THETpAIN[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

THETpAIN.zip
Size

129.0MB
MD5

9a872bcd314541620d8e15117ccf710c
SHA1

525b029ea1c8eb5a2c5e073b798d6e870047bbcc
SHA256

a1fa42ed046d433cec3cc496f4978c0ad8f9a31f3ef553cc8f8b4908f4acbce4
SHA512

be812369829f701187cbefb4bd69635a7bb7ac00cc99efcdf128c797ea071c2a2cf13963f246e85d0abbf8d79e312da9131a3793b9def5d42f08d4123a0d5447
SSDEEP

3145728:TpnAYmvIYkXuax+p8PhvU+M1opv6WkMwHe0BL4c6MVQoUP:1mvIYGx+p8PhMV1odNkMwHv4c6MOoG

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack003/ASSiGN/The T-Pain Effect/x64/iZTPainEffect.dll
unpack003/ASSiGN/The T-Pain Effect/x86/iZTPainEffect.dll
unpack003/ASSiGN/iDrum T-Pain Edition/x64/iZiDrum.dll
unpack003/ASSiGN/iDrum T-Pain Edition/x86/iZiDrum.dll

Files

THETpAIN.zip
.zip
iZotope The T-Pain Effects Bundle STANDALONE DX VST RTAS v1.02 x86 x64 - ASSiGN/VAC_10_2.zip
.zip
VAC 10/256cables/vrtaucbl.cat
VAC 10/256cables/vrtaucbl.inf
VAC 10/file_id.diz
VAC 10/homepage.url
VAC 10/license.txt
VAC 10/readme.txt
VAC 10/removeservice.inf
VAC 10/setup.exe
.exe windows:5 windows x86 arch:x86

51a46eb8d184066e21de2e8a59827a39

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:e2:4e:88:00:1d:04:2d:db:9c:db:6c:94:d2:e6:29:48:b3:1e:27
Signer

Actual PE Digest

4d:e2:4e:88:00:1d:04:2d:db:9c:db:6c:94:d2:e6:29:48:b3:1e:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\music\win\setup\16x\objfre_w2K_x86\i386\setup.pdb

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
CreateServiceA
OpenServiceA
GetServiceDisplayNameA
DeleteService
StartServiceA
QueryServiceStatus
ControlService

kernel32

GetLastError
CreateEventA
WaitForSingleObject
CreateProcessA
GetEnvironmentVariableA
WriteFile
RtlZeroMemory
GetCurrentProcessId
CreateFileA
RemoveDirectoryA
SetEvent
OpenProcess
CopyFileA
GetCurrentDirectoryA
ProcessIdToSessionId
lstrlenA
GetSystemInfo
GetModuleHandleA
CreateThread
GetPrivateProfileStringA
GetLocalTime
DeleteFileA
SetLastError
CloseHandle
CreateDirectoryA
MultiByteToWideChar
ReadFile
GetFileSize
SetEndOfFile
MoveFileExA
CompareStringA
lstrcmpiA
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
GetProcAddress
GetDriveTypeA
GetCurrentProcess
GetWindowsDirectoryA
GetTempPathA
GetModuleFileNameA
lstrlenW
lstrcatW
GetSystemDirectoryW
Sleep
GetTickCount
lstrcmpA
lstrcatA
lstrcpynA
FlushFileBuffers
lstrcpyA
LocalAlloc
FormatMessageA
GetCommandLineA
ExitProcess
GetVersionExA
LocalFree

gdi32

SetTextColor
CreateSolidBrush
DeleteObject
SetBkColor

user32

GetDlgItem
DialogBoxParamA
SetFocus
DestroyWindow
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
CreateDialogParamA
GetWindowTextA
wvsprintfA
MessageBoxA
ExitWindowsEx
OemToCharW
RegisterClassA
GetDesktopWindow
wsprintfA
DefWindowProcA
CreateWindowExA
SendDlgItemMessageA
ShowWindow
SetWindowTextA
EndDialog
PostThreadMessageA
GetSystemMetrics

comctl32

ord17

ole32

CoInitialize
CoCreateInstance

shell32

ShellExecuteA
SHGetSpecialFolderPathA

rpcrt4

UuidCreate

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/setup.ini
VAC 10/setup64.exe
.exe windows:5 windows x64 arch:x64

4ea99ca2f97cf7f9e6291604a48ab102

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4d:53:c6:05:8f:53:c0:82:f7:68:91:aa:f2:ad:5e:0e:84:d0:4b:46
Signer

Actual PE Digest

4d:53:c6:05:8f:53:c0:82:f7:68:91:aa:f2:ad:5e:0e:84:d0:4b:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\music\win\setup\16x\objfre_wnet_AMD64\amd64\setup.pdb

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
CloseServiceHandle
OpenSCManagerA
CreateServiceA
OpenServiceA
GetServiceDisplayNameA
DeleteService
StartServiceA
QueryServiceStatus
ControlService

kernel32

RtlZeroMemory
RemoveDirectoryA
CloseHandle
CreateEventA
WaitForSingleObject
CreateProcessA
GetEnvironmentVariableA
WriteFile
GetCurrentProcessId
CreateFileA
SetEvent
OpenProcess
CopyFileA
GetCurrentDirectoryA
ProcessIdToSessionId
lstrlenA
GetSystemInfo
GetModuleHandleA
CreateThread
GetPrivateProfileStringA
GetLocalTime
DeleteFileA
SetLastError
GetLastError
CreateDirectoryA
MultiByteToWideChar
ReadFile
GetFileSize
SetEndOfFile
MoveFileExA
CompareStringA
lstrcmpiA
FreeLibrary
GetProcAddress
GetDriveTypeA
GetCurrentProcess
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetTempPathA
GetModuleFileNameA
LoadLibraryA
lstrlenW
lstrcatW
GetSystemDirectoryW
Sleep
GetTickCount
lstrcmpA
lstrcatA
lstrcpynA
FlushFileBuffers
lstrcpyA
LocalAlloc
FormatMessageA
GetCommandLineA
ExitProcess
GetVersionExA
LocalFree

gdi32

SetTextColor
CreateSolidBrush
DeleteObject
SetBkColor

user32

GetDlgItem
DialogBoxParamA
SetFocus
DestroyWindow
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
CreateDialogParamA
GetWindowTextA
wvsprintfA
MessageBoxA
ExitWindowsEx
OemToCharW
wsprintfA
RegisterClassA
DefWindowProcA
CreateWindowExA
GetDesktopWindow
SendDlgItemMessageA
ShowWindow
SetWindowTextA
EndDialog
PostThreadMessageA
GetSystemMetrics

comctl32

ord17

ole32

CoInitialize
CoCreateInstance

shell32

ShellExecuteA
SHGetSpecialFolderPathA

rpcrt4

UuidCreate

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/vac.chm
.chm
VAC 10/vrtaucbl.cat
VAC 10/vrtaucbl.inf
VAC 10/x64/audiorepeater.exe
.exe windows:5 windows x64 arch:x64

b835f41e2acde01288658cdfeb2338ef

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:0c:dd:e4:68:1c:94:bf:b0:3e:5b:af:18:77:12:35:05:82:9f:ab
Signer

Actual PE Digest

59:0c:dd:e4:68:1c:94:bf:b0:3e:5b:af:18:77:12:35:05:82:9f:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\music\win\audiorepeater\1xx\objfre_wnet_AMD64\amd64\audiorepeater.pdb

Imports

kernel32

GetCurrentThread
CloseHandle
WaitForSingleObject
Sleep
GetStartupInfoA
RtlZeroMemory
GetLastError
CreateThread
SetPriorityClass
GetTickCount
OpenProcess
GetCurrentProcessId
SetThreadPriority
lstrlenA
lstrcmpA
LocalAlloc
lstrcpynA
GetSystemInfo
GetVersionExA
FormatMessageA
SetLastError
GetCommandLineA
ExitProcess
lstrcmpiA
GetModuleHandleA
lstrcpyA
LocalFree

user32

SetWindowTextA
wsprintfA
EndDialog
SetTimer
ShowWindow
DialogBoxParamA
LoadIconA
GetClassNameA
MessageBoxA
wvsprintfA
GetSubMenu
HiliteMenuItem
TrackPopupMenuEx
GetCursorPos
LoadMenuA
SendDlgItemMessageA
GetDlgItem
EnableWindow
SendMessageA
SetDlgItemInt
PostMessageA
FindWindowA
KillTimer
PostThreadMessageA
GetMessageA

comctl32

ord17
ord16

shell32

Shell_NotifyIconA

winmm

waveOutRestart
waveOutWrite
waveOutPrepareHeader
waveInUnprepareHeader
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
waveInStart
waveOutGetErrorTextA
waveOutUnprepareHeader
waveInOpen
waveOutOpen
waveInPrepareHeader
waveInAddBuffer
waveInClose
waveOutClose
waveInReset
waveOutReset
waveOutPause

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x64/audiorepeater_ks.exe
.exe windows:5 windows x64 arch:x64

f81d0ca4c20a6ab2afa9ccf50fd74f28

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:8f:31:c8:72:5f:00:8a:59:aa:43:f7:29:28:96:07:38:7f:27:72
Signer

Actual PE Digest

87:8f:31:c8:72:5f:00:8a:59:aa:43:f7:29:28:96:07:38:7f:27:72

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\music\win\audiorepeater\1xxks\objfre_wnet_AMD64\amd64\audiorepeater_ks.pdb

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

CloseHandle
GetOverlappedResult
Sleep
SetThreadPriority
GetCurrentThread
RtlZeroMemory
WaitForSingleObject
GetStartupInfoA
CreateThread
GetTickCount
SetPriorityClass
OpenProcess
GetCurrentProcessId
GetModuleHandleA
GetLastError
lstrcpynA
lstrcmpA
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
DeviceIoControl
CreateFileA
LocalAlloc
RtlMoveMemory
FormatMessageA
GetSystemInfo
GetVersionExA
GetCommandLineA
LocalFree
ExitProcess
lstrcmpiA
lstrcpyA
lstrlenA

user32

MessageBoxA
wvsprintfA
CharToOemBuffW
GetClassNameA
LoadMenuA
GetCursorPos
GetSubMenu
FindWindowA
LoadIconA
DialogBoxParamA
ShowWindow
SetTimer
EndDialog
wsprintfA
SetWindowTextA
HiliteMenuItem
KillTimer
PostMessageA
SetDlgItemInt
SendMessageA
EnableWindow
GetDlgItem
SendDlgItemMessageA
TrackPopupMenuEx

comctl32

ord16
ord17

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceRegistryPropertyA

shell32

Shell_NotifyIconA

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x64/vcctlpan.exe
.exe windows:5 windows x64 arch:x64

d98bf1e5b9e336ee2f468d8338b35929

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

80:f5:cb:41:c8:1b:cd:20:90:80:ae:28:f1:52:27:05:75:f0:4a:f7
Signer

Actual PE Digest

80:f5:cb:41:c8:1b:cd:20:90:80:ae:28:f1:52:27:05:75:f0:4a:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\music\win\vac\4\4xx\ctlpan\objfre_wnet_AMD64\amd64\vcctlpan.pdb

Imports

kernel32

DeviceIoControl
RtlZeroMemory
lstrcatA
GetModuleHandleA
GetModuleFileNameA
CreateMutexA
GetLastError
RtlCompareMemory
CreateFileA
LocalAlloc
FormatMessageA
SetLastError
GetSystemInfo
GetVersionExA
GetCommandLineA
ExitProcess
lstrcpyA
lstrlenA
CloseHandle
LocalFree

gdi32

GetTextExtentPoint32A
SetBkMode
SetTextColor
SelectObject
GetStockObject
DeleteObject
CreateFontIndirectA
GetObjectA

user32

LoadIconA
GetDlgItemTextA
DialogBoxParamA
GetDesktopWindow
wvsprintfA
SendMessageA
GetWindowLongA
GetSysColor
SetWindowPos
EndDialog
SetTimer
EnableWindow
wsprintfA
SetDlgItemTextA
MessageBoxA
GetDlgItem
ChildWindowFromPoint
SetCursor
SetWindowLongA
GetSysColorBrush
SetWindowTextA
SystemParametersInfoA
LoadCursorA
GetParent
GetWindowRect
DestroyWindow
CreateDialogParamA
SendDlgItemMessageA
GetWindowTextA

comctl32

ord17
ord16

shell32

ShellExecuteA

setupapi

SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstallParamsA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x64/vrtaucbl.sys
.sys windows:5 windows x64 arch:x64

2687cda99788c58b16cf703e94769774

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:4a:fd:65:21:2b:d6:08:3e:f3:a8:c4:67:56:9d:68:25:28:7d:47
Signer

Actual PE Digest

44:4a:fd:65:21:2b:d6:08:3e:f3:a8:c4:67:56:9d:68:25:28:7d:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\music\win\vac\4\4xx\driver\objfre_wnet_AMD64\amd64\vrtaucbl.pdb

Imports

ntoskrnl.exe

RtlCompareUnicodeString
RtlInitUnicodeString
swprintf
sprintf
IoRegisterDeviceInterface
ExSetTimerResolution
IoSetDeviceInterfaceState
RtlFreeUnicodeString
IofCompleteRequest
ZwOpenKey
ZwCreateKey
ZwClose
strrchr
__chkstk
ZwQueryValueKey
ZwSetValueKey
ZwDeleteKey
ExFreePool
wcsrchr
IoGetDeviceInterfaces
_snwprintf
KeSetTimer
KeCancelTimer
KeInitializeDpc
KeInitializeTimerEx
ExAllocatePoolWithTag
MmGetSystemRoutineAddress
IoIsWdmVersionAvailable
KeReleaseSpinLock
KeAcquireSpinLockRaiseToDpc
KeReleaseMutex
KeWaitForSingleObject
KeInitializeMutex
KeSetSystemAffinityThread
KeSetTargetProcessorDpc
KeSetImportanceDpc
RtlZeroMemory
RtlMoveMemory
KeNumberProcessors
MmGetPhysicalAddress

portcls.sys

PcNewServiceGroup
PcInitializeAdapterDriver
PcForwardIrpSynchronous
PcDispatchIrp
PcAddAdapterDevice
PcNewPort
PcRegisterSubdevice
PcRegisterPhysicalConnection
PcRegisterAdapterPowerManagement

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 128B - Virtual size: 121B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 640B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VAC 10/x86/audiorepeater.exe
.exe windows:5 windows x86 arch:x86

a39e17268d262db4037dae6c51e63776

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:06:48:d7:8f:f8:cd:1a:c6:c2:ac:73:cd:56:a1:8b:6f:d9:ca:92
Signer

Actual PE Digest

dc:06:48:d7:8f:f8:cd:1a:c6:c2:ac:73:cd:56:a1:8b:6f:d9:ca:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\music\win\audiorepeater\1xx\objfre_w2K_x86\i386\audiorepeater.pdb

Imports

kernel32

InterlockedDecrement
SetThreadPriority
GetCurrentThread
CloseHandle
WaitForSingleObject
Sleep
GetStartupInfoA
RtlZeroMemory
GetLastError
CreateThread
SetPriorityClass
GetTickCount
OpenProcess
InterlockedIncrement
GetModuleHandleA
lstrlenA
lstrcmpA
LocalAlloc
lstrcpynA
GetSystemInfo
GetVersionExA
FormatMessageA
SetLastError
GetCommandLineA
ExitProcess
lstrcmpiA
GetCurrentProcessId
lstrcpyA
LocalFree

user32

SetWindowTextA
wsprintfA
EndDialog
SetTimer
ShowWindow
GetCursorPos
LoadIconA
GetClassNameA
MessageBoxA
wvsprintfA
GetSubMenu
HiliteMenuItem
TrackPopupMenuEx
FindWindowA
LoadMenuA
SendDlgItemMessageA
GetDlgItem
EnableWindow
SendMessageA
SetDlgItemInt
PostMessageA
DialogBoxParamA
KillTimer
PostThreadMessageA
GetMessageA

comctl32

ord17
ord16

shell32

Shell_NotifyIconA

winmm

waveOutRestart
waveOutWrite
waveOutPrepareHeader
waveInUnprepareHeader
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetDevCapsA
waveInGetNumDevs
waveInStart
waveOutGetErrorTextA
waveOutUnprepareHeader
waveOutOpen
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInClose
waveOutClose
waveInReset
waveOutReset
waveOutPause

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x86/audiorepeater_ks.exe
.exe windows:5 windows x86 arch:x86

f81d0ca4c20a6ab2afa9ccf50fd74f28

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1c:e4:bf:a4:0a:44:67:1d:4b:ae:57:9f:e5:22:96:a9:8a:b7:c5:11
Signer

Actual PE Digest

1c:e4:bf:a4:0a:44:67:1d:4b:ae:57:9f:e5:22:96:a9:8a:b7:c5:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\music\win\audiorepeater\1xxks\objfre_w2K_x86\i386\audiorepeater_ks.pdb

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

CloseHandle
GetOverlappedResult
Sleep
SetThreadPriority
GetCurrentThread
RtlZeroMemory
WaitForSingleObject
GetStartupInfoA
CreateThread
GetTickCount
SetPriorityClass
OpenProcess
GetCurrentProcessId
GetModuleHandleA
GetLastError
lstrcpynA
lstrcmpA
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
DeviceIoControl
CreateFileA
LocalAlloc
RtlMoveMemory
FormatMessageA
GetSystemInfo
GetVersionExA
GetCommandLineA
LocalFree
ExitProcess
lstrcmpiA
lstrcpyA
lstrlenA

user32

MessageBoxA
wvsprintfA
CharToOemBuffW
GetClassNameA
LoadMenuA
GetCursorPos
GetSubMenu
FindWindowA
LoadIconA
DialogBoxParamA
ShowWindow
SetTimer
EndDialog
wsprintfA
SetWindowTextA
HiliteMenuItem
KillTimer
PostMessageA
SetDlgItemInt
SendMessageA
EnableWindow
GetDlgItem
SendDlgItemMessageA
TrackPopupMenuEx

comctl32

ord16
ord17

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceRegistryPropertyA

shell32

Shell_NotifyIconA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x86/vcctlpan.exe
.exe windows:5 windows x86 arch:x86

42891a521dfd37012153a758340316b6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:0b:1e:90:8c:4b:0a:66:1f:87:0c:05:c9:b6:11:d1:49:d7:b7:cb
Signer

Actual PE Digest

e9:0b:1e:90:8c:4b:0a:66:1f:87:0c:05:c9:b6:11:d1:49:d7:b7:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\music\win\vac\4\4xx\ctlpan\objfre_wxp_x86\i386\vcctlpan.pdb

Imports

kernel32

DeviceIoControl
lstrcatA
RtlZeroMemory
GetModuleHandleA
GetModuleFileNameA
CreateMutexA
GetLastError
CreateFileA
LocalAlloc
FormatMessageA
SetLastError
GetSystemInfo
GetVersionExA
GetCommandLineA
ExitProcess
lstrcpyA
lstrlenA
CloseHandle
LocalFree

gdi32

GetObjectA
CreateFontIndirectA
GetStockObject
SelectObject
DeleteObject
SetBkMode
SetTextColor
GetTextExtentPoint32A

user32

EnableWindow
SendMessageA
LoadIconA
GetDesktopWindow
wvsprintfA
SetTimer
GetWindowLongA
GetParent
GetWindowRect
SetWindowPos
SystemParametersInfoA
DialogBoxParamA
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
MessageBoxA
GetDlgItem
LoadCursorA
SetWindowTextA
SetWindowLongA
SendDlgItemMessageA
CreateDialogParamA
GetSysColorBrush
GetSysColor
GetWindowTextA
ChildWindowFromPoint
SetCursor
DestroyWindow
EndDialog

comctl32

ord17
ord16

shell32

ShellExecuteA

setupapi

SetupDiGetDeviceInstallParamsA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

ntdll

RtlCompareMemory

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VAC 10/x86/vrtaucbl.sys
.sys windows:5 windows x86 arch:x86

3a59b0a0742babb77c67e5af0706c5bc

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

08/01/2010, 00:00

Not After

09/01/2011, 23:59

Subject

CN=NTONYX Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=NTONYX Ltd.,L=Novosibirsk\ ,ST=Novosibirsk region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:7e:1b:67:07:98:96:0c:95:e6:f3:7f:a8:4d:85:32:d4:9d:64:e2
Signer

Actual PE Digest

53:7e:1b:67:07:98:96:0c:95:e6:f3:7f:a8:4d:85:32:d4:9d:64:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\music\win\vac\4\4xx\driver\objfre_wxp_x86\i386\vrtaucbl.pdb

Imports

ntoskrnl.exe

RtlInitUnicodeString
swprintf
sprintf
IoRegisterDeviceInterface
ExSetTimerResolution
IoSetDeviceInterfaceState
RtlFreeUnicodeString
IofCompleteRequest
ZwOpenKey
ZwCreateKey
ZwClose
strrchr
ZwQueryValueKey
ZwSetValueKey
InterlockedExchange
ZwDeleteKey
RtlZeroMemory
RtlCompareUnicodeString
wcslen
wcscmp
wcsrchr
IoGetDeviceInterfaces
RtlMoveMemory
_snwprintf
KeGetCurrentThread
KeQueryInterruptTime
KeSetTimer
KeCancelTimer
KeInitializeDpc
KeInitializeTimerEx
ExAllocatePoolWithTag
MmGetSystemRoutineAddress
IoIsWdmVersionAvailable
InterlockedDecrement
ExFreePool
KeInitializeSpinLock
KeReleaseMutex
KeWaitForSingleObject
KeInitializeMutex
InterlockedIncrement
KeSetTargetProcessorDpc
KeSetImportanceDpc
KeNumberProcessors
MmGetPhysicalAddress
KeSetSystemAffinityThread

portcls.sys

PcNewServiceGroup
PcForwardIrpSynchronous
PcDispatchIrp
PcAddAdapterDevice
PcNewPort
PcRegisterSubdevice
PcRegisterPhysicalConnection
PcRegisterAdapterPowerManagement
PcInitializeAdapterDriver

hal

KfReleaseSpinLock
KfAcquireSpinLock

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 768B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 128B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
iZotope The T-Pain Effects Bundle STANDALONE DX VST RTAS v1.02 x86 x64 - ASSiGN/iNFO.txt
iZotope The T-Pain Effects Bundle STANDALONE DX VST RTAS v1.02 x86 x64 - ASSiGN/iZotope.The.T-Pain.Effects.Bundle.STANDALONE.DX.VST.RTAS.v1.02.x86.x64-ASSiGN.rar
.rar
+Open.mE/+VERY IMPORTANT.Cancer.Fund.for.Tabsmans.Family.txt
+Open.mE/Call for Global Awakening!!.url
.url
+Open.mE/Pix2Links.txt
+Open.mE/Torrent downloaded from puretorrents.cc.txt
+Open.mE/h33t - deepstatus.url
.url
+Open.mE/tracked_by_h33t_com.txt
+Open.mE/tracked_on_1337x.txt
+Open.mE/tracked_on_solodz.me.txt
ASSiGN.nfo
ASSiGN/The T-Pain Effect/x64/iZTPainEffect.dll
.dll windows:5 windows x64 arch:x64

df9409776bf1c5d42da5da57bdefe2c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\iZotope\TPainEffect\plugin\build\win_vc90\x64\Release CRTStatic DLL_TPainEffectPlugin\iZTPainEffect.pdb

Imports

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
PFXImportCertStore
CryptImportPublicKeyInfo
CertCloseStore

gdiplus

GdiplusShutdown
GdipCloneImage
GdipCloneBrush
GdipCreateFont
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipCreateRegion
GdipMeasureCharacterRanges
GdipDrawString
GdipSetTextRenderingHint
GdipGetImageGraphicsContext
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipGetRegionBounds
GdipDeleteRegion
GdipFlush
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDeleteBrush
GdiplusStartup
GdipFree
GdipAlloc

oleacc

LresultFromObject
AccessibleObjectFromWindow

kernel32

EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetLastError
SetLastError
GetProcAddress
LoadLibraryA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
lstrlenA
GetExitCodeProcess
CreateProcessW
SetFileTime
SetEndOfFile
WriteFile
CreateFileA
GetModuleHandleA
GetModuleHandleW
GetFileAttributesA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
GetSystemTimeAsFileTime
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
EncodePointer
DecodePointer
TlsAlloc
FlsGetValue
FlsFree
GetCurrentThread
FlsAlloc
TerminateProcess
IsDebuggerPresent
RtlVirtualUnwind
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
CreateProcessA
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapReAlloc
FreeLibrary
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
GetShortPathNameW
GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
FindFirstFileW
FindClose
GetLongPathNameW
CreateThread
SetThreadPriority
TerminateThread
GetProcessAffinityMask
WaitForSingleObject
CloseHandle
CreateFileW
FindResourceA
LoadResource
LockResource
WideCharToMultiByte
MultiByteToWideChar
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentDirectoryA
GetFullPathNameW
ResumeThread
GetVersionExA
LoadLibraryW
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
ExpandEnvironmentStringsA
CreateMutexA
ReleaseMutex
TlsSetValue
DuplicateHandle
TlsGetValue
GetSystemDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileAttributesW
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameA
FindFirstFileA
ExitThread
SetHandleCount

user32

DestroyCursor
CreateCursor
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA
TranslateMessage
GetKeyState
GetMessageA
GetMonitorInfoA
MonitorFromRect
AdjustWindowRectEx
GetFocus
SetFocus
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
WaitMessage
PeekMessageA
NotifyWinEvent
PostMessageW
SetWindowLongW
GetWindowLongW
GetDesktopWindow
GetWindowPlacement
SetWindowPlacement
IsChild
ScreenToClient
EnableMenuItem
GetSystemMenu
LoadIconW
CreatePopupMenu
DestroyMenu
CreateMenu
CheckMenuItem
TrackPopupMenu
SetMenuItemInfoW
CreateAcceleratorTableW
AppendMenuW
RemoveMenu
InsertMenuItemW
MessageBoxW
GetAncestor
DrawMenuBar
GetForegroundWindow
WindowFromPoint
DefWindowProcW
LoadCursorA
RegisterClassExA
UnregisterClassA
SetPropA
GetDC
ReleaseDC
DefWindowProcA
InvalidateRect
UpdateWindow
GetPropA
GetWindowTextA
RemovePropA
GetCapture
GetParent
PostMessageA
ReleaseCapture
SetCapture
DialogBoxParamA
GetClientRect
GetDlgCtrlID
SetWindowTextW
IsWindowUnicode
DestroyWindow
CreateWindowExW
DialogBoxParamW
SetWindowLongPtrA
GetWindowLongPtrA
GetAsyncKeyState
KillTimer
EndDialog
GetSysColor
FillRect
DrawFocusRect
GetCursorPos
SetCursor
VkKeyScanA
SendInput
GetClassInfoExW
RegisterClassExW
UnregisterClassW
GetWindowLongPtrW
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
SetLayeredWindowAttributes
GetWindowLongA
SetWindowLongA
IsClipboardFormatAvailable
MessageBoxA
RedrawWindow
SendMessageW
RegisterWindowMessageA
EndPaint
BeginPaint
GetClassInfoExA
SetDlgItemTextW
IsDlgButtonChecked
SetWindowLongPtrW
CheckDlgButton
SetDlgItemTextA
GetDlgItemTextW
SetWindowTextA
SendMessageA
GetDlgItemTextA
EnableWindow
GetDlgItem
MoveWindow
GetWindowInfo
GetWindowRect
ShowWindow
CheckRadioButton
SetWindowPos
SetTimer

gdi32

SetBkMode
GetTextExtentExPointA
CreateFontA
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
CreateSolidBrush
BitBlt
DeleteDC
GetTextMetricsA
GetTextExtentPoint32A
SetBkColor
SetTextColor
TextOutA
DeleteObject
CreateDIBSection
SelectClipRgn

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

CryptVerifySignatureA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegCloseKey
CryptDestroyHash
CryptReleaseContext
RegEnumValueW

shell32

SHGetFolderPathW
ShellExecuteW
DragQueryFileA
DragQueryFileW

ole32

CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
DoDragDrop
ReleaseStgMedium
OleInitialize
RegisterDragDrop
OleUninitialize
CoUninitialize
CoInitialize

oleaut32

SysFreeString
SysAllocString

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA

rpcrt4

UuidCreateSequential

ws2_32

send
select
closesocket
WSASetLastError
ntohs
getservbyport
getsockname
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
bind
connect
listen
WSAStartup
socket
gethostbyaddr
ioctlsocket
__WSAFDIsSet
getsockopt
recv

comctl32

InitCommonControlsEx

Exports

Exports

PluginCoreCallback

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 645KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASSiGN/The T-Pain Effect/x86/iZTPainEffect.dll
.dll windows:5 windows x86 arch:x86

e0eacb308c5a0b0ca291d71928d3a92b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\iZotope\TPainEffect\plugin\build\win_vc90\Win32\Release CRTStatic DLL_TPainEffectPlugin\iZTPainEffect.pdb

Imports

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
PFXImportCertStore
CryptImportPublicKeyInfo
CertCloseStore

gdiplus

GdiplusShutdown
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipCreateRegion
GdipMeasureCharacterRanges
GdipDrawString
GdipSetTextRenderingHint
GdipGetImageGraphicsContext
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipGetRegionBounds
GdipDeleteRegion
GdipFlush
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDeleteBrush
GdipFree
GdipAlloc
GdipCreateFont

oleacc

LresultFromObject
AccessibleObjectFromWindow

kernel32

EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetLastError
SetLastError
GetProcAddress
LoadLibraryA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
lstrlenA
GetExitCodeProcess
CreateProcessW
SetFileTime
SetEndOfFile
WriteFile
CreateFileA
GetModuleHandleA
GetModuleHandleW
GetFileAttributesA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalSize
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
TerminateProcess
IsDebuggerPresent
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
SetHandleCount
CreateProcessA
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeLibrary
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
GetProcessHeap
GetWindowsDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
FindFirstFileW
FindClose
GetLongPathNameW
CreateThread
SetThreadPriority
TerminateThread
GetProcessAffinityMask
WaitForSingleObject
CloseHandle
CreateFileW
FindResourceA
LoadResource
LockResource
WideCharToMultiByte
MultiByteToWideChar
GetUserDefaultLCID
GetLocaleInfoA
GetCurrentDirectoryA
GetShortPathNameW
GetFullPathNameW
VirtualQuery
GetVersionExA
LoadLibraryW
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
ExpandEnvironmentStringsA
CreateMutexA
ReleaseMutex
DuplicateHandle
GetSystemDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileAttributesW
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameA
FindFirstFileA
ExitThread
ResumeThread
GetFileType

user32

CreateCursor
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA
TranslateMessage
GetKeyState
GetMessageA
GetMonitorInfoA
MonitorFromRect
AdjustWindowRectEx
GetFocus
SetFocus
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
WaitMessage
PeekMessageA
NotifyWinEvent
PostMessageW
GetDesktopWindow
GetWindowPlacement
SetWindowPlacement
IsChild
ScreenToClient
EnableMenuItem
GetSystemMenu
LoadIconW
CreatePopupMenu
DestroyMenu
CreateMenu
CheckMenuItem
TrackPopupMenu
SetMenuItemInfoW
CreateAcceleratorTableW
AppendMenuW
RemoveMenu
InsertMenuItemW
SetWindowLongW
DestroyCursor
SetLayeredWindowAttributes
DrawMenuBar
GetForegroundWindow
WindowFromPoint
GetClassInfoExA
GetWindowLongW
RegisterClassExA
UnregisterClassA
SetPropA
GetDC
ReleaseDC
DefWindowProcA
InvalidateRect
UpdateWindow
GetPropA
GetWindowTextA
RemovePropA
GetParent
PostMessageA
GetCapture
SetCapture
ReleaseCapture
DialogBoxParamA
GetClientRect
GetDlgCtrlID
SetWindowTextW
IsWindowUnicode
DestroyWindow
CreateWindowExW
DialogBoxParamW
GetAsyncKeyState
KillTimer
EndDialog
GetSysColor
FillRect
DrawFocusRect
GetWindowLongA
GetCursorPos
SetCursor
VkKeyScanA
SendInput
GetClassInfoExW
RegisterClassExW
MessageBoxW
UnregisterClassW
GetClipboardData
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
SetWindowLongA
SetTimer
IsClipboardFormatAvailable
MessageBoxA
RedrawWindow
SendMessageW
RegisterWindowMessageA
EndPaint
BeginPaint
SetDlgItemTextW
LoadCursorA
IsDlgButtonChecked
CheckDlgButton
DefWindowProcW
SetDlgItemTextA
GetDlgItemTextW
SetWindowTextA
SendMessageA
GetDlgItemTextA
EnableWindow
GetDlgItem
MoveWindow
GetWindowInfo
GetWindowRect
ShowWindow
CheckRadioButton
SetWindowPos
GetAncestor

gdi32

SetBkMode
GetTextExtentExPointA
CreateFontA
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
CreateSolidBrush
BitBlt
DeleteDC
GetTextMetricsA
GetTextExtentPoint32A
SetBkColor
SetTextColor
TextOutA
DeleteObject
CreateDIBSection
SelectClipRgn

comdlg32

GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW

advapi32

CryptVerifySignatureA
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
CryptAcquireContextA
CryptCreateHash
CryptHashData
RegCloseKey
CryptDestroyHash
CryptReleaseContext
RegEnumValueW

shell32

SHGetFolderPathW
ShellExecuteW
DragQueryFileA
DragQueryFileW

ole32

CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
ReleaseStgMedium
OleInitialize
RegisterDragDrop
OleUninitialize
CoUninitialize
CoInitialize
DoDragDrop

oleaut32

SysFreeString
SysAllocString

wininet

InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
HttpQueryInfoA

rpcrt4

UuidCreateSequential

ws2_32

getsockname
closesocket
WSASetLastError
ntohs
getservbyport
bind
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
listen
getsockopt
WSAStartup
socket
ioctlsocket
__WSAFDIsSet
connect
recv
send
gethostbyaddr
select

comctl32

InitCommonControlsEx

Exports

Exports

PluginCoreCallback

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASSiGN/The T-Pain Engine/The T-Pain Engine.exe
.exe windows:5 windows x86 arch:x86

4259e4e54f6806bac93aa39d19cc3518

Code Sign

5f:6e:e3:b4:24:ce:a3:16:f6:26:a4:8e:06:1f:df:9d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/01/2011, 00:00

Not After

23/01/2013, 23:59

Subject

CN=iZotope\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=iZotope\, Inc.,L=Cambridge,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fe:0d:47:a6:d1:f4:29:09:ef:a1:30:59:57:cf:68:c3:c7:60:46:42
Signer

Actual PE Digest

fe:0d:47:a6:d1:f4:29:09:ef:a1:30:59:57:cf:68:c3:c7:60:46:42

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\iZotope\TPainEffect\app\build\win_vc90\Win32\Release CRTStatic EXE_TPainEffect\iZotope TPainEffect.pdb

Imports

shlwapi

PathMakeSystemFolderW

kernel32

GetModuleHandleA
SetFileAttributesW
MultiByteToWideChar
Sleep
GetLastError
SetLastError
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
GetSystemDirectoryA
SetEnvironmentVariableA
GetCommandLineW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetStringTypeW
GetStringTypeA
GetFullPathNameW
GetProcessHeap
SetStdHandle
FlushFileBuffers
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
VirtualAlloc
GetTimeZoneInformation
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetFullPathNameA
VirtualFree
HeapCreate
CreateDirectoryW
GetDriveTypeW
DeleteFileW
GetFileAttributesW
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
ExitThread
SetFilePointer
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
LocalFree
OpenMutexA
CreateMutexA
ReleaseMutex
DuplicateHandle
CompareStringW
GetExitCodeProcess
HeapAlloc
HeapFree
RtlUnwind
GetSystemTimeAsFileTime
GetFileAttributesA
GlobalFree
CreateFileA
SetEndOfFile
SetFileTime
CreateProcessW
ResumeThread
GetLogicalDrives
GetDriveTypeA
lstrlenA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessAffinityMask
GetShortPathNameW
TryEnterCriticalSection
GetVolumeInformationA
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExA
CreateProcessA
GetCurrentThread
SetThreadPriority
RaiseException
InterlockedCompareExchange
InterlockedExchange
GetCurrentThreadId
WaitForSingleObject
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentProcess
GetCurrentProcessId
VirtualQuery
CreateFileW
InterlockedDecrement
TerminateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
GetModuleHandleW
LoadLibraryW
CreateThread
CreateSemaphoreW
InitializeCriticalSection
InterlockedIncrement
WaitNamedPipeW
WaitForMultipleObjects
SetEvent
ResetEvent
WriteFile
TransactNamedPipe
SetNamedPipeHandleState
SleepEx
ReadFile
PeekNamedPipe
GetFileType
GetStdHandle
LoadLibraryA
GetTickCount
ExpandEnvironmentStringsA
FormatMessageA
GetVersion
QueryPerformanceCounter
GlobalMemoryStatus
GetVersionExA
FindFirstFileA
FindClose
FlushConsoleInputBuffer
SetErrorMode
GetModuleFileNameA
GetUserDefaultLCID
CreateEventA
GetLongPathNameW
GetModuleFileNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GetLocaleInfoA
WideCharToMultiByte
LockResource
LoadResource
FindResourceA
MoveFileExW

user32

SetCursor
RegisterWindowMessageA
EnableWindow
GetDlgItem
EndDialog
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
KillTimer
GetDlgItemTextA
GetDlgItemTextW
GetWindowRect
SetTimer
SendMessageA
GetWindowLongA
SetWindowLongA
ShowWindow
DialogBoxParamA
DialogBoxParamW
PostMessageA
SendMessageW
FindWindowExA
GetParent
GetWindowLongW
wsprintfA
InsertMenuItemW
RemoveMenu
AppendMenuW
CreateAcceleratorTableW
SetMenuItemInfoW
TrackPopupMenu
CheckMenuItem
CreateMenu
DestroyMenu
CreatePopupMenu
GetClassInfoExW
RegisterClassExW
UnregisterClassW
GetSystemMenu
EnableMenuItem
DefWindowProcW
ScreenToClient
IsChild
SetWindowPlacement
GetAncestor
SetWindowLongW
PostMessageW
NotifyWinEvent
PeekMessageA
WaitMessage
GetWindowTextLengthW
GetWindowTextW
GetActiveWindow
GetFocus
AdjustWindowRectEx
VkKeyScanA
SendInput
MessageBoxW
SetMenu
DrawMenuBar
DialogBoxIndirectParamW
LoadIconW
SetFocus
GetWindowPlacement
CreateCursor
DestroyCursor
GetCursorPos
IsWindowUnicode
GetForegroundWindow
WindowFromPoint
GetMessageA
GetKeyState
TranslateAcceleratorA
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
MessageBoxA
DefWindowProcA
SetWindowPos
CreateWindowExA
RegisterClassExA
GetClassInfoExA
UnregisterClassA
DestroyWindow
IsClipboardFormatAvailable
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
SetDlgItemTextW
SetWindowTextA
MoveWindow
GetWindowInfo
CheckRadioButton
DrawFocusRect
FillRect
GetSysColor
GetAsyncKeyState
ReleaseCapture
SetCapture
GetCapture
GetDlgCtrlID
RemovePropA
EndPaint
GetWindowTextA
GetPropA
GetClientRect
BeginPaint
UpdateWindow
InvalidateRect
ReleaseDC
GetDC
SetPropA
LoadCursorA
CreateWindowExW
TranslateMessage
SetWindowTextW
GetMonitorInfoA
MonitorFromRect
IsWindowEnabled
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
DragQueryFileW
DragQueryFileA

ole32

DoDragDrop
RevokeDragDrop
OleInitialize
RegisterDragDrop
OleUninitialize
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
CoCreateInstance
ReleaseStgMedium

oleaut32

VarBstrCmp
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

comctl32

InitCommonControlsEx

winmm

midiOutGetErrorTextA
midiInGetErrorTextA
midiOutPrepareHeader
midiInClose
midiInReset
midiInStop
midiInAddBuffer
midiStreamPosition
midiStreamClose
midiOutClose
midiStreamStop
midiStreamOut
midiOutShortMsg
timeBeginPeriod
midiOutUnprepareHeader
midiInStart
midiInPrepareHeader
midiInOpen
midiStreamRestart
midiStreamProperty
midiStreamOpen
midiOutOpen
midiInGetDevCapsW
midiInGetNumDevs
midiOutGetDevCapsW
midiOutGetNumDevs
timeSetEvent
timeGetTime
waveOutGetNumDevs
waveOutGetDevCapsA
waveInGetNumDevs
waveInGetDevCapsA
midiOutLongMsg
waveInOpen
waveOutOpen
waveOutReset
waveInReset
waveInStart
waveInPrepareHeader
waveOutPrepareHeader
waveOutWrite
waveInUnprepareHeader
waveOutUnprepareHeader
waveInClose
waveOutClose
waveInAddBuffer

ws2_32

setsockopt
getpeername
getsockopt
htons
bind
WSACleanup
WSAStartup
closesocket
WSAGetLastError
inet_addr
gethostbyname
inet_ntoa
htonl
getservbyname
gethostbyaddr
getservbyport
recv
send
getsockname
ntohs
shutdown
connect
socket
WSASetLastError
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen
__WSAFDIsSet
select
ioctlsocket
gethostname

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

crypt32

CertCloseStore
CertFreeCertificateContext
CryptImportPublicKeyInfo
CertFindCertificateInStore
PFXImportCertStore

gdiplus

GdipMeasureCharacterRanges
GdipDrawString
GdipSetTextRenderingHint
GdipCreateStringFormat
GdipGetImageGraphicsContext
GdipFree
GdipCreateRegion
GdipGetEmHeight
GdipGetCellAscent
GdipGetCellDescent
GdipCreateFont
GdipCloneBrush
GdipCloneImage
GdipSetSolidFillColor
GdipDeleteBrush
GdipAlloc
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFont
GdipDeleteFontFamily
GdiplusStartup
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipGetRegionBounds
GdipDeleteRegion
GdipDeleteGraphics
GdiplusShutdown
GdipFlush
GdipDeleteStringFormat

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdi32

GetStockObject
DeleteObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
SetBkMode
GetTextExtentExPointA
TextOutA
CreateFontA
CreateFontW
DeleteDC
CreateSolidBrush
GetTextMetricsA
GetTextExtentPoint32A
SetBkColor
SetTextColor

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
DeregisterEventSource
ReportEventA
RegisterEventSourceA
RegCloseKey
RegQueryValueExW
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
CryptAcquireContextA
CryptCreateHash

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

rpcrt4

UuidCreateSequential

Exports

Exports

?ComputeFilterParams@iZResampler@@YA?AUFilterParams@1@M@Z
?Create@ResamplerEngine@iZResampler@@SAXIPAPAV12@IIIW4BufferingMode@2@IABUFilterParams@2@@Z
?Destroy@ResamplerEngine@iZResampler@@SAXPAV12@@Z
?GetDefaultFilterParams@iZResampler@@YA?AUFilterParams@1@XZ

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26.8MB - Virtual size: 26.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASSiGN/iDrum T-Pain Edition/Standalone/iDrum.exe
.exe windows:5 windows x86 arch:x86

ffdda3ffa5b15e044aa1c76c7ec2f443

Code Sign

5f:6e:e3:b4:24:ce:a3:16:f6:26:a4:8e:06:1f:df:9d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/01/2011, 00:00

Not After

23/01/2013, 23:59

Subject

CN=iZotope\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=iZotope\, Inc.,L=Cambridge,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

49:1c:18:98:1c:74:e0:3d:d7:5d:ba:ff:cc:53:fb:a2:55:76:8f:5f
Signer

Actual PE Digest

49:1c:18:98:1c:74:e0:3d:d7:5d:ba:ff:cc:53:fb:a2:55:76:8f:5f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\iZotope\iDrum\app\build\win_vc90\Win32\Release CRTStatic EXE_iDrumApp\iZotope iDrum.pdb

Imports

shlwapi

PathMakeSystemFolderW

kernel32

MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
ReleaseMutex
DuplicateHandle
GetSystemDirectoryA
FindFirstFileA
SetLastError
GetLastError
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
FlushFileBuffers
SetFilePointer
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
SetFileAttributesW
CreateMutexA
GetModuleHandleA
GetCommandLineW
LocalFree
ExitThread
CreateDirectoryW
GetFullPathNameA
VirtualFree
HeapCreate
ResumeThread
GetDriveTypeW
HeapAlloc
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
ReadFile
DeleteFileW
GetFileAttributesW
HeapFree
ExitProcess
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
RtlUnwind
GetSystemTimeAsFileTime
GetFileAttributesA
GlobalFree
CreateFileA
SetEndOfFile
SetFileTime
CreateProcessW
GetExitCodeProcess
lstrlenA
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
GetCurrentThreadId
WaitForSingleObject
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentProcess
GetCurrentProcessId
VirtualQuery
CreateFileW
InterlockedDecrement
TerminateThread
DeleteCriticalSection
SetUnhandledExceptionFilter
FreeLibrary
GetProcAddress
GetModuleHandleW
LoadLibraryW
CreateThread
CreateSemaphoreW
InitializeCriticalSection
InterlockedIncrement
WaitNamedPipeW
WaitForMultipleObjects
SetEvent
ResetEvent
WriteFile
TransactNamedPipe
SetNamedPipeHandleState
GetVersionExA
SetErrorMode
GetModuleFileNameA
LoadLibraryA
GetUserDefaultLCID
CreateEventA
Sleep
GetLocaleInfoA
MultiByteToWideChar
WideCharToMultiByte
GetLongPathNameW
GetModuleFileNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
LockResource
LoadResource
FindResourceA
InterlockedExchange
InterlockedCompareExchange
MoveFileExW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
FindClose
FindNextFileW
FindFirstFileW
TryEnterCriticalSection
RaiseException
SetThreadPriority
GetCurrentThread
CreateProcessA
GetShortPathNameW
GetTickCount
QueryPerformanceCounter
GetProcessAffinityMask
ExpandEnvironmentStringsA

user32

VkKeyScanA
SendMessageA
GetWindowLongW
SendMessageW
FindWindowExA
GetDlgItem
GetParent
SetDlgItemTextW
CheckDlgButton
SetWindowLongA
EnableWindow
InsertMenuItemW
RemoveMenu
AppendMenuW
CreateAcceleratorTableW
SetMenuItemInfoW
TrackPopupMenu
CheckMenuItem
CreateMenu
DestroyMenu
CreatePopupMenu
GetSystemMenu
EnableMenuItem
ScreenToClient
IsChild
SetWindowPlacement
PostMessageW
NotifyWinEvent
PeekMessageA
WaitMessage
GetWindowTextLengthW
GetWindowTextW
GetActiveWindow
GetFocus
AdjustWindowRectEx
GetAncestor
GetClassInfoExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
SetWindowLongW
DialogBoxIndirectParamW
LoadIconW
SetFocus
GetWindowPlacement
DrawMenuBar
TranslateAcceleratorA
SendInput
CreateCursor
DestroyCursor
RegisterWindowMessageA
EndPaint
BeginPaint
GetWindowLongA
DefWindowProcA
RegisterClassExA
GetClassInfoExA
UnregisterClassA
DestroyWindow
SetWindowPos
GetDesktopWindow
IsClipboardFormatAvailable
RegisterClipboardFormatA
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
MessageBoxA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextW
SetWindowTextA
GetDlgItemTextA
MoveWindow
GetWindowInfo
GetWindowRect
ShowWindow
CheckRadioButton
SetTimer
DrawFocusRect
FillRect
GetSysColor
EndDialog
KillTimer
GetAsyncKeyState
DialogBoxParamW
CreateWindowExW
IsWindowUnicode
SetWindowTextW
GetDlgCtrlID
GetClientRect
DialogBoxParamA
ReleaseCapture
SetCapture
GetCapture
PostMessageA
RemovePropA
GetWindowTextA
GetPropA
UpdateWindow
InvalidateRect
ReleaseDC
GetDC
SetPropA
LoadCursorA
IsWindowEnabled
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA
TranslateMessage
GetKeyState
GetMessageA
GetMonitorInfoA
MonitorFromRect
MessageBoxW
WindowFromPoint
GetForegroundWindow
SetCursor
GetCursorPos

shell32

SHFileOperationW
SHGetFolderPathW
CommandLineToArgvW
SHFileOperationA
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragQueryFileW
DragQueryFileA
ShellExecuteW

ole32

DoDragDrop
RevokeDragDrop
RegisterDragDrop
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
IIDFromString
OleUninitialize
OleInitialize
ReleaseStgMedium

winmm

midiStreamRestart
midiStreamProperty
midiStreamOpen
midiOutOpen
midiInGetDevCapsW
midiInGetNumDevs
midiInOpen
midiOutGetNumDevs
midiInPrepareHeader
midiInStart
midiOutUnprepareHeader
timeGetTime
midiOutLongMsg
midiOutShortMsg
midiStreamOut
timeSetEvent
timeBeginPeriod
midiStreamStop
midiOutClose
midiOutGetDevCapsW
waveInOpen
waveOutOpen
waveOutReset
waveInReset
waveInStart
waveInAddBuffer
waveInClose
waveOutUnprepareHeader
waveInUnprepareHeader
midiStreamClose
midiStreamPosition
midiInAddBuffer
midiInStop
midiInReset
midiInClose
midiOutPrepareHeader
midiInGetErrorTextA
midiOutGetErrorTextA
waveOutGetNumDevs
waveOutGetDevCapsA
waveInGetNumDevs
waveInGetDevCapsA
waveInPrepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutClose

ws2_32

getaddrinfo
freeaddrinfo
ntohs
inet_addr
htons
getnameinfo
connect
send
recv
gethostbyaddr
getservbyname
gethostbyname
WSAGetLastError
closesocket
socket
WSACleanup
WSAStartup
ntohl
htonl
select
__WSAFDIsSet
inet_ntoa
getservbyport
WSASetLastError
bind
getsockopt
ioctlsocket
getsockname
listen

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

crypt32

PFXImportCertStore
CertFindCertificateInStore
CryptImportPublicKeyInfo
CertFreeCertificateContext
CertCloseStore

gdiplus

GdipDrawString
GdipMeasureCharacterRanges
GdipCreateRegion
GdipGetEmHeight
GdiplusShutdown
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipFree
GdipSetTextRenderingHint
GdipGetImageGraphicsContext
GdipSetStringFormatMeasurableCharacterRanges
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipGetCellAscent
GdipGetCellDescent
GdipCreateFont
GdipGetImageWidth
GdipDisposeImage
GdiplusStartup
GdipAlloc
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipCloneBrush
GdipGetRegionBounds
GdipCloneImage
GdipDeleteRegion
GdipFlush
GdipDeleteStringFormat
GdipSetSolidFillColor
GdipCreateStringFormat
GdipDeleteBrush

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdi32

SetTextColor
SetBkColor
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
DeleteDC
BitBlt
CreateSolidBrush
TextOutA
GetStockObject
CreateDIBSection
SetBkMode
GetTextExtentExPointA
CreateFontA
CreateFontW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

advapi32

CryptCreateHash
CryptAcquireContextA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyHash
CryptVerifySignatureA
CryptHashData

oleaut32

SysAllocString
SysFreeString

comctl32

InitCommonControlsEx

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile

rpcrt4

UuidCreateSequential

Exports

Exports

?ComputeFilterParams@iZResampler@@YA?AUFilterParams@1@M@Z
?Create@ResamplerEngine@iZResampler@@SAXIPAPAV12@IIIW4BufferingMode@2@IABUFilterParams@2@@Z
?Destroy@ResamplerEngine@iZResampler@@SAXPAV12@@Z
?GetDefaultFilterParams@iZResampler@@YA?AUFilterParams@1@XZ

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASSiGN/iDrum T-Pain Edition/x64/iZiDrum.dll
.dll windows:5 windows x64 arch:x64

187d281013878644ed964e7511784313

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

d:\iZotope\iDrum\build\win_vc90\x64\Release CRTStatic DLL_iDrum\iZiDrum.pdb

Imports

shlwapi

PathMakeSystemFolderW

kernel32

SetLastError
SetFileAttributesW
FindFirstFileA
GetSystemDirectoryA
TlsGetValue
DuplicateHandle
TlsSetValue
ReleaseMutex
CreateMutexA
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
GetProcessAffinityMask
GetLastError
GetProcessHeap
CreateFileW
GetTimeZoneInformation
WriteConsoleW
ResumeThread
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
ExitThread
GetConsoleOutputCP
GetVersionExA
SetErrorMode
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocaleInfoA
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LockResource
LoadResource
FindResourceA
GetLongPathNameW
MoveFileExW
GetModuleFileNameW
GetModuleHandleA
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
Sleep
GetCurrentThreadId
TerminateThread
RaiseException
SetThreadPriority
GetCurrentThread
CreateThread
LoadLibraryW
ExpandEnvironmentStringsA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
lstrlenA
GetExitCodeProcess
CreateProcessW
SetFileTime
SetEndOfFile
WriteFile
CreateFileA
GetModuleHandleW
GlobalFree
GetFileAttributesA
RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
GetSystemTimeAsFileTime
FlsSetValue
GetCommandLineA
ReadFile
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
GetFileType
DeleteFileW
CreateDirectoryW
GetFullPathNameA
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
TerminateProcess
IsDebuggerPresent
RtlVirtualUnwind
GetStdHandle
EncodePointer
DecodePointer
TlsAlloc
FlsGetValue
FlsFree
FlsAlloc
HeapSize
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetFullPathNameW
GetCurrentDirectoryA
SetStdHandle
LCMapStringA
LCMapStringW
HeapReAlloc
InitializeCriticalSectionAndSpinCount

user32

RedrawWindow
RegisterWindowMessageA
EndPaint
BeginPaint
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextW
SetWindowTextA
GetDlgItemTextA
MoveWindow
GetWindowInfo
GetWindowRect
ShowWindow
CheckRadioButton
SetWindowPos
SetTimer
SetWindowLongA
GetWindowLongA
DrawFocusRect
FillRect
GetSysColor
EndDialog
KillTimer
GetAsyncKeyState
GetWindowLongPtrA
DialogBoxParamW
CreateWindowExW
DestroyWindow
IsWindowUnicode
SetWindowTextW
GetDlgCtrlID
GetClientRect
DialogBoxParamA
SetCapture
ReleaseCapture
PostMessageA
GetCapture
RemovePropA
GetWindowTextA
GetPropA
UpdateWindow
InvalidateRect
DefWindowProcA
ReleaseDC
GetDC
SetPropA
UnregisterClassA
RegisterClassExA
LoadCursorA
GetClassInfoExA
WindowFromPoint
GetForegroundWindow
MessageBoxW
IsWindowEnabled
SetCursor
GetCursorPos
DestroyCursor
CreateCursor
SendInput
VkKeyScanA
DrawMenuBar
GetMonitorInfoA
MonitorFromRect
GetKeyState
GetWindowPlacement
SetFocus
LoadIconW
DialogBoxIndirectParamW
SetWindowLongPtrW
DefWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
SetLayeredWindowAttributes
GetAncestor
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
NotifyWinEvent
AdjustWindowRectEx
GetFocus
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
WaitMessage
PeekMessageA
PostMessageW
SetWindowLongW
GetWindowLongW
GetDesktopWindow
SetWindowPlacement
MessageBoxA
ScreenToClient
EnableMenuItem
GetSystemMenu
CreatePopupMenu
DestroyMenu
CreateMenu
CheckMenuItem
TrackPopupMenu
SetMenuItemInfoW
CreateAcceleratorTableW
AppendMenuW
RemoveMenu
InsertMenuItemW
SendMessageA
GetWindowLongPtrW
SendMessageW
FindWindowExA
GetDlgItem
GetParent
SetDlgItemTextW
CheckDlgButton
SetWindowLongPtrA
EnableWindow
IsClipboardFormatAvailable
RegisterClipboardFormatA
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
IsChild

shell32

SHFileOperationA
SHGetFolderPathW
DragQueryFileA
DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHFileOperationW

ws2_32

getaddrinfo
freeaddrinfo
inet_addr
htons
getnameinfo
connect
send
recv
WSAGetLastError
closesocket
listen
WSACleanup
WSAStartup
bind
getsockname
ioctlsocket
getsockopt
WSASetLastError
ntohs
getservbyport
gethostbyaddr
getservbyname
gethostbyname
inet_ntoa
ntohl
htonl
select
__WSAFDIsSet
socket

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

crypt32

CryptImportPublicKeyInfo
PFXImportCertStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore

gdiplus

GdipDisposeImage
GdiplusStartup
GdipGetGenericFontFamilySansSerif
GdipCreateRegion
GdipGetEmHeight
GdipGetCellAscent
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipCreateSolidFill
GdipSetStringFormatMeasurableCharacterRanges
GdipGetImageGraphicsContext
GdipGetCellDescent
GdipSetTextRenderingHint
GdipCreateFont
GdipMeasureCharacterRanges
GdipDeleteRegion
GdipFlush
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDeleteBrush
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipDeleteFontFamily
GdipDeleteFont
GdiplusShutdown
GdipDrawString
GdipCloneBrush
GdipCloneImage
GdipGetRegionBounds
GdipCreateFontFamilyFromName

oleacc

AccessibleObjectFromWindow
LresultFromObject

comctl32

InitCommonControlsEx

gdi32

CreateFontW
DeleteObject
TextOutA
SetTextColor
SetBkColor
GetTextExtentPoint32A
GetTextMetricsA
DeleteDC
BitBlt
CreateSolidBrush
GetStockObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
GetTextExtentExPointA
SetBkMode
CreateDIBSection
SelectClipRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

advapi32

RegQueryValueExW
CryptVerifySignatureA
CryptHashData
CryptCreateHash
CryptAcquireContextA
ConvertStringSecurityDescriptorToSecurityDescriptorA
CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegEnumValueW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
CryptDestroyHash
RegOpenKeyExW

ole32

DoDragDrop
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
OleInitialize
RegisterDragDrop
OleUninitialize
CoInitialize
CoUninitialize
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocString

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetReadFile

rpcrt4

UuidCreateSequential

Exports

Exports

?ComputeFilterParams@iZResampler@@YA?AUFilterParams@1@M@Z
?Create@ResamplerEngine@iZResampler@@SAXIPEAPEAV12@IIIW4BufferingMode@2@IAEBUFilterParams@2@@Z
?Destroy@ResamplerEngine@iZResampler@@SAXPEAV12@@Z
?GetDefaultFilterParams@iZResampler@@YA?AUFilterParams@1@XZ
PluginCoreCallback

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ASSiGN/iDrum T-Pain Edition/x86/iZiDrum.dll
.dll windows:5 windows x86 arch:x86

1e080f2e06224f8dcc59fd6332931d6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\iZotope\iDrum\build\win_vc90\Win32\Release CRTStatic DLL_iDrum\iZiDrum.pdb

Imports

shlwapi

PathMakeSystemFolderW

kernel32

GetProcessAffinityMask
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
CreateMutexA
ReleaseMutex
DuplicateHandle
GetSystemDirectoryA
FindFirstFileA
SetLastError
GetLastError
SetFileAttributesW
ExitThread
WriteConsoleA
GetProcessHeap
CreateFileW
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
ResumeThread
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
GetVersionExA
SetErrorMode
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocaleInfoA
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
LockResource
LoadResource
FindResourceA
GetLongPathNameW
InterlockedExchange
InterlockedCompareExchange
InterlockedIncrement
InterlockedDecrement
MoveFileExW
GetModuleFileNameW
GetModuleHandleA
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
FindClose
FindNextFileW
FindFirstFileW
CloseHandle
WaitForSingleObject
CreateProcessA
GetShortPathNameW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
Sleep
GetCurrentThreadId
TerminateThread
RaiseException
SetThreadPriority
GetCurrentThread
CreateThread
LoadLibraryW
ExpandEnvironmentStringsA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
lstrlenA
GetExitCodeProcess
CreateProcessW
SetFileTime
SetEndOfFile
WriteFile
CreateFileA
GetModuleHandleW
GlobalFree
GetFileAttributesA
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA
ReadFile
GetFileAttributesW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
GetFileType
DeleteFileW
CreateDirectoryW
GetFullPathNameA
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
ExitProcess
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetFullPathNameW
GetCurrentDirectoryA
SetStdHandle
LCMapStringA
LCMapStringW
VirtualQuery
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount

user32

RedrawWindow
RegisterWindowMessageA
EndPaint
BeginPaint
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextW
SetWindowTextA
GetDlgItemTextA
MoveWindow
GetWindowInfo
GetWindowRect
ShowWindow
CheckRadioButton
SetWindowPos
SetTimer
GetWindowLongA
DrawFocusRect
FillRect
GetSysColor
EndDialog
KillTimer
GetAsyncKeyState
DialogBoxParamW
CreateWindowExW
DestroyWindow
IsWindowUnicode
SetWindowTextW
GetDlgCtrlID
GetClientRect
DialogBoxParamA
ReleaseCapture
SetCapture
GetCapture
PostMessageA
RemovePropA
GetWindowTextA
GetPropA
UpdateWindow
InvalidateRect
DefWindowProcA
ReleaseDC
GetDC
SetPropA
UnregisterClassA
RegisterClassExA
LoadCursorA
GetClassInfoExA
WindowFromPoint
GetForegroundWindow
MessageBoxW
IsWindowEnabled
SetCursor
GetCursorPos
DestroyCursor
CreateCursor
SendInput
VkKeyScanA
DrawMenuBar
GetMonitorInfoA
MonitorFromRect
GetKeyState
GetWindowPlacement
SetFocus
LoadIconW
DialogBoxIndirectParamW
SetWindowLongW
DefWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
SetLayeredWindowAttributes
GetAncestor
DestroyAcceleratorTable
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
NotifyWinEvent
AdjustWindowRectEx
GetFocus
GetActiveWindow
GetWindowTextW
GetWindowTextLengthW
WaitMessage
PeekMessageA
PostMessageW
GetDesktopWindow
SetWindowPlacement
IsChild
ScreenToClient
MessageBoxA
GetSystemMenu
CreatePopupMenu
DestroyMenu
CreateMenu
CheckMenuItem
TrackPopupMenu
SetMenuItemInfoW
CreateAcceleratorTableW
AppendMenuW
RemoveMenu
InsertMenuItemW
SendMessageA
GetWindowLongW
SendMessageW
FindWindowExA
GetDlgItem
GetParent
SetDlgItemTextW
CheckDlgButton
SetWindowLongA
EnableWindow
IsClipboardFormatAvailable
RegisterClipboardFormatA
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
EnableMenuItem

shell32

SHFileOperationA
SHGetFolderPathW
DragQueryFileA
DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW
SHFileOperationW

ws2_32

getaddrinfo
freeaddrinfo
inet_addr
htons
getnameinfo
connect
send
recv
WSAGetLastError
closesocket
listen
WSACleanup
WSAStartup
bind
getsockname
ioctlsocket
getsockopt
WSASetLastError
ntohs
getservbyport
gethostbyaddr
getservbyname
gethostbyname
inet_ntoa
ntohl
htonl
select
__WSAFDIsSet
socket

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

crypt32

PFXImportCertStore
CertFindCertificateInStore
CryptImportPublicKeyInfo
CertFreeCertificateContext
CertCloseStore

gdiplus

GdipDisposeImage
GdiplusStartup
GdipGetGenericFontFamilySansSerif
GdipCreateRegion
GdipGetEmHeight
GdipGetCellAscent
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipCreateSolidFill
GdipSetStringFormatMeasurableCharacterRanges
GdipGetImageGraphicsContext
GdipGetCellDescent
GdipSetTextRenderingHint
GdipCreateFont
GdipMeasureCharacterRanges
GdipDeleteRegion
GdipFlush
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetSolidFillColor
GdipDeleteBrush
GdipAlloc
GdipFree
GdipDeleteGraphics
GdipDeleteFontFamily
GdipDeleteFont
GdiplusShutdown
GdipDrawString
GdipCloneBrush
GdipCloneImage
GdipGetRegionBounds
GdipCreateFontFamilyFromName

oleacc

AccessibleObjectFromWindow
LresultFromObject

gdi32

SelectObject
GetStockObject
CreateSolidBrush
DeleteDC
CreateCompatibleBitmap
GetTextMetricsA
GetTextExtentPoint32A
SetBkColor
SetTextColor
TextOutA
DeleteObject
CreateCompatibleDC
CreateFontW
CreateFontA
GetTextExtentExPointA
SetBkMode
SelectClipRgn
CreateDIBSection
BitBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
CryptDestroyHash
CryptVerifySignatureA
CryptHashData
CryptCreateHash
CryptAcquireContextA
ConvertStringSecurityDescriptorToSecurityDescriptorA

ole32

DoDragDrop
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
OleInitialize
RegisterDragDrop
OleUninitialize
CoInitialize
CoUninitialize
ReleaseStgMedium

oleaut32

SysFreeString
SysAllocString

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetReadFile

rpcrt4

UuidCreateSequential

comctl32

InitCommonControlsEx

Exports

Exports

?ComputeFilterParams@iZResampler@@YA?AUFilterParams@1@M@Z
?Create@ResamplerEngine@iZResampler@@SAXIPAPAV12@IIIW4BufferingMode@2@IABUFilterParams@2@@Z
?Destroy@ResamplerEngine@iZResampler@@SAXPAV12@@Z
?GetDefaultFilterParams@iZResampler@@YA?AUFilterParams@1@XZ
PluginCoreCallback

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
The_T-Pain_Effect_Setup_v1_02.exe
.exe windows:5 windows x86 arch:x86

483f0c4259a9148c34961abbda6146c1

Code Sign

5f:6e:e3:b4:24:ce:a3:16:f6:26:a4:8e:06:1f:df:9d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/01/2011, 00:00

Not After

23/01/2013, 23:59

Subject

CN=iZotope\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=iZotope\, Inc.,L=Cambridge,ST=Massachusetts,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

45:57:cc:09:57:a1:9a:fc:1e:dd:ac:7b:b5:0f:63:b0:8d:1d:a9:44
Signer

Actual PE Digest

45:57:cc:09:57:a1:9a:fc:1e:dd:ac:7b:b5:0f:63:b0:8d:1d:a9:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
TranslateMessage
SetWindowLongW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadStringW
GetSystemMetrics
ExitWindowsEx
DispatchMessageW
DestroyWindow
CharUpperBuffW
CallWindowProcW

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
SizeofResource
SignalObjectAndWait
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
RemoveDirectoryW
ReadFile
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryW
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryW
GetVersionExW
GetUserDefaultLangID
GetThreadLocale
GetSystemInfo
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentProcess
GetCommandLineW
GetCPInfo
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
Sleep

comctl32

InitCommonControls

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51a46eb8d184066e21de2e8a59827a39

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0fCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

4d:e2:4e:88:00:1d:04:2d:db:9c:db:6c:94:d2:e6:29:48:b3:1e:27Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

comctl32

ole32

shell32

rpcrt4

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 512B - Virtual size: 924B

.rsrc Size: 3KB - Virtual size: 2KB

4ea99ca2f97cf7f9e6291604a48ab102

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0fCertificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

4d:53:c6:05:8f:53:c0:82:f7:68:91:aa:f2:ad:5e:0e:84:d0:4b:46Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

comctl32

ole32

shell32

rpcrt4

Sections

.text Size: 72KB - Virtual size: 72KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

b835f41e2acde01288658cdfeb2338ef

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

4d:e2:4e:88:00:1d:04:2d:db:9c:db:6c:94:d2:e6:29:48:b3:1e:27
Signer

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 512B - Virtual size: 924B

.rsrc
Size: 3KB - Virtual size: 2KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

4d:53:c6:05:8f:53:c0:82:f7:68:91:aa:f2:ad:5e:0e:84:d0:4b:46
Signer

.text
Size: 72KB - Virtual size: 72KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

59:0c:dd:e4:68:1c:94:bf:b0:3e:5b:af:18:77:12:35:05:82:9f:ab
Signer

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 708B

.rsrc
Size: 5KB - Virtual size: 4KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

87:8f:31:c8:72:5f:00:8a:59:aa:43:f7:29:28:96:07:38:7f:27:72
Signer

.text
Size: 31KB - Virtual size: 31KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 4KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

5b:2e:e1:a0:af:4b:b7:a6:17:ef:9b:fb:6a:36:af:0f
Certificate