a0597c26fbf13fa3132174183e145082_JaffaCakes118

resource	yara_rule
static1/unpack002/$PLUGINSDIR/KillProc.dll	acprotect

resource	yara_rule
static1/unpack002/$PLUGINSDIR/KillProc.dll	upx

resource
unpack002/$PLUGINSDIR/GetVersion.dll
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/KillProc.dll
unpack003/out.upx
unpack002/$PLUGINSDIR/ProcDll.dll
unpack002/$PLUGINSDIR/Processes.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/CrashReporter.dll
unpack002/CrashReporterSilent.exe
unpack002/Locales/zh-CN.dll
unpack002/auxupdate.dll
unpack002/disk_cache.dll
unpack002/down_surf.dll
unpack002/framework.dll
unpack002/job_dispatcher.dll
unpack002/mg.dll
unpack002/msvcm90.dll
unpack002/netproxy.dll
unpack002/p2sp_manager.dll
unpack002/rpt.dll
unpack002/stat.dll
unpack002/syncbox.dll
unpack002/sys_mon.dll
unpack002/token_id.dll
unpack002/zlib1.dll

resource	yara_rule
static1/unpack001/Kanbox-v1.1.7.156.exe	nsis_installer_1
static1/unpack001/Kanbox-v1.1.7.156.exe	nsis_installer_2

.rar

Kanbox-v1.1.7.156.exe

.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0a:0d:7b:29:32:d2:c6:d5:7b:85:e7:d7:53:56:8e:67
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/11/2010, 00:00

Not After

23/11/2013, 23:59

Subject

CN=Beijing LEBO infinity Technology Development CO.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Beijing LEBO infinity Technology Development CO.\,LTD,O=Beijing LEBO infinity Technology Development CO.\,LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

GetTickCount

CreateFileA

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

SetFileTime

GetTempPathA

GetCommandLineA

SetErrorMode

LoadLibraryA

lstrcpynA

GetDiskFreeSpaceA

GlobalUnlock

GlobalLock

CreateThread

CreateProcessA

RemoveDirectoryA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

GetVersion

CloseHandle

lstrcmpiA

lstrcmpA

ExpandEnvironmentStringsA

GlobalFree

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GetModuleHandleA

LoadLibraryExA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

ReadFile

MulDiv

SetFilePointer

FindClose

FindNextFileA

FindFirstFileA

DeleteFileA

GetWindowsDirectoryA

user32

EndDialog

ScreenToClient

GetWindowRect

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

GetSysColor

GetWindowLongA

SetCursor

LoadCursorA

CheckDlgButton

GetMessagePos

LoadBitmapA

CallWindowProcA

IsWindowVisible

CloseClipboard

SetClipboardData

EmptyClipboard

RegisterClassA

TrackPopupMenu

AppendMenuA

CreatePopupMenu

GetSystemMetrics

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

DispatchMessageA

PeekMessageA

DestroyWindow

CreateDialogParamA

SetTimer

SetWindowTextA

PostQuitMessage

SetForegroundWindow

wsprintfA

SendMessageTimeoutA

FindWindowExA

SystemParametersInfoA

CreateWindowExA

GetClassInfoA

DialogBoxParamA

CharNextA

OpenClipboard

ExitWindowsEx

IsWindow

GetDlgItem

SetWindowLongA

LoadImageA

GetDC

EnableWindow

InvalidateRect

SendMessageA

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

ShowWindow

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

SHGetPathFromIDListA

SHBrowseForFolderA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegQueryValueExA

RegSetValueExA

RegEnumKeyA

RegEnumValueA

RegOpenKeyExA

RegDeleteKeyA

RegDeleteValueA

RegCloseKey

RegCreateKeyExA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$APPDATA/Daishu Network/Daishu/bin/wizard/UserDirectory.ico

$APPDATA/Kanbox Network/Kanbox/shellext/SyncStatOverlays/icons/errors.ico

$APPDATA/Kanbox Network/Kanbox/shellext/SyncStatOverlays/icons/synced.ico

$APPDATA/Kanbox Network/Kanbox/shellext/SyncStatOverlays/icons/syncing.ico

$APPDATA/Kanbox Network/Kanbox/shellext/SyncStateExt.dll

.dll regsvr32 windows:5 windows x86 arch:x86

27e377e08c35f71c54e38eabc5807b1b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0a:0d:7b:29:32:d2:c6:d5:7b:85:e7:d7:53:56:8e:67
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/11/2010, 00:00

Not After

23/11/2013, 23:59

Subject

CN=Beijing LEBO infinity Technology Development CO.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Beijing LEBO infinity Technology Development CO.\,LTD,O=Beijing LEBO infinity Technology Development CO.\,LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

E:\projects\duobox\client\download_lib_vc9\Bin\Product Release Pdb\SyncStateExt.pdb

Imports

kernel32

WaitNamedPipeA

GetLastError

CreateFileA

GetOverlappedResult

WaitForSingleObject

TransactNamedPipe

EnterCriticalSection

LeaveCriticalSection

GetModuleFileNameW

GetTickCount

lstrlenW

SetThreadLocale

SetNamedPipeHandleState

GetProcAddress

GetModuleHandleW

FreeLibrary

MultiByteToWideChar

SizeofResource

LoadResource

FindResourceW

LoadLibraryExW

lstrcmpiW

CompareStringW

CompareStringA

FlushFileBuffers

GetCurrentThreadId

CloseHandle

CreateEventW

InitializeCriticalSection

RaiseException

DeleteCriticalSection

InterlockedDecrement

InterlockedIncrement

GetThreadLocale

OutputDebugStringW

WriteConsoleW

GetConsoleOutputCP

WriteConsoleA

SetStdHandle

GetLocaleInfoW

GetTimeZoneInformation

GetConsoleMode

GetConsoleCP

SetFilePointer

LoadLibraryA

InitializeCriticalSectionAndSpinCount

GetStringTypeA

IsValidLocale

EnumSystemLocalesA

GetLocaleInfoA

GetUserDefaultLCID

WideCharToMultiByte

InterlockedCompareExchange

InterlockedExchange

Sleep

RtlUnwind

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

HeapFree

HeapAlloc

GetCommandLineA

LCMapStringA

LCMapStringW

GetCPInfo

GetStringTypeW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

SetLastError

GetCurrentThread

HeapCreate

HeapDestroy

VirtualFree

FatalAppExitA

VirtualAlloc

HeapReAlloc

HeapSize

ExitProcess

GetModuleHandleA

GetACP

GetOEMCP

IsValidCodePage

WriteFile

GetStdHandle

GetModuleFileNameA

SetHandleCount

GetFileType

GetStartupInfoA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

SetConsoleCtrlHandler

GetTimeFormatA

GetDateFormatA

SetEnvironmentVariableA

user32

CharNextW

FindWindowW

advapi32

RegCreateKeyExW

RegDeleteValueW

RegQueryInfoKeyW

RegOpenKeyExW

RegDeleteKeyW

RegCreateKeyW

RegSetValueExW

RegCloseKey

RegEnumKeyExW

ole32

CoCreateInstance

StringFromGUID2

CoTaskMemFree

CoTaskMemAlloc

CoTaskMemRealloc

oleaut32

RegisterTypeLi

VarUI4FromStr

UnRegisterTypeLi

LoadTypeLi

SysAllocString

SysStringLen

SysFreeString

shlwapi

PathRemoveFileSpecW

Exports

DllCanUnloadNow

DllGetClassObject

DllInstall

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$APPDATA/Kanbox Network/Kanbox/shellext/SyncStateExtX64.dll

.dll regsvr32 windows:5 windows x64 arch:x64

1900a7b4824e11e1a7f84d920d182c38

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0a:0d:7b:29:32:d2:c6:d5:7b:85:e7:d7:53:56:8e:67
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/11/2010, 00:00

Not After

23/11/2013, 23:59

Subject

CN=Beijing LEBO infinity Technology Development CO.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Beijing LEBO infinity Technology Development CO.\,LTD,O=Beijing LEBO infinity Technology Development CO.\,LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

E:\projects\duobox\client\download_lib_vc9\Bin\Product Release Pdb\SyncStateExtX64.pdb

Imports

kernel32

CreateFileA

GetOverlappedResult

WaitForSingleObject

TransactNamedPipe

EnterCriticalSection

LeaveCriticalSection

GetModuleFileNameW

GetTickCount

lstrlenW

SetThreadLocale

GetThreadLocale

GetLastError

GetModuleHandleW

FreeLibrary

MultiByteToWideChar

SizeofResource

LoadResource

FindResourceW

LoadLibraryExW

lstrcmpiW

CompareStringW

CompareStringA

FlushFileBuffers

WaitNamedPipeA

SetNamedPipeHandleState

GetCurrentThreadId

CloseHandle

CreateEventW

InitializeCriticalSection

RaiseException

DeleteCriticalSection

GetProcAddress

OutputDebugStringW

WriteConsoleW

GetConsoleOutputCP

WriteConsoleA

SetStdHandle

GetLocaleInfoW

GetTimeZoneInformation

GetConsoleMode

GetConsoleCP

SetFilePointer

InitializeCriticalSectionAndSpinCount

LoadLibraryA

GetStringTypeA

IsValidLocale

EnumSystemLocalesA

GetLocaleInfoA

GetUserDefaultLCID

WideCharToMultiByte

Sleep

RtlLookupFunctionEntry

RtlUnwindEx

RtlPcToFileHeader

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlCaptureContext

HeapFree

HeapAlloc

FlsSetValue

GetCommandLineA

LCMapStringA

LCMapStringW

GetCPInfo

GetStringTypeW

EncodePointer

DecodePointer

TlsAlloc

FlsGetValue

FlsFree

SetLastError

GetCurrentThread

FlsAlloc

HeapSetInformation

HeapCreate

HeapDestroy

HeapSize

ExitProcess

GetACP

GetOEMCP

IsValidCodePage

HeapReAlloc

WriteFile

GetStdHandle

GetModuleFileNameA

SetHandleCount

GetFileType

GetStartupInfoA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

GetEnvironmentStringsW

QueryPerformanceCounter

GetCurrentProcessId

GetSystemTimeAsFileTime

SetConsoleCtrlHandler

GetDateFormatA

GetTimeFormatA

FatalAppExitA

SetEnvironmentVariableA

user32

CharNextW

FindWindowW

advapi32

RegCreateKeyExW

RegDeleteValueW

RegQueryInfoKeyW

RegOpenKeyExW

RegDeleteKeyW

RegCreateKeyW

RegSetValueExW

RegCloseKey

RegEnumKeyExW

ole32

CoCreateInstance

StringFromGUID2

CoTaskMemFree

CoTaskMemAlloc

CoTaskMemRealloc

oleaut32

RegisterTypeLi

VarUI4FromStr

UnRegisterTypeLi

LoadTypeLi

SysAllocString

SysStringLen

SysFreeString

shlwapi

PathRemoveFileSpecW

Exports

DllCanUnloadNow

DllGetClassObject

DllInstall

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/GetVersion.dll

.dll windows:5 windows x86 arch:x86

fb1aa2bbc159c94cb45792330366bd5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA

GetModuleHandleA

lstrcpynA

GlobalAlloc

GetProcAddress

GetSystemInfo

GetVersionExA

user32

GetSystemMetrics

wsprintfA

advapi32

RegQueryValueExA

RegOpenKeyExA

RegCloseKey

Exports

WindowsName

WindowsPlatformArchitecture

WindowsPlatformId

WindowsServerName

WindowsServicePack

WindowsServicePackBuild

WindowsServicePackMajor

WindowsServicePackMinor

WindowsType

WindowsVersion

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/InstallOptions.dll

.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA

GetCurrentDirectoryA

MultiByteToWideChar

GetPrivateProfileIntA

GlobalLock

GetModuleHandleA

lstrcmpiA

GetPrivateProfileStringA

lstrcatA

lstrcpynA

WritePrivateProfileStringA

lstrlenA

lstrcpyA

GlobalFree

GlobalUnlock

GlobalAlloc

user32

MapWindowPoints

GetDlgCtrlID

CloseClipboard

GetClipboardData

OpenClipboard

PtInRect

SetWindowRgn

LoadIconA

LoadImageA

SetWindowLongA

CreateWindowExA

MapDialogRect

SetWindowPos

GetWindowRect

CreateDialogParamA

ShowWindow

EnableMenuItem

GetSystemMenu

EnableWindow

GetDlgItem

DestroyIcon

DestroyWindow

DispatchMessageA

TranslateMessage

GetMessageA

IsDialogMessageA

LoadCursorA

SetCursor

DrawTextA

GetWindowLongA

DrawFocusRect

CallWindowProcA

PostMessageA

MessageBoxA

CharNextA

wsprintfA

GetWindowTextA

SetWindowTextA

SendMessageA

GetClientRect

gdi32

SetTextColor

CreateCompatibleDC

GetObjectA

GetDIBits

CreateRectRgn

CombineRgn

DeleteObject

SelectObject

shell32

SHBrowseForFolderA

SHGetDesktopFolder

SHGetPathFromIDListA

ShellExecuteA

comdlg32

GetOpenFileNameA

GetSaveFileNameA

CommDlgExtendedError

ole32

CoTaskMemFree

Exports

dialog

initDialog

show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/KillProc.dll

.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_BYTES_REVERSED_LO

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

IMAGE_FILE_BYTES_REVERSED_HI

Exports

FindProcesses

KillProcesses

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

UPX1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

out.upx

.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_BYTES_REVERSED_LO

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ProcDll.dll

.dll windows:4 windows x86 arch:x86

6aac02222a7107798e494b35d1b0b7d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

CloseHandle

LoadLibraryA

lstrcmpiA

OpenProcess

Process32Next

CreateToolhelp32Snapshot

TerminateProcess

GetVersionExA

WideCharToMultiByte

GlobalAlloc

SetStdHandle

SetFilePointer

IsBadCodePtr

IsBadReadPtr

SetUnhandledExceptionFilter

IsBadWritePtr

HeapReAlloc

lstrcpynA

lstrcpyA

GlobalFree

GetProcAddress

FlushFileBuffers

FreeLibrary

VirtualAlloc

InterlockedIncrement

InterlockedDecrement

GetStringTypeW

GetStringTypeA

WriteFile

VirtualFree

HeapCreate

HeapDestroy

GetEnvironmentVariableA

GetModuleHandleA

RtlUnwind

GetCommandLineA

GetVersion

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

ExitProcess

GetCPInfo

GetACP

GetOEMCP

MultiByteToWideChar

LCMapStringA

LCMapStringW

HeapFree

HeapAlloc

GetCurrentThreadId

TlsSetValue

TlsAlloc

TlsFree

SetLastError

TlsGetValue

GetLastError

GetCurrentProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

GetModuleFileNameA

FreeEnvironmentStringsA

FreeEnvironmentStringsW

GetEnvironmentStrings

GetEnvironmentStringsW

user32

CallNextHookEx

GetDlgCtrlID

GetWindowLongA

GetWindowThreadProcessId

GetParent

PostMessageA

SendMessageA

SetWindowsHookExA

GetClassNameA

wsprintfA

UnhookWindowsHookEx

GetWindowRect

GetCursorPos

PtInRect

GetFocus

CallWindowProcA

IsWindow

SetWindowLongA

advapi32

RegOpenKeyExA

RegQueryValueA

RegCloseKey

shell32

SHGetFolderPathA

ole32

StringFromCLSID

CoTaskMemFree

CoInitialize

CoCreateGuid

CoUninitialize

version

GetFileVersionInfoA

VerQueryValueA

GetFileVersionInfoSizeA

Exports

CompareFileVersion

CompareFileVersionLocal

GetAppDataFolder

GetBHOFileName

GetCmdLineParam

GetIEFolder

GetNewGUID

GetResult

GetWindowsVersion

IsModuleRunning

IsRegisterIEPolicy

KillProcess

KillProcessByName

OnInit

SetParam

Uninit

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/Processes.dll

.dll windows:5 windows x86 arch:x86

eaa5f91829171a65db414b9e64ec9548

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA

GetProcAddress

FreeLibrary

OpenProcess

CloseHandle

TerminateProcess

GlobalFree

lstrcpyA

FlushFileBuffers

CreateFileA

GetCurrentThreadId

GetCommandLineA

GetCurrentProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetModuleHandleW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

SetLastError

GetLastError

InterlockedDecrement

HeapFree

Sleep

ExitProcess

SetHandleCount

GetStdHandle

GetFileType

GetStartupInfoA

DeleteCriticalSection

GetModuleFileNameA

FreeEnvironmentStringsA

GetEnvironmentStrings

FreeEnvironmentStringsW

WideCharToMultiByte

GetEnvironmentStringsW

HeapCreate

HeapDestroy

VirtualFree

QueryPerformanceCounter

GetTickCount

GetCurrentProcessId

GetSystemTimeAsFileTime

SetFilePointer

WriteFile

GetConsoleCP

GetConsoleMode

EnterCriticalSection

LeaveCriticalSection

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

HeapAlloc

VirtualAlloc

HeapReAlloc

InitializeCriticalSectionAndSpinCount

RtlUnwind

SetStdHandle

WriteConsoleA

GetConsoleOutputCP

WriteConsoleW

MultiByteToWideChar

LCMapStringA

LCMapStringW

GetStringTypeA

GetStringTypeW

GetLocaleInfoA

HeapSize

user32

GetDesktopWindow

FindWindowA

UpdateWindow

wsprintfA

Exports

FindDevice

FindProcess

KillProcess

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/System.dll

.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc

GlobalFree

GlobalSize

GetLastError

lstrcpyA

lstrcpynA

FreeLibrary

lstrcatA

GetProcAddress

LoadLibraryA

GetModuleHandleA

MultiByteToWideChar

lstrlenA

WideCharToMultiByte

VirtualAlloc

VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2

CLSIDFromString

Exports

Alloc

Call

Copy

Free

Get

Int64Op

Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$PLUGINSDIR/ioSpecial.ini

$PLUGINSDIR/modern-header.bmp

$PLUGINSDIR/modern-wizard.bmp

$PLUGINSDIR/update.bmp

$PLUGINSDIR/update.ini

CrashReporter.dll

.dll windows:5 windows x86 arch:x86

989c00ed3b1e48eafdea6aed46e332d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

Imports

shlwapi

wnsprintfA

zlib1

compress2

compressBound

ws2_32

inet_addr

gethostbyaddr

htons

setsockopt

connect

select

__WSAFDIsSet

socket

WSASend

closesocket

WSAGetLastError

gethostbyname

inet_ntoa

WSAStartup

WSACleanup

ntohl

htonl

ioctlsocket

kernel32

CompareStringA

GetProcessHeap

SetEndOfFile

InterlockedExchange

FlushFileBuffers

SetStdHandle

WriteConsoleW

GetConsoleOutputCP

WriteConsoleA

LCMapStringW

LCMapStringA

SetFilePointer

GetStringTypeW

MultiByteToWideChar

GetStringTypeA

GetLocaleInfoA

TerminateProcess

GetModuleFileNameA

GetLocalTime

CloseHandle

WideCharToMultiByte

lstrlenW

GetCurrentProcessId

CompareStringW

WriteProcessMemory

VirtualProtect

GetProcAddress

LoadLibraryA

GetLastError

CreateFileA

GetCurrentThread

GetCurrentThreadId

WritePrivateProfileStringA

GetTickCount

FindClose

CreateDirectoryA

FindFirstFileA

GetTempPathA

SetUnhandledExceptionFilter

SetErrorMode

Sleep

ReadFile

GetFileSize

FreeLibrary

SetLastError

ReadProcessMemory

OutputDebugStringA

GetEnvironmentVariableA

GetFileAttributesA

GetCurrentDirectoryA

ResumeThread

GetThreadContext

SuspendThread

GetVersionExA

InitializeCriticalSectionAndSpinCount

SetEnvironmentVariableA

GetSystemTimeAsFileTime

QueryPerformanceCounter

InitializeCriticalSection

GetCurrentProcess

GetEnvironmentStringsW

FreeEnvironmentStringsW

GetEnvironmentStrings

FreeEnvironmentStringsA

RtlUnwind

UnhandledExceptionFilter

IsDebuggerPresent

RaiseException

HeapFree

HeapAlloc

GetCommandLineA

GetModuleHandleW

TlsGetValue

TlsAlloc

TlsSetValue

TlsFree

InterlockedIncrement

InterlockedDecrement

HeapCreate

HeapDestroy

VirtualFree

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

VirtualAlloc

HeapReAlloc

GetModuleHandleA

GetCPInfo

GetACP

GetOEMCP

IsValidCodePage

WriteFile

GetConsoleCP

GetConsoleMode

HeapSize

ExitProcess

GetTimeZoneInformation

GetStdHandle

SetHandleCount

GetFileType

GetStartupInfoA

user32

MessageBeep

advapi32

GetUserNameA

shell32

ShellExecuteA

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Exports

RegisterCrash

ReportCrash

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

CrashReporterSilent.exe

.exe windows:5 windows x86 arch:x86

084700d3b5370566356cfb3f541b5a9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\DuoBox\client\download_lib_vc9\Bin\Product Release\CrashReporterSilent.pdb

Imports

kernel32

FindFirstFileA

SetFileAttributesA

FindClose

GetLocalTime

OutputDebugStringA

DeleteFileA

GetProcAddress

CreateFileA

SetErrorMode

GetTickCount

GetPrivateProfileStringA

CloseHandle

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

InterlockedCompareExchange

Sleep

InterlockedExchange

LoadLibraryA

IsDebuggerPresent

QueryPerformanceCounter

GetCurrentThreadId

GetCurrentProcessId

GetSystemTimeAsFileTime

SetUnhandledExceptionFilter

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

iphlpapi

GetAdaptersInfo

msvcr90

sprintf_s

vsprintf_s

??2@YAPAXI@Z

_strnicmp

__getmainargs

_cexit

_exit

_XcptFilter

exit

__initenv

_initterm

_initterm_e

_configthreadlocale

__setusermatherr

_adjust_fdiv

__p__commode

__p__fmode

_encode_pointer

__set_app_type

_crt_debugger_hook

?terminate@@YAXXZ

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_unlock

__dllonexit

_lock

_onexit

_decode_pointer

_except_handler4_common

_invoke_watson

_controlfp_s

??3@YAXPAX@Z

__CxxFrameHandler3

_amsg_exit

memset

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Kanbox.exe

.exe windows:5 windows x86 arch:x86

7d3f6fa2a2e0febe2f42116f03adc50e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0a:0d:7b:29:32:d2:c6:d5:7b:85:e7:d7:53:56:8e:67
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/11/2010, 00:00

Not After

23/11/2013, 23:59

Subject

CN=Beijing LEBO infinity Technology Development CO.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Beijing LEBO infinity Technology Development CO.\,LTD,O=Beijing LEBO infinity Technology Development CO.\,LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\projects\duobox\client\download_lib_vc9\Bin\Product Release Pdb\Kanbox.pdb

Imports

version

GetFileVersionInfoA

GetFileVersionInfoW

GetFileVersionInfoSizeW

GetFileVersionInfoSizeA

VerQueryValueA

VerQueryValueW

iphlpapi

GetAdaptersInfo

kernel32

GetLocalTime

DeleteFileA

GetPrivateProfileStringA

FormatMessageW

GetModuleHandleW

LoadLibraryExW

lstrcmpiW

GetDiskFreeSpaceExW

GetVolumeInformationW

GetDriveTypeW

GetLogicalDriveStringsW

lstrcatW

lstrcpyW

WinExec

FindFirstFileW

GetVersionExW

WaitForSingleObject

lstrcpynW

MulDiv

CreateEventW

SetEvent

GetComputerNameExW

CompareStringW

FreeResource

WritePrivateProfileStringW

lstrlenW

WideCharToMultiByte

lstrlenA

WritePrivateProfileStringA

DeleteCriticalSection

InitializeCriticalSection

InterlockedIncrement

InterlockedDecrement

GetTickCount

LoadLibraryA

GetLastError

CreateMutexW

CreateProcessW

GetModuleFileNameW

GetPrivateProfileStringW

Sleep

InterlockedExchange

SetLastError

GetCurrentThreadId

RaiseException

FlushInstructionCache

GetCurrentProcess

FindResourceW

SizeofResource

LockResource

LoadResource

FindResourceExW

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

MultiByteToWideChar

LeaveCriticalSection

EnterCriticalSection

GlobalLock

GlobalUnlock

GlobalFree

IsBadCodePtr

VirtualQuery

GetModuleFileNameA

FindFirstFileA

FindClose

LoadLibraryW

FreeLibrary

GetProcAddress

CreateDirectoryW

InterlockedCompareExchange

HeapFree

GetProcessHeap

HeapAlloc

IsProcessorFeaturePresent

VirtualFree

VirtualAlloc

HeapDestroy

HeapReAlloc

HeapSize

GetStartupInfoA

TerminateProcess

CreateFileW

WriteFile

CloseHandle

GetFileAttributesW

SetFileAttributesW

DeleteFileW

IsBadWritePtr

GlobalAlloc

user32

SetRect

GetWindowDC

DrawFocusRect

IsWindowEnabled

GetClassNameW

GetCapture

UpdateWindow

PtInRect

SetRectEmpty

BringWindowToTop

MoveWindow

SetDlgItemInt

GetDlgItemInt

IntersectRect

FrameRect

InflateRect

GetFocus

GetDlgCtrlID

IsRectEmpty

SetScrollPos

GetKeyState

SetCapture

GetMessagePos

ReleaseCapture

GetScrollInfo

GetScrollPos

OffsetRect

SetWindowRgn

RegisterClipboardFormatW

DestroyCursor

SetScrollInfo

IsWindowVisible

SetCursor

RegisterClassW

FillRect

CopyRect

DestroyWindow

CallWindowProcW

MessageBeep

SetFocus

GetDC

ReleaseDC

SetDlgItemTextW

UnregisterClassA

InvalidateRect

ScreenToClient

EnableWindow

EndPaint

BeginPaint

GetWindowTextLengthW

GetWindowTextW

SystemParametersInfoW

GetSysColor

EndDialog

GetParent

GetWindow

GetWindowRect

MonitorFromWindow

GetMonitorInfoW

GetClientRect

MapWindowPoints

GetDlgItem

SetWindowTextW

GetDesktopWindow

WindowFromPoint

wsprintfW

CharNextW

LoadCursorW

GetClassInfoExW

GetSubMenu

CreateDialogParamW

DialogBoxParamW

PeekMessageW

TranslateMessage

SetMenuDefaultItem

ModifyMenuW

DeleteMenu

EnableMenuItem

TrackPopupMenuEx

PostMessageW

RedrawWindow

GetWindowLongW

SetWindowLongW

SetWindowPos

GetDoubleClickTime

GetCursorPos

MessageBoxW

PostQuitMessage

RegisterWindowMessageW

DefWindowProcW

DestroyIcon

DestroyMenu

GetSystemMetrics

LoadImageW

LoadStringW

LoadMenuW

FindWindowW

IsWindow

SendMessageW

RegisterClassExW

CreateWindowExW

LoadIconW

SetClassLongW

SetTimer

GetActiveWindow

GetMessageW

DispatchMessageW

KillTimer

SetForegroundWindow

ShowWindow

DrawTextW

gdi32

GetDIBits

CreateDIBSection

TextOutW

CreateDCW

LineTo

MoveToEx

RoundRect

GetClipBox

GetObjectW

CreatePen

ExtTextOutW

SetBkColor

RestoreDC

SaveDC

SetViewportOrgEx

BitBlt

CreateCompatibleBitmap

CreateCompatibleDC

CombineRgn

CreatePolygonRgn

CreateRectRgn

GetTextExtentPoint32W

GetStockObject

GetDeviceCaps

DPtoLP

CreateFontIndirectW

SetTextColor

SelectObject

DeleteDC

SetBkMode

CreateSolidBrush

DeleteObject

advapi32

RegDeleteValueW

RegCloseKey

RegCreateKeyExW

RegOpenKeyExW

RegEnumKeyExW

RegSetValueExW

RegQueryInfoKeyW

GetTokenInformation

RegQueryValueExW

RegOpenKeyExA

RegQueryValueExA

RegOpenKeyW

RegEnumValueW

OpenProcessToken

RegDeleteKeyW

shell32

ExtractIconW

Shell_NotifyIconW

ShellExecuteW

SHChangeNotify

SHBrowseForFolderW

SHGetPathFromIDListW

SHFileOperationW

SHGetSpecialFolderLocation

ShellExecuteExW

SHGetSpecialFolderPathW

ole32

CoCreateInstance

CoUninitialize

IIDFromString

StringFromIID

CoTaskMemFree

CoInitialize

OleUninitialize

OleInitialize

CoTaskMemAlloc

CoTaskMemRealloc

CreateStreamOnHGlobal

oleaut32

VariantInit

VariantClear

SysStringLen

SysAllocStringLen

VarUI4FromStr

SysAllocString

SysFreeString

shlwapi

PathRemoveFileSpecW

SHDeleteKeyW

PathCombineW

PathFileExistsW

comctl32

ImageList_LoadImageW

ImageList_GetIconSize

_TrackMouseEvent

ImageList_DrawEx

DestroyPropertySheetPage

CreatePropertySheetPageW

PropertySheetW

msimg32

GradientFill

AlphaBlend

msvcp90

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z

??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z

??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z

?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

?width@ios_base@std@@QAEHH@Z

?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z

?length@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ

?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z

?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ

?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ

?uncaught_exception@std@@YA_NXZ

?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

?good@ios_base@std@@QBE_NXZ

?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ

?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

?length@?$char_traits@_W@std@@SAIPB_W@Z

?width@ios_base@std@@QBEHXZ

?flags@ios_base@std@@QBEHXZ

?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ

?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ

?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

?eof@?$char_traits@_W@std@@SAGXZ

?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z

?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z

?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z

?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ

gdiplus

GdiplusStartup

GdipFree

GdipAlloc

GdipCreateBitmapFromFile

GdipCreateBitmapFromFileICM

GdipDisposeImage

GdipCloneImage

GdipCreateBitmapFromStream

GdipCreateBitmapFromStreamICM

GdipCreateBitmapFromResource

GdipCreateHBITMAPFromBitmap

GdiplusShutdown

msvcr90

_invoke_watson

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

__set_app_type

__p__fmode

__p__commode

_adjust_fdiv

__setusermatherr

_configthreadlocale

_initterm_e

_initterm

??3@YAXPAX@Z

??_V@YAXPAX@Z

wcsncpy_s

memset

_snwprintf_s

??2@YAPAXI@Z

__CxxFrameHandler3

strlen

_purecall

strrchr

sprintf_s

_vsnprintf

_atoi64

_ultoa_s

_invalid_parameter_noinfo

_CxxThrowException

??0exception@std@@QAE@ABV01@@Z

_acmdln

??1exception@std@@UAE@XZ

??0exception@std@@QAE@XZ

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

wcscpy_s

wcsnlen

memcpy_s

swprintf_s

_wtoi

_wcsicmp

wcsstr

free

wcslen

memmove_s

_recalloc

_vscwprintf

vswprintf_s

vsprintf_s

wcsrchr

malloc

_wsplitpath_s

wcschr

iswspace

_vsnprintf_s

calloc

_snprintf_s

_wfindnext64i32

_wfindfirst64i32

_wchdir

_wcslwr_s

_itoa_s

_vsnwprintf

abs

_beginthreadex

_vscprintf

div

iswupper

iswprint

wcscmp

_wtof

_wcsupr_s

strcpy_s

memcpy

_wtol

towupper

?terminate@@YAXXZ

_except_handler4_common

_unlock

__dllonexit

_encode_pointer

_lock

_onexit

_decode_pointer

_amsg_exit

__getmainargs

_cexit

_exit

_XcptFilter

_ismbblead

exit

_controlfp_s

uxtheme

OpenThemeData

DrawThemeBackground

CloseThemeData

Sections

.text
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

KanboxUpdate.exe

.exe windows:5 windows x86 arch:x86

349f982a624258df4dbe31bfe0a68d59

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

4d:62:90:e5:8c:54:f0:f1:eb:17:34:1a:13:10:e6:a4
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

30/09/2010, 00:00

Not After

01/01/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0a:0d:7b:29:32:d2:c6:d5:7b:85:e7:d7:53:56:8e:67
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

24/11/2010, 00:00

Not After

23/11/2013, 23:59

Subject

CN=Beijing LEBO infinity Technology Development CO.\,LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Beijing LEBO infinity Technology Development CO.\,LTD,O=Beijing LEBO infinity Technology Development CO.\,LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\projects\duobox\client\download_lib_vc9\Bin\Product Release Pdb\KanboxUpdate.pdb

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetLastError

CreateFileW

CloseHandle

WriteFile

ReadFile

SetFilePointer

SetEndOfFile

GetFileSize

FlushFileBuffers

FindClose

FindFirstFileW

DeleteFileW

GetFileAttributesW

CreateDirectoryW

CopyFileW

RaiseException

EnterCriticalSection

LeaveCriticalSection

FlushInstructionCache

GetCurrentProcess

lstrcatW

lstrcpyW

WideCharToMultiByte

GetVersionExW

WaitForSingleObject

Sleep

GetTickCount

GetPrivateProfileStringW

GetCurrentThreadId

SetLastError

CreateMutexW

TerminateProcess

OpenProcess

CreateToolhelp32Snapshot

Process32NextW

Process32FirstW

DeleteCriticalSection

InitializeCriticalSection

VirtualAlloc

VirtualFree

IsProcessorFeaturePresent

LoadLibraryA

GetProcAddress

HeapAlloc

GetProcessHeap

HeapFree

GetSystemTimeAsFileTime

GetCurrentProcessId

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetStartupInfoW

InterlockedCompareExchange

InterlockedExchange

user32

EndDialog

GetParent

GetWindow

GetWindowRect

MonitorFromWindow

GetMonitorInfoW

GetClientRect

GetDlgItem

SetWindowPos

GetWindowLongW

GetActiveWindow

DialogBoxParamW

wsprintfW

SendMessageW

FindWindowW

IsWindow

SetWindowLongW

UnregisterClassA

GetDesktopWindow

MapWindowPoints

shell32

ShellExecuteExW

CommandLineToArgvW

SHGetSpecialFolderPathW

oleaut32

SysFreeString

msvcp90

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z