction@@QAE@PAVQObject@@PBD@Z
??0QAction@@QAE@PAVQObject@@PBD_N@Z
??0QActionGroup@@QAE@ABV0@@Z
??0QActionGroup@@QAE@PAVQObject@@PBD@Z
??0QActionGroup@@QAE@PAVQObject@@PBD_N@Z
??0QApplication@@QAE@AAHPAPAD@Z
??0QApplication@@QAE@AAHPAPADW4Type@0@@Z
??0QApplication@@QAE@AAHPAPAD_N@Z
??0QApplication@@QAE@ABV0@@Z
??0QAsyncIO@@QAE@ABV0@@Z
??0QAsyncIO@@QAE@XZ
??0QBitArray@@QAE@ABV0@@Z
??0QBitArray@@QAE@I@Z
??0QBitArray@@QAE@XZ
??0QBitVal@@QAE@PAVQBitArray@@I@Z
??0QBitmap@@QAE@ABV0@@Z
??0QBitmap@@QAE@ABVQSize@@PBE_N@Z
??0QBitmap@@QAE@ABVQSize@@_NW4Optimization@QPixmap@@@Z
??0QBitmap@@QAE@ABVQString@@PBD@Z
??0QBitmap@@QAE@HHPBE_N@Z
??0QBitmap@@QAE@HH_NW4Optimization@QPixmap@@@Z
??0QBitmap@@QAE@XZ
??0QBoxLayout@@QAE@ABV0@@Z
??0QBoxLayout@@QAE@PAVQLayout@@W4Direction@0@HPBD@Z
??0QBoxLayout@@QAE@PAVQWidget@@W4Direction@0@HHPBD@Z
??0QBoxLayout@@QAE@W4Direction@0@HPBD@Z
??0QBrush@@QAE@ABV0@@Z
??0QBrush@@QAE@ABVQColor@@ABVQPixmap@@@Z
??0QBrush@@QAE@ABVQColor@@W4BrushStyle@Qt@@@Z
??0QBrush@@QAE@W4BrushStyle@Qt@@@Z
??0QBrush@@QAE@XZ
??0QBuffer@@QAE@ABV0@@Z
??0QBuffer@@QAE@V?$QMemArray@D@@@Z
??0QBuffer@@QAE@XZ
??0QButton@@QAE@ABV0@@Z
??0QButton@@QAE@PAVQWidget@@PBDI@Z
??0QButtonGroup@@QAE@ABV0@@Z
??0QButtonGroup@@QAE@ABVQString@@PAVQWidget@@PBD@Z
??0QButtonGroup@@QAE@HW4Orientation@Qt@@ABVQString@@PAVQWidget@@PBD@Z
??0QButtonGroup@@QAE@HW4Orientation@Qt@@PAVQWidget@@PBD@Z
??0QButtonGroup@@QAE@PAVQWidget@@PBD@Z
??0QCString@@QAE@ABV0@@Z
??0QCString@@QAE@H@Z
??0QCString@@QAE@PBD@Z
??0QCString@@QAE@PBDI@Z
??0QCString@@QAE@XZ
??0QCanvas@@QAE@ABV0@@Z
??0QCanvas@@QAE@HH@Z
??0QCanvas@@QAE@PAVQObject@@PBD@Z
??0QCanvas@@QAE@VQPixmap@@HHHH@Z
??0QCanvasEllipse@@QAE@ABV0@@Z
??0QCanvasEllipse@@QAE@HHHHPAVQCanvas@@@Z
??0QCanvasEllipse@@QAE@HHPAVQCanvas@@@Z
??0QCanvasEllipse@@QAE@PAVQCanvas@@@Z
??0QCanvasItem@@QAE@ABV0@@Z
??0QCanvasItem@@QAE@PAVQCanvas@@@Z
??0QCanvasItemList@@QAE@ABV0@@Z
??0QCanvasItemList@@QAE@XZ
??0QCanvasItemPtr@@QAE@PAVQCanvasItem@@@Z
??0QCanvasItemPtr@@QAE@XZ
??0QCanvasLine@@QAE@ABV0@@Z
??0QCanvasLine@@QAE@PAVQCanvas@@@Z
??0QCanvasPixmap@@QAE@ABV0@@Z
??0QCanvasPixmap@@QAE@ABVQImage@@@Z
??0QCanvasPixmap@@QAE@ABVQPixmap@@ABVQPoint@@@Z
??0QCanvasPixmap@@QAE@ABVQString@@@Z
??0QCanvasPixmapArray@@QAE@ABVQString@@H@Z
??0QCanvasPixmapArray@@QAE@V?$QPtrList@VQPixmap@@@@V?$QPtrList@VQPoint@@@@@Z
??0QCanvasPixmapArray@@QAE@V?$QValueList@VQPixmap@@@@VQPointArray@@@Z
??0QCanvasPixmapArray@@QAE@XZ
??0QCanvasPolygon@@QAE@ABV0@@Z
??0QCanvasPolygon@@QAE@PAVQCanvas@@@Z
??0QCanvasPolygonalItem@@QAE@ABV0@@Z
??0QCanvasPolygonalItem@@QAE@PAVQCanvas@@@Z
??0QCanvasRectangle@@QAE@ABV0@@Z
??0QCanvasRectangle@@QAE@ABVQRect@@PAVQCanvas@@@Z
??0QCanvasRectangle@@QAE@HHHHPAVQCanvas@@@Z
??0QCanvasRectangle@@QAE@PAVQCanvas@@@Z
??0QCanvasSpline@@QAE@ABV0@@Z
??0QCanvasSpline@@QAE@PAVQCanvas@@@Z
??0QCanvasSprite@@QAE@ABV0@@Z
??0QCanvasSprite@@QAE@PAVQCanvasPixmapArray@@PAVQCanvas@@@Z
??0QCanvasText@@QAE@ABV0@@Z
??0QCanvasText@@QAE@ABVQString@@PAVQCanvas@@@Z
??0QCanvasText@@QAE@ABVQString@@VQFont@@PAVQCanvas@@@Z
??0QCanvasText@@QAE@PAVQCanvas@@@Z
??0QCanvasView@@QAE@ABV0@@Z
??0QCanvasView@@QAE@PAVQCanvas@@PAVQWidget@@PBDI@Z
??0QCanvasView@@QAE@PAVQWidget@@PBDI@Z
??0QChar@@QAE@ABV0@@Z
??0QChar@@QAE@D@Z
??0QChar@@QAE@E@Z
??0QChar@@QAE@EE@Z
??0QChar@@QAE@F@Z
??0QChar@@QAE@G@Z
??0QChar@@QAE@H@Z
??0QChar@@QAE@I@Z
??0QChar@@QAE@XZ
??0QCharRef@@AAE@PAVQString@@I@Z
??0QCheckBox@@QAE@ABV0@@Z
??0QCheckBox@@QAE@ABVQString@@PAVQWidget@@PBD@Z
??0QCheckBox@@QAE@PAVQWidget@@PBD@Z
??0QCheckListItem@@QAE@ABV0@@Z
??0QCheckListItem@@QAE@PAV0@ABVQString@@W4Type@0@@Z
??0QCheckListItem@@QAE@PAV0@PAVQListViewItem@@ABVQString@@W4Type@0@@Z
??0QCheckListItem@@QAE@PAVQListView@@ABVQString@@ABVQPixmap@@@Z
??0QCheckListItem@@QAE@PAVQListView@@ABVQString@@W4Type@0@@Z
??0QCheckListItem@@QAE@PAVQListView@@PAVQListViewItem@@ABVQString@@W4Type@0@@Z
??0QCheckListItem@@QAE@PAVQListViewItem@@0ABVQString@@W4Type@0@@Z
??0QCheckListItem@@QAE@PAVQListViewItem@@ABVQString@@ABVQPixmap@@@Z
??0QCheckListItem@@QAE@PAVQListViewItem@@ABVQString@@W4Type@0@@Z
??0QCheckTableItem@@QAE@ABV0@@Z
??0QCheckTableItem@@QAE@PAVQTable@@ABVQString@@@Z
??0QChildEvent@@QAE@ABV0@@Z
??0QChildEvent@@QAE@W4Type@QEvent@@PAVQObject@@@Z
??0QClipboard@@AAE@PAVQObject@@PBD@Z
??0QClipboard@@QAE@ABV0@@Z
??0QCloseEvent@@QAE@ABV0@@Z
??0QCloseEvent@@QAE@XZ
??0QColor@@QAE@ABV0@@Z
??0QColor@@QAE@ABVQString@@@Z
??0QColor@@QAE@HHH@Z
??0QColor@@QAE@HHHW4Spec@0@@Z
??0QColor@@QAE@II@Z
??0QColor@@QAE@PBD@Z
??0QColor@@QAE@XZ
??0QColorDialog@@AAE@PAVQWidget@@PBD_N@Z
??0QColorDialog@@QAE@ABV0@@Z
??0QColorDrag@@QAE@ABV0@@Z
??0QColorDrag@@QAE@ABVQColor@@PAVQWidget@@PBD@Z
??0QColorDrag@@QAE@PAVQWidget@@PBD@Z
??0QColorGroup@@QAE@ABV0@@Z
??0QColorGroup@@QAE@ABVQBrush@@00000000@Z
??0QColorGroup@@QAE@ABVQColor@@000000@Z
??0QColorGroup@@QAE@XZ
??0QComLibrary@@QAE@ABV0@@Z
??0QComLibrary@@QAE@ABVQString@@@Z
??0QComboBox@@QAE@ABV0@@Z
??0QComboBox@@QAE@PAVQWidget@@PBD@Z
??0QComboBox@@QAE@_NPAVQWidget@@PBD@Z
??0QComboTableItem@@QAE@ABV0@@Z
??0QComboTableItem@@QAE@PAVQTable@@ABVQStringList@@_N@Z
??0QCommonStyle@@QAE@ABV0@@Z
??0QCommonStyle@@QAE@XZ
??0QComponentFactoryInterface@@QAE@ABU0@@Z
??0QComponentFactoryInterface@@QAE@XZ
??0QComponentInformationInterface@@QAE@ABU0@@Z
??0QComponentInformationInterface@@QAE@XZ
??0QComponentRegistrationInterface@@QAE@ABU0@@Z
??0QComponentRegistrationInterface@@QAE@XZ
??0QConnection@@QAE@PBVQObject@@HPBDH@Z
??0QConnectionList@@QAE@ABV0@@Z
??0QConnectionList@@QAE@XZ
??0QConnectionListIt@@QAE@ABV0@@Z
??0QConnectionListIt@@QAE@ABVQConnectionList@@@Z
??0QConstString@@QAE@ABV0@@Z
??0QConstString@@QAE@PBVQChar@@I@Z
??0QContextMenuEvent@@QAE@ABV0@@Z
??0QContextMenuEvent@@QAE@W4Reason@0@ABVQPoint@@1H@Z
??0QContextMenuEvent@@QAE@W4Reason@0@ABVQPoint@@H@Z
??0QCursor@@QAE@ABV0@@Z
??0QCursor@@QAE@ABVQBitmap@@0HH@Z
??0QCursor@@QAE@ABVQPixmap@@HH@Z
??0QCursor@@QAE@H@Z
??0QCursor@@QAE@PAUHICON__@@@Z
??0QCursor@@QAE@XZ
??0QCustomEvent@@QAE@ABV0@@Z
??0QCustomEvent@@QAE@H@Z
??0QCustomEvent@@QAE@W4Type@QEvent@@PAX@Z
??0QCustomMenuItem@@QAE@ABV0@@Z
??0QCustomMenuItem@@QAE@XZ
??0QDataPump@@QAE@ABV0@@Z
??0QDataPump@@QAE@PAVQDataSource@@PAVQDataSink@@@Z
??0QDataSink@@QAE@ABV0@@Z
??0QDataSink@@QAE@XZ
??0QDataSource@@QAE@ABV0@@Z
??0QDataSource@@QAE@XZ
??0QDataStream@@QAE@ABV0@@Z
??0QDataStream@@QAE@PAVQIODevice@@@Z
??0QDataStream@@QAE@V?$QMemArray@D@@H@Z
??0QDataStream@@QAE@XZ
??0QDate@@QAE@HHH@Z
??0QDate@@QAE@XZ
??0QDateEdit@@QAE@ABV0@@Z
??0QDateEdit@@QAE@ABVQDate@@PAVQWidget@@PBD@Z
??0QDateEdit@@QAE@PAVQWidget@@PBD@Z
??0QDateTime@@QAE@ABVQDate@@@Z
??0QDateTime@@QAE@ABVQDate@@ABVQTime@@@Z
??0QDateTime@@QAE@XZ
??0QDateTimeEdit@@QAE@ABV0@@Z
??0QDateTimeEdit@@QAE@ABVQDateTime@@PAVQWidget@@PBD@Z
??0QDateTimeEdit@@QAE@PAVQWidget@@PBD@Z
??0QDateTimeEditBase@@QAE@ABV0@@Z
??0QDateTimeEditBase@@QAE@PAVQWidget@@PBD@Z
??0QDesktopWidget@@QAE@ABV0@@Z
??0QDesktopWidget@@QAE@XZ
??0QDial@@QAE@ABV0@@Z
??0QDial@@QAE@HHHHPAVQWidget@@PBD@Z
??0QDial@@QAE@PAVQWidget@@PBDI@Z
??0QDialog@@QAE@ABV0@@Z
??0QDialog@@QAE@PAVQWidget@@PBD_NI@Z
??0QDir@@QAE@ABV0@@Z
??0QDir@@QAE@ABVQString@@0HH@Z
??0QDir@@QAE@XZ
??0QDispatchInterface@@QAE@ABU0@@Z
??0QDispatchInterface@@QAE@XZ
??0QDns@@QAE@ABV0@@Z
??0QDns@@QAE@ABVQHostAddress@@W4RecordType@0@@Z
??0QDns@@QAE@ABVQString@@W4RecordType@0@@Z
??0QDns@@QAE@XZ
??0QDockArea@@QAE@ABV0@@Z
??0QDockArea@@QAE@W4Orientation@Qt@@W4HandlePosition@0@PAVQWidget@@PBD@Z
??0QDockAreaLayout@@QAE@ABV0@@Z
??0QDockAreaLayout@@QAE@PAVQWidget@@W4Orientation@Qt@@PAV?$QPtrList@VQDockWindow@@@@HHPBD@Z
??0QDockWindow@@AAE@W4Place@0@PAVQWidget@@PBDI_N@Z
??0QDockWindow@@QAE@ABV0@@Z
??0QDockWindow@@QAE@PAVQWidget@@PBDI@Z
??0QDockWindow@@QAE@W4Place@0@PAVQWidget@@PBDI@Z
??0QDomAttr@@AAE@PAVQDomAttrPrivate@@@Z
??0QDomAttr@@QAE@ABV0@@Z
??0QDomAttr@@QAE@XZ
??0QDomCDATASection@@AAE@PAVQDomCDATASectionPrivate@@@Z
??0QDomCDATASection@@QAE@ABV0@@Z
??0QDomCDATASection@@QAE@XZ
??0QDomCharacterData@@AAE@PAVQDomCharacterDataPrivate@@@Z
??0QDomCharacterData@@QAE@ABV0@@Z
??0QDomCharacterData@@QAE@XZ
??0QDomComment@@AAE@PAVQDomCommentPrivate@@@Z
??0QDomComment@@QAE@ABV0@@Z
??0QDomComment@@QAE@XZ
??0QDomDocument@@AAE@PAVQDomDocumentPrivate@@@Z
??0QDomDocument@@QAE@ABV0@@Z
??0QDomDocument@@QAE@ABVQDomDocumentType@@@Z
??0QDomDocument@@QAE@ABVQString@@@Z
??0QDomDocument@@QAE@XZ
??0QDomDocumentFragment@@AAE@PAVQDomDocumentFragmentPrivate@@@Z
??0QDomDocumentFragment@@QAE@ABV0@@Z
??0QDomDocumentFragment@@QAE@XZ
??0QDomDocumentType@@AAE@PAVQDomDocumentTypePrivate@@@Z
??0QDomDocumentType@@QAE@ABV0@@Z
??0QDomDocumentType@@QAE@XZ
??0QDomElement@@AAE@PAVQDomElementPrivate@@@Z
??0QDomElement@@QAE@ABV0@@Z
??0QDomElement@@QAE@XZ
??0QDomEntity@@AAE@PAVQDomEntityPrivate@@@Z
??0QDomEntity@@QAE@ABV0@@Z
??0QDomEntity@@QAE@XZ
??0QDomEntityReference@@AAE@PAVQDomEntityReferencePrivate@@@Z
??0QDomEntityReference@@QAE@ABV0@@Z
??0QDomEntityReference@@QAE@XZ
??0QDomImplementation@@AAE@PAVQDomImplementationPrivate@@@Z
??0QDomImplementation@@QAE@ABV0@@Z
??0QDomImplementation@@QAE@XZ
??0QDomNamedNodeMap@@AAE@PAVQDomNamedNodeMapPrivate@@@Z
??0QDomNamedNodeMap@@QAE@ABV0@@Z
??0QDomNamedNodeMap@@QAE@XZ
??0QDomNode@@IAE@PAVQDomNodePrivate@@@Z
??0QDomNode@@QAE@ABV0@@Z
??0QDomNode@@QAE@XZ
??0QDomNodeList@@AAE@PAVQDomNodeListPrivate@@@Z
??0QDomNodeList@@QAE@ABV0@@Z
??0QDomNodeList@@QAE@XZ
??0QDomNotation@@AAE@PAVQDomNotationPrivate@@@Z
??0QDomNotation@@QAE@ABV0@@Z
??0QDomNotation@@QAE@XZ
??0QDomProcessingInstruction@@AAE@PAVQDomProcessingInstructionPrivate@@@Z
??0QDomProcessingInstruction@@QAE@ABV0@@Z
??0QDomProcessingInstruction@@QAE@XZ
??0QDomText@@AAE@PAVQDomTextPrivate@@@Z
??0QDomText@@QAE@ABV0@@Z
??0QDomText@@QAE@XZ
??0QDoubleValidator@@QAE@ABV0@@Z
??0QDoubleValidator@@QAE@NNHPAVQObject@@PBD@Z
??0QDoubleValidator@@QAE@PAVQObject@@PBD@Z
??0QDragEnterEvent@@QAE@ABV0@@Z
??0QDragEnterEvent@@QAE@ABVQPoint@@@Z
??0QDragLeaveEvent@@QAE@ABV0@@Z
??0QDragLeaveEvent@@QAE@XZ
??0QDragManager@@AAE@XZ
??0QDragManager@@QAE@ABV0@@Z
??0QDragMoveEvent@@QAE@ABV0@@Z
??0QDragMoveEvent@@QAE@ABVQPoint@@W4Type@QEvent@@@Z
??0QDragObject@@QAE@ABV0@@Z
??0QDragObject@@QAE@PAVQWidget@@PBD@Z
??0QDragResponseEvent@@QAE@ABV0@@Z
??0QDragResponseEvent@@QAE@_N@Z
??0QDropEvent@@QAE@ABV0@@Z
??0QDropEvent@@QAE@ABVQPoint@@W4Type@QEvent@@@Z
??0QDropSite@@QAE@ABV0@@Z
??0QDropSite@@QAE@PAVQWidget@@@Z
??0QErrorMessage@@QAE@ABV0@@Z
??0QErrorMessage@@QAE@PAVQWidget@@PBD@Z
??0QEucJpCodec@@QAE@ABV0@@Z
??0QEucJpCodec@@QAE@XZ
??0QEucKrCodec@@QAE@ABV0@@Z
??0QEucKrCodec@@QAE@XZ
??0QEvent@@QAE@ABV0@@Z
??0QEvent@@QAE@W4Type@0@@Z
??0QEventLoop@@QAE@ABV0@@Z
??0QEventLoop@@QAE@PAVQObject@@PBD@Z
??0QFeatureListInterface@@QAE@ABU0@@Z
??0QFeatureListInterface@@QAE@XZ
??0QFile@@QAE@ABV0@@Z
??0QFile@@QAE@ABVQString@@@Z
??0QFile@@QAE@XZ
??0QFileDialog@@QAE@ABV0@@Z
??0QFileDialog@@QAE@ABVQString@@0PAVQWidget@@PBD_N@Z
??0QFileDialog@@QAE@PAVQWidget@@PBD_N@Z
??0QFileIconProvider@@QAE@ABV0@@Z
??0QFileIconProvider@@QAE@PAVQObject@@PBD@Z
??0QFileInfo@@QAE@ABV0@@Z
??0QFileInfo@@QAE@ABVQDir@@ABVQString@@@Z
??0QFileInfo@@QAE@ABVQFile@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??0QFileInfo@@QAE@XZ

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/NSIS.Library.RegTool.v2.$HWNDPARENT.exe
.exe windows:4 windows x86 arch:x86

27613a5a6234b2a2609ff90c91288dae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryExA
MultiByteToWideChar
lstrcmpiA
lstrlenA
SetEndOfFile
WaitForSingleObject
UnmapViewOfFile
lstrcpyA
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
lstrcatA
GetWindowsDirectoryA
GetShortPathNameA
GetCommandLineA
ExitProcess
GetModuleHandleA
GetModuleFileNameA
SetFilePointer
SetErrorMode

oleaut32

LoadTypeLi
RegisterTypeLi

advapi32

RegQueryValueExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey

user32

wsprintfA
CharNextA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
images/ui40/button_close.png
.png
images/ui40/button_close_inactive.png
.png
images/ui40/button_close_mouse.png
.png
images/ui40/button_max.png
.png
images/ui40/button_max_inactive.png
.png
images/ui40/button_max_mouse.png
.png
images/ui40/button_min.png
.png
images/ui40/button_min_inactive.png
.png
images/ui40/button_min_mouse.png
.png
images/ui40/camera_arrow_down.png
.png
images/ui40/camera_arrow_down_disabled.png
.png
images/ui40/camera_arrow_down_mouse.png
.png
images/ui40/camera_arrow_left.png
.png
images/ui40/camera_arrow_left_disabled.png
.png
images/ui40/camera_arrow_left_mouse.png
.png
images/ui40/camera_arrow_right.png
.png
images/ui40/camera_arrow_right_disabled.png
.png
images/ui40/camera_arrow_right_mouse.png
.png
images/ui40/camera_arrow_up.png
.png
images/ui40/camera_arrow_up_disabled.png
.png
images/ui40/camera_arrow_up_mouse.png
.png
images/ui40/camera_home.png
.png
images/ui40/camera_home_disabled.png
.png
images/ui40/camera_home_mouse.png
.png
images/ui40/camera_window.png
.png
images/ui40/camera_zoom_in.png
.png
images/ui40/camera_zoom_in_disabled.png
.png
images/ui40/camera_zoom_in_mouse.png
.png
images/ui40/camera_zoom_out.png
.png
images/ui40/camera_zoom_out_disabled.png
.png
images/ui40/camera_zoom_out_mouse.png
.png
images/ui40/client_bottom.png
.png
images/ui40/client_bottom_left.png
.png
images/ui40/client_bottom_right.png
.png
images/ui40/client_left.png
.png
images/ui40/client_left_bottom.png
.png
images/ui40/client_right.png
.png
images/ui40/client_right_bottom.png
.png
images/ui40/client_top_left-amd.png
.png
images/ui40/client_top_left-ask.png
.png
images/ui40/client_top_left-electionmall.png
.png
images/ui40/client_top_left-sonic.png
.png
images/ui40/client_top_left.png
.png
images/ui40/client_top_left_inactive-amd.png
.png
images/ui40/client_top_left_inactive-ask.png
.png
images/ui40/client_top_left_inactive-electionmall.png
.png
images/ui40/client_top_left_inactive-sonic.png
.png
images/ui40/client_top_left_inactive.png
.png
images/ui40/client_top_right.png
.png
images/ui40/client_top_right_inactive.png
.png
images/ui40/incall_hangup.png
.png
images/ui40/incall_hangup_disabled.png
.png
images/ui40/incall_hangup_mouse.png
.png
images/ui40/incall_muteoff.png
.png
images/ui40/incall_muteoff_disabled.png
.png
images/ui40/incall_muteoff_mouse.png
.png
images/ui40/incall_muteon.png
.png
images/ui40/incall_muteon_disabled.png
.png
images/ui40/incall_muteon_mouse.png
.png
images/ui40/incall_pauseoff.png
.png
images/ui40/incall_pauseoff_disabled.png
.png
images/ui40/incall_pauseoff_mouse.png
.png
images/ui40/incall_pauseon.png
.png
images/ui40/incall_pauseon_disabled.png
.png
images/ui40/incall_pauseon_mouse.png
.png
images/ui40/incall_pip.png
.png
images/ui40/incall_pip_disabled.png
.png
images/ui40/incall_pip_mouse.png
.png
images/ui40/incall_restore.png
.png
images/ui40/incall_restore_disabled.png
.png
images/ui40/incall_restore_mouse.png
.png
images/ui40/incall_text.png
.png
images/ui40/incall_text_disabled.png
.png
images/ui40/incall_text_mouse.png
.png
images/ui40/logo.png
.png
images/ui40/logo128x128.png
.png
images/ui40/logo16x16.png
.png
images/ui40/logo32x32.png
.png
images/ui40/logo48x48.png
.png
images/ui40/logo_video.png
.png
images/ui40/logosmall.png
.png
images/ui40/logovideo.png
.png
images/ui40/nocamera.png
.png
images/ui40/prefs_background.png
.png
images/ui40/prefs_check.png
.png
images/ui40/prefs_help_mic.png
.png
images/ui40/prefs_help_speaker.png
.png
images/ui40/prefs_icon_camera.png
.png
images/ui40/prefs_icon_display.png
.png
images/ui40/prefs_icon_general.png
.png
images/ui40/prefs_icon_mic.png
.png
images/ui40/prefs_icon_network.png
.png
images/ui40/prefs_icon_speaker.png
.png
images/ui40/prefs_selected.png
.png
images/ui40/prefs_wrong.png
.png
images/ui40/splashscreen-amd.png
.png
images/ui40/splashscreen-ask.png
.png
images/ui40/splashscreen-electionmall.png
.png
images/ui40/splashscreen-sonic.png
.png
images/ui40/splashscreen.png
.png
images/ui40/titlebar_left-amd.png
.png
images/ui40/titlebar_left-ask.png
.png
images/ui40/titlebar_left-electionmall.png
.png
images/ui40/titlebar_left.png
.png
images/ui40/titlebar_left_inactive-amd.png
.png
images/ui40/titlebar_left_inactive-ask.png
.png
images/ui40/titlebar_left_inactive-electionmall.png
.png
images/ui40/titlebar_left_inactive.png
.png
images/ui40/titlebar_middle.png
.png
images/ui40/titlebar_middle_inactive.png
.png
images/ui40/titlebar_right.png
.png
images/ui40/titlebar_right_inactive.png
.png
images/ui40/videotest.png
.png
images/ui40/videotest_logo.png
.png
images/ui40/vidwin_b_c.png
.png
images/ui40/vidwin_b_l.png
.png
images/ui40/vidwin_b_r.png
.png
images/ui40/vidwin_b_r_mac.png
.png
images/ui40/vidwin_m_l_b.png
.png
images/ui40/vidwin_m_l_c.png
.png
images/ui40/vidwin_m_l_u.png
.png
images/ui40/vidwin_m_r_b.png
.png
images/ui40/vidwin_m_r_c.png
.png
images/ui40/vidwin_m_r_u.png
.png
images/ui40/vidwin_u_c.png
.png
images/ui40/vidwin_u_l.png
.png
images/ui40/vidwin_u_r.png
.png
sounds/background.png
.png
sounds/busy.wav
sounds/dtmf-0.wav
sounds/dtmf-1.wav
sounds/dtmf-2.wav
sounds/dtmf-3.wav
sounds/dtmf-4.wav
sounds/dtmf-5.wav
sounds/dtmf-6.wav
sounds/dtmf-7.wav
sounds/dtmf-8.wav
sounds/dtmf-9.wav
sounds/dtmf-pound.wav
sounds/dtmf-star.wav
sounds/error.html
.html .js polyglot
sounds/loading.html
.html
sounds/loading_creative.html
.html
sounds/ring.wav
sounds/ringback.wav
translations/qt_de.qm
translations/qt_es.qm
translations/qt_fr.qm
translations/qt_it.qm
translations/qt_ja.qm
translations/qt_nl.qm
translations/qt_pt.qm
translations/qt_zh_CN.qm
translations/qt_zh_TW.qm
translations/sightspeed_de.qm
translations/sightspeed_es.qm
translations/sightspeed_fr.qm
translations/sightspeed_it.qm
translations/sightspeed_ja.qm
translations/sightspeed_nl.qm
translations/sightspeed_pt.qm
translations/sightspeed_zh_CN.qm
translations/sightspeed_zh_TW.qm

Sharing

General

Malware Config

Signatures

Files

18bc6fa81e19f21156316b1ae696ed6b

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 108KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 34KB - Virtual size: 33KB

1221406604d6fef21b4469a58a9cf427

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 22KB

.reloc Size: 1024B - Virtual size: 734B

a4d2443050a5b105af84b31cad4ffaf2

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

imm32

winspool.drv

msvcr71

Exports

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39
Certificate

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 108KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 34KB - Virtual size: 33KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 22KB

.reloc
Size: 1024B - Virtual size: 734B

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

69:a9:c8:ae:b4:cd:28:67:e6:c5:7f:d3:e5:63:0e:39
Certificate

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 120KB - Virtual size: 117KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 2KB