aa77827c6b8d379b87c6af82f95b477d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa77827c6b8d379b87c6af82f95b477d_JaffaCakes118
Size

1.5MB
MD5

aa77827c6b8d379b87c6af82f95b477d
SHA1

11f602dbc73131ce6753eff11bad83a5f58b2200
SHA256

95a0b93d9e8806e76743afab579e74367a99ac8aa91b44897a01190d4dc317df
SHA512

7bf6b6d0d932985b0ac80d5d4b73a82d98ce14917e074988075df83ebba25df319423b3f7d729812611d4c95b2f80d98640427148de287e59129ee9e0eeb6430
SSDEEP

49152:tr5jVy1pJoJCX7dloSKRd+TdnK4HPyh5RsOu:hdwDoSKd+TdnKkPyhDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
aa77827c6b8d379b87c6af82f95b477d_JaffaCakes118
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/TKChatCtrl.dll
unpack001/TKEmotionPlayer.dll
unpack001/TKGC.exe
unpack001/TKGMChatCtrl.dll
unpack001/TKGMChatask.exe
unpack001/TKGameChatCtrl.dll
unpack001/TKLord.exe
unpack001/TKReplayPlayer.exe
unpack001/TKReview.exe
unpack001/TKZip.dll
unpack001/deep.dll
unpack001/gdiplus.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

aa77827c6b8d379b87c6af82f95b477d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrcatA
FindClose
FindNextFileA
MulDiv
GlobalFree
lstrcpynA
GlobalAlloc
lstrcmpiA
FindFirstFileA
lstrcpyA

user32

TranslateMessage
GetMessageA
IsDialogMessageA
PostMessageA
DispatchMessageA
GetWindowLongA
CheckDlgButton
ShowWindow
LoadIconA
GetClientRect
MoveWindow
ScreenToClient
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextA
SendMessageA
IsDlgButtonChecked
GetWindowTextA
DestroyWindow
GetDlgItem
CreateDialogParamA
SetWindowLongA
wsprintfA
CallWindowProcA

gdi32

GetTextMetricsA
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 518B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
Emotion.cfg
Lisence.txt
PortBroker.ini
TKChatCtrl.dll
.dll windows:4 windows x86 arch:x86

4c2b3afc372329da572128d3b3058a11

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\Lord\TKChatCtrl\Release\TKChatCtrl.pdb

Imports

mfc71

ord3357
ord5991
ord6068
ord5795
ord2617
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord1122
ord3830
ord2248
ord762
ord6090
ord3596
ord5059
ord2164
ord911
ord304
ord1586
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord4100
ord2094
ord3244
ord1283
ord3879
ord760
ord1955
ord3875
ord2322
ord265
ord2902
ord2469
ord4109
ord5563
ord781
ord3997
ord5833
ord2271
ord297
ord3761
ord3989
ord6144
ord6067
ord5873
ord4248
ord1084
ord1544
ord737
ord549
ord1490
ord1123
ord4813
ord1450
ord730
ord3563
ord310
ord2882
ord876
ord784
ord578
ord2794
ord2092
ord658
ord6120
ord642
ord4236
ord1558
ord1637
ord3473
ord3489
ord3651
ord591
ord3171
ord1547
ord4353
ord4234
ord2089
ord4098
ord1483
ord1931
ord572
ord2991
ord587
ord4232
ord1545
ord3423
ord3684
ord4238
ord1571
ord1641
ord764
ord1903
ord4261
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord1645
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5214
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1402
ord3946
ord1617
ord1620
ord5915
ord1482
ord581
ord1167
ord1092
ord1209
ord314
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord912
ord266
ord651
ord1930
ord1489
ord6118
ord299
ord2933
ord3210
ord1934
ord3161
ord1280
ord1279
ord5637
ord2372
ord2370
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord347
ord416
ord3350
ord3349
ord2873
ord3402
ord5731
ord2264
ord2367
ord2234
ord5613
ord6065
ord709
ord2657
ord501
ord1968
ord1564
ord3204
ord3302
ord4125
ord753
ord563
ord741
ord2095
ord1591
ord4240
ord3317
ord589
ord330

msvcr71

time
atoi
sprintf
_splitpath
__CxxFrameHandler
strncmp
free
_except_handler3
malloc
_localtime64
memmove
fclose
_strtime
vsprintf
memset
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??1type_info@@UAE@XZ
?terminate@@YAXXZ
realloc
strncpy

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
LocalAlloc
LocalFree
CreateThread
GetPrivateProfileStringA
WaitForSingleObject
ExitProcess
TerminateThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetEvent
CloseHandle
lstrcpynA
Sleep
GetTickCount
MultiByteToWideChar
GetVersionExA
LoadLibraryA
FreeLibrary
WritePrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileIntA
GetProcAddress
ReleaseSemaphore
GetModuleHandleA
CreateMutexA
CreateFileA
GetFileSize
ReadFile
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateEventA
GetCurrentProcessId

user32

PostMessageA
ClientToScreen
DrawTextA
SendMessageA
CopyRect
EnableWindow
ReleaseDC
GetDC
SetWindowRgn
IsWindow
OffsetRect
CopyImage
UnionRect
GetWindowRect
RedrawWindow
TabbedTextOutA
DrawTextExA
GrayStringA
GetFocus
ScreenToClient
SetCapture
ReleaseCapture
GetCapture
SetCursor
DestroyIcon
PtInRect
GetCursorPos
InvalidateRect
GetWindowDC
IntersectRect
DestroyCursor
LoadCursorA
SetTimer
KillTimer
SendMessageTimeoutA
GetParent
GetAsyncKeyState
wsprintfA
SetRect
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
GetWindowLongA
GetClientRect
GetSysColor
IsWindowVisible

gdi32

GetObjectA
SelectObject
ExtTextOutA
DeleteObject
CreateCompatibleDC
BitBlt
DeleteDC
CreateFontIndirectA
SetDIBitsToDevice
OffsetRgn
Escape
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateRectRgn
GetPixel
ExtCreateRegion
CombineRgn
GetDeviceCaps
SelectPalette
RealizePalette
SetStretchBltMode
StretchBlt
CreateDIBSection
GetStockObject

oleaut32

OleLoadPicture

ws2_32

ioctlsocket
WSAGetLastError
WSAStartup

gdiplus

GdipFree
GdipDisposeImage
GdipAlloc
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipCloneImage

msimg32

TransparentBlt

comctl32

InitializeFlatSB
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent

ole32

CreateStreamOnHGlobal

Exports

Exports

InitCtrl

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKEmotionPlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

ee275346870ecc52c3f8c8bd701a46c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\TKEmotionPlayer\Release\TKEmotionPlayer.pdb

Imports

mfc71

ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord581
ord1167
ord1092
ord1209
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord6252
ord1050
ord1144
ord1128
ord5383
ord3830
ord757
ord566
ord3333
ord4261
ord4481
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2838
ord2714
ord4307
ord2835
ord2731
ord764
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord4014
ord4038
ord3683
ord384
ord5089
ord2903
ord629
ord5323
ord1439
ord1084
ord265
ord1917
ord310
ord783
ord2902
ord2322
ord876
ord578
ord266
ord314
ord1187
ord1191
ord762
ord5102

msvcr71

_except_handler3
??0exception@@QAE@ABV0@@Z
_CxxThrowException
free
malloc
__CxxFrameHandler
_purecall
realloc
sprintf
wcsncpy
memset
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_resetstkoflw
__CppXcptFilter
_initterm
_adjust_fdiv
?terminate@@YAXXZ
__security_error_handler
_onexit
__dllonexit
??1type_info@@UAE@XZ

kernel32

InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
ExitProcess
LocalAlloc
LocalFree
lstrcatA
lstrcpyA
IsBadReadPtr
GetCurrentThreadId
HeapAlloc
GetCurrentProcess
FlushInstructionCache
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GlobalUnlock
IsDBCSLeadByte
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
lstrcpynA
MulDiv
lstrcmpiA
lstrlenA
GetProcessHeap
HeapFree
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetLastError
GlobalAlloc
GlobalFree
GlobalLock
DeleteCriticalSection
InitializeCriticalSection
RaiseException

user32

UnregisterClassA
CharNextA
InvalidateRect
ReleaseDC
GetDC
DestroyWindow
DefWindowProcA
PtInRect
SetFocus
GetParent
wsprintfA
CreateWindowExA
RegisterClassExA
LoadCursorA
GetClassInfoExA
KillTimer
FillRect
SetTimer
EnumThreadWindows
GetGUIThreadInfo
SetRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetKeyState
IsWindow
EndPaint
GetClientRect
BeginPaint
IsChild
GetFocus
ShowWindow

gdi32

CreateMetaFileA
DeleteDC
SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA
ExtTextOutA
SaveDC
SelectObject
CreateCompatibleBitmap
SetBkMode
CreateCompatibleDC
DeleteObject
CreateSolidBrush
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
GetDeviceCaps
DeleteMetaFile
CreateRectRgnIndirect
BitBlt
SetBkColor

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shlwapi

PathFindExtensionA

ole32

CoCreateInstance
StringFromGUID2
OleSaveToStream
WriteClassStm
OleLoadFromStream
CreateOleAdviseHolder
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

VariantChangeType
SysStringByteLen
VariantInit
VariantClear
VarUI4FromStr
SysFreeString
OleLoadPicture
RegisterTypeLi
SysAllocStringByteLen
LoadRegTypeLi
LoadTypeLi
SysStringLen
OleCreatePropertyFrame
UnRegisterTypeLi
SysAllocString

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKGC.XML
TKGC.exe
.exe windows:4 windows x86 arch:x86

3e1f678009c2886d792bd5eccec9059b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Jj\Src\Client\Tkgc\bin\TKGC.pdb

Imports

mfc71

ord558
ord265
ord304
ord5613
ord1395
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord5866
ord2131
ord6180
ord6174
ord602
ord1966
ord6037
ord5642
ord1279
ord347
ord1005
ord5460
ord1161
ord5873
ord2794
ord2469
ord6144
ord2882
ord2866
ord3795
ord2164
ord2370
ord4353
ord3850
ord6168
ord5710
ord5833
ord651
ord416
ord6223
ord1968
ord1564
ord3302
ord5635
ord730
ord1645
ord1586
ord3304
ord1185
ord2286
ord5637
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord5727
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord6062
ord4115
ord709
ord501
ord3762
ord1489
ord6118
ord299
ord2933
ord1084
ord1191
ord1187
ord326
ord1485
ord577
ord6137
ord283
ord3683
ord3182
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord746
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord5563
ord3997
ord2272
ord1123
ord1054
ord1122
ord1126
ord3830
ord760
ord5403
ord2468
ord305
ord4109
ord2271
ord3651
ord3489
ord1930
ord2368
ord2367
ord3350
ord3349
ord2873
ord2234
ord2657
ord3402
ord2495
ord3989
ord6120
ord3684
ord3596
ord5991
ord6068
ord5795
ord5993
ord6236
ord3357
ord3423
ord1545
ord4232
ord587
ord753
ord563
ord3761
ord2654
ord722
ord530
ord6005
ord5714
ord4081
ord1425
ord3576
ord3163
ord3401
ord4320
ord758
ord567
ord2168
ord3473
ord1637
ord1558
ord4236
ord642
ord589
ord330
ord3563
ord3361
ord4888
ord1278
ord4248
ord737
ord549
ord4813
ord1450
ord1929
ord1979
ord1290
ord912
ord5059
ord4564
ord4125
ord2371
ord1283
ord1955
ord3244
ord2094
ord4100
ord784
ord908
ord911
ord907
ord781
ord3934
ord297
ord3161
ord1280
ord6283
ord6281
ord762
ord1091
ord5731
ord2902
ord3204
ord1934
ord3210
ord6090
ord2372
ord1790
ord3171
ord4234
ord1547
ord1207
ord2089
ord4098
ord1483
ord1931
ord591
ord2264
ord1903
ord4580
ord310
ord2322
ord876
ord6067
ord3875
ord5871
ord6065
ord1794
ord354
ord266
ord3879
ord3230
ord2958
ord4238
ord1571
ord1641
ord2092
ord764
ord572
ord3317
ord4261
ord2991
ord5214
ord4240
ord1402
ord5915
ord1591
ord2095
ord658
ord741
ord605
ord4262
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4735
ord4212
ord5182
ord578
ord3441
ord2018
ord3641

msvcr71

__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
__security_error_handler
?terminate@@YAXXZ
memset
getenv
strtod
exit
printf
isprint
abort
_adjust_fdiv
_iob
fprintf
strncmp
??1type_info@@UAE@XZ
_setjmp3
longjmp
_CxxThrowException
_CIpow
_CIfmod
fscanf
_setmbcp
_stricmp
__CxxFrameHandler
__p__commode
__p__fmode
_snprintf
__set_app_type
memmove
localtime
time
free
qsort
realloc
atol
atoi
bsearch
__CxxLongjmpUnwind
_controlfp
sprintf
malloc
_resetstkoflw
_except_handler3
__p___argc
isdigit
__p___argv
_mbschr
_mbsnbcpy
_mbsstr
_mbsncmp
_mbsnbcmp
_mbsnicmp
_mbclen
_mbccpy
fclose
fread
ftell
fseek
strerror
_errno
fopen
fwrite
strtol
strchr
mktime
sscanf
floor
strncpy
_purecall
fflush
fputc
getc
fgets
wctomb

kernel32

GetFileAttributesA
CreateDirectoryA
ReadFile
GetFileSize
CreateFileA
WaitForSingleObject
GetCurrentProcessId
CreateSemaphoreA
GlobalFree
CreateMutexA
ExitProcess
Sleep
SetEvent
CreateEventA
TerminateThread
CreateThread
WritePrivateProfileStringA
OpenFileMappingA
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleA
LocalAlloc
LocalFree
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
lstrcmpiA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
lstrcpynA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenA
GlobalReAlloc
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryA
CreateProcessA
lstrcatA
GetTickCount
SetProcessWorkingSetSize
GetCurrentProcess
DeleteFileA
GetTempFileNameA
GetTempPathA
FreeLibrary
GetModuleFileNameA
GetPrivateProfileStringA
FindClose
FindFirstFileA
MultiByteToWideChar
GetLastError
RaiseException
GetPrivateProfileIntA
DeleteCriticalSection
InitializeCriticalSection

user32

GetMessageA
PeekMessageA
DestroyWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
EndPaint
BeginPaint
FillRect
GetWindowRgn
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
InflateRect
GetDC
ReleaseDC
WindowFromPoint
ChildWindowFromPointEx
SetRectEmpty
GetSystemMetrics
SetPropA
LoadIconA
WaitForInputIdle
ShowWindow
DestroyIcon
wsprintfA
SystemParametersInfoA
TranslateMessage
EnumWindows
SendMessageTimeoutA
GetMessagePos
LoadCursorA
SetCursor
SetParent
GetActiveWindow
KillTimer
SetTimer
IsWindowVisible
ScreenToClient
ClientToScreen
IsIconic
GetSystemMenu
InsertMenuA
GetMenuItemCount
AppendMenuA
CreatePopupMenu
GetDesktopWindow
GetWindow
PtInRect
SetRect
GetPropA
OpenClipboard
EmptyClipboard
DispatchMessageA
ReleaseCapture
SetClipboardData
CloseClipboard
CopyRect
BringWindowToTop
OffsetRect
GetParent
SetWindowRgn
PostMessageA
GetWindowLongA
SetCapture
IntersectRect
GetWindowDC
DrawIcon
UpdateWindow
GetCursorPos
DestroyCursor
GetFocus
RedrawWindow
UnionRect
GetWindowRect
GetSysColor
CopyImage
FindWindowA
MessageBoxA
SetWindowPos
GetClientRect
EnableWindow
SendMessageA
SetLayeredWindowAttributes
IsWindow
InvalidateRect
SetWindowLongA
IsRectEmpty

gdi32

SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
RestoreDC
RealizePalette
GetDIBits
SetDIBitsToDevice
GetTextExtentPoint32A
GetTextExtentPointA
CreateSolidBrush
OffsetRgn
GetTextMetricsA
StretchBlt
GetPixel
CreateDCA
SelectClipRgn
SetBkMode
SetTextColor
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetBkColor
CreateCompatibleBitmap
Ellipse
CreateRectRgn
CreateFontIndirectA
CreateCompatibleDC
GetObjectA
CreateDIBSection
SelectObject
BitBlt
ExtCreateRegion
CombineRgn
DeleteDC
GetStockObject
DeleteObject

msimg32

AlphaBlend
TransparentBlt

shell32

ShellExecuteA

comctl32

InitializeFlatSB
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_Draw
ord17
ImageList_AddMasked
_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindExtensionA

ole32

OleCreate
OleDraw
OleUninitialize
CreateStreamOnHGlobal
OleSetContainedObject
OleInitialize

oleaut32

SysFreeString
SysAllocString
OleLoadPicture
GetErrorInfo
VariantClear

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ws2_32

recv
WSAGetLastError
send
setsockopt
connect
ioctlsocket
closesocket
bind
socket
WSAStartup
gethostbyname
inet_addr
htons
inet_ntoa
htonl

gdiplus

GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipLoadImageFromFile
GdipGetImageEncoders
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipReleaseDC
GdipDrawImageRectRect
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKGMChatCtrl.dll
.dll windows:4 windows x86 arch:x86

f23c49b67be5561537d1ec0e0601046f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\TKGMChatCtrl\Release\TKGMChatCtrl.pdb

Imports

mfc71

ord1908
ord5073
ord6275
ord4185
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4262
ord605
ord354
ord5403
ord1044
ord1192
ord1200
ord1119
ord2264
ord5976
ord5641
ord6062
ord1201
ord1120
ord3684
ord3563
ord6068
ord5795
ord5993
ord5991
ord4353
ord6208
ord4048
ord2863
ord4100
ord2094
ord3244
ord1955
ord1283
ord1645
ord1586
ord5915
ord1402
ord5214
ord2991
ord4261
ord572
ord730
ord3361
ord3997
ord3357
ord3761
ord6144
ord5152
ord5059
ord629
ord1439
ord5323
ord2903
ord5089
ord384
ord2475
ord3934
ord630
ord631
ord4104
ord2747
ord1440
ord2280
ord386
ord2021
ord385
ord6288
ord383
ord2131
ord2271
ord1009
ord6255
ord2164
ord6090
ord6236
ord2086
ord1545
ord4232
ord3164
ord587
ord753
ord563
ord1892
ord1425
ord911
ord1101
ord2022
ord391
ord3389
ord3088
ord2468
ord305
ord4001
ord4123
ord3287
ord1554
ord3195
ord620
ord3161
ord4888
ord3683
ord2248
ord3830
ord5213
ord314
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1175
ord1177
ord1209
ord1092
ord1167
ord581
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4735
ord4212
ord5182
ord283
ord6137
ord874
ord577
ord1485
ord501
ord4749
ord709
ord4580
ord4115
ord6283
ord6065
ord5203
ord2168
ord310
ord781
ord1728
ord5731
ord5640
ord330
ord304
ord2322
ord784
ord907
ord6067
ord589
ord2367
ord347
ord602
ord1794
ord1063
ord1903
ord5637
ord1279
ord1280
ord3302
ord3204
ord3163
ord2368
ord1934
ord3210
ord1084
ord1482
ord6118
ord2933
ord299
ord2902
ord876
ord1489
ord297
ord578
ord4320
ord2654
ord1187
ord1191
ord3441
ord3641
ord6286
ord5320
ord6297
ord5331
ord762
ord3255
ord764
ord2657
ord5613
ord2372
ord4125
ord266
ord265
ord5833
ord1185

msvcr71

memmove
__CxxFrameHandler
malloc
free
_resetstkoflw
_except_handler3
_initterm
_mbscmp
??1exception@@UAE@XZ
??0exception@@QAE@XZ
strftime
_localtime64
??0exception@@QAE@ABV0@@Z
_adjust_fdiv
__CppXcptFilter
_mbsnbcpy
_CxxThrowException
_time64
strrchr
sprintf
atoi
_mbschr
_mbsstr
_mbsncmp
_mbsnbcmp
_mbsnicmp
_mbclen
_mbccpy
wctomb
strtol
_splitpath
memset
__security_error_handler
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ

kernel32

GetProfileIntA
lstrlenA
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetLastError
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeLibrary
CopyFileA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
CreateDirectoryA
MulDiv
Sleep
GetProcAddress
GetPrivateProfileStringA
LocalFree
WritePrivateProfileStringA
LocalAlloc
ExitProcess
GetTickCount
QueryPerformanceCounter

user32

DrawFrameControl
InvalidateRect
DestroyIcon
LoadImageA
FrameRect
FillRect
LoadBitmapA
HideCaret
GetForegroundWindow
FlashWindow
GetAsyncKeyState
IsClipboardFormatAvailable
GetClipboardData
DrawFocusRect
OpenClipboard
ClientToScreen
PostMessageA
SetTimer
CreatePopupMenu
GetMessageA
DispatchMessageA
ReleaseCapture
SetCapture
GetCapture
GetDCEx
UpdateWindow
ScreenToClient
InflateRect
EqualRect
DrawStateA
GetSysColor
SetRectEmpty
IsWindow
EnableWindow
GetSystemMetrics
GetFocus
CloseClipboard
KillTimer
CopyRect
GetWindowRect
GetClientRect
RedrawWindow
GetParent
OffsetRect
SetCursor
ReleaseDC
GetDC
CheckMenuItem
GetMessageTime
AppendMenuA
PtInRect
SetRect
SendMessageA
InvalidateRgn
LoadCursorA
IsRectEmpty
GetCursorPos
GetKeyState
GetMessagePos

gdi32

UnrealizeObject
CreateBitmap
CreatePatternBrush
PatBlt
CreatePen
DeleteObject
CreateCompatibleBitmap
GetTextMetricsA
GetTextExtentPoint32A
GetPixel
BitBlt
Rectangle
SelectObject
CreateCompatibleDC
CombineRgn
CreateRectRgnIndirect
CreateRectRgn
CreateDCA
GetDeviceCaps
DeleteDC
GetObjectA
GetStockObject
CreateSolidBrush

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFindExtensionW
PathFindExtensionA

ole32

RevokeDragDrop
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleCreate
OleSetContainedObject
CoCreateGuid
StringFromCLSID
CoTaskMemFree

oleaut32

SysAllocString

gdiplus

GdipAlloc
GdipCloneImage
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage
GdipFree

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

EXEInit

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKGMChatask.exe
.exe windows:4 windows x86 arch:x86

56c52fdcb1e57e990b6830d0607f7fc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\TKGMChatask\Release\TKGMChatask.pdb

Imports

mfc71

ord760
ord3576
ord3210
ord1934
ord3204
ord1280
ord2095
ord1591
ord4240
ord741
ord709
ord3761
ord5642
ord501
ord5403
ord2468
ord784
ord297
ord911
ord907
ord305
ord1489
ord299
ord2933
ord6118
ord3934
ord4115
ord4001
ord5641
ord4123
ord3287
ord3163
ord1545
ord4232
ord3164
ord587
ord1063
ord2367
ord2654
ord4541
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord2248
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord605
ord2020
ord5975
ord1614
ord1122
ord3830
ord3641
ord3908
ord5182
ord4212
ord4735
ord4890
ord4580
ord1671
ord1670
ord1551
ord5912
ord1401
ord5203
ord4262
ord3182
ord354
ord4104
ord2164
ord6065
ord1084
ord2371
ord631
ord1440
ord2475
ord2748
ord3931
ord2288
ord2280
ord386
ord1880
ord1892
ord1883
ord1794
ord4749
ord1425
ord6090
ord5731
ord4320
ord6067
ord1101
ord4035
ord3441
ord3762
ord1554
ord3195
ord620
ord5493
ord2703
ord3201
ord380
ord3161
ord1279
ord5637
ord602
ord1968
ord2263
ord347
ord629
ord5323
ord2903
ord5089
ord384
ord1966
ord6037
ord5727
ord2368
ord3302
ord1971
ord5634
ord2233
ord1092
ord3233
ord423
ord660
ord4063
ord866
ord5466
ord912
ord1278
ord3596
ord310
ord5833
ord6144
ord4248
ord1123
ord2322
ord5059
ord730
ord572
ord4261
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2991
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord737
ord549
ord4813
ord1450
ord1091
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord1207
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5214
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1402
ord3946
ord1617
ord1620
ord5915
ord1586
ord1645
ord1903
ord1283
ord1955
ord3244
ord2094
ord4100
ord304
ord2863
ord4353
ord5991
ord2902
ord876
ord2131
ord781
ord578
ord3563
ord3684
ord6286
ord5320
ord6297
ord5331
ord762
ord3255
ord764
ord2657
ord5613
ord2372
ord4125
ord266
ord265
ord1054
ord1185

msvcr71

_mbclen
_mbsnicmp
_mbsnbcmp
_mbsncmp
_mbsstr
_mbschr
fopen
_errno
strerror
fseek
ftell
_mbccpy
fclose
atoi
_time64
_localtime64
strftime
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_mbsnbcpy
__CxxFrameHandler
memmove
wctomb
strtol
sprintf
malloc
free
_except_handler3
strrchr
time
realloc
_setmbcp
_splitpath
strchr
memset
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
fread
_controlfp

kernel32

GlobalAlloc
GetProcAddress
DeleteFileA
RemoveDirectoryA
CreateMutexA
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
CloseHandle
LocalAlloc
LocalFree
GetModuleFileNameA
GetLastError
FreeLibrary
LoadLibraryA
GlobalLock
GlobalUnlock
GetVersionExA
WritePrivateProfileStringA
WaitForSingleObject
CreateThread
TerminateThread
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
Sleep
MulDiv
GetPrivateProfileStringA
GetPrivateProfileIntA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

DrawStateA
OffsetRect
CreatePopupMenu
GetParent
DrawFocusRect
RedrawWindow
CopyRect
GetWindowRect
GetClientRect
CallWindowProcA
SetWindowPos
SetWindowRgn
DrawIconEx
DestroyIcon
PtInRect
MoveWindow
UpdateWindow
SystemParametersInfoA
GetWindowDC
GetMenuItemID
GetMenuItemCount
ShowWindow
GetWindowLongA
SetWindowLongA
GetDesktopWindow
ReleaseDC
GetDC
IsWindow
GetSystemMetrics
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
InflateRect
AppendMenuA
SendMessageA
PostMessageA
ClientToScreen
EnableWindow
InvalidateRect
DrawTextA
SetTimer
IsIconic
GetSystemMenu
DrawIcon
wsprintfA
FillRect
FrameRect
CopyImage
GetSysColor
DrawFrameControl

gdi32

CreateRectRgn
CreateICA
GetDIBits
DeleteDC
ExtCreateRegion
SelectPalette
SelectObject
BitBlt
RealizePalette
GetObjectA
CreateBitmap
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetTextExtentPoint32A
Rectangle
CreateSolidBrush
CreatePen
SetBkMode
SetTextColor
CreateFontIndirectA
CombineRgn

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ord17

ole32

RevokeDragDrop
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

ws2_32

socket
htonl
bind
closesocket
inet_addr
gethostbyname
htons
connect
setsockopt
send
WSAGetLastError
recv
WSAStartup
ioctlsocket

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKGameChatCtrl.dll
.dll windows:4 windows x86 arch:x86

df267aa6e61fb1f04cb2113033041166

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\TKProject\Client\Client\Tool\TKGameChatCtrl\Release\TKGameChatCtrl.pdb

Imports

mfc71

ord5719
ord3180
ord602
ord347
ord1160
ord1071
ord5214
ord578
ord6255
ord876
ord6048
ord3934
ord310
ord1968
ord5644
ord4001
ord4123
ord5641
ord502
ord326
ord6065
ord6283
ord1009
ord709
ord2264
ord501
ord6090
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord1122
ord3830
ord2248
ord784
ord5491
ord1482
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord4100
ord2094
ord3244
ord1283
ord605
ord3337
ord1955
ord6068
ord5795
ord5993
ord2164
ord5991
ord2902
ord297
ord3997
ord5833
ord3989
ord6144
ord6067
ord911
ord304
ord589
ord2022
ord330
ord391
ord3357
ord3563
ord1645
ord1586
ord730
ord2863
ord3761
ord1230
ord2991
ord3304
ord5059
ord3361
ord762
ord1084
ord1917
ord1439
ord5323
ord629
ord2903
ord5089
ord384
ord1191
ord1185
ord265
ord266
ord2322
ord3255
ord5331
ord6297
ord5320
ord6286
ord3684
ord3596
ord5915
ord1620
ord1617
ord3946
ord1402
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord3403
ord4722
ord4282
ord5921
ord5401
ord5414
ord5588
ord5523
ord5647
ord5642
ord5727
ord6037
ord5888
ord6057
ord4161
ord6054
ord5608
ord6060
ord5611
ord2527
ord1903
ord2372
ord2367
ord4125
ord5637
ord1279
ord3286
ord1280
ord3161
ord1934
ord3210
ord4353
ord753
ord572
ord563
ord760
ord4261
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord1600
ord5960
ord5235
ord5233
ord1091
ord1450
ord4813
ord549
ord737
ord1123
ord4248
ord1278
ord764
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord4081
ord2272
ord4109
ord5714
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord6005
ord530
ord722
ord2654
ord5731
ord5613
ord587
ord4232
ord1545
ord3302
ord3204
ord3423
ord581
ord1167
ord1092
ord1209
ord314
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord912
ord5563
ord781

msvcr71

_splitpath
malloc
free
_except_handler3
sprintf
fread
fclose
ftell
fseek
fopen
atoi
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
__CxxFrameHandler
_mbscmp
strchr
_purecall
strncpy
_localtime64
memmove
realloc
time
memset
??1type_info@@UAE@XZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_stricmp
??1exception@@UAE@XZ

kernel32

GlobalReAlloc
ReadFile
CloseHandle
GetFileSize
CreateFileA
CreateMutexA
Sleep
SetEvent
CreateEventA
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CreateThread
WaitForSingleObject
GetModuleHandleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
GetPrivateProfileStringA
lstrcpynA
MultiByteToWideChar
GetVersionExA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
GlobalAlloc

user32

DrawStateA
OffsetRect
FrameRect
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
GetForegroundWindow
EnableWindow
SendMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
FillRect
GetDC
ReleaseDC
KillTimer
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
PostMessageA
ClientToScreen
GetParent
SendMessageTimeoutA
IsWindow
SetRect
SetTimer
LoadCursorA
CopyRect
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
IntersectRect
GetWindowDC
SetCursor
DestroyCursor
GetWindowLongA
RedrawWindow
GetAsyncKeyState
SetWindowRgn
CopyImage
GetSysColor

gdi32

DeleteObject
CreateSolidBrush
DeleteDC
BitBlt
GetDeviceCaps
CreateCompatibleDC
RectVisible
TextOutA
Escape
GetObjectA
GetStockObject
CreateCompatibleBitmap
SelectObject
PtVisible
ExtTextOutA
SetDIBitsToDevice
OffsetRgn
ExtCreateRegion
CreateRectRgn
GetPixel
CombineRgn
CreateDIBSection
SetBkColor

shell32

ShellExecuteA

ole32

OleSetContainedObject
OleCreate
RevokeDragDrop
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal

oleaut32

OleLoadPicture

ws2_32

recv
ioctlsocket
htons
gethostbyname
inet_addr
closesocket
WSAGetLastError
socket
inet_ntoa
htonl
WSAStartup
send
setsockopt
bind
connect

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

gdiplus

GdipLoadImageFromFile
GdipDeleteGraphics
GdipCreateImageAttributes
GdipCreateHBITMAPFromBitmap
GdipFree
GdipDisposeImage
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipReleaseDC
GdipDrawImageRectRect
GdipAlloc
GdipCloneImage
GdipDisposeImageAttributes

msimg32

TransparentBlt

comctl32

_TrackMouseEvent

Exports

Exports

ChatAction
ExEnter
ExEnterEx
GetActionList
InitCtrl
InitCtrlEx
InitCtrlEx2
SetShowTrace

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKLobby.exe
.exe windows:4 windows x86 arch:x86

ff7605297da92c54abca614165c78853

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ce:ba:5d:bb:3c:c2:c4:89:da:1f:23:b9:5d:6b:68:7d:85:e3:51:a4
Signer

Actual PE Digest

ce:ba:5d:bb:3c:c2:c4:89:da:1f:23:b9:5d:6b:68:7d:85:e3:51:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Work\TKLobbyClient\Release\TKLobbyClient.pdb

Imports

mfc71

ord762
ord1489
ord876
ord2902
ord299
ord2933
ord6118
ord1482
ord2372
ord1903
ord2419
ord2420
ord2421
ord2418
ord2417
ord266
ord4081
ord265
ord3997
ord2469
ord5491
ord2923
ord2924
ord4200
ord3934
ord911
ord2272
ord907
ord4109
ord5206
ord6065
ord4935
ord4364
ord782
ord2271
ord5563
ord1892
ord1794
ord6067
ord2020
ord4212
ord4735
ord1084
ord2368
ord1279
ord5637
ord4125
ord1931
ord1483
ord4098
ord2089
ord1547
ord5915
ord1620
ord4234
ord5152
ord5214
ord928
ord930
ord2403
ord2385
ord2387
ord3345
ord1362
ord5175
ord1599
ord2714
ord2991
ord4261
ord3171
ord572
ord591
ord2367
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord5182
ord4890
ord1671
ord1670
ord1551
ord5912
ord1401
ord5203
ord4262
ord2321
ord2164
ord5731
ord6236
ord3761
ord6090
ord3989
ord2234
ord5613
ord347
ord2131
ord5833
ord2168
ord6119
ord753
ord563
ord6255
ord1009
ord1554
ord3195
ord620
ord2657
ord6283
ord2264
ord3648
ord3466
ord1161
ord5165
ord4265
ord5055
ord4872
ord4952
ord3210
ord1934
ord3161
ord1280
ord4100
ord2094
ord3244
ord1955
ord1283
ord2371
ord1063
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord764
ord2424
ord4019
ord1557
ord3945
ord5148
ord2173
ord1306
ord635
ord4250
ord6144
ord395
ord314
ord1072
ord4342
ord4277
ord4168
ord709
ord501
ord5205
ord4927
ord4104
ord4299
ord328
ord588
ord1527
ord4130
ord3684
ord3596
ord760
ord3357
ord5991
ord6068
ord5795
ord5993
ord4118
ord5059
ord2654
ord3683
ord5213
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord1395
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord2248
ord5975
ord1054
ord1122
ord1126
ord3830
ord741
ord2095
ord1591
ord4240
ord3317
ord6282
ord297
ord2322
ord781
ord2803
ord304
ord1230
ord4127
ord4353
ord410
ord310
ord784
ord648
ord578
ord4273
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2717
ord4307
ord2835
ord2731
ord2537
ord5200
ord1562
ord1655
ord1656
ord1964
ord5166
ord1360
ord4967
ord3344
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2415
ord2392
ord2408
ord2413
ord2396
ord330
ord589
ord5714
ord6005
ord530
ord722
ord3361
ord1586
ord730
ord1645
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord932
ord923
ord5233
ord3650
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord4185
ord6275
ord5073
ord1908
ord4244
ord1402
ord3946
ord1617
ord1619
ord5914
ord3974
ord4860
ord4863
ord4379
ord4384
ord4381
ord4399
ord4401
ord4386
ord4776
ord4587
ord4178
ord4171
ord4980
ord4389
ord4781
ord4204
ord4790
ord4443
ord4444
ord3740
ord4914
ord4519
ord4520
ord4920
ord4559
ord5049
ord4439
ord4368
ord4501
ord4846
ord4970
ord4529
ord4480
ord3563
ord4888
ord4123
ord4001
ord3287
ord326
ord5640
ord502
ord5641
ord3430
ord3401
ord3163
ord3576
ord3454
ord1425
ord567
ord758
ord4580
ord4320
ord605
ord354
ord3441
ord3641
ord1968
ord587
ord4232
ord1545
ord3302
ord3204
ord3423
ord557
ord1532
ord1254
ord745
ord5715
ord1185
ord6006
ord305
ord2468
ord5403
ord1091
ord1450
ord4813
ord549
ord737
ord1123
ord4248
ord1278
ord912
ord4971
ord4516
ord4673
ord4948
ord4794
ord4287
ord4376
ord4377
ord4963
ord4796
ord4710
ord4805
ord5053
ord4964
ord4649
ord4946
ord4507
ord4961
ord4674
ord4131
ord1302
ord2008
ord4132
ord3477
ord2425
ord1207

msvcr71

_itoa
_except_handler3
_fsopen
fseek
_strdate
_strtime
fputs
fflush
bsearch
realloc
memmove
free
time
sprintf
atoi
sscanf
strncmp
_CxxThrowException
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
rand
srand
strchr
atol
strftime
_localtime64
vsprintf
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
strtok
fclose
strrchr
memset
__security_error_handler
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_setmbcp
strtol
wctomb
fopen
_errno
strerror
ftell
fread
_mbccpy
_mbclen
_mbsnicmp
_mbsnbcmp
_mbsncmp
_mbschr
_strcmpi
_stricmp
_strnicmp
isalnum
mktime
isxdigit
isdigit
toupper
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln

kernel32

lstrlenA
GetLastError
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
ResetEvent
GetModuleFileNameA
CreateProcessA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetPrivateProfileIntA
DeleteFileA
WaitForSingleObject
ReleaseMutex
GetTickCount
GetPrivateProfileStringA
WriteFile
CreateFileA
CloseHandle
lstrcpynA
GetShortPathNameA
GetVersionExA
CreateDirectoryA
FindClose
FindFirstFileA
GetFileSize
IsDBCSLeadByte
ReleaseSemaphore
CreateSemaphoreA
CreateFileMappingA
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CreateThread
LocalFree
LocalAlloc
GlobalFree
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
SetProcessWorkingSetSize
GetCurrentProcess
CreateMutexA
SetEvent
GetCommandLineA
CreateEventA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
WritePrivateProfileStringA
ReadFile

user32

ReleaseDC
GetWindowDC
PtInRect
LoadCursorA
GetPropA
GetWindow
GetDesktopWindow
SendMessageTimeoutA
CreatePopupMenu
AppendMenuA
GetSystemMenu
IsIconic
IsZoomed
BringWindowToTop
GetDC
FlashWindow
SetForegroundWindow
LoadIconA
SystemParametersInfoA
SetCursor
GetCursorPos
DestroyCursor
DestroyIcon
RemovePropA
GetForegroundWindow
WaitForInputIdle
SetPropA
GetFocus
CopyRect
DrawTextA
UpdateWindow
TabbedTextOutA
KillTimer
RedrawWindow
IsWindowVisible
LoadBitmapA
OffsetRect
wsprintfA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
SetWindowRgn
SetRect
CopyImage
GetSysColor
ScreenToClient
FillRect
GetWindowTextA
IsRectEmpty
VkKeyScanA
keybd_event
SetRectEmpty
InflateRect
GetMessagePos
FrameRect
DrawEdge
ModifyMenuA
SetCapture
ReleaseCapture
IntersectRect
SendMessageA
GrayStringA
GetWindowLongA
SetTimer
InvalidateRect
EndDialog
IsWindow
EnableWindow
GetParent
GetWindowRect
DrawTextExA
MessageBoxA
GetLastActivePopup
GetClientRect
DrawIcon
PostMessageA
ShowWindow
SetLayeredWindowAttributes
SetWindowLongA

gdi32

ExtTextOutA
TextOutA
RectVisible
Escape
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetStockObject
CreateSolidBrush
DeleteObject
SelectObject
SetTextColor
SetBkMode
DeleteDC
CreateDIBSection
PtVisible
SetDIBitsToDevice
GetTextExtentPointA
CreateFontA
CreatePen
Rectangle
GetTextExtentPoint32A
OffsetRgn
CreateBitmap
StretchBlt
SetBkColor
ExtCreateRegion
CreateRectRgn
GetPixel
CombineRgn
GetObjectA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ord17
ImageList_Draw
ImageList_GetImageCount
FlatSB_EnableScrollBar
InitializeFlatSB
_TrackMouseEvent

shlwapi

UrlEscapeA

oleaut32

SysFreeString
OleLoadPicture

ws2_32

WSAStartup
socket
inet_addr
htonl
bind
closesocket
inet_ntoa
gethostbyname
gethostname
ioctlsocket
recv
WSAGetLastError
send
setsockopt
connect
htons

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipFree
GdipDisposeImage
GdipCreateFromHDC
GdipReleaseDC
GdipDrawImageRectRect
GdipAlloc
GdipCloneImage
GdipSetImageAttributesColorMatrix

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msimg32

TransparentBlt

ole32

CreateStreamOnHGlobal

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 524KB - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKLobby.ico
TKLord.exe
.exe windows:4 windows x86 arch:x86

2fc8e2eccd7447eb59f95a0e7d9817c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\Lord\TKReviewStart\Release\TKReviewStart.pdb

Imports

kernel32

CloseHandle
CreateProcessA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
SetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKLordDll.dll
.dll windows:4 windows x86 arch:x86

f48362c2a9fefa7b479ee384dbc8b488

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7f:c6:2d:0e:f3:23:ca:04:0e:5e:5c:2b:52:5a:e1:b5:9f:62:6c:4e
Signer

Actual PE Digest

7f:c6:2d:0e:f3:23:ca:04:0e:5e:5c:2b:52:5a:e1:b5:9f:62:6c:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\Lord\TKLordDll\Release\TKLordDll.pdb

Imports

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

mfc71

ord4081
ord5714
ord6005
ord530
ord722
ord3361
ord1586
ord730
ord1645
ord3563
ord581
ord1167
ord1092
ord3441
ord304
ord1191
ord1187
ord5182
ord4212
ord4735
ord4890
ord2020
ord1671
ord1670
ord1551
ord5912
ord1620
ord1617
ord3946
ord1401
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord5203
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4262
ord5731
ord578
ord3934
ord6067
ord876
ord2322
ord784
ord310
ord6090
ord2902
ord297
ord1489
ord1209
ord2933
ord6118
ord1903
ord764
ord781
ord3641
ord4580
ord605
ord587
ord2086
ord1545
ord5915
ord1402
ord4232
ord5214
ord2991
ord4261
ord3164
ord572
ord354
ord1794
ord1482
ord2469
ord5563
ord3997
ord5529
ord3684
ord3596
ord3210
ord1934
ord3204
ord1280
ord760
ord416
ord651
ord4353
ord5059
ord4564
ord1185
ord3879
ord709
ord501
ord5873
ord2131
ord2370
ord1564
ord3875
ord2794
ord4125
ord3161
ord1279
ord5637
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord347
ord266
ord2272
ord4109
ord907
ord2164
ord1009
ord3255
ord753
ord563
ord6255
ord5331
ord6297
ord5320
ord6286
ord2271
ord2372
ord1161
ord1395
ord314
ord3989
ord2368
ord591
ord1931
ord1483
ord4098
ord2089
ord1547
ord4234
ord3171
ord630
ord3088
ord2021
ord385
ord741
ord2095
ord1591
ord4240
ord3317
ord5613
ord3683
ord1084
ord2248
ord5213
ord4888
ord757
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5566
ord2838
ord4481
ord3333
ord566
ord6120
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord4320
ord2367
ord6065
ord758
ord3761
ord567
ord1425
ord3423
ord3302
ord1968
ord5635
ord2234
ord2654
ord3651
ord3489
ord1930
ord2092
ord1641
ord1571
ord4238
ord658
ord3350
ord3349
ord2873
ord2264
ord2657
ord3402
ord2882
ord2495
ord2866
ord3576
ord3163
ord3401
ord5833
ord2168
ord3357
ord5991
ord6068
ord5795
ord5993
ord3473
ord1637
ord1558
ord4236
ord642
ord589
ord330
ord299
ord3830

msvcr71

strchr
vsprintf
_mbschr
bsearch
malloc
free
_resetstkoflw
_except_handler3
__CxxFrameHandler
realloc
sprintf
atoi
strncmp
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_purecall
fflush
fputs
_strtime
_strdate
fseek
_fsopen
qsort
time
fclose
perror
fopen
_mbscmp
strrchr
_callnewh
memset
__security_error_handler
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter

kernel32

LocalAlloc
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
LocalFree
OutputDebugStringA
CloseHandle
GetModuleFileNameA
CreateMutexA
FindFirstFileA
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileStringA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
CreateSemaphoreA
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
ReleaseSemaphore
CreateFileA
GetFileSize
ReadFile
FindClose
MultiByteToWideChar
WideCharToMultiByte
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
lstrcpynA
ReleaseMutex
WaitForSingleObject
GetPrivateProfileStringA
GetPrivateProfileIntA
GetCurrentProcessId
DeleteFileA
GetFileAttributesA

user32

CopyRect
SendMessageA
GetClientRect
ClientToScreen
ScreenToClient
ReleaseDC
DrawTextA
PtInRect
TabbedTextOutA
GetFocus
UnionRect
GetSysColor
CopyImage
SetRectEmpty
ReleaseCapture
SetCapture
IntersectRect
BringWindowToTop
EnableWindow
IsRectEmpty
GetDC
PostMessageA
DrawIcon
DestroyIcon
LoadIconA
GetWindowRect
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
RemovePropA
FlashWindow
SetPropA
GetMessageTime
GetMessagePos
GetDesktopWindow
GetWindow
IsWindow
GetPropA
GetForegroundWindow
GetWindowThreadProcessId
LoadCursorA
GetParent
KillTimer
RedrawWindow
IsWindowVisible
InvalidateRect
UpdateWindow
SetTimer
FillRect
SetRect
GrayStringA
DrawTextExA
wsprintfA
FindWindowA
SetWindowRgn
GetWindowDC
OffsetRect
GetWindowRgn
DestroyCursor
SetCursor
InflateRect

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
CreateSolidBrush
CreateFontA
BitBlt
DeleteDC
CreateFontIndirectA
SelectObject
GetTextExtentPoint32A
CreateRectRgn
CombineRgn
OffsetRgn
GetPixel
CreateDIBSection
GetStockObject
SetBkColor
StretchBlt
CreateBitmap
SetDIBitsToDevice
SetTextColor
SetBkMode
GetTextExtentPointA
DeleteObject
ExtCreateRegion

msimg32

AlphaBlend
TransparentBlt

shell32

DragQueryFileA
ShellExecuteExA
DragAcceptFiles
ShellExecuteA

comctl32

ImageList_GetImageCount
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_Draw
ImageList_AddMasked
_TrackMouseEvent
ImageList_Remove
InitializeFlatSB

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysAllocString
OleLoadPicture
SysAllocStringLen
VariantClear

gdiplus

GdipGetImageHeight
GdiplusShutdown
GdiplusStartup
GdipDeleteBrush
GdipFree
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDeleteFont
GdipCreateSolidFill
GdipGetImageWidth
GdipSetStringFormatLineAlign
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipAlloc
GdipCloneBrush
GdipImageGetFrameCount
GdipLoadImageFromStreamICM
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipSetStringFormatAlign
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipSetImageAttributesColorMatrix
GdipReleaseDC
GdipDrawImageRectRect
GdipCloneImage

Exports

Exports

GCInit

Sections

.text
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKMatchInfo.dll
.dll windows:4 windows x86 arch:x86

f728363e5bcf57904e99c5e3ecc3885e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b2:9b:74:06:9c:ff:82:54:ce:a4:2c:53:5c:98:e7:b9:61:70:b2:60
Signer

Actual PE Digest

b2:9b:74:06:9c:ff:82:54:ce:a4:2c:53:5c:98:e7:b9:61:70:b2:60

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Work\TKMatchInfo\Release\TKMatchInfo.pdb

Imports

mfc71

ord3934
ord784
ord1009
ord911
ord907
ord709
ord501
ord2075
ord5491
ord2272
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord6006
ord1185
ord5715
ord557
ord2468
ord1482
ord745
ord4127
ord4115
ord4118
ord4125
ord1654
ord1598
ord2987
ord3328
ord754
ord3883
ord5868
ord651
ord416
ord2370
ord2884
ord2867
ord1968
ord1564
ord1395
ord2234
ord5613
ord1930
ord5833
ord2372
ord6065
ord6282
ord5059
ord5866
ord6283
ord5873
ord3875
ord5563
ord3997
ord2271
ord6281
ord3466
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord4019
ord1557
ord3945
ord5148
ord5205
ord2173
ord1306
ord4265
ord4250
ord4342
ord1283
ord1425
ord6144
ord3683
ord2248
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord1122
ord1054
ord3830
ord314
ord4564
ord2882
ord3879
ord2873
ord3795
ord4108
ord3287
ord2654
ord4001
ord4123
ord5641
ord2168
ord3576
ord2095
ord1591
ord4240
ord3317
ord741
ord1084
ord3420
ord1929
ord3890
ord6017
ord3302
ord2371
ord758
ord567
ord3648
ord2160
ord4299
ord4952
ord5165
ord3207
ord395
ord4675
ord635
ord4927
ord3337
ord1545
ord4232
ord3164
ord587
ord265
ord2131
ord1728
ord2451
ord3989
ord4888
ord3650
ord3477
ord4132
ord2008
ord1302
ord4131
ord4674
ord4961
ord4507
ord4946
ord4649
ord4964
ord5053
ord4805
ord4710
ord4796
ord4963
ord4377
ord4376
ord4287
ord4794
ord4948
ord4673
ord4516
ord4971
ord4480
ord4529
ord4970
ord4846
ord4501
ord4368
ord4439
ord5049
ord4559
ord4920
ord4520
ord4519
ord4914
ord3740
ord4444
ord4443
ord4790
ord4204
ord4781
ord4389
ord4980
ord4171
ord4178
ord4587
ord4776
ord4386
ord4401
ord4399
ord4381
ord4384
ord4379
ord4863
ord4860
ord3974
ord5914
ord1619
ord3344
ord1360
ord5166
ord1562
ord2717
ord4273
ord648
ord410
ord1230
ord2803
ord2419
ord2420
ord2421
ord2418
ord2417
ord4081
ord2469
ord2923
ord2924
ord4200
ord4109
ord5206
ord4935
ord4364
ord1091
ord3605
ord300
ord266
ord3180
ord5719
ord5921
ord5401
ord5414
ord5588
ord5523
ord5647
ord5642
ord5727
ord6037
ord5888
ord6057
ord4161
ord6054
ord5608
ord6060
ord5611
ord2527
ord2367
ord5637
ord1280
ord3161
ord2368
ord1934
ord3210
ord762
ord4320
ord753
ord563
ord2866
ord4238
ord1571
ord1641
ord2092
ord4353
ord1161
ord760
ord3596
ord3684
ord3761
ord4735
ord310
ord2322
ord6067
ord6090
ord347
ord1279
ord2264
ord1966
ord602
ord304
ord781
ord2164
ord1794
ord764
ord5182
ord572
ord3195
ord4261
ord2991
ord5214
ord1402
ord5915
ord1554
ord1903
ord2933
ord299
ord6118
ord2902
ord876
ord1489
ord297
ord578
ord5731
ord620
ord4262
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord1614
ord5714
ord6005
ord530
ord722
ord3361
ord1586
ord730
ord1645
ord3563
ord330
ord589
ord642
ord4236
ord1558
ord1637
ord3473
ord5993
ord5795
ord6068
ord4035
ord5991
ord3357
ord5640
ord326
ord1955
ord3244
ord2094
ord4100
ord3163
ord3691
ord6048
ord6255
ord305
ord5403
ord2794
ord6120
ord2495
ord3402
ord2657
ord3349
ord3350
ord658
ord3489
ord3651
ord3908
ord3423
ord4580
ord605
ord354
ord3441
ord3641
ord1450
ord4813
ord549
ord737
ord1123
ord4248
ord1278
ord912
ord765
ord315
ord1037
ord1206
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4212
ord3204
ord1208
ord1098
ord371
ord1120
ord1201
ord1175
ord1177
ord1209
ord1092
ord1167
ord581

msvcr71

memmove
realloc
free
__CxxFrameHandler
srand
rand
isdigit
strrchr
atof
sprintf
atoi
bsearch
_localtime64
strftime
atol
strstr
qsort
strncpy
_except_handler3
malloc
_strtime
time
strchr
_itoa
sscanf
vsprintf
_CxxThrowException
strncmp
_mbschr
memset
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
_strcmpi
_strnicmp
_mbsncmp
strtol
wctomb
fopen
_errno
strerror
fseek
ftell
fread
fclose
_mbccpy
_mbclen
_mbsnicmp
_mbsnbcmp

kernel32

GetFileAttributesA
GetShortPathNameA
GlobalReAlloc
_lopen
_llseek
_lread
_lclose
LocalFree
GlobalFree
GetModuleFileNameA
LocalAlloc
GlobalLock
GlobalUnlock
FreeLibrary
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrlenA
GetLastError
MultiByteToWideChar
GetTickCount
lstrcpynA
GetVersionExA
GetModuleHandleA
CloseHandle
ReadFile
GetFileSize
CreateFileA
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
Sleep
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetEvent
CreateEventA
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CreateThread
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalAlloc

user32

GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
InvalidateRect
ReleaseDC
GetDC
PostMessageA
GetClientRect
LoadCursorA
IsWindow
SendMessageA
EnableWindow
KillTimer
SetTimer
OffsetRect
SetRect
ScreenToClient
IsWindowVisible
GetParent
GetWindowLongA
SetWindowLongA
SetForegroundWindow
UpdateWindow
BringWindowToTop
DestroyWindow
ShowWindow
IsIconic
GetCursorPos
PtInRect
CreatePopupMenu
SendMessageTimeoutA
MoveWindow
InflateRect
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetDesktopWindow
EnableMenuItem
GetForegroundWindow
IsRectEmpty
IntersectRect
FlashWindow
CopyRect
SetCursor
DestroyCursor
GetSystemMetrics
GetWindowDC
GetSysColor
GetSystemMenu
SetWindowRgn
IsZoomed
SystemParametersInfoA
EqualRect
SetCapture
DrawFocusRect
ReleaseCapture
GetFocus
GetAsyncKeyState
DrawEdge
GetWindowTextA
CopyImage
UnionRect
DestroyIcon
FrameRect
wsprintfA
GetWindowRect
AppendMenuA
ModifyMenuA
DrawIcon
LoadIconA
SetRectEmpty
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
FillRect
DrawTextExA

gdi32

GetTextExtentPoint32A
SetBkColor
SetMapMode
SetStretchBltMode
GetPaletteEntries
CreateDIBSection
CreateDIBitmap
StretchBlt
CreateBitmap
GetPixel
CreateDCA
SelectPalette
RealizePalette
GetDeviceCaps
CreatePalette
CreatePen
GetObjectA
CreateFontIndirectA
DeleteDC
SetTextColor
SetBkMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetStockObject
DeleteObject
CreateRoundRectRgn
ExtCreateRegion
SetDIBitsToDevice
GetTextExtentPointA
Rectangle
CreateFontA
CreateSolidBrush
OffsetRgn
CreateRectRgn
CombineRgn

comctl32

_TrackMouseEvent
ImageList_AddMasked
ImageList_GetImageCount
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_Draw
InitializeFlatSB

oleaut32

SysFreeString
OleLoadPicture

ws2_32

WSAStartup
gethostbyname
ioctlsocket
recv
WSAGetLastError
inet_addr
setsockopt
connect
htons
closesocket
bind
socket
htonl
inet_ntoa
shutdown
send

gdiplus

GdipCloneImage
GdipAlloc
GdipDrawImageI
GdipFillPath
GdipFillRectangleI
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipDrawPath
GdipSetSmoothingMode
GdipReleaseDC
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipAddPathPieI
GdipCreateSolidFill
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipDeleteGraphics
GdipDeletePath
GdipCreatePath
GdipDeletePen
GdipCreatePen1
GdipSetSolidFillColor
GdipFree
GdipDeleteBrush
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameCount
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRect
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipLoadImageFromStreamICM

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msimg32

TransparentBlt

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

Exports

Exports

TKMatchInfoInit

Sections

.text
Size: 376KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKReplayPlayer.exe
.exe windows:4 windows x86 arch:x86

41f05d445706716991a9aa82295f8746

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\VSSDB\Client$\Client\Lobby\TKReplayManager\ReplayPlayer\Release\ReplayPlayer.pdb

Imports

msvcp71

?_Nomemory@std@@YAXXZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@Viterator@12@0ABV12@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??4locale@std@@QAEAAV01@ABV01@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
?precision@ios_base@std@@QAEHH@Z
?flags@ios_base@std@@QAEHH@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?exceptions@ios_base@std@@QAEXH@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?widen@?$ctype@D@std@@QBEDD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?width@ios_base@std@@QBEHXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Fpz@std@@3_JA
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
?eof@?$char_traits@D@std@@SAHXZ
?not_eof@?$char_traits@D@std@@SAHABH@Z
?eq@?$char_traits@D@std@@SA_NABD0@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
?max@?$numeric_limits@I@std@@SAIXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1locale@std@@QAE@XZ
?max@?$numeric_limits@H@std@@SAHXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?narrow@?$ctype@D@std@@QBEDDD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0locale@std@@QAE@XZ
?grouping@?$numpunct@D@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?thousands_sep@?$numpunct@D@std@@QBEDXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?assign@?$char_traits@D@std@@SAXAADABD@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AVconst_iterator@12@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@Vconst_iterator@12@0@Z
??0locale@std@@QAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Getcat@?$numpunct@D@std@@SAIPAPBVfacet@locale@2@@Z
??0_Lockit@std@@QAE@H@Z
?id@?$ctype@D@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

mfc71

ord581
ord1167
ord1092
ord1209
ord315
ord765
ord923
ord266
ord3576
ord3684
ord310
ord4035
ord3934
ord876
ord578
ord3761
ord5613
ord6090
ord4104
ord6067
ord314
ord501
ord709
ord4749
ord4353
ord1794
ord1063
ord572
ord760
ord3317
ord2991
ord5214
ord4240
ord1402
ord5915
ord1591
ord2095
ord1903
ord4125
ord2371
ord1084
ord354
ord3182
ord4262
ord4486
ord2862
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord1207
ord5233
ord5235
ord5960
ord1600
ord4282
ord4541
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2537
ord2731
ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord757
ord566
ord764
ord605
ord741
ord2020
ord5975
ord1054
ord3830
ord3641
ord5182
ord4212
ord4735
ord4890
ord4580
ord1671
ord1670
ord1551
ord5912
ord1620
ord1617
ord3946
ord1401
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord5203
ord3403
ord4722

msvcr71

_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
__security_error_handler
memset
_callnewh
fread
fopen
__CxxFrameHandler
memmove
_setmbcp
_filelength
wcslen
_purecall
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0bad_cast@@QAE@PBD@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??8type_info@@QBEHABV0@@Z
??0exception@@QAE@ABQBD@Z
strncpy
__getmainargs
malloc
free
fclose
_except_handler3

kernel32

TerminateProcess
GetCurrentProcess
LocalFree
FormatMessageA
GetPrivateProfileStringA
GetProcAddress
GetLastError
LoadLibraryA
WideCharToMultiByte
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
LocalAlloc
GetModuleFileNameA
GetCommandLineW
GlobalFree
FreeLibrary
InterlockedDecrement
SetFileAttributesA
DeleteFileA
DeleteCriticalSection
InitializeCriticalSection

user32

SetCursor
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
GetWindowRect
IsIconic
GetSystemMenu
PostMessageA
SendMessageA
AppendMenuA
DrawIcon
LoadCursorA

shell32

CommandLineToArgvW

comctl32

ord17

shlwapi

PathRemoveFileSpecA
PathCombineA
PathUnquoteSpacesA

ole32

CoInitialize

oleaut32

VariantClear
SysAllocString
SysFreeString

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKReview.exe
.exe windows:4 windows x86 arch:x86

618dfac677f0ba7071d3265cfe9dbc67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Jj\Src\Client\TKGC\bin\TKReview.pdb

Imports

mfc71

ord5182
ord4212
ord4735
ord4890
ord4580
ord2020
ord1671
ord1670
ord1551
ord5912
ord1401
ord5203
ord4262
ord3182
ord354
ord605
ord1063
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord1100
ord1054
ord1122
ord1126
ord3830
ord265
ord5403
ord2468
ord2131
ord305
ord3683
ord1279
ord5637
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord347
ord709
ord501
ord3684
ord3596
ord760
ord2264
ord6062
ord1929
ord1966
ord3641
ord6090
ord1564
ord1280
ord1968
ord5833
ord1395
ord3934
ord907
ord6067
ord3799
ord6144
ord2884
ord1123
ord2370
ord2867
ord416
ord651
ord5868
ord3883
ord754
ord572
ord3328
ord2987
ord4282
ord4722
ord5152
ord1598
ord1654
ord1283
ord1955
ord1207
ord3244
ord2094
ord4100
ord3161
ord1934
ord3210
ord2933
ord299
ord6118
ord2902
ord1489
ord4768
ord1308
ord2176
ord1903
ord1084
ord2322
ord4261
ord5175
ord1161
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord3403
ord5214
ord4185
ord6275
ord5073
ord1908
ord4244
ord1402
ord3946
ord1617
ord1620
ord5915
ord762
ord304
ord911
ord781
ord876
ord266
ord310
ord784
ord297
ord578
ord764

msvcr71

_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
memset
getenv
strtod
exit
printf
isprint
abort
_snprintf
_iob
__p__commode
_CIpow
_CIfmod
strncmp
_CxxThrowException
__CxxLongjmpUnwind
_setjmp3
longjmp
strncpy
floor
fscanf
fgets
__CxxFrameHandler
free
_setmbcp
__p__fmode
__set_app_type
fprintf
??1type_info@@UAE@XZ
realloc
sprintf
memmove
localtime
atol
__p___argv
_controlfp
__p___argc
malloc
_except_handler3
_mbschr
_mbsncmp
_mbsnbcmp
_mbsnicmp
_mbclen
_mbccpy
fclose
fread
ftell
fseek
strerror
_errno
fopen
fwrite
wctomb
strtol
sscanf
_purecall
fflush
fputc
getc

kernel32

CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetStartupInfoA
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
CloseHandle
GetFileAttributesA
GetModuleHandleA
GetModuleFileNameA
LocalAlloc
LocalFree
GetVersionExA
lstrcpynA
GetPrivateProfileStringA
DeleteFileA
lstrlenA
GetCurrentProcessId
GetProcAddress
LoadLibraryA
lstrcmpiA
FindClose
FindNextFileA
lstrcatA
FindFirstFileA
lstrcpyA
GetTickCount

user32

GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyIcon
UpdateWindow
wsprintfA
GetSystemMetrics
LoadIconA
LoadCursorA
GetMessagePos
InvalidateRect
SendMessageA
ScreenToClient
GetClientRect
BringWindowToTop
AppendMenuA
CreatePopupMenu
SetCursor
ReleaseDC
GetDC
IsRectEmpty
GetDesktopWindow
EnableWindow
SetPropA
CreateWindowExA
IsWindow
ShowWindow

gdi32

SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
RestoreDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetDIBitsToDevice
BitBlt
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
GetBkColor

comctl32

ord17
ImageList_AddMasked
ImageList_GetImageCount

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TKSnsInfo.dll
.dll windows:4 windows x86 arch:x86

b6a44092a3c67f7a92717b391f8519e0

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b5:48:d2:dc:50:e8:c2:23:17:f0:fa:47:56:8d:96:88:00:ff:e0:e4
Signer

Actual PE Digest

b5:48:d2:dc:50:e8:c2:23:17:f0:fa:47:56:8d:96:88:00:ff:e0:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\work\src\client\Client\Lobby\TKSnsClient\Release\TKSnsClient.pdb

Imports

mfc71

ord2264
ord501
ord5731
ord4320
ord266
ord5833
ord2164
ord6067
ord657
ord1397
ord6266
ord1933
ord1484
ord4099
ord2091
ord1570
ord4237
ord3229
ord2092
ord1641
ord1571
ord4238
ord5746
ord5871
ord3795
ord4353
ord5059
ord4125
ord2095
ord1591
ord4240
ord3317
ord741
ord5866
ord3879
ord2866
ord2882
ord5873
ord2322
ord865
ord265
ord2495
ord781
ord3875
ord3684
ord3596
ord1161
ord3287
ord4123
ord4001
ord1283
ord760
ord6090
ord5991
ord6068
ord5795
ord5993
ord784
ord5641
ord2367
ord3989
ord3357
ord6144
ord1482
ord2368
ord6062
ord2372
ord5563
ord2272
ord3402
ord2873
ord2086
ord1545
ord4232
ord3164
ord587
ord2657
ord2168
ord1645
ord3369
ord1084
ord3204
ord4100
ord2094
ord3244
ord1955
ord907
ord3997
ord5613
ord1968
ord1564
ord2468
ord2948
ord3182
ord651
ord416
ord911
ord1930
ord5529
ord3683
ord2248
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord1122
ord1054
ord3830
ord314
ord2469
ord2234
ord709
ord4580
ord1794
ord354
ord347
ord602
ord3180
ord5719
ord5921
ord5401
ord5414
ord5588
ord5523
ord5647
ord5642
ord5727
ord6037
ord5888
ord6057
ord4161
ord6054
ord5608
ord6060
ord5611
ord2527
ord572
ord3195
ord4261
ord2991
ord5214
ord1402
ord5915
ord1554
ord1903
ord5637
ord1279
ord1280
ord3161
ord1934
ord3210
ord762
ord764
ord2933
ord299
ord6118
ord2902
ord1489
ord297
ord304
ord310
ord3761
ord3934
ord578
ord876
ord4735
ord620
ord605
ord4262
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord3641
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4282
ord4722
ord3403
ord567
ord758
ord4118
ord330
ord589
ord642
ord4236
ord1558
ord1637
ord3473
ord1395
ord1071
ord1160
ord1425
ord3576
ord4564
ord305
ord2131
ord5403
ord3361
ord1586
ord730
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4212
ord5182
ord3563
ord4888
ord3441
ord2271
ord5640
ord326
ord3163
ord4081
ord4109
ord5714
ord6005
ord530
ord722
ord6119
ord2794
ord6120
ord6065
ord3349
ord3350
ord2370
ord658
ord3489
ord3651
ord557
ord1532
ord1254
ord745
ord5715
ord581
ord1167
ord1092
ord1209
ord1177
ord1175
ord1201
ord1120
ord371
ord1098
ord1208
ord1206
ord1037
ord315
ord765
ord912
ord1278
ord4248
ord1123
ord737
ord549
ord4813
ord1450
ord1091
ord1009
ord4115
ord3401
ord3302
ord1063
ord6255
ord753
ord563
ord5634
ord2233
ord3423
ord2654
ord6006
ord1185

msvcr71

_localtime64
strftime
atoi
atol
malloc
memmove
realloc
bsearch
sprintf
free
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
time
_itoa
strchr
strrchr
_except_handler3
_purecall
_mbschr
_mbsnbcpy
_mbsstr
_mbsicmp
_mbsnicmp
isupper
towlower
memset
__security_error_handler
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
_stricmp
strtol
wctomb
fopen
_errno
strerror
fseek
toupper
isdigit
isxdigit
mktime
isalnum
_strtime
vsprintf
sscanf
_mbsncmp
_mbsnbcmp
_mbclen
_mbccpy
fclose
fread
ftell

kernel32

CreateThread
SetThreadPriority
ResumeThread
SuspendThread
OpenFile
GetFileSize
SetFilePointer
Sleep
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
UnmapViewOfFile
GetTempPathA
WritePrivateProfileStringA
CreateFileMappingA
MapViewOfFile
LoadLibraryA
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
FreeLibrary
MoveFileA
GetExitCodeThread
lstrlenA
GetLastError
MultiByteToWideChar
GetPrivateProfileIntA
GetPrivateProfileStringA
ReadFile
CreateFileA
WriteFile
CloseHandle
DeleteFileA
lstrcpynA
GetVersionExA
IsDBCSLeadByte
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
CreateProcessA
SetEvent
CreateEventA
TerminateThread
GlobalFree
GlobalReAlloc
CreateMutexA
WaitForMultipleObjects
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
FindFirstFileA
FindClose
GetModuleHandleA
GetSystemTimeAsFileTime

user32

LoadCursorA
InvalidateRect
UnionRect
DrawTextExA
DrawTextA
TabbedTextOutA
SendMessageA
EnableWindow
IsWindowVisible
GetClientRect
GetWindowRect
GetFocus
AppendMenuA
GetDC
ReleaseDC
OpenClipboard
GetForegroundWindow
CloseClipboard
SetClipboardData
EmptyClipboard
LoadImageA
SystemParametersInfoA
wsprintfA
RegisterWindowMessageA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
CallWindowProcA
SetWindowLongA
GetWindowLongA
SetWindowPos
TrackPopupMenuEx
IsIconic
GetMenuItemID
KillTimer
GetMenuItemCount
GetSystemMenu
GetWindowDC
LoadIconA
PtInRect
GetSystemMetrics
DestroyIcon
GetSysColor
WindowFromPoint
LockWindowUpdate
UpdateWindow
DrawIconEx
SetWindowRgn
CopyRect
ScreenToClient
GetParent
FillRect
DestroyCursor
SetCursor
SetRect
CopyImage
DrawFocusRect
GetWindowTextA
IsRectEmpty
SetRectEmpty
IntersectRect
SetCapture
ReleaseCapture
FrameRect
DrawEdge
ModifyMenuA
InflateRect
GetMessagePos
GetDesktopWindow
BringWindowToTop
DrawIcon
GetWindow
SetTimer
PostMessageA
OffsetRect
IsWindow
GetCursorPos
RedrawWindow
IsZoomed
CreatePopupMenu
GrayStringA
EnableMenuItem

gdi32

SetTextColor
CreatePen
DeleteObject
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetTextExtentPoint32A
CreateFontA
CreateSolidBrush
SetBkMode
SetDIBitsToDevice
GetTextExtentPointA
Rectangle
GetCurrentObject
GetTextColor
CreateBitmap
StretchBlt
SetBkColor
ExtCreateRegion
CreateDIBSection
GetPixel
DeleteDC
GetObjectA
OffsetRgn
CombineRgn
CreateRectRgn
SelectObject

shell32

ShellExecuteA

comctl32

ImageList_AddMasked
ImageList_GetImageCount
InitializeFlatSB
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_Draw
_TrackMouseEvent
ImageList_GetImageInfo

shlwapi

PathFileExistsA

oleaut32

OleLoadPicture

ws2_32

inet_addr
WSAStartup
htonl
bind
inet_ntoa
gethostbyname
gethostname
ioctlsocket
recv
WSAGetLastError
send
setsockopt
connect
htons
closesocket
socket

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetSetFilePointer
HttpQueryInfoA

msimg32

TransparentBlt

ole32

CreateStreamOnHGlobal

iphlpapi

GetAdaptersInfo

gdiplus

GdipCloneBrush
GdipDrawImageI
GdipDrawString
GdipFillRectangleI
GdipGetImageWidth
GdipGetImageHeight
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipDeleteGraphics
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipFree
GdipDisposeImage
GdipSetImageAttributesColorMatrix
GdipCreateFromHDC
GdipReleaseDC
GdipDrawImageRectRect
GdipAlloc
GdipCloneImage
GdipDrawImageRectI
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipLoadImageFromStreamICM
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont
GdipCreateBitmapFromHBITMAP
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetSmoothingMode
GdipSetPageUnit
GdipSetPageScale

Exports

Exports

TKSnsInit

Sections

.text
Size: 364KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKTnyInfoEx.dll
.dll windows:4 windows x86 arch:x86

18ffb00e4313cdd912b4268feb7050b3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e3:80:ac:3a:37:8a:9c:5d:fb:c3:09:92:92:81:e2:5f:ca:8f:d5:94
Signer

Actual PE Digest

e3:80:ac:3a:37:8a:9c:5d:fb:c3:09:92:92:81:e2:5f:ca:8f:d5:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Work\TKTnyClient\Release\TKTnyClient.pdb

Imports

mfc71

ord4115
ord4118
ord2168
ord5491
ord5613
ord2234
ord2092
ord1641
ord1571
ord4238
ord2866
ord2370
ord3402
ord2882
ord2873
ord3997
ord4108
ord2272
ord5563
ord2160
ord2075
ord3683
ord2248
ord5231
ord4655
ord5666
ord5366
ord1495
ord4289
ord4166
ord4745
ord4866
ord5650
ord5363
ord926
ord3313
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord757
ord566
ord1122
ord1054
ord3830
ord314
ord5833
ord2271
ord5059
ord3641
ord3441
ord605
ord354
ord4580
ord1482
ord1283
ord5866
ord3879
ord3875
ord3401
ord6144
ord5873
ord1084
ord3420
ord1063
ord1929
ord3302
ord758
ord567
ord3337
ord1545
ord4232
ord587
ord753
ord3204
ord2991
ord2131
ord563
ord1968
ord3761
ord3989
ord4888
ord1009
ord3650
ord3477
ord4132
ord2008
ord1302
ord4131
ord4674
ord4127
ord4507
ord4946
ord4649
ord4964
ord5053
ord4805
ord4710
ord4796
ord4963
ord4377
ord4376
ord4287
ord4794
ord4948
ord4673
ord4516
ord4971
ord4480
ord4529
ord4970
ord4846
ord4501
ord4368
ord4439
ord5049
ord4559
ord4920
ord4520
ord4519
ord4914
ord3740
ord4444
ord4443
ord4790
ord4204
ord4781
ord4389
ord4980
ord4171
ord4178
ord4587
ord4776
ord4386
ord4401
ord4399
ord4381
ord4384
ord4379
ord4863
ord4860
ord3974
ord5914
ord1619
ord3344
ord1360
ord5166
ord1562
ord2717
ord4273
ord648
ord410
ord1230
ord2803
ord2419
ord2420
ord2421
ord2418
ord2417
ord4081
ord2469
ord2923
ord2924
ord4200
ord4109
ord5206
ord4935
ord4364
ord1091
ord2654
ord3605
ord300
ord4735
ord2451
ord5710
ord1425
ord4353
ord2367
ord2368
ord6282
ord6065
ord501
ord2264
ord709
ord572
ord347
ord602
ord3180
ord5719
ord5921
ord5401
ord5414
ord5588
ord5523
ord5647
ord5642
ord5727
ord6037
ord5888
ord6057
ord4161
ord6054
ord5608
ord6060
ord5611
ord2527
ord2372
ord5637
ord1279
ord1280
ord3161
ord1934
ord3210
ord762
ord1161
ord1395
ord760
ord4261
ord5214
ord1402
ord5915
ord3596
ord3684
ord4125
ord265
ord266
ord6090
ord6067
ord2164
ord907
ord3934
ord5731
ord784
ord764
ord1903
ord2933
ord299
ord6118
ord2902
ord876
ord1489
ord304
ord2322
ord310
ord781
ord5182
ord297
ord4282
ord4212
ord578
ord4262
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178
ord2405
ord1614
ord5714
ord6005
ord530
ord722
ord3361
ord1586
ord730
ord1645
ord3563
ord642
ord4236
ord1558
ord1637
ord3473
ord5993
ord5795
ord6068
ord5991
ord3357
ord1794
ord5640
ord326
ord5641
ord4123
ord4001
ord1955
ord3244
ord2094
ord4100
ord3163
ord3287
ord2233
ord5634
ord6255
ord330
ord589
ord741
ord3317
ord4240
ord1591
ord2095
ord3908
ord2794
ord6120
ord1564
ord2495
ord2657
ord3349
ord3350
ord416
ord651
ord658
ord1930
ord3489
ord3651
ord305
ord2468
ord5403
ord2387
ord2385
ord2403
ord2415
ord2392
ord2408
ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4722
ord3403
ord5203
ord4185
ord6275
ord5073
ord1908
ord5152
ord4244
ord1401
ord3946
ord1617
ord1620
ord5912
ord1551
ord1670
ord1671
ord2020
ord4890
ord4961
ord557
ord1532
ord1254
ord745
ord5715
ord1185
ord6006
ord3423
ord4320
ord1450
ord4813
ord549
ord737
ord1123
ord4248
ord1278
ord912
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord1201
ord1175
ord1177
ord1209
ord1092
ord1167
ord581

msvcr71

free
malloc
__CxxFrameHandler
_localtime64
strftime
_except_handler3
memmove
qsort
realloc
bsearch
strncpy
sprintf
atoi
strncmp
strrchr
rand
srand
time
strchr
_itoa
atol
_stricmp
sscanf
_CxxThrowException
_mbschr
memset
__security_error_handler
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
_strcmpi
_strnicmp
strtol
wctomb
fopen
_errno
strerror
fseek
ftell
fread
fclose
_mbccpy
_mbclen
_mbsnicmp
_mbsnbcmp
_mbsncmp
vsprintf
_strtime
mktime
isdigit

kernel32

FindFirstFileA
FindClose
GetFileAttributesA
InterlockedDecrement
GetShortPathNameA
GlobalReAlloc
_lopen
_llseek
_lread
_lclose
LocalFree
GlobalFree
GlobalAlloc
GlobalLock
LocalAlloc
WriteFile
CreateFileA
ReadFile
CloseHandle
GetTickCount
GetModuleFileNameA
lstrlenA
lstrcmpiA
MultiByteToWideChar
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpynA
GetVersionExA
GetFileSize
ReleaseSemaphore
WaitForSingleObject
FreeLibrary
GetProcAddress
LoadLibraryA
CreateSemaphoreA
Sleep
SetEvent
CreateEventA
LeaveCriticalSection
EnterCriticalSection
TerminateThread
CreateThread
WritePrivateProfileStringA
CreateMutexA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
GlobalUnlock
DeleteFileA

user32

IsRectEmpty
PtInRect
SetRectEmpty
SetCursor
CopyRect
SendMessageA
SetTimer
KillTimer
SetRect
IsWindowVisible
IsIconic
BringWindowToTop
ReleaseDC
UpdateLayeredWindow
GetDC
UnionRect
GetFocus
ScreenToClient
GetParent
GetCursorPos
InflateRect
GetSystemMetrics
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
IntersectRect
OffsetRect
IsWindow
WindowFromPoint
SystemParametersInfoA
CreatePopupMenu
DestroyIcon
LoadImageA
PostMessageA
GetSysColor
GetSystemMenu
SetWindowRgn
GetAsyncKeyState
wsprintfA
DrawEdge
GetClientRect
InvalidateRect
EnableWindow
DrawTextA
LoadCursorA
SetLayeredWindowAttributes
ReleaseCapture
GetWindowRect
SetCapture
TabbedTextOutA
DrawTextExA
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
RedrawWindow
FillRect
DestroyCursor
GetWindowTextA
CopyImage
UpdateWindow
CallWindowProcA
SetWindowPos
TrackPopupMenuEx
GetMenuItemID
EnableMenuItem
GetMenuItemCount
LoadIconA
LockWindowUpdate
DrawIconEx
FrameRect
AppendMenuA
ModifyMenuA
DrawIcon
GrayStringA
SetWindowLongA
IsZoomed
GetWindowDC
GetWindowLongA

gdi32

SetMapMode
SetStretchBltMode
GetPaletteEntries
CreateDIBSection
CreateDIBitmap
StretchBlt
CreateBitmap
CreateDCA
SelectPalette
RealizePalette
GetDeviceCaps
CreatePalette
GetTextExtentPoint32A
SetBkColor
SetPixelV
GetPixel
DeleteDC
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
GetStockObject
DeleteObject
ExtCreateRegion
CombineRgn
SetDIBitsToDevice
Rectangle
CreateFontA
CreatePen
GetTextExtentPointA
CreateSolidBrush
OffsetRgn
CreateRectRgn

comctl32

ImageList_Draw
_TrackMouseEvent
InitializeFlatSB
FlatSB_EnableScrollBar
FlatSB_ShowScrollBar
ImageList_AddMasked
ImageList_GetImageCount

oleaut32

OleLoadPicture
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString

ws2_32

htons
connect
setsockopt
send
WSAGetLastError
closesocket
gethostbyname
inet_addr
WSAStartup
bind
htonl
ioctlsocket
recv
socket

gdiplus

GdipGetPropertyItem
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdipDeleteGraphics
GdipSetPageScale
GdipSetPageUnit
GdipSetSmoothingMode
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipReleaseDC
GdipCreateFromHDC
GdipSetImageAttributesColorMatrix
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdiplusStartup
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipLoadImageFromStreamICM

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msimg32

TransparentBlt

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

Exports

Exports

TKTnyInit

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKUpd.dll
.dll windows:4 windows x86 arch:x86

edf1a3bc41b2a3ecf22a56233d33674d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:b3:a0:9b:d8:de:80:8f:6a:e6:47:64:eb:93:80:59
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

25/08/2010, 00:00

Not After

24/08/2013, 23:59

Subject

CN=JJ World(Beijing) Network Technology Co.\, LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=System Department,O=JJ World(Beijing) Network Technology Co.\, LTD,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cb:fa:c0:be:db:ef:ff:fd:5c:3c:fc:81:28:ef:02:7d:10:2f:d7:49
Signer

Actual PE Digest

cb:fa:c0:be:db:ef:ff:fd:5c:3c:fc:81:28:ef:02:7d:10:2f:d7:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetVersion
GetFileSize
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
WritePrivateProfileStringA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
ExitProcess
TerminateProcess
GetCommandLineA
RaiseException
HeapSize
GlobalFree
GetFileType
GetTimeZoneInformation
GetACP
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsAlloc
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
LoadLibraryA
FormatMessageA
_lread
LocalFree
LocalAlloc
FreeLibrary
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
GetLastError
VirtualFree
VirtualAlloc
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
GetFileAttributesA
SetFileAttributesA
CopyFileA
RemoveDirectoryA
CreateFileA
GetFileTime
GetModuleHandleA
GetModuleFileNameA
lstrcatA
lstrcpynA
GetTickCount
SleepEx
EnterCriticalSection
LeaveCriticalSection
lstrcmpiA
lstrlenA
DeleteFileA
lstrcpyA
TerminateThread
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
CreateThread
_lopen
_llseek
_lclose
SetStdHandle

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
SystemParametersInfoA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
IsIconic
GetWindowPlacement
PostMessageA
PostQuitMessage
GetSystemMetrics
CharUpperA
wsprintfA
GetNextDlgTabItem

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Exports

Exports

Cancel
GetFile
GetImage
GetImagePath
GetModuleInfo
Update
Update2

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TKUpd.xml
TKZip.dll
.dll windows:4 windows x86 arch:x86

d64c62d8080979140655c9564344b056

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\TKProject\Client\Client\Tool\TKZip\Release\TKZip.pdb

Imports

kernel32

ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
SetFilePointer
RtlUnwind
InterlockedExchange
VirtualQuery
InitializeCriticalSection
HeapSize
FlushFileBuffers
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
CloseHandle
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo

Exports

Exports

compress
uncompress

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TkUpd2.dat
deep.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DEEP_Apply3D
DEEP_ChannelBytes2Seconds
DEEP_ChannelGet3DAttributes
DEEP_ChannelGet3DPosition
DEEP_ChannelGetAttributes
DEEP_ChannelGetData
DEEP_ChannelGetDevice
DEEP_ChannelGetEAXMix
DEEP_ChannelGetInfo
DEEP_ChannelGetLength
DEEP_ChannelGetLevel
DEEP_ChannelGetPosition
DEEP_ChannelGetTags
DEEP_ChannelIsActive
DEEP_ChannelIsSliding
DEEP_ChannelPause
DEEP_ChannelPlay
DEEP_ChannelPreBuf
DEEP_ChannelRemoveDSP
DEEP_ChannelRemoveFX
DEEP_ChannelRemoveLink
DEEP_ChannelRemoveSync
DEEP_ChannelSeconds2Bytes
DEEP_ChannelSet3DAttributes
DEEP_ChannelSet3DPosition
DEEP_ChannelSetAttributes
DEEP_ChannelSetDSP
DEEP_ChannelSetDevice
DEEP_ChannelSetEAXMix
DEEP_ChannelSetFX
DEEP_ChannelSetFlags
DEEP_ChannelSetLink
DEEP_ChannelSetPosition
DEEP_ChannelSetSync
DEEP_ChannelSlideAttributes
DEEP_ChannelStop
DEEP_ErrorGetCode
DEEP_FXGetParameters
DEEP_FXReset
DEEP_FXSetParameters
DEEP_Free
DEEP_Get3DFactors
DEEP_Get3DPosition
DEEP_GetCPU
DEEP_GetConfig
DEEP_GetDSoundObject
DEEP_GetDevice
DEEP_GetDeviceDescription
DEEP_GetEAXParameters
DEEP_GetInfo
DEEP_GetVersion
DEEP_GetVolume
DEEP_Init
DEEP_MusicFree
DEEP_MusicGetAttribute
DEEP_MusicGetOrderPosition
DEEP_MusicGetOrders
DEEP_MusicLoad
DEEP_MusicSetAttribute
DEEP_Pause
DEEP_PluginFree
DEEP_PluginGetInfo
DEEP_PluginLoad
DEEP_RecordFree
DEEP_RecordGetDevice
DEEP_RecordGetDeviceDescription
DEEP_RecordGetInfo
DEEP_RecordGetInput
DEEP_RecordGetInputName
DEEP_RecordInit
DEEP_RecordSetDevice
DEEP_RecordSetInput
DEEP_RecordStart
DEEP_SampleCreate
DEEP_SampleCreateDone
DEEP_SampleFree
DEEP_SampleGetChannel
DEEP_SampleGetChannels
DEEP_SampleGetInfo
DEEP_SampleLoad
DEEP_SampleSetInfo
DEEP_SampleStop
DEEP_Set3DFactors
DEEP_Set3DPosition
DEEP_SetConfig
DEEP_SetDevice
DEEP_SetEAXParameters
DEEP_SetVolume
DEEP_Start
DEEP_Stop
DEEP_StreamCreate
DEEP_StreamCreateFile
DEEP_StreamCreateFileUser
DEEP_StreamCreateURL
DEEP_StreamFree
DEEP_StreamGetFilePosition
DEEP_Update
_

Sections

Size: 86KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gdiplus.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

MicrosoftWindowsGdiPlus-1.0.2600.2180-gdiplus.pdb

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 32KB - Virtual size: 32KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

a648aeaa164b592c1e8892a10400b5ae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 518B

4c2b3afc372329da572128d3b3058a11

Headers

File Characteristics

PDB Paths

Imports

mfc71

msvcr71

kernel32

user32

gdi32

oleaut32

ws2_32

gdiplus

msimg32

comctl32

ole32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 20KB - Virtual size: 16KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 32KB - Virtual size: 32KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 518B

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 392KB - Virtual size: 390KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 32KB - Virtual size: 30KB