b779f6d0ac0acd293a57fdb611b4a4b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b779f6d0ac0acd293a57fdb611b4a4b1_JaffaCakes118
Size

2.6MB
MD5

b779f6d0ac0acd293a57fdb611b4a4b1
SHA1

220c545f01884f5dcd58dbc77a0af186a379439a
SHA256

5c0dc3b87e5d07c99d0a521585ac0abff15a797a369a8e3b8d7390b501b89f22
SHA512

a234d3c796e8d9d51d0f295c3cd873949c8eabb92de63cd0faa4f9f5224421d84aead5b319c3fe7bd61c003e45b70ded51c9540d61843915183d607d2d3d675e
SSDEEP

49152:5eG3RzPAYZ0rrJpwwYEprpHmBB4n6OzvSbzKK7CyCJsV:EGVyzpc/ZAvkzKtdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
b779f6d0ac0acd293a57fdb611b4a4b1_JaffaCakes118
unpack001/$PLUGINSDIR/Base64.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/KuWoNsis_new.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/inetc.dll
unpack002/$PLUGINSDIR/Base64.dll
unpack002/$PLUGINSDIR/KuWoNsis_new.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/inetc.dll
unpack001/bin/KwInfos.exe

NSIS installer 3 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/$TEMP/KWMUSIC/DownloadUpdate.exe	nsis_installer_1
static1/unpack001/$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe	nsis_installer_1

Files

b779f6d0ac0acd293a57fdb611b4a4b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 480KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1
$APPDATA/kuwo/Conf/p2pconf/setup.xml
.xml
$PLUGINSDIR/Base64.dll
.dll windows:4 windows x86 arch:x86

472def3d6dc5d4ffe27376a831b4d49b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW

Exports

Exports

Decrypt
Encrypt

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KuWoNsis_new.dll
.dll windows:5 windows x86 arch:x86

4ab986f64a1874664feabca76ad3c867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Program Files\_NSIS_246\Plugins\KuWoNsis_new.pdb

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalAlloc
FindClose
FindNextFileA
FindFirstFileA
MoveFileExA
DeleteFileA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
GetExitCodeThread
CreateThread
Process32Next
TerminateProcess
DuplicateHandle
GlobalFree
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
CreateProcessA
OpenProcess
CreateDirectoryA
MoveFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
GetTempPathA
GetFileAttributesA
GetLastError
RemoveDirectoryA
GetTempFileNameA
DeviceIoControl
GetLogicalDrives
CreateFileA
CloseHandle
GetLogicalDriveStringsA
GetDriveTypeA
GetCurrentProcess
GetDiskFreeSpaceExA
FlushFileBuffers
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

advapi32

RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

shlwapi

PathFileExistsA

Exports

Exports

AddDirAccessRights
AddRegAccessRights
ClearInstDir
CreateCachePath
DecodePath
GetFileName
GetInstallDate
KwKillProc
KwKillProcEx
ModifyCacheFileAsNow
RenameDeletePathAllFiles
XORBase64

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5d31a4a9e83c0a8e38bab1f57d28402c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strtoul
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
memset
_mbsstr
_mbschr
strtol
strlen

kernel32

DeleteFileA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
WriteFile
ReadFile
lstrlenA
lstrcmpA
lstrcpynA
GetLastError
CreateFileA
GlobalFree
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
IsWindow
SendMessageA
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowTextA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetCloseHandle
InternetErrorDlg
InternetSetFilePointer
InternetQueryOptionA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/kwsobar.bmp
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/sobar/KwMusic_sobar.ini
$TEMP/KWMUSIC/BindConfig.ini
$TEMP/KWMUSIC/DownloadUpdate.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

70:1a:a4:39:5a:b1:1a:1c:cf:6e:6d:7c:b7:df:2a:30:60:36:ba:3d
Signer

Actual PE Digest

70:1a:a4:39:5a:b1:1a:1c:cf:6e:6d:7c:b7:df:2a:30:60:36:ba:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 288KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Base64.dll
.dll windows:4 windows x86 arch:x86

472def3d6dc5d4ffe27376a831b4d49b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
LCMapStringA
LCMapStringW

Exports

Exports

Decrypt
Encrypt

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KuWoNsis_new.dll
.dll windows:5 windows x86 arch:x86

7666470595ee14366c90d3ea4ce2cc79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Program Files\_NSIS_246\Plugins\KuWoNsis_new.pdb

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalAlloc
FindClose
FindNextFileA
FindFirstFileA
MoveFileExA
DeleteFileA
GetVersionExA
CreateDirectoryA
MoveFileA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
GlobalFree
GetFileAttributesA
GetLastError
GetExitCodeProcess
WaitForSingleObject
GetExitCodeThread
CreateThread
Process32Next
TerminateProcess
DuplicateHandle
GetCurrentProcess
GetCurrentProcessId
Process32First
CreateToolhelp32Snapshot
CreateProcessA
OpenProcess
DeviceIoControl
GetLogicalDrives
CreateFileA
CloseHandle
GetLogicalDriveStringsA
GetDriveTypeA
GetTempPathA
GetDiskFreeSpaceExA
FlushFileBuffers
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapFree
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

advapi32

RegQueryValueExA
RegCloseKey
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyExA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

shlwapi

PathFileExistsA

Exports

Exports

AddDirAccessRights
AddRegAccessRights
ClearInstDir
CreateCachePath
DecodePath
GetFileName
GetInstallDate
KwKillProc
ModifyCacheFileAsNow
RenameDeletePathAllFiles
XORBase64

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/inetc.dll
.dll windows:4 windows x86 arch:x86

5d31a4a9e83c0a8e38bab1f57d28402c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

strtoul
_adjust_fdiv
malloc
_initterm
free
_mbsrchr
memset
_mbsstr
_mbschr
strtol
strlen

kernel32

DeleteFileA
CreateThread
WaitForSingleObject
TerminateThread
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc
LoadLibraryA
GetProcAddress
lstrcmpiA
WriteFile
ReadFile
lstrlenA
lstrcmpA
lstrcpynA
GetLastError
CreateFileA
GlobalFree
CloseHandle
SleepEx
SetFilePointer
GetTickCount
lstrcatA
GetFileSize

user32

MessageBoxA
GetParent
ShowWindow
PostMessageA
SetWindowTextA
IsWindow
SendMessageA
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
GetClientRect
GetWindowRect
SetTimer
LoadIconA
SetWindowLongA
GetWindowLongA
UpdateWindow
DestroyWindow
KillTimer
RedrawWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
EnableWindow
CreateDialogParamA
FindWindowExA
wsprintfA
GetWindowTextA

wininet

HttpSendRequestA
HttpSendRequestExA
HttpQueryInfoA
InternetCloseHandle
InternetErrorDlg
InternetSetFilePointer
InternetQueryOptionA
HttpAddRequestHeadersA
InternetSetOptionA
HttpOpenRequestA
FtpCreateDirectoryA
FtpOpenFileA
InternetGetLastResponseInfoA
HttpEndRequestA
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetReadFile
InternetWriteFile

comctl32

ord17

Exports

Exports

get
head
post
put

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/sobar/Baidu-TB-ASBar-Silent_kuwo.exe
.exe windows:4 windows x86 arch:x86

b711f65a9aff6a22fb2f57f0ac8bda33

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
SetFileTime
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
MulDiv
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetCommandLineA

user32

SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
CreateWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
CreateDialogParamA
EmptyClipboard
DestroyWindow
SetWindowLongA
LoadImageA
GetDC
EnableWindow
PeekMessageA
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
GetDlgItem

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/ASBarBroker.exe
.exe windows:4 windows x86 arch:x86

8cb73f23fc4ffce04345bba981c347fe

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

kernel32

OutputDebugStringW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetProcAddress
LoadLibraryW
GetLongPathNameW
GetCurrentThreadId
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
DebugBreak
GetShortPathNameW
OpenProcess
CreateFileW
DeviceIoControl
GetVersionExW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
lstrlenA
InterlockedIncrement
GetModuleFileNameW
CreateEventW
CreateThread
SetEvent
lstrcmpiW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
VirtualAllocEx
GetConsoleCP
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetVersionExA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcessHeap
GetStartupInfoW
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

user32

GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
CharNextW
PostThreadMessageW
UnregisterClassA
CharLowerBuffW

advapi32

RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
VarUI4FromStr

shlwapi

PathFileExistsW
StrCmpNIW
SHGetValueW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/AddressBar.dll
.dll regsvr32 windows:4 windows x86 arch:x86

c6079cff13dd538f8c2b93227d9d6d6c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\cygwin\home\scmpf\compiler_src\pupeng_213326_win32\app\gensoft\bar\address-search\Res\Chinese\Baidudg\AddressBar.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

gethostname
WSAStartup
gethostbyname
inet_ntoa
WSACleanup

shlwapi

StrDupW
PathRemoveFileSpecW
StrCmpNW
UrlCanonicalizeW
UrlUnescapeA
StrCmpIW
PathRemoveFileSpecA
PathIsDirectoryA
SHDeleteValueW
PathFileExistsW
StrStrIW
SHGetValueW
StrCpyNW
SHDeleteKeyW
SHSetValueW

dbghelp

ImageDirectoryEntryToData

winmm

timeGetTime

iphlpapi

GetAdaptersInfo
GetNetworkParams

wininet

InternetConnectA
InternetConnectW
HttpOpenRequestA
HttpOpenRequestW
InternetCloseHandle
InternetSetStatusCallbackA
InternetSetStatusCallbackW
HttpSendRequestW
InternetOpenW
InternetQueryOptionW
DeleteUrlCacheEntryW
InternetGetCookieW
InternetCrackUrlW
InternetOpenUrlW
InternetSetOptionW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
GetUrlCacheEntryInfoW

rpcrt4

UuidCreate

setupapi

SetupIterateCabinetW

imm32

ImmGetOpenStatus
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmGetCompositionWindow

kernel32

GetConsoleCP
GetModuleFileNameA
GetConsoleMode
LoadLibraryA
LoadLibraryW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
InterlockedDecrement
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
InterlockedIncrement
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
LoadLibraryExW
lstrlenA
DebugBreak
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
DisableThreadLibraryCalls
LocalFree
CloseHandle
ResumeThread
SetThreadPriority
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteFileW
GetACP
GetCurrentThreadId
WideCharToMultiByte
GetTickCount
GlobalUnlock
GlobalLock
CreateFileW
DeviceIoControl
GetVersionExW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
SwitchToThread
GetCurrentProcessId
GetCommandLineW
Sleep
GetPrivateProfileIntW
GetPrivateProfileStringW
MoveFileExW
CreateDirectoryW
GetCurrentDirectoryA
GetSystemDirectoryW
GetLongPathNameW
TerminateThread
CopyFileW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
TryEnterCriticalSection
GetLocalTime
CompareStringW
GetWindowsDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
SetFileTime
WriteFile
GetTempFileNameW
GetTempPathW
LockResource
GlobalFree
GlobalAlloc
SetErrorMode
GetFileSize
FileTimeToSystemTime
GetShortPathNameW
lstrcatW
lstrcpyW
WritePrivateProfileStringW
FindNextFileW
FindClose
FindFirstFileW
FreeResource
WriteProcessMemory
ReadProcessMemory
VirtualProtect
VirtualQuery
lstrcmpiA
GetFileInformationByHandle
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
LocalAlloc
GetProcessHeap
GlobalReAlloc
GetFileAttributesA
DeleteFileA
AreFileApisANSI
CreateFileA
GetTempPathA
FlushFileBuffers
SetEndOfFile
UnlockFile
LockFile
LockFileEx
GetFullPathNameA
GetFullPathNameW
GetSystemTime
GetSystemTimeAsFileTime
SetCurrentDirectoryA
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
CreateThread
FileTimeToLocalFileTime
GetDriveTypeW
GetDriveTypeA
GetEnvironmentStrings
FindFirstFileA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
HeapDestroy
HeapCreate
FatalAppExitA
ExitProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
InterlockedExchange
GetLocaleInfoW
SetStdHandle
ExitThread
IsDebuggerPresent
GetVersionExA
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
TerminateProcess
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
UnhandledExceptionFilter
RemoveDirectoryW
SetUnhandledExceptionFilter

user32

GetCapture
CreateIconFromResourceEx
CharLowerBuffW
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
GetClassLongW
KillTimer
SetTimer
wsprintfW
RemovePropW
SetPropW
GetPropW
OffsetRect
SetCursor
IsWindowEnabled
GetWindowDC
ScreenToClient
MoveWindow
GetWindowTextLengthW
SetFocus
GetWindow
MapWindowPoints
SetWindowPos
GetDlgItem
EndDialog
MessageBoxW
CharLowerW
FindWindowW
SetWindowTextW
GetActiveWindow
DialogBoxParamW
FindWindowExW
PostThreadMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetDlgCtrlID
IsWindowVisible
EnumChildWindows
GetKeyState
GetClassNameW
GetParent
GetWindowThreadProcessId
WindowFromPoint
GetWindowRect
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
PtInRect
LoadCursorW
IsWindow
ShowWindow
PostMessageW
UpdateWindow
SetRectEmpty
CreateDialogParamW
BeginPaint
EndPaint
RegisterWindowMessageW
InvalidateRect
FillRect
GetClientRect
SystemParametersInfoW
GetWindowTextW
ReleaseDC
GetDC
GetFocus
CharLowerBuffA
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DefWindowProcW
GetWindowLongW
SetWindowLongW
CharNextW
LoadIconW
GetSysColor
DrawFocusRect
LoadStringW
InflateRect
CopyRect
DrawTextW
SendMessageW
DrawIconEx
SetScrollPos
ReleaseCapture
UpdateLayeredWindow
SetRect
GetSystemMetrics
RegisterClassW
SetCapture
DestroyIcon
GetScrollInfo
SetScrollInfo
ShowScrollBar
PeekMessageW
GetDesktopWindow
CharUpperBuffW
CharUpperW
MonitorFromRect
GetMonitorInfoW
GetCursorPos
LoadImageW
UnregisterClassA
CallWindowProcW

gdi32

GetTextExtentPoint32W
CreateFontIndirectW
DeleteDC
SelectObject
TextOutW
DeleteObject
ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
GetDIBits
SetTextColor
SetBkMode
SetBkColor
GetPixel
ExtTextOutW
GetTextExtentPointW
BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontW
GetStockObject
GetCurrentObject
MoveToEx
CreateCompatibleBitmap
LineTo
CreatePen
GetObjectW
CreateSolidBrush

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDestroyHash
CryptDuplicateKey
CryptDecrypt
CryptEncrypt
RegOpenKeyW
RegEnumKeyExA
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
CryptDestroyKey
RegQueryValueExW
RegCreateKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
ExtractIconW
SHGetSpecialFolderPathW
DragQueryFileA
ord85

ole32

GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemAlloc
CoGetClassObject
RevokeDragDrop
CoInitialize
CoUninitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
OleUninitialize
OleInitialize

oleaut32

SysAllocString
LoadTypeLi
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VariantInit
SysFreeString
SysAllocStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
VariantCopy
SysStringLen
VariantClear
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo

msimg32

AlphaBlend

urlmon

CoInternetGetSession

Exports

Exports

DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
DllUnregisterServer
RemoveOldVersion
RunOnceUpdate
SVCUninstall
UpdateASBar
_sqlite3_key_interop@12
_sqlite3_rekey_interop@12

Sections

.text
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8a5151241d661d0fc763cad0cc4438a1

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\cygwin\home\scmpf\compiler_src\wujie01_431756_win32\0\app\gensoft\bar\toolbar\chinese_unicode_release\BaiduBarX.pdb

Imports

setupapi

SetupIterateCabinetW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW

shlwapi

PathFindFileNameW
StrCpyW
SHDeleteKeyW
SHSetValueW
PathRemoveExtensionW
PathIsDirectoryW
PathFileExistsW
SHDeleteValueW
UrlCombineW
PathIsDirectoryA
PathRemoveFileSpecA
StrCmpIW
StrStrIW
PathFindExtensionW
UrlUnescapeA
UrlCanonicalizeW
StrRetToStrW
StrRetToStrA
UrlEscapeW
SHCopyKeyW
UrlUnescapeW
SHGetValueW
PathRemoveFileSpecW

wininet

HttpAddRequestHeadersW
HttpSendRequestW
InternetReadFile
GetUrlCacheEntryInfoW
InternetCanonicalizeUrlW
InternetCloseHandle
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
InternetSetStatusCallbackW
InternetQueryDataAvailable
InternetQueryOptionW
FindFirstUrlCacheGroup
DeleteUrlCacheGroup
FindNextUrlCacheGroup
FindCloseUrlCache
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
InternetOpenUrlW
InternetGetCookieW
HttpSendRequestExW
HttpEndRequestW
InternetGetConnectedState
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA
InternetSetCookieW
DeleteUrlCacheEntryW
HttpQueryInfoW
InternetCrackUrlW

urlmon

URLDownloadToFileW
CoInternetGetSession

rpcrt4

UuidCreate

iphlpapi

GetAdaptersInfo
GetNetworkParams

ws2_32

gethostname
gethostbyname

kernel32

DebugBreak
OutputDebugStringW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
GetCurrentThreadId
InterlockedIncrement
CreateProcessW
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
CreateFileW
CloseHandle
WriteFile
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalAlloc
WaitForSingleObject
CreateMutexW
ReleaseMutex
DeleteFileW
ResumeThread
SetThreadPriority
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
FreeLibrary
lstrcmpiW
TryEnterCriticalSection
LoadLibraryExW
MultiByteToWideChar
DisableThreadLibraryCalls
CopyFileW
DeviceIoControl
GetSystemDirectoryW
GetVersionExW
FlushInstructionCache
GetTickCount
CompareStringW
LoadLibraryA
GetACP
GetCurrentProcessId
FindClose
FindNextFileW
FindFirstFileW
TerminateThread
GetExitCodeThread
OpenMutexW
GetFullPathNameW
GlobalFree
MulDiv
RemoveDirectoryW
Sleep
ReadFile
GetFileSize
Thread32Next
SuspendThread
OpenThread
Thread32First
CreateToolhelp32Snapshot
UnmapViewOfFile
SetUnhandledExceptionFilter
MapViewOfFile
CreateFileMappingW
TerminateProcess
OpenProcess
SwitchToThread
GetCommandLineW
ExpandEnvironmentStringsW
GetExitCodeProcess
GetPrivateProfileIntW
Process32NextW
Process32FirstW
InterlockedExchange
FindResourceExW
SetEvent
lstrlenA
GetSystemTime
ResetEvent
WritePrivateProfileStringW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
SetFileAttributesW
lstrcmpW
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableW
GlobalSize
MoveFileExW
SetErrorMode
FreeResource
GetShortPathNameW
GetSystemDefaultLCID
ReadProcessMemory
SetFilePointer
lstrcatW
lstrcpyW
GetTempFileNameW
GetVersionExA
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
GetFileAttributesA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCurrentThread
GetStdHandle
GetModuleFileNameA
FatalAppExitA
HeapCreate
ExitProcess
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
GetDriveTypeA
GetFullPathNameA
CompareStringA
lstrlenW
InterlockedDecrement
CreateEventW
GetCurrentProcess
SetEnvironmentVariableA
GetPrivateProfileStringW

user32

ShowCursor
UnregisterHotKey
RegisterHotKey
PrintWindow
EnumDisplayMonitors
PeekMessageW
EndMenu
GetMenuItemRect
RemovePropW
GetPropW
SetPropW
SetMenuItemInfoW
DrawStateW
TrackPopupMenuEx
ModifyMenuW
MessageBeep
LoadBitmapW
GetSubMenu
CharLowerBuffA
WaitForInputIdle
CreateIconFromResourceEx
CharNextA
EqualRect
SetActiveWindow
ScrollWindow
MonitorFromPoint
RemoveMenu
AppendMenuW
CreatePopupMenu
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
RegisterClipboardFormatW
GetAsyncKeyState
GetMessagePos
IsRectEmpty
GetScrollInfo
SetScrollPos
ClientToScreen
FrameRect
EnableWindow
SetWindowRgn
SetScrollInfo
GetScrollPos
DestroyCursor
DestroyIcon
GetClassLongW
SetClassLongW
MonitorFromRect
GetMonitorInfoW
CopyRect
InflateRect
WindowFromPoint
IsChild
FindWindowW
MessageBoxW
AdjustWindowRectEx
GetCapture
ReleaseCapture
GetSysColor
SetCursor
GetDlgCtrlID
SetCapture
GetSysColorBrush
UpdateWindow
DrawFocusRect
SetRectEmpty
OffsetRect
SetFocus
GetWindowTextLengthW
DrawTextW
DrawIconEx
FillRect
TrackMouseEvent
MoveWindow
CharLowerBuffW
GetCursorPos
GetWindowThreadProcessId
GetGUIThreadInfo
GetClassNameW
PtInRect
ScreenToClient
GetFocus
ReleaseDC
TranslateMessage
DispatchMessageW
InvalidateRect
GetWindowTextW
RegisterWindowMessageW
SetRect
GetActiveWindow
LoadIconW
IsWindowVisible
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SendMessageW
DialogBoxParamW
DestroyMenu
IsMenu
GetKeyState
CharLowerW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
InsertMenuItemW
GetMenuItemInfoW
GetMenuItemCount
EnableMenuItem
DeleteMenu
UpdateLayeredWindow
SetForegroundWindow
GetForegroundWindow
AttachThreadInput
CharUpperBuffW
GetMessageW
IsIconic
PostThreadMessageW
FindWindowExW
UnregisterClassA
EnumChildWindows
SendMessageA
GetUpdateRect
GetTopWindow
MenuItemFromPoint
GetMenuItemID
GetDlgItemTextW
AdjustWindowRect
GetWindowDC
CreateDialogParamW
SetDlgItemTextW
RedrawWindow
EnumWindows
IsDialogMessageW
LoadImageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DestroyWindow
LoadCursorW
KillTimer
SetTimer
PostMessageW
CharNextW
EndPaint
BeginPaint
DefWindowProcW
LoadStringW
SetWindowPos
IsWindow
GetDlgItem
ShowWindow
GetDC
SetWindowTextW
GetWindowLongW
SetWindowLongW
CallWindowProcW
EndDialog
CharUpperW
CreateMenu
InsertMenuW
IsWindowEnabled
TrackPopupMenu
GetSystemMetrics

gdi32

PatBlt
GetTextColor
CreateRoundRectRgn
FillRgn
CreateRectRgn
SetPixel
Rectangle
SetROP2
CreateDCW
CreateFontW
CreateBitmap
ExcludeClipRect
GetDeviceCaps
DPtoLP
SetViewportOrgEx
GetObjectW
CreatePen
LineTo
MoveToEx
SelectObject
CreateCompatibleBitmap
ExtTextOutW
RoundRect
RestoreDC
SaveDC
GetCurrentObject
CreatePolygonRgn
CreateSolidBrush
CreateFontIndirectW
GetTextExtentPoint32W
TextOutW
GetPixel
SetTextColor
ExtCreateRegion
CombineRgn
SetStretchBltMode
StretchBlt
BitBlt
DeleteObject
GetStockObject
CreateCompatibleDC
GetDIBits
SetBkColor
SetBkMode
DeleteDC
CreateDIBSection
GetClipBox

advapi32

RegQueryInfoKeyW
GetSecurityDescriptorSacl
SetSecurityInfo
EqualSid
GetUserNameW
RegSetKeySecurity
RegEnumKeyW
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetTokenInformation
CopySid
RegCreateKeyW
RegOpenKeyW
OpenProcessToken
DuplicateTokenEx
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
CreateProcessAsUserW
SetTokenInformation
GetLengthSid

shell32

ShellExecuteW
DragQueryFileA
DuplicateIcon
SHFileOperationW
ShellExecuteExW
SHCreateDirectoryExW
ExtractIconW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
SHGetSpecialFolderPathW

ole32

OleInitialize
CLSIDFromProgID
GetHGlobalFromStream
CreateStreamOnHGlobal
OleDraw
CoCreateGuid
RegisterDragDrop
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
OleDuplicateData
CoUninitialize
OleUninitialize

oleaut32

VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarBstrCmp
VariantCopy
LoadTypeLi
VariantInit
RegisterTypeLi
VarUI4FromStr
LoadRegTypeLi
VarBstrCat
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysFreeString
UnRegisterTypeLi
SysStringLen
SetErrorInfo
VariantChangeType
GetErrorInfo
CreateErrorInfo

msimg32

AlphaBlend
GradientFill

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipCloneImage
GdipSaveImageToFile
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipAlloc

uxtheme

DrawThemeBackground
OpenThemeData
CloseThemeData

Exports

Exports

ClearDefSearch
ClearHomePage
CloseIEUpdate
DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
MyCopyFile
RunOnceRemove
RunOnceUpdate
SVCUninstall
SetDefSearch
SetHomePageToBaidu
Uninstall
UpdateBaiduToolbar
UpdateBaiduToolbarWithUI

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BarBroker.exe
.exe windows:4 windows x86 arch:x86

94f6cb58c75c90f3be7ae4e45c80a52d

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

dbghelp

SymGetOptions
SymSetOptions
StackWalk
SymGetModuleInfo
SymFunctionTableAccess
SymInitialize
SymLoadModule

wininet

InternetCrackUrlW
InternetCloseHandle
InternetOpenA
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestExA
InternetWriteFile
HttpEndRequestA

kernel32

GetStringTypeW
GetStringTypeA
FlushFileBuffers
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
SetHandleCount
LocalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryW
CloseHandle
WaitForSingleObject
WideCharToMultiByte
lstrlenW
RaiseException
GetLastError
InterlockedDecrement
lstrcmpiW
SetEvent
CreateThread
CreateEventW
GetModuleFileNameW
InterlockedIncrement
lstrlenA
DebugBreak
OutputDebugStringW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
Sleep
GetCurrentThreadId
GetCommandLineW
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetModuleFileNameA
VirtualQueryEx
UnmapViewOfFile
FlushInstructionCache
GetCurrentProcess
MapViewOfFile
CreateFileMappingW
OpenThread
CreateFileW
DeleteFileW
GetTempPathW
ReadFile
GetFileSize
InterlockedExchange
GetSystemDefaultLCID
GetVersionExW
WriteFile
GlobalFree
GlobalAlloc
GetCurrentProcessId
SetFilePointer
GetShortPathNameW
FindClose
FindFirstFileW
ExitProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoW
GetFileAttributesA
GetDriveTypeW
FileTimeToLocalFileTime
FileTimeToSystemTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapReAlloc
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
HeapDestroy
GetTimeZoneInformation
CreateFileA
SetEndOfFile
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapCreate
SetLastError
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetCurrentDirectoryA

user32

CharLowerBuffW
LoadImageW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageW
GetDlgItem
ShowWindow
GetWindowLongW
GetActiveWindow
DestroyWindow
EndDialog
DialogBoxParamW
LoadStringW
SetWindowLongW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
PostThreadMessageW
GetSystemMetrics
UnregisterClassA

advapi32

RegOpenKeyW
RegCreateKeyW
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc

oleaut32

RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr

shlwapi

PathFileExistsW
StrCmpNIW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/rc.dll
.dll windows:4 windows x86 arch:x86

d811d71710ad58776155b7a8da1fa9db

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:16:5e:50:24:9f:f6:ad:03:9d:77:06:ec:59:bf:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/07/2009, 00:00

Not After

30/07/2012, 23:59

Subject

CN=Baidu Online Network Technology (Beijing) Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Baidu Online Network Technology (Beijing) Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 412KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PROGRAM_FILES/Baidu/conf.xml
.xml
KwMusic.exe
.exe windows:5 windows x86 arch:x86

9547b090d1419a87e737bcbdaf9459ee

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5f:f4:3f:70:7c:d9:b1:1a:e0:ab:a8:5a:12:af:08:55:00:34:1a:99
Signer

Actual PE Digest

5f:f4:3f:70:7c:d9:b1:1a:e0:ab:a8:5a:12:af:08:55:00:34:1a:99

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
CloseHandle
WritePrivateProfileStringA
FindFirstFileA
FindClose
GetModuleFileNameA
GetSystemDirectoryA
CreateProcessA
GetProcessHeap
SetEndOfFile
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
ReadFile
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/AdbWinApi.dll
.dll windows:6 windows x86 arch:x86

c64cac39044626770353879245ea25e4

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:8e:ec:b8:71:f3:54:1d:8d:23:fa:6f:ef:41:75:99:a0:70:3f:7b
Signer

Actual PE Digest

2a:8e:ec:b8:71:f3:54:1d:8d:23:fa:6f:ef:41:75:99:a0:70:3f:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\code\android\donut\development\host\windows\usb\api\objfre_wxp_x86\i386\AdbWinApi.pdb

Imports

ole32

CoCreateInstance

kernel32

GetACP
SetLastError
CloseHandle
GetLastError
DeviceIoControl
WriteFile
ReadFile
GetOverlappedResult
CreateFileW
WideCharToMultiByte
Sleep
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryW
GetFileAttributesW
GetSystemDirectoryW
RaiseException
FreeLibrary
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
OutputDebugStringA
VirtualAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetModuleHandleW
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

??0AdbEndpointObject@@QAE@ABV0@@Z
??0AdbEndpointObject@@QAE@PAVAdbInterfaceObject@@EE@Z
??0AdbIOCompletion@@QAE@ABV0@@Z
??0AdbIOCompletion@@QAE@PAVAdbEndpointObject@@KPAX@Z
??0AdbInterfaceObject@@QAE@ABV0@@Z
??0AdbInterfaceObject@@QAE@PBG@Z
??0AdbObjectHandle@@QAE@ABV0@@Z
??0AdbObjectHandle@@QAE@W4AdbObjectType@@@Z
??1AdbEndpointObject@@MAE@XZ
??1AdbIOCompletion@@MAE@XZ
??1AdbInterfaceObject@@MAE@XZ
??1AdbObjectHandle@@MAE@XZ
??4AdbEndpointObject@@QAEAAV0@ABV0@@Z
??4AdbIOCompletion@@QAEAAV0@ABV0@@Z
??4AdbInterfaceObject@@QAEAAV0@ABV0@@Z
??4AdbObjectHandle@@QAEAAV0@ABV0@@Z
??_7AdbEndpointObject@@6B@
??_7AdbIOCompletion@@6B@
??_7AdbInterfaceObject@@6B@
??_7AdbObjectHandle@@6B@
?AddRef@AdbObjectHandle@@UAEJXZ
?AsyncRead@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?AsyncWrite@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?CloseHandle@AdbObjectHandle@@UAE_NXZ
?CreateHandle@AdbObjectHandle@@UAEPAXXZ
?GetEndpointInformation@AdbEndpointObject@@UAE_NPAU_AdbEndpointInformation@@@Z
?GetInterfaceName@AdbInterfaceObject@@UAE_NPAXPAK_N@Z
?GetParentInterfaceHandle@AdbEndpointObject@@QBEPAXXZ
?GetParentObjectHandle@AdbIOCompletion@@QBEPAXXZ
?GetUsbConfigurationDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_CONFIGURATION_DESCRIPTOR@@@Z
?GetUsbDeviceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_DEVICE_DESCRIPTOR@@@Z
?GetUsbInterfaceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_INTERFACE_DESCRIPTOR@@@Z
?IsCompleted@AdbIOCompletion@@UAE_NXZ
?IsObjectOfType@AdbObjectHandle@@UBE_NW4AdbObjectType@@@Z
?IsOpened@AdbObjectHandle@@QBE_NXZ
?LastReferenceReleased@AdbObjectHandle@@MAEXXZ
?Lookup@AdbObjectHandle@@SGPAV1@PAX@Z
?Release@AdbObjectHandle@@UAEJXZ
?SyncRead@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?SyncWrite@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?Type@AdbEndpointObject@@SG?AW4AdbObjectType@@XZ
?Type@AdbIOCompletion@@SG?AW4AdbObjectType@@XZ
?Type@AdbInterfaceObject@@SG?AW4AdbObjectType@@XZ
?adb_handle@AdbObjectHandle@@QBEPAXXZ
?endpoint_id@AdbEndpointObject@@QBEEXZ
?endpoint_index@AdbEndpointObject@@QBEEXZ
?interface_name@AdbInterfaceObject@@QBEABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?object_type@AdbObjectHandle@@QBE?AW4AdbObjectType@@XZ
?overlapped@AdbIOCompletion@@QAEPAU_OVERLAPPED@@XZ
?parent_interface@AdbEndpointObject@@QBEPAVAdbInterfaceObject@@XZ
?parent_io_object@AdbIOCompletion@@QBEPAVAdbEndpointObject@@XZ
?usb_config_descriptor@AdbInterfaceObject@@QBEPBU_USB_CONFIGURATION_DESCRIPTOR@@XZ
?usb_device_descriptor@AdbInterfaceObject@@QBEPBU_USB_DEVICE_DESCRIPTOR@@XZ
?usb_interface_descriptor@AdbInterfaceObject@@QBEPBU_USB_INTERFACE_DESCRIPTOR@@XZ
AdbCloseHandle
AdbCreateInterface
AdbCreateInterfaceByName
AdbEnumInterfaces
AdbGetDefaultBulkReadEndpointInformation
AdbGetDefaultBulkWriteEndpointInformation
AdbGetEndpointInformation
AdbGetEndpointInterface
AdbGetInterfaceName
AdbGetOvelappedIoResult
AdbGetSerialNumber
AdbGetUsbConfigurationDescriptor
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbHasOvelappedIoComplated
AdbNextInterface
AdbOpenDefaultBulkReadEndpoint
AdbOpenDefaultBulkWriteEndpoint
AdbOpenEndpoint
AdbQueryInformationEndpoint
AdbReadEndpointAsync
AdbReadEndpointSync
AdbResetInterfaceEnum
AdbWriteEndpointAsync
AdbWriteEndpointSync

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/CKuwoPlayer.dll
.dll windows:5 windows x86 arch:x86

8e4880f7ceeb969715f545f8789e05e6

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:84:9d:4f:83:d2:3f:c2:df:5f:38:a7:80:4a:b6:2c:8f:f3:de:be
Signer

Actual PE Digest

12:84:9d:4f:83:d2:3f:c2:df:5f:38:a7:80:4a:b6:2c:8f:f3:de:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\CKuwoPlayer.pdb

Imports

winmm

timeEndPeriod
timeGetDevCaps
timeBeginPeriod

mfc90

ord266
ord1062
ord798
ord1144
ord265
ord1607
ord310
ord601
ord800
ord5997
ord605
ord1278
ord321
ord1243
ord1241
ord1268
ord1180
ord1233
ord2084
ord391
ord1152
ord1277
ord1275
ord1145
ord1075
ord1137
ord322
ord801
ord1087

msvcr90

__clean_type_info_names_internal
_except_handler4_common
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
atoi
atof
strncpy
iswspace
sprintf
_crt_debugger_hook
memset
_msize
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_CIcos
_CIsin
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_vscprintf
vsprintf
tolower
strncmp
fprintf
fopen
fread
fclose
strrchr
_stat64
strstr
_mbsrchr
toupper
memcpy
_snprintf
memmove_s
_CIsqrt
_CIlog10
_stricmp

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
GetFileAttributesA
CreateProcessA
lstrcpynA
FindNextFileA
FindClose
GetModuleFileNameA
GetTickCount
QueryPerformanceCounter
WaitForSingleObject
TerminateThread
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetLastError
GetCurrentThreadId
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
GetSystemTimeAsFileTime
CreateThread
FindFirstFileA
GetCurrentProcessId

user32

CreateWindowExA
GetMessageA
PostMessageA
RegisterClassA
IsChild
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
MessageBoxA
CopyRect
DestroyWindow
GetParent

gdi32

GetStockObject

shlwapi

PathFileExistsA

ole32

CoUninitialize

msvcp90

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
??7ios_base@std@@QBE_NXZ
?width@ios_base@std@@QBEHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwdatadef

??0SONG_INFO@@QAE@XZ
?Init@SONG_INFO@@QAEXXZ
??1SONG_INFO@@QAE@XZ

kwmodconfig

AfxGetConfigManager

Exports

Exports

CreateKuwoPlayer
GetKuwoPlayerMediaPluginConfig
GetMeidaPluginManagerFactory
ReleaseKuwoPlayer

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/CWmpPlayer.dll
.dll windows:5 windows x86 arch:x86

ffa030b08ed1f9b091f130d76d941a26

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:32:b6:1d:a0:10:8c:c5:82:a0:06:1e:30:d5:f8:b9:17:4c:1c:92
Signer

Actual PE Digest

39:32:b6:1d:a0:10:8c:c5:82:a0:06:1e:30:d5:f8:b9:17:4c:1c:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\CWmpPlayer.pdb

Imports

mfc90

ord3346
ord796
ord1728
ord2069
ord744
ord3732
ord524
ord4513
ord4529
ord4030
ord2795
ord5139
ord4688
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord2614
ord2620
ord2618
ord2616
ord2633
ord2628
ord2612
ord2635
ord2623
ord2605
ord2607
ord6391
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord5608
ord2139
ord1792
ord1791
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord3277
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4667
ord595
ord3940
ord4281
ord1755
ord1752
ord4331
ord1497
ord4650
ord5585
ord2074
ord5497
ord4589
ord6780
ord2625
ord5647
ord1746
ord3949
ord2592
ord798
ord2470
ord800

msvcr90

_stricmp
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strrchr
memset
_mbsicmp
_mbsstr
_mbsnbcpy
memmove_s
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_strnicmp

kernel32

GetCurrentProcess
GetLastError
lstrlenW
MultiByteToWideChar
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetWindowsDirectoryA
CreateFileA
CloseHandle
lstrcpyA
lstrcatA
CreateProcessA

user32

ShowWindow
IsWindow
EnableWindow
GetParent
KillTimer
SetTimer
GetClientRect
GetWindowRect
CopyRect

oleaut32

SysFreeString

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

?CreateMediaAudioPlayer@@YAPAVIMediaAudioPlayer@@XZ
?CreateMediaVideoPlayer@@YAPAVIMediaVideoPlayer@@XZ
?ReleaseMediaAudioPlayer@@YAXPAVIMediaAudioPlayer@@@Z
?ReleaseMediaVideoPlayer@@YAXPAVIMediaVideoPlayer@@@Z
CreateWmpPlayer
ReleaseWmpPlayer

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/CoreAVC0.ax
.dll regsvr32 windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4
Signer

Actual PE Digest

92:c8:5c:3a:53:e1:48:67:69:9a:2c:04:95:b0:a0:31:37:1d:57:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Configure
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.
Size: - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bin/DshowPlayer.dll
.dll windows:5 windows x86 arch:x86

c2fc6c65c65dee68f090be73650dc20a

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1c:e6:54:b5:a6:3b:cb:5d:6f:11:af:0c:0d:2c:16:dd:41:07:de:15
Signer

Actual PE Digest

1c:e6:54:b5:a6:3b:cb:5d:6f:11:af:0c:0d:2c:16:dd:41:07:de:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\DshowPlayer.pdb

Imports

mfc90

ord4199
ord2087
ord3209
ord5657
ord5659
ord800
ord2447
ord4333
ord4981
ord5663
ord5646
ord6001
ord2766
ord2978
ord3107
ord4714
ord2961
ord5813
ord4197
ord2888
ord944
ord4066
ord4067
ord4057
ord2886
ord4334
ord4890
ord4667
ord3659
ord589
ord4029
ord310
ord2480
ord820
ord5963
ord4392
ord6721
ord5533
ord1046
ord4165
ord6018
ord2206
ord2251
ord4733
ord6781
ord4159
ord6783
ord4409
ord4434
ord3110
ord793
ord817
ord945
ord2769
ord1087
ord801
ord316
ord4477
ord5997
ord2759
ord3213
ord305
ord6613
ord3178
ord910
ord1611
ord601
ord798
ord1603
ord605
ord1278
ord321
ord1243
ord1241
ord1268
ord1180
ord1233
ord2084
ord391
ord1152
ord1277
ord1275
ord1145
ord1075
ord1137
ord322

msvcr90

__clean_type_info_names_internal
_crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CIlog10
strstr
memset
__CxxFrameHandler3
_purecall
?_type_info_dtor_internal_method@type_info@@QAEXXZ

kernel32

Sleep
FreeLibrary
GetProcAddress
CloseHandle
WaitForSingleObject
CreateProcessA
MultiByteToWideChar
LoadLibraryA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetVersionExA
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
LocalAlloc
LocalFree
GetLastError
GetModuleFileNameA
GetWindowsDirectoryA

user32

CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
GetParent
SendMessageA
CallWindowProcA
SetWindowLongA
GetClientRect
GetDC
ReleaseDC
RegisterClassA

gdi32

GetStockObject

shlwapi

PathFileExistsA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwlib

?IsIE9OrHigher@utility@KwLib@@YAHXZ

kwmodconfig

AfxGetConfigManager

Exports

Exports

GetDshowPlayer

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/Encode.exe
.exe windows:5 windows x86 arch:x86

da51d131c2d14a263ced57385b829735

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29
Signer

Actual PE Digest

a7:9f:1c:81:96:85:4d:6e:17:22:b4:d3:79:a5:91:52:37:e5:18:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\MusicBoxV5\Main\KwResource\bin\release\pdb\Encode.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
RaiseException
RtlUnwind
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwlib

?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetUserID@UserId@KwLib@@YA_NQADH@Z
?GetInstallSRC@UserId@KwLib@@YA_NQADH@Z
?Base64Encode@Base64@KwLib@@YAHPADPBDH1@Z

kwmodconfig

AfxGetConfigManager

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bin/KuwoDaemon.apk
.apk android

cn.kuwo.service

Permissions

android.permission.INTERNET
android.permission.RECEIVE_BOOT_COMPLETED

Receivers

StartupReceiver

cn.kuwo.action.START_SYNC_SERVICE
cn.kuwo.action.STOP_SYNC_SERVICE
android.intent.action.BOOT_COMPLETED

Services
bin/KuwoSyncMobile.dll
.dll windows:5 windows x86 arch:x86

f5715e27935fa8d26da66f735b304257

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9b:2b:0a:e3:7c:36:45:3c:28:76:a9:91:4b:27:b4:24:b7:41:1b:49
Signer

Actual PE Digest

9b:2b:0a:e3:7c:36:45:3c:28:76:a9:91:4b:27:b4:24:b7:41:1b:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KuwoSyncMobile.pdb

Imports

kernel32

CreateProcessA
DuplicateHandle
CreatePipe
GetCurrentProcess
ReadFile
Process32Next
Process32First
CreateToolhelp32Snapshot
WideCharToMultiByte
CloseHandle
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
MultiByteToWideChar
WaitForSingleObject

user32

WaitForInputIdle

ws2_32

inet_addr
connect
closesocket
socket
htons
htonl
send
ntohl
recv

msvcr90

_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
free
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
printf
??_U@YAPAXI@Z
??_V@YAXPAX@Z
isspace
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
strstr
strrchr
??1exception@std@@UAE@XZ
strchr
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_access
fopen
fseek
ftell
fclose
fread
feof
ferror
memcpy
_snprintf
__CppXcptFilter
__CxxFrameHandler3
memset
_unlock
_stricmp

msvcp90

??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPADII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

kwlib

?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

Exports

Exports

CopyFileToMobile
DownloadDriver
ExitAdbSafely
GetKwTTInfoFromMobile
IndentifyMobileDevice
InstallDriver
InstallKwServicePackage
InstallKwTTPackage
IsMobileExtracted
QuerySongFileExists
ScanMobileDevices
StartAdbService
UpdateKwTTPackage

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/KwAni.dll
.dll windows:5 windows x86 arch:x86

da76944fe7c41bfb041ed1007ab49887

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9b:2e:61:25:de:50:eb:96:56:40:45:80:07:eb:05:b6:f3:88:0c:84
Signer

Actual PE Digest

9b:2e:61:25:de:50:eb:96:56:40:45:80:07:eb:05:b6:f3:88:0c:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KwAni.pdb

Imports

kernel32

CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetLocaleInfoA
CompareStringW
VirtualAlloc
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetFileType
SetHandleCount
SetEnvironmentVariableA
VirtualProtectEx
WriteProcessMemory
VirtualQueryEx
lstrcmpiW
lstrcmpiA
GetCurrentProcessId
CreateToolhelp32Snapshot
Thread32First
Thread32Next
lstrlenA
lstrcpyA
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
IsBadCodePtr
GetModuleHandleA
GetProcAddress
IsBadReadPtr
GlobalLock
GlobalUnlock
SetFilePointer
CloseHandle
ReadFile
ExitProcess
Sleep
LCMapStringW
MultiByteToWideChar
LCMapStringA
IsValidCodePage
GlobalAlloc
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
GlobalFree
LoadLibraryA
WriteFile
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetLastError
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement

user32

GetCursorPos
EqualRect
GetLayeredWindowAttributes
SetRect
GetWindowLongA
DefWindowProcA
ValidateRect
MoveWindow
WindowFromPoint
GetActiveWindow
ShowWindow
UpdateLayeredWindow
BeginPaint
EndPaint
GetParent
SetLayeredWindowAttributes
DestroyWindow
ScreenToClient
IsWindowEnabled
SetPropA
SetWindowRgn
SetWindowPos
GetWindowTextA
SetWindowTextA
MonitorFromWindow
GetMonitorInfoA
GetPropA
RemovePropA
WindowFromDC
IntersectRect
OffsetRect
GetDesktopWindow
GetDC
ReleaseDC
IsWindowVisible
PtInRect
GetClassLongA
CreateWindowExA
SetTimer
RegisterClassExA
SetWindowLongA
PostMessageA
TrackMouseEvent
InvalidateRect
LoadCursorA
SetClassLongA
CallWindowProcA
IsWindow
GetWindowRect
SendMessageA
ClientToScreen
GetWindow
GetWindowThreadProcessId
EnumWindows
GetClientRect
CopyRect
ReleaseCapture
SetCapture

gdi32

GetTextExtentExPointA
GetBkMode
SetTextColor
GetTextExtentPoint32A
CreatePen
MoveToEx
LineTo
SetBkMode
TextOutA
CreateFontIndirectA
CreateSolidBrush
CreateRectRgn
CombineRgn
StretchBlt
GetCurrentObject
GetObjectA
SetDIBitsToDevice
GetClipBox
SetBkColor
CreateRectRgnIndirect
ExtSelectClipRgn
SetStretchBltMode
RealizePalette
GetDIBits
ExtTextOutA
BitBlt
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject
DeleteDC

shell32

ShellExecuteA
SHCreateDirectoryExA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

shlwapi

PathFileExistsA

msimg32

TransparentBlt
AlphaBlend

winmm

timeSetEvent
timeKillEvent

comctl32

InitCommonControlsEx

dbghelp

ImageDirectoryEntryToData

Exports

Exports

GetKwAni

Sections

.text
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/KwCommonUI.dll
.dll windows:5 windows x86 arch:x86

b706ef542dd837f2c838a02a865914a5

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

80:d8:e3:c5:b2:b5:b5:41:1d:b5:d6:47:cd:43:6b:a7:60:35:e0:28
Signer

Actual PE Digest

80:d8:e3:c5:b2:b5:b5:41:1d:b5:d6:47:cd:43:6b:a7:60:35:e0:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KwCommonUI.pdb

Imports

mfc90

ord6057
ord6474
ord6675
ord3965
ord2449
ord321
ord2452
ord2451
ord1303
ord1258
ord6682
ord6676
ord2505
ord6494
ord6153
ord781
ord580
ord1265
ord3676
ord4617
ord3796
ord3506
ord491
ord3126
ord5965
ord4807
ord4792
ord729
ord3049
ord3076
ord2154
ord1368
ord1259
ord4281
ord4977
ord3674
ord3675
ord6473
ord1222
ord6464
ord6788
ord2692
ord5482
ord2356
ord5152
ord1220
ord4502
ord6646
ord3940
ord3996
ord799
ord1098
ord1746
ord2795
ord721
ord1867
ord1866
ord1751
ord5745
ord1401
ord1391
ord2342
ord6290
ord6289
ord2359
ord4383
ord6583
ord6556
ord4528
ord6252
ord2895
ord4114
ord6558
ord4515
ord4512
ord2965
ord3728
ord6006
ord6430
ord3418
ord4279
ord6433
ord4282
ord2246
ord2125
ord1744
ord1745
ord3227
ord4890
ord3485
ord474
ord801
ord4296
ord1764
ord1763
ord6597
ord5574
ord5593
ord1879
ord1739
ord4865
ord2638
ord2639
ord2642
ord2641
ord2640
ord5639
ord683
ord4536
ord2194
ord1380
ord4535
ord5382
ord4918
ord5367
ord5064
ord5386
ord5476
ord5224
ord4771
ord5127
ord5215
ord5385
ord4784
ord4783
ord4693
ord5213
ord5369
ord4604
ord4927
ord5393
ord4889
ord4940
ord5392
ord5264
ord4912
ord4775
ord4846
ord5472
ord4972
ord5341
ord4931
ord4930
ord5334
ord4095
ord4851
ord4850
ord5209
ord4608
ord5199
ord4796
ord5403
ord4575
ord4582
ord5001
ord5194
ord4793
ord4808
ord4806
ord4788
ord4791
ord4786
ord5281
ord5278
ord4364
ord3345
ord6390
ord5584
ord3670
ord1444
ord5599
ord2964
ord4679
ord430
ord3819
ord3757
ord1868
ord1869
ord1536
ord1152
ord391
ord1241
ord3987
ord4993
ord1490
ord4507
ord5997
ord5615
ord5309
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord5636
ord4668
ord374
ord639
ord2364
ord3783
ord2896
ord6670
ord2360
ord1720
ord3643
ord4384
ord2283
ord4646
ord777
ord3920
ord2274
ord1668
ord4638
ord3480
ord611
ord405
ord2209
ord2691
ord664
ord3351
ord3352
ord3213
ord305
ord6613
ord1611
ord404
ord5520
ord3179
ord5753
ord1555
ord5835
ord663
ord2523
ord452
ord3657
ord5926
ord2954
ord2948
ord3636
ord400
ord2084
ord1069
ord5771
ord3856
ord306
ord6802
ord5761
ord3143
ord301
ord6148
ord4477
ord2481
ord945
ord942
ord941
ord2327
ord5963
ord4506
ord2480
ord4392
ord5876
ord4337
ord6791
ord5750
ord1247
ord3579
ord3223
ord2263
ord6077
ord585
ord1724
ord1588
ord2700
ord787
ord6554
ord4437
ord2591
ord1361
ord2130
ord4498
ord2282
ord3568
ord1144
ord6152
ord6493
ord4236
ord1329
ord1108
ord1178
ord3845
ord757
ord3620
ord553
ord4026
ord4386
ord3153
ord4157
ord3151
ord3159
ord6329
ord2590
ord790
ord4757
ord3931
ord586
ord789
ord820
ord1045
ord6760
ord2097
ord4513
ord5063
ord3997
ord333
ord525
ord6078
ord4396
ord5179
ord3678
ord4248
ord3730
ord6291
ord6333
ord3157
ord3148
ord3731
ord1699
ord3056
ord1681
ord5808
ord2753
ord6046
ord6552
ord6043
ord6546
ord4565
ord6549
ord6352
ord6166
ord6084
ord5957
ord6023
ord5846
ord5833
ord6398
ord6157
ord3504
ord693
ord2280
ord4644
ord3244
ord3554
ord654
ord3519
ord4527
ord3612
ord1603
ord3831
ord6079
ord6527
ord6616
ord677
ord2278
ord1771
ord1685
ord4642
ord3277
ord265
ord3815
ord1254
ord300
ord4030
ord3665
ord367
ord2141
ord2469
ord6507
ord636
ord6559
ord2100
ord1691
ord595
ord310
ord436
ord6557
ord337
ord613
ord6584
ord1116
ord2143
ord4116
ord4311
ord6170
ord6048
ord2431
ord2470
ord6071
ord3346
ord6391
ord1755
ord1752
ord4331
ord1497
ord4650
ord2074
ord5497
ord6780
ord4589
ord5647
ord3732
ord5139
ord4688
ord1729
ord6446
ord5668
ord5666
ord958
ord963
ord967
ord965
ord969
ord2610
ord2630
ord2614
ord2620
ord2618
ord2616
ord2633
ord2628
ord2612
ord2635
ord2623
ord2605
ord2607
ord2625
ord2375
ord2368
ord1644
ord6784
ord4160
ord6782
ord3671
ord5389
ord6356
ord3218
ord1446
ord5608
ord2139
ord1792
ord1791
ord1728
ord5633
ord2766
ord2978
ord3107
ord4714
ord2961
ord3135
ord2769
ord2888
ord2759
ord4066
ord4067
ord4057
ord2886
ord4334
ord4895
ord4667
ord3663
ord686
ord796
ord2592
ord4529
ord3178
ord6074
ord1357
ord3627
ord3477
ord2588
ord3528
ord1358
ord3479
ord2106
ord316
ord2539
ord910
ord1183
ord601
ord3534
ord1137
ord1061
ord1252
ord1087
ord3726
ord798
ord5585
ord4760
ord2587

msvcr90

__CxxFrameHandler3
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
_stricmp
_time64
_snprintf_s
_vswprintf_c_l
_beginthreadex
_CIsin
_mbsicmp
fopen
fseek
ftell
fclose
fread
_snprintf
atoi
_mbsstr
strncat_s
ldiv
_makepath_s
_splitpath_s
strcpy_s
_mbsinc
__RTDynamicCast
malloc
free
_CIcos
memcpy
memmove_s
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_purecall
strncpy_s
memset
__clean_type_info_names_internal
_adjust_fdiv

kernel32

LockResource
LoadResource
FindResourceA
lstrcmpiA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
CreateFileMappingA
CreateFileA
GetTickCount
FreeLibrary
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrcatA
Sleep
OutputDebugStringA
HeapFree
GetProcessHeap
HeapAlloc
MulDiv
GlobalReAlloc
GetCurrentDirectoryA
LocalFree
FormatMessageA
GetModuleFileNameA
CloseHandle
FlushFileBuffers
WriteFile
SizeofResource
WaitForSingleObject
ResetEvent
SetEvent
ResumeThread
CreateEventA
VirtualProtect
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetVersion
GetCurrentThreadId
GetLastError
SetLastError
LoadLibraryA
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeResource
FlushInstructionCache
GetModuleHandleA
GetProcAddress
GetVersionExA

user32

TabbedTextOutA
GetParent
GetFocus
GetUpdateRect
ScreenToClient
FillRect
DestroyIcon
GetDC
ReleaseDC
DrawIconEx
GetIconInfo
GetSysColor
GetCursorPos
CallNextHookEx
InflateRect
EqualRect
SetWindowsHookExA
ReleaseCapture
LoadCursorA
GetSysColorBrush
RegisterClassExA
EnableWindow
SetCapture
GetCapture
KillTimer
SetTimer
RedrawWindow
InvalidateRect
GetClientRect
SetWindowRgn
PostMessageA
SendMessageA
DrawFrameControl
CopyRect
SetRectEmpty
PtInRect
IsRectEmpty
UnhookWindowsHookEx
ClientToScreen
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuItemID
GetMenuState
GetSubMenu
DrawTextA
ModifyMenuA
RemoveMenu
GetDesktopWindow
GetMenuItemInfoA
LoadImageA
MessageBoxA
WindowFromPoint
GetNextDlgGroupItem
DrawFocusRect
IsWindowVisible
SetLayeredWindowAttributes
CopyIcon
UpdateWindow
GetMessagePos
MessageBeep
CopyImage
DefWindowProcA
CallWindowProcA
GetWindow
GetClassNameA
GetDlgCtrlID
MoveWindow
AdjustWindowRectEx
EndPaint
BeginPaint
CheckMenuItem
EnableMenuItem
GetWindowDC
EnableScrollBar
GetScrollInfo
GetScrollPos
GetScrollRange
SetScrollInfo
SetScrollPos
SetScrollRange
ShowScrollBar
GetPropA
SetWindowPos
RemovePropA
CreateWindowExA
SetPropA
FrameRect
WindowFromDC
MapWindowPoints
GetKeyState
ChildWindowFromPoint
DestroyWindow
ShowWindow
RegisterClassA
DrawTextExA
GrayStringA
IsWindow
SetCursor
SetWindowLongA
GetAsyncKeyState
GetWindowLongA
SetRect
LoadBitmapA
DrawEdge
CreateMenu
CreatePopupMenu
DeleteMenu
AppendMenuA
InsertMenuA
GetMenuItemCount

gdi32

SaveDC
SetStretchBltMode
RestoreDC
Polygon
IntersectClipRect
SetWindowOrgEx
PlayEnhMetaFile
CreatePatternBrush
SetBrushOrgEx
CreateBitmap
UnrealizeObject
CreateFontW
GetTextMetricsA
SetBkColor
GetCurrentObject
RoundRect
GetTextColor
GetTextExtentPointA
CreateICA
ExtCreateRegion
GetDIBits
CreateDIBitmap
CreateHalftonePalette
StretchDIBits
SelectPalette
RealizePalette
CreatePalette
GetTextExtentPoint32W
SetPixel
PatBlt
Rectangle
Ellipse
GetBkMode
GetDeviceCaps
CreateHatchBrush
CreatePen
SetBkMode
SetTextColor
SelectClipRgn
DeleteDC
GetPixel
SelectObject
Escape
ExtTextOutA
GetDCOrgEx
GetClipBox
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetObjectA
CreateCompatibleBitmap
CreateRectRgn
CreatePolygonRgn
CombineRgn
EqualRgn
OffsetRgn
CreateCompatibleDC
FrameRgn
StretchBlt
GetTextExtentPoint32A
DeleteObject
CreateFontA
BitBlt
CreateDIBSection
PtVisible
RectVisible
TextOutA

msimg32

TransparentBlt

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragQueryFileA

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize

ole32

CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantCopy
VariantClear
SysFreeString
VariantInit
OleLoadPicture

kwlib

?EndWith@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1_MUSICINFO@KwLib@@QAE@XZ
?GetFileSize@Dir@KwLib@@YAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?GetFileExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?GetFileNameWithoutExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?QueryMIInfo@MIQuerier@KwLib@@SAKPBDPAU_MUSICINFO@2@@Z
??0_MUSICINFO@KwLib@@QAE@XZ
?Str2Lower@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?WString2String@Charset@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z
?UTF8ToUnicode@Charset@KwLib@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?FindAllFiles@Dir@KwLib@@YAHAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@1H@Z
?Format@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?IsDirectory@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ToFileTime@DateTime@Time@KwLib@@QBE_KXZ
??0DateTime@Time@KwLib@@QAE@XZ
?ReadString@REG@KwLib@@YA_NPAUHKEY__@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1AAV45@@Z
?Trim@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z

msvcp90

??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kwmusiccore

AfxGetDataManager

kwdatadef

??1CSongInfoBase@@UAE@XZ
??4CSongInfoBase@@UAEABV0@ABV0@@Z
?ChildSaveOldSongInfo@CSongInfoBase@@UAEXAAUSONG_INFO@@@Z
?ChildLoadOldSongInfo@CSongInfoBase@@UAEXAAUSONG_INFO@@@Z
?ChildSave@CSongInfoBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CSongInfoBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?CreateSongInfo@CSongInfoBase@@UAEPAV1@XZ
?Clone@CSongInfoBase@@UAEPAV1@XZ
??0CSongInfoBase@@QAE@XZ
??0CLocalResource@@QAE@XZ
?SetLocalRes@CSongInfoBase@@QAEXPAVCLocalResource@@@Z
?SetPlaySource@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSongName@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetArtist@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetAlbum@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetLocalRes@CSongInfoBase@@QAEPAVCLocalResource@@XZ
?SetPath@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetFileSize@CLocalResource@@QAEXH@Z
?SetSampleRate@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetLength@CLocalResource@@QAEXH@Z
?SetFormat@CLocalResource@@QAEXK@Z
?SetBps@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetStartPos@CLocalResource@@QAEXH@Z
?SetEndPos@CLocalResource@@QAEXH@Z
?SetAddTime@CSongInfoBase@@QAEXJ@Z
?GetArtist@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSongName@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

gdiplus

GdipMeasureString
GdipReleaseDC
GdipCreateBitmapFromHBITMAP
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreatePen1
GdipCreatePen2
GdipDeletePen
GdipDeleteGraphics
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromGraphics
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateLineBrush
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipDrawLine
GdipCloneBrush
GdipCloneImage
GdipCreateSolidFill
GdipFillRectangleI
GdipGetImageWidth
GdipGetImageHeight
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateBitmapFromFile
GdipSetImageAttributesColorMatrix
GdipCreateLineBrushFromRect
GdipGetPenFillType
GdipSetPenColor
GdipGetPenColor
GdipSetStringFormatAlign
GdipDrawLineI
GdipDrawArc
GdipFillRectangle
GdipDrawString
GdipDrawImageRect
GdipDrawImageRectRect
GdipCreateFont
GdipSetSolidFillColor
GdipGetGenericFontFamilySansSerif
GdipSetStringFormatLineAlign
GdipLoadImageFromFile
GdipLoadImageFromStream

Exports

Exports

??0BCMenu@@QAE@XZ
??0CAcceptDrag@@QAE@ABV0@@Z
??0CAcceptDrag@@QAE@XZ
??0CBalloonHelp@@QAE@XZ
??0CBaseEditCombox2@@QAE@PAVIBaseEditComboxAction@@@Z
??0CBaseEditCombox@@QAE@PAVIBaseEditComboxAction@@@Z
??0CBaseHeaderCtrl@@QAE@XZ
??0CBaseListCtrl@@QAE@PAVIListCtrlAction@@H@Z
??0CBaseStatic@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0CBaseTreeCtrl@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVITreeCtrlAction@@@Z
??0CBitmapListCtrl@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVIBitmapListAction@@@Z
??0CBufferDC@@QAE@PAVCDC@@ABVCRect@@V2@@Z
??0CCWToolTips@@QAE@XZ
??0CDialogMsg@@QAE@PAVCWnd@@@Z
??0CDib@@IAE@VCSize@@H@Z
??0CDib@@IAE@XZ
??0CDibBitmap@@QAE@XZ
??0CFlashWnd@@QAE@XZ
??0CFreeList@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CKwFont@@QAE@HPBD@Z
??0CKwFont@@QAE@PAUtagLOGFONTA@@@Z
??0CKwMultLineListCtrl@@QAE@PAVIListCtrlAction@@@Z
??0CMultLineListCtrl@@QAE@XZ
??0CMyButton@@QAE@XZ
??0CMyHTMLView@@QAE@PAVIWebAction@@@Z
??0CPictureEx@@QAE@ABV0@@Z
??0CPictureEx@@QAE@_N@Z
??0CPlayProgress@@QAE@PAVIPlayProgressAction@@@Z
??0CSetDPI@@QAE@XZ
??0CShowMenu@@QAE@KPAVCWnd@@K@Z
??0CShowMenu@@QAE@PAVCWnd@@@Z
??0CSkinButton2@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CSliderWnd@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVISliderCtrlAction@@@Z
??0CTabBar@@QAE@PAVITarbarButtonAction@@@Z
??0CTabControl@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVISkyTabCtrlAction@@@Z
??0CTranslucentButton@@QAE@XZ
??0CTranslucentWnd@@QAE@XZ
??0CWebPage@@QAE@ABV0@@Z
??0CWebPage@@QAE@XZ
??0CWndSliderView@@QAE@XZ
??0CxSkinButton@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CxSkinRCbutton@@QAE@ABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVIButtonAction@@@Z
??0CxSkinStatic@@QAE@XZ
??0IAction@@QAE@ABV0@@Z
??0IAction@@QAE@XZ
??0IBalloonHelpAction@@QAE@ABV0@@Z
??0IBalloonHelpAction@@QAE@XZ
??0IBaseEditComboxAction@@QAE@ABV0@@Z
??0IBaseEditComboxAction@@QAE@XZ
??0IBitmapListAction@@QAE@ABV0@@Z
??0IBitmapListAction@@QAE@XZ
??0IButtonAction@@QAE@ABV0@@Z
??0IButtonAction@@QAE@XZ
??0IFlashWndAction@@QAE@ABV0@@Z
??0IFlashWndAction@@QAE@XZ
??0IListCtrlAction@@QAE@ABV0@@Z
??0IListCtrlAction@@QAE@XZ
??0IPlayProgressAction@@QAE@ABV0@@Z
??0IPlayProgressAction@@QAE@XZ
??0IRenderListener@@QAE@ABU0@@Z
??0IRenderListener@@QAE@XZ
??0ISkyTabCtrlAction@@QAE@ABV0@@Z
??0ISkyTabCtrlAction@@QAE@XZ
??0ISliderCtrlAction@@QAE@ABV0@@Z
??0ISliderCtrlAction@@QAE@XZ
??0ITarbarButtonAction@@QAE@ABV0@@Z
??0ITarbarButtonAction@@QAE@XZ
??0ITreeCtrlAction@@QAE@ABV0@@Z
??0ITreeCtrlAction@@QAE@XZ
??0IWndObject@@QAE@ABV0@@Z
??0IWndObject@@QAE@XZ
??0IWndPosAttacher@@QAE@ABV0@@Z
??0IWndPosAttacher@@QAE@XZ
??0KwScrollBar@@QAE@PAUHWND__@@@Z
??0SetBaseButton@@QAE@XZ
??0SetBaseEdit@@QAE@XZ
??0SetBaseStatic@@QAE@XZ
??1BCMenu@@UAE@XZ
??1CAcceptDrag@@QAE@XZ
??1CBalloonHelp@@UAE@XZ
??1CBaseEditCombox2@@UAE@XZ
??1CBaseEditCombox@@UAE@XZ
??1CBaseHeaderCtrl@@UAE@XZ
??1CBaseListCtrl@@UAE@XZ
??1CBaseStatic@@UAE@XZ
??1CBaseTreeCtrl@@UAE@XZ
??1CBitmapListCtrl@@UAE@XZ
??1CBufferDC@@UAE@XZ
??1CCWToolTips@@UAE@XZ
??1CDialogMsg@@UAE@XZ
??1CDib@@MAE@XZ
??1CDibBitmap@@UAE@XZ
??1CFlashWnd@@UAE@XZ
??1CFreeList@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CKwFont@@QAE@XZ
??1CKwMultLineListCtrl@@UAE@XZ
??1CMultLineListCtrl@@UAE@XZ
??1CMyButton@@UAE@XZ
??1CMyHTMLView@@UAE@XZ
??1CPictureEx@@UAE@XZ
??1CPlayProgress@@UAE@XZ
??1CSetDPI@@QAE@XZ
??1CShowMenu@@QAE@XZ
??1CSkinButton2@@UAE@XZ
??1CSliderWnd@@UAE@XZ
??1CTabBar@@UAE@XZ
??1CTabControl@@UAE@XZ
??1CTranslucentButton@@UAE@XZ
??1CTranslucentWnd@@UAE@XZ
??1CWebPage@@UAE@XZ
??1CWndSliderView@@UAE@XZ
??1CxSkinButton@@UAE@XZ
??1CxSkinRCbutton@@UAE@XZ
??1CxSkinStatic@@UAE@XZ
??1IAction@@UAE@XZ
??1IBalloonHelpAction@@UAE@XZ
??1IBaseEditComboxAction@@UAE@XZ
??1IBitmapListAction@@UAE@XZ
??1IButtonAction@@UAE@XZ
??1IFlashWndAction@@UAE@XZ
??1IListCtrlAction@@UAE@XZ
??1IPlayProgressAction@@UAE@XZ
??1IRenderListener@@UAE@XZ
??1ISkyTabCtrlAction@@UAE@XZ
??1ISliderCtrlAction@@UAE@XZ
??1ITarbarButtonAction@@UAE@XZ
??1ITreeCtrlAction@@UAE@XZ
??1KwScrollBar@@QAE@XZ
??1SetBaseButton@@UAE@XZ
??1SetBaseEdit@@UAE@XZ
??1SetBaseStatic@@UAE@XZ
??4?$BHCallWndRetHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$BHKeybHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$BHMouseHookThunk@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4?$_ThunkImpl@VCBalloonHelp@@@@QAEAAV0@ABV0@@Z
??4CAcceptDrag@@QAEAAV0@ABV0@@Z
??4CMakeJpGFile@@QAEAAV0@ABV0@@Z
??4CPictureEx@@QAEAAV0@ABV0@@Z
??4CSetDPI@@QAEAAV0@ABV0@@Z
??4CShowMenu@@QAEAAV0@ABV0@@Z
??4CWebPage@@QAEAAV0@ABV0@@Z
??4IAction@@QAEAAV0@ABV0@@Z
??4IBalloonHelpAction@@QAEAAV0@ABV0@@Z
??4IBaseEditComboxAction@@QAEAAV0@ABV0@@Z
??4IBitmapListAction@@QAEAAV0@ABV0@@Z
??4IButtonAction@@QAEAAV0@ABV0@@Z
??4IFlashWndAction@@QAEAAV0@ABV0@@Z
??4IListCtrlAction@@QAEAAV0@ABV0@@Z
??4IPlayProgressAction@@QAEAAV0@ABV0@@Z
??4IRenderListener@@QAEAAU0@ABU0@@Z
??4ISkyTabCtrlAction@@QAEAAV0@ABV0@@Z
??4ISliderCtrlAction@@QAEAAV0@ABV0@@Z
??4ITarbarButtonAction@@QAEAAV0@ABV0@@Z
??4ITreeCtrlAction@@QAEAAV0@ABV0@@Z
??4IWndObject@@QAEAAV0@ABV0@@Z
??4IWndPosAttacher@@QAEAAV0@ABV0@@Z
??4KwScrollBar@@QAEAAV0@ABV0@@Z
??CCBufferDC@@QAEPAV0@XZ
??_7BCMenu@@6B@
??_7CAcceptDrag@@6B@
??_7CBalloonHelp@@6BCWnd@@@
??_7CBalloonHelp@@6BILayoutDataObserver@@@
??_7CBaseEditCombox2@@6B@
??_7CBaseEditCombox@@6B@
??_7CBaseHeaderCtrl@@6B@
??_7CBaseListCtrl@@6BCAcceptDrag@@@
??_7CBaseListCtrl@@6BCListCtrl@@@
??_7CBaseStatic@@6B@
??_7CBaseTreeCtrl@@6B@
??_7CBitmapListCtrl@@6B@
??_7CBufferDC@@6B@
??_7CCWToolTips@@6B@
??_7CDialogMsg@@6B@
??_7CDib@@6B@
??_7CDibBitmap@@6B@
??_7CFlashWnd@@6B@
??_7CFreeList@@6BCAcceptDrag@@@
??_7CFreeList@@6BCWnd@@@
??_7CHyperLink@@6B@
??_7CKwMultLineListCtrl@@6BCAcceptDrag@@@
??_7CKwMultLineListCtrl@@6BCMultLineListCtrl@@@
??_7CMultLineListCtrl@@6B@
??_7CMyButton@@6B@
??_7CMyHTMLView@@6B@
??_7CPictureEx@@6B@
??_7CPlayProgress@@6B@
??_7CSkinButton2@@6B@
??_7CSliderWnd@@6B@
??_7CTabBar@@6B@
??_7CTabControl@@6BCWnd@@@
??_7CTabControl@@6BITabControl@@@
??_7CTranslucentButton@@6B@
??_7CTranslucentWnd@@6B@
??_7CWebPage@@6B@
??_7CWndSliderView@@6B@
??_7CxSkinButton@@6B@
??_7CxSkinRCbutton@@6B@
??_7CxSkinStatic@@6B@
??_7IAction@@6B@
??_7IBalloonHelpAction@@6B@
??_7IBaseEditComboxAction@@6B0@@
??_7IBaseEditComboxAction@@6BIAction@@@
??_7IBitmapListAction@@6B0@@
??_7IBitmapListAction@@6BIAction@@@
??_7IButtonAction@@6B0@@
??_7IButtonAction@@6BIAction@@@
??_7IFlashWndAction@@6B0@@
??_7IFlashWndAction@@6BIAction@@@
??_7IListCtrlAction@@6B0@@
??_7IListCtrlAction@@6BIAction@@@
??_7IPlayProgressAction@@6B0@@
??_7IPlayProgressAction@@6BIAction@@@
??_7IRenderListener@@6B@
??_7ISkyTabCtrlAction@@6B0@@
??_7ISkyTabCtrlAction@@6BIAction@@@
??_7ISliderCtrlAction@@6B0@@
??_7ISliderCtrlAction@@6BIAction@@@
??_7ITarbarButtonAction@@6B0@@
??_7ITarbarButtonAction@@6BIAction@@@
??_7ITreeCtrlAction@@6B0@@
??_7ITreeCtrlAction@@6BIAction@@@
??_7IWndObject@@6B@
??_7IWndPosAttacher@@6B@
??_7SetBaseButton@@6B@
??_7SetBaseEdit@@6B@
??_7SetBaseStatic@@6B@
??_8IBaseEditComboxAction@@7B@
??_8IBitmapListAction@@7B@
??_8IButtonAction@@7B@
??_8IFlashWndAction@@7B@
??_8IListCtrlAction@@7B@
??_8IPlayProgressAction@@7B@
??_8ISkyTabCtrlAction@@7B@
??_8ISliderCtrlAction@@7B@
??_8ITarbarButtonAction@@7B@
??_8ITreeCtrlAction@@7B@
??_DIBaseEditComboxAction@@QAEXXZ
??_DIBitmapListAction@@QAEXXZ
??_DIButtonAction@@QAEXXZ
??_DIFlashWndAction@@QAEXXZ
??_DIListCtrlAction@@QAEXXZ
??_DIPlayProgressAction@@QAEXXZ
??_DISkyTabCtrlAction@@QAEXXZ
??_DISliderCtrlAction@@QAEXXZ
??_DITarbarButtonAction@@QAEXXZ
??_DITreeCtrlAction@@QAEXXZ
??_FCBaseStatic@@QAEXXZ
??_FCDialogMsg@@QAEXXZ
??_FCKwFont@@QAEXXZ
??_FCMyHTMLView@@QAEXXZ
??_FCPictureEx@@QAEXXZ
?AddBitmapToImageList@BCMenu@@QAEHPAVCImageList@@I@Z
?AddButton@CTabBar@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?AddButton@CTabBar@@QAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?AddColumn@CBaseListCtrl@@QAEXPAVColumnInfo@@@Z
?AddComboxColumn@CBaseEditCombox@@QAEXH@Z
?AddComboxRow@CBaseEditCombox2@@QAEXHH@Z
?AddComboxRow@CBaseEditCombox@@QAEXH@Z
?AddFromToolBar@BCMenu@@QAEXPAVCToolBar@@H@Z
?AddPrepDrawPoint@CPictureEx@@QAEXVCRect@@@Z
?AddToGlobalImageList@BCMenu@@IAEHPAVCImageList@@HH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDH@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCBitmap@@@Z
?AppendMenuA@BCMenu@@QAEHIIPBDPAVCImageList@@H@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WH@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WPAVCBitmap@@@Z
?AppendMenuW@BCMenu@@QAEHIIPA_WPAVCImageList@@H@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIH@Z
?AppendODMenuA@BCMenu@@QAEHPBDIIPAVCImageList@@H@Z
?AppendODMenuW@BCMenu@@QAEHPA_WIIH@Z
?AppendODMenuW@BCMenu@@QAEHPA_WIIPAVCImageList@@H@Z
?AppendODPopupMenuA@BCMenu@@QAEPAV1@PBD@Z
?AppendODPopupMenuW@BCMenu@@QAEPAV1@PA_W@Z
?Attach@CSetDPI@@QAEXPAUHINSTANCE__@@PAUHWND__@@HN@Z
?AttachHostWnd@IWndPosAttacher@@QAEXPAUHWND__@@@Z
?AttachMapFile2@CDib@@IAEHPAXIPAUCutRect@1@H@Z
?AttachMapFile2@CDib@@IAEHPBDPAUCutRect@1@H@Z
?AttachMapFile@CDib@@IAEHPBDH@Z
?AttachMemory@CDib@@QAEHPAXH0@Z
?BeginEditItem@CBaseTreeCtrl@@QAEXXZ
?BrowserFolder@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAUHWND__@@ABV12@H@Z
?ButtonCount@CTabBar@@QBEHXZ
?ButtonHitTest@CWndSliderView@@QAEHABVCPoint@@@Z
?Button_OnClick@IBalloonHelpAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Button_OnClick@IButtonAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CalcClientSize@CBalloonHelp@@IAE?AVCSize@@XZ
?CalcContentSize@CBalloonHelp@@IAE?AVCSize@@PAVCDC@@@Z
?CalcHeaderSize@CBalloonHelp@@IAE?AVCSize@@PAVCDC@@@Z
?CalcWindowSize@CBalloonHelp@@IAE?AVCSize@@XZ
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@000PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@00PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@ABVCStringArray@@PAVCComVariant@3@@Z
?CallJScript@CWebPage@@QAE_NV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@PAVCComVariant@3@@Z
?CallWndRetProc@CBalloonHelp@@AAEJHIJ@Z
?CanDraw3DImageList@BCMenu@@IAEHH@Z
?CcutBitmap@CDib@@IAEHPADPAUCutRect@1@PAPAVCMemFile@@@Z
?ChangeItemShowBmpIndex@CMultLineListCtrl@@QAEXHHHH@Z
?ChangeItmeBmpMouseTrack@CMultLineListCtrl@@QAEXHH_N@Z
?CheckAllItem@CFreeList@@QAEXXZ
?CheckBox_Check@CDialogMsg@@UAEXXZ
?CheckBox_Checked@CDialogMsg@@UAEXXZ
?CheckBox_UnChecked@CDialogMsg@@UAEXXZ
?CheckItem@CShowMenu@@QAEXK@Z
?ClearAllColumn@CBaseListCtrl@@AAEXXZ
?ClearButton@CTabBar@@AAEXXZ
?ClearChecked@CFreeList@@QAEXXZ
?ClearData@CBaseTreeCtrl@@AAEXXZ
?ClearData@CTabControl@@QAEXXZ
?ClearPrepDrawPoint@CPictureEx@@QAEXXZ
?ClearRowFont@CBaseListCtrl@@QAEXH@Z
?ClearSelected@CFreeList@@QAEXXZ
?ClickTabItem@CTabControl@@UAEXH@Z
?ColorBitmap@BCMenu@@IAEXPAVCDC@@AAVCBitmap@@VCSize@@2KKH@Z
?ColumnCount@CBaseListCtrl@@QBEHXZ
?Compress@CDib@@IAEHPAVCDC@@H@Z
?ComputeMetrics@CDib@@AAEXXZ
?ComputePaletteSize@CDib@@AAEXH@Z
?ConvertGB2312ToUnicode@CMakeJpGFile@@CAXPADPA_WH@Z
?CopyToMapFile@CDib@@IAEHPBD@Z
?Create32Bitmap@CBufferDC@@QAEPAUHBITMAP__@@HH@Z
?Create@CBalloonHelp@@QAEHABV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@0ABVCPoint@@IPAVCWnd@@V23@IPAVIBalloonHelpAction@@PAUHICON__@@PAVCFont@@6IABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVIButtonAction@@@Z
?Create@CMyHTMLView@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?Create@CTabControl@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?Create@CxSkinButton@@UAEHPBDKABUtagRECT@@PAVCWnd@@I@Z
?Create@CxSkinStatic@@UAEHPBDKABUtagRECT@@PAVCWnd@@I@Z
?CreateBitmap@CDib@@IAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateBitmap@CDibBitmap@@QAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateContrl@CBaseListCtrl@@QAEXIPAVCWnd@@@Z
?CreateContrl@CKwMultLineListCtrl@@UAEXIPAVCWnd@@@Z
?CreateControlSite@CMyHTMLView@@UAEHPAVCOleControlContainer@@PAPAVCOleControlSite@@IABU_GUID@@@Z
?CreateList@CFreeList@@QAE_NPAVCWnd@@ABVCRect@@@Z
?CreateList@CMultLineListCtrl@@QAEHAAVCRect@@PAUHWND__@@H@Z
?CreateObject@CDib@@SGPAVCObject@@XZ
?CreateObject@CMyHTMLView@@SGPAVCObject@@XZ
?CreateObject@CWndSliderView@@SGPAVCObject@@XZ
?CreatePopupMenu@CShowMenu@@QAEXXZ
?CreateRegionFromDib@CxSkinButton@@QAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateRgnFromBitmap@CBaseStatic@@IAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateRgnFromBitmap@CDibBitmap@@QAEPAUHRGN__@@KPAVCDC@@@Z
?CreateRgnFromBitmap@CDibBitmap@@QAEPAUHRGN__@@KPAVCWnd@@@Z
?CreateRgnFromBitmap@CxSkinButton@@QAEPAUHRGN__@@PAVCDibBitmap@@K@Z
?CreateSection@CDib@@IAEPAUHBITMAP__@@PAVCDC@@@Z
?CreateView@CWndSliderView@@QAEHABUWND_SLIDER_DATA@@H@Z
?CtlColor@CBaseStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CxSkinStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseButton@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseEdit@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@SetBaseStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?Ctrol_a_z_KeyDown@CBaseListCtrl@@AAEHF@Z
?DarkenColor@BCMenu@@SAKKN@Z
?DefWindowProcA@CWndSliderView@@MAEJIIJ@Z
?DelButton@CTabBar@@QAEHH@Z
?DelColumn@CBaseListCtrl@@QAEHH@Z
?DeleteAllColumn@CMultLineListCtrl@@UAEXXZ
?DeleteAllItem@CMultLineListCtrl@@UAEXXZ
?DeleteColumn@CFreeList@@QAE_NI@Z
?DeleteItem@CShowMenu@@QAEXK@Z
?DeleteItem@CShowMenu@@QAEXPBD@Z
?DeleteMenu@BCMenu@@QAEHII@Z
?DeleteMenu@BCMenu@@QAEHPADW4BC_Seperator@@@Z
?DeleteMenu@BCMenu@@QAEHPA_WW4BC_Seperator@@@Z
?DeleteMenuList@BCMenu@@IAEXXZ
?DeletePopupItem@CShowMenu@@QAEXH@Z
?DeleteToolTip@CSkinButton2@@QAEXXZ
?Destroy@KwScrollBar@@QAEXXZ
?DestroyImage@CTranslucentWnd@@QAEXI@Z
?DestroyImageList@CTranslucentWnd@@QAEXXZ
?DestroyMenu@BCMenu@@UAEHXZ
?DestroyWindow@CHyperLink@@UAEHXZ
?DestroyWindow@CxSkinButton@@UAEHXZ
?Detach@CSetDPI@@QAEXXZ
?DetachHostWnd@IWndPosAttacher@@QAEXXZ
?DetachMapFile@CDib@@AAEXXZ
?DisableButton@CTabBar@@QAEXH@Z
?DisableItem@CShowMenu@@QAEXK@Z
?DisableItemByPos@CShowMenu@@QAEXH@Z
?DitherBlt2@BCMenu@@IAEXPAVCDC@@HHHHAAVCBitmap@@HHK@Z
?DitherBlt3@BCMenu@@IAEXPAVCDC@@HHHHAAVCBitmap@@K@Z
?DitherBlt@BCMenu@@IAEXPAUHDC__@@HHHHPAUHBITMAP__@@HHK@Z
?DoDataExchange@CDialogMsg@@MAEXPAVCDataExchange@@@Z
?DragBegin@CAcceptDrag@@QAEXPAVCWnd@@V?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@V?$vector@HV?$allocator@H@std@@@4@H@Z
?DragCancel@CAcceptDrag@@QAEXXZ
?DragDrop@CAcceptDrag@@QAEXXZ
?DragFromOtherCancel@CAcceptDrag@@UAEXXZ
?DragFromOtherCancel@CBaseListCtrl@@MAEXXZ
?DragFromOtherFinished@CAcceptDrag@@UAEXXZ
?DragFromOtherFinished@CBaseListCtrl@@MAEXXZ
?DragFromOtherFinished@CKwMultLineListCtrl@@MAEXXZ
?DragFromOtherMoving@CAcceptDrag@@UAEXXZ
?DragFromOtherMoving@CBaseListCtrl@@MAEXXZ
?DragFromOtherMoving@CKwMultLineListCtrl@@MAEXXZ
?DragFromSelfFinished@CAcceptDrag@@UAEXXZ
?DragFromSelfFinished@CBaseListCtrl@@MAEXXZ
?DragFromSelfFinished@CKwMultLineListCtrl@@MAEXXZ
?DragFromSelfMoving@CAcceptDrag@@UAEXXZ
?DragFromSelfMoving@CBaseListCtrl@@MAEXXZ
?DragFromSelfMoving@CKwMultLineListCtrl@@MAEXXZ
?DragMovingProcess@CAcceptDrag@@QAEXXZ
?Draw3DCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@HPAUHBITMAP__@@@Z
?Draw@CDib@@IAEHPAVCDC@@VCPoint@@VCSize@@HKW4DrawMode@1@@Z
?Draw@CDibBitmap@@QAEHPAVCDC@@HHHHHHHH@Z
?Draw@CDibBitmap@@QAEHPAVCDC@@HKH@Z
?Draw@CMyButton@@IAEXXZ
?Draw@CPictureEx@@QAEHXZ
?DrawBar@CPlayProgress@@QAEXPAVCDC@@@Z
?DrawBar@CSliderWnd@@QAEXPAVCDC@@@Z
?DrawBitmap@CBaseStatic@@IAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@H@Z
?DrawBitmap@CxSkinButton@@QAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@H@Z
?DrawBmpBar@CPlayProgress@@AAEXPAVCDC@@@Z
?DrawCheckMark@BCMenu@@IAEXPAVCDC@@HHKH@Z
?DrawClientArea@CBalloonHelp@@MAEXPAVCDC@@@Z
?DrawContent@CBalloonHelp@@MAE?AVCSize@@PAVCDC@@H_N@Z
?DrawFrame@CSkinButton2@@AAEXAAVGraphics@Gdiplus@@AAVCRect@@@Z
?DrawGifPicture@CBaseListCtrl@@AAEXPAVCDC@@HH@Z
?DrawHeader@CBalloonHelp@@MAE?AVCSize@@PAVCDC@@_N@Z
?DrawImage@CBaseListCtrl@@AAEXPAVCDibBitmap@@ABVCRect@@PAVCDC@@@Z
?DrawImage@CSkinButton2@@AAEXAAVGraphics@Gdiplus@@W4BTN_DRAW_HUE@1@@Z
?DrawImageColumn@CBaseListCtrl@@AAEXPAVCDC@@HHABVCRect@@H@Z
?DrawImageList@CDibBitmap@@QAEHPAVCDC@@HUtagPOINT@@H@Z
?DrawItem@BCMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CBaseListCtrl@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CMyButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CSkinButton2@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CxSkinButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItemBmp@CMultLineListCtrl@@UAEXHHH@Z
?DrawItem_Win9xNT2000@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem_WinXP@BCMenu@@IAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawMultiLine@CCWToolTips@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@VCRect@@AAVCDC@@@Z
?DrawNonClientArea@CBalloonHelp@@MAEXPAVCDC@@@Z
?DrawPreview@CMyButton@@IAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?DrawPreview@CMyButton@@IAEXAAV?$vector@KV?$allocator@K@std@@@std@@H@Z
?DrawProgressCol@CBaseListCtrl@@AAEXPAVCDC@@HH@Z
?DrawRadioDot@BCMenu@@IAEXPAVCDC@@HHK@Z
?DrawStrechFromCenter@CDibBitmap@@QAEHPAVCDC@@@Z
?DrawTextColumn@CBaseListCtrl@@AAEXPAVCDC@@HHABVCRect@@H@Z
?DrawTransParent@CDib@@QAEIPAVCDC@@VCRect@@1K@Z
?DrawXPCheckmark@BCMenu@@IAEHPAVCDC@@ABVCRect@@PAUHBITMAP__@@AAKH@Z
?EditCombox_ButtonClick@IBaseEditComboxAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?EditCombox_GetComboxText@IBaseEditComboxAction@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
?EditCombox_GetText@IBaseEditComboxAction@@UAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?EditCombox_IsTips@IBaseEditComboxAction@@UAE_NXZ
?EditCombox_OnConfirm@IBaseEditComboxAction@@UAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV23@@Z
?EditCombox_OnKillFocus@IBaseEditComboxAction@@UAEXXZ
?EditCombox_OnSetFocus@IBaseEditComboxAction@@UAEXXZ
?EditCombox_PressDownKey@IBaseEditComboxAction@@UAEXXZ
?EditCombox_SelectItem@IBaseEditComboxAction@@UAEXHHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?EditCombox_TextChange@IBaseEditComboxAction@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Empty@CDib@@QAEXXZ
?EnableButton@CTabBar@@QAEXH@Z
?EnableToolTip@CBaseStatic@@QAEX_N@Z
?EnalbeHScroll@CBaseStatic@@QAEX_N@Z
?EndEditItem@CBaseTreeCtrl@@QAEXXZ
?EnsureVisible@CFreeList@@QAEXI@Z
?FillWithBitmap@CBaseStatic@@IAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@@Z
?FillWithBitmap@CxSkinButton@@QAEXPAVCDC@@PAVCDibBitmap@@UtagRECT@@@Z
?FindAnotherMenuOption@BCMenu@@IAEPAV1@HAAHAAV?$CArray@PAVBCMenu@@PAV1@@@AAV?$CArray@HAAH@@@Z
?FindKeyboardShortcut@BCMenu@@SAJIIPAVCMenu@@@Z
?FindMenuItem@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuList@BCMenu@@IAEPAVBCMenuData@@I@Z
?FindMenuOption@BCMenu@@IAEPAV1@HAAH@Z
?FindMenuOption@BCMenu@@IAEPAVBCMenuData@@PA_W@Z
?FlashWnd_LDBClick@IFlashWndAction@@UAEXIJ@Z
?FlashWnd_LOClick@IFlashWndAction@@UAEXIJV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?FlashWnd_MouseMove@IFlashWndAction@@UAEXIJV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetAction@CBaseListCtrl@@QAEPAVIListCtrlAction@@XZ
?GetAction@IWndObject@@UAEPAVIAction@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetActiveView@CWndSliderView@@QBEHXZ
?GetAllChecked@CFreeList@@QAEXAAV?$vector@IV?$allocator@I@std@@@std@@@Z
?GetAllSelected@CFreeList@@QAEXAAV?$vector@IV?$allocator@I@std@@@std@@@Z
?GetAnchorPoint@CBalloonHelp@@IAE?AVCPoint@@XZ
?GetAnchorScreenBounds@CBalloonHelp@@IAEXAAVCRect@@@Z
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBKCol@CTabControl@@UAEKXZ
?GetBKColor@CSkinButton2@@QBEKXZ
?GetBalloonQuadrant@CBalloonHelp@@IAE?AW4BALLOON_QUADRANT@1@XZ
?GetBitmapFromImageList@BCMenu@@IAEHPAVCDC@@PAVCImageList@@HAAVCBitmap@@@Z
?GetBitmapHeight@CBaseStatic@@IAEHPAVCDibBitmap@@@Z
?GetBitmapHeight@CxSkinButton@@QAEHPAVCDibBitmap@@@Z
?GetBitmapWidth@CBaseStatic@@IAEHPAVCDibBitmap@@@Z
?GetBitmapWidth@CxSkinButton@@QAEHPAVCDibBitmap@@@Z
?GetBkColor@CPictureEx@@QBEKXZ
?GetBmpRect@CMultLineListCtrl@@UAEXHHHAAVCRect@@@Z
?GetBodyRect@CFreeList@@QBEXPAUtagRECT@@@Z
?GetBotton@CMultLineListCtrl@@ABEHXZ
?GetBrush@CTranslucentButton@@QAEAAVSolidBrush@Gdiplus@@XZ
?GetBtnName@CTranslucentButton@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetButton@CWndSliderView@@QBEPAVCSliderButton@@H@Z
?GetButtonRect@CTabBar@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVCRect@@@Z
?GetButtonRect@CWndSliderView@@QBE?AVCRect@@H@Z
?GetButtonRect@CWndSliderView@@QBE?AVCRect@@HABV2@@Z
?GetButtonSize@CBaseEditCombox2@@ABE?AU?$pair@HH@std@@XZ
?GetButtonSize@CBaseEditCombox@@ABE?AU?$pair@HH@std@@XZ
?GetButtonTitle@CWndSliderView@@QAEXHAAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?GetCheck@CDialogMsg@@QAEHXZ
?GetCheck@CSkinButton2@@QBEHXZ
?GetCheck@CxSkinRCbutton@@QAEHXZ

Sections

.text
Size: 494KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/KwDataDef.dll
.dll windows:5 windows x86 arch:x86

f61424874fa4f63b3494f7e7af4691ae

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ed:e5:9b:2b:7c:91:4b:5d:f8:ec:3a:34:c1:8f:a0:d3:32:40:1e:9d
Signer

Actual PE Digest

ed:e5:9b:2b:7c:91:4b:5d:f8:ec:3a:34:c1:8f:a0:d3:32:40:1e:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KwDataDef.pdb

Imports

kernel32

MoveFileA
DeleteFileA
CloseHandle
WriteFile
SetFilePointer
ReadFile
GetLastError
CreateFileA
GetTickCount
ResumeThread
SetThreadPriority
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp90

??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB

kwlib

?GetShortFileName@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?UnCompress@Filezip@KwLib@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@_N@Z
?ClearDir@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?DeleteDir@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Compress@Filezip@KwLib@@YA_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?FindChildren@XmlNode@Xml@KwLib@@QAE?AV?$list@VXmlNode@Xml@KwLib@@V?$allocator@VXmlNode@Xml@KwLib@@@std@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@@Z
?LoadStringA@XmlNode@Xml@KwLib@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LastError@XmlNode@Xml@KwLib@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?FindDirAndFile@Dir@KwLib@@YAHAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@0ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@ABV34@H@Z
?LoadFile@XmlNode@Xml@KwLib@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CopyFileA@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0H@Z
?TokenizeEx@StringUtility@KwLib@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z
?IsValidPath@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Trim@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?GetKwPath@Dir@KwLib@@YAHW4Path_Type@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Format@StringUtility@KwLib@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?MakeDir@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetFileSize@Dir@KwLib@@YAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?IsExistFile@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetFileNameWithoutExtension@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?RenameFile@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?IsValid@XmlNode@Xml@KwLib@@QBEHXZ
?TagName@XmlNode@Xml@KwLib@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetFilePath@Dir@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?_GetAttr@XmlNode@Xml@KwLib@@AAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?ChildBegin@XmlNode@Xml@KwLib@@QAE?AViterator@23@XZ
?ChildEnd@XmlNode@Xml@KwLib@@QAE?AViterator@23@XZ
??9iterator@Xml@KwLib@@QBEHABV012@@Z
??Eiterator@Xml@KwLib@@QAEAAV012@XZ
?Tokenize@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z
??0XmlNode@Xml@KwLib@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveFile@XmlNode@Xml@KwLib@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0iterator@Xml@KwLib@@QAE@ABVXmlNode@12@@Z
?_SetAttr@XmlNode@Xml@KwLib@@AAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?_GetAttr@XmlNode@Xml@KwLib@@AAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV45@@Z
??Diterator@Xml@KwLib@@QAEAAVXmlNode@12@XZ
??$GetAttr@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@XmlNode@Xml@KwLib@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
??Citerator@Xml@KwLib@@QAEPAVXmlNode@12@XZ
??1iterator@Xml@KwLib@@QAE@XZ
??1XmlNode@Xml@KwLib@@QAE@XZ
?AppendChild@XmlNode@Xml@KwLib@@QAE?AV123@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0XmlNode@Xml@KwLib@@QAE@ABV012@@Z

kwlog

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

msvcr90

atoi
_time64
_atodbl
_purecall
_itoa_s
_ltoa_s
rand
_beginthreadex
tolower
strncpy_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
??_V@YAXPAX@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
_snprintf_s
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??2@YAPAXI@Z

Exports

Exports

??0CLocalResource@@QAE@ABV0@@Z
??0CLocalResource@@QAE@XZ
??0CNetResource@@QAE@ABV0@@Z
??0CNetResource@@QAE@XZ
??0CNetSongInfo@@QAE@ABV0@@Z
??0CNetSongInfo@@QAE@XZ
??0CNetSongList@@QAE@ABV0@@Z
??0CNetSongList@@QAE@XZ
??0CPlayList@@QAE@ABV0@@Z
??0CPlayList@@QAE@XZ
??0CPlaySongInfo@@QAE@ABV0@@Z
??0CPlaySongInfo@@QAE@XZ
??0CSongInfoBase@@QAE@ABV0@@Z
??0CSongInfoBase@@QAE@XZ
??0CSongListBase@@QAE@ABV0@@Z
??0CSongListBase@@QAE@XZ
??0CSongListMgr@@QAE@PAVICreateFactory@@@Z
??0ICreateFactory@@QAE@ABV0@@Z
??0ICreateFactory@@QAE@XZ
??0ONE_SINGER_INFO@@QAE@ABV0@@Z
??0ONE_SINGER_INFO@@QAE@XZ
??0SONG_INFO@@QAE@ABU0@@Z
??0SONG_INFO@@QAE@XZ
??0Sign@@QAE@KK@Z
??0Sign@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Sign@@QAE@XZ
??1CLocalResource@@QAE@XZ
??1CNetResource@@UAE@XZ
??1CNetSongInfo@@UAE@XZ
??1CNetSongList@@UAE@XZ
??1CPlayList@@UAE@XZ
??1CPlaySongInfo@@UAE@XZ
??1CSongInfoBase@@UAE@XZ
??1CSongListBase@@UAE@XZ
??1CSongListMgr@@QAE@XZ
??1ONE_SINGER_INFO@@QAE@XZ
??1SONG_INFO@@QAE@XZ
??4CLocalResource@@QAEABV0@ABV0@@Z
??4CNetResource@@QAEABV0@ABV0@@Z
??4CNetSongInfo@@QAEABV0@ABV0@@Z
??4CNetSongList@@QAEABV0@ABV0@@Z
??4CPlayList@@QAEABV0@ABV0@@Z
??4CPlaySongInfo@@QAEABV0@ABV0@@Z
??4CSongInfoBase@@UAEABV0@ABV0@@Z
??4CSongListBase@@UAEABV0@ABV0@@Z
??4CSongListMgr@@QAEAAV0@ABV0@@Z
??4ICreateFactory@@QAEAAV0@ABV0@@Z
??4ONE_SINGER_INFO@@QAEAAV0@ABV0@@Z
??4SONG_INFO@@QAEAAU0@ABU0@@Z
??4Sign@@QAEAAU0@ABU0@@Z
??8CSongInfoBase@@QAE_NABV0@@Z
??8Sign@@QAE_NABU0@@Z
??8Sign@@QBE_NABU0@@Z
??9Sign@@QAE_NABU0@@Z
??9Sign@@QBE_NABU0@@Z
??MONE_SINGER_INFO@@QAE_NABV0@@Z
??MSign@@QAE_NABU0@@Z
??MSign@@QBE_NABU0@@Z
??_7CNetResource@@6B@
??_7CNetSongInfo@@6B@
??_7CNetSongList@@6B@
??_7CPlayList@@6B@
??_7CPlaySongInfo@@6B@
??_7CSongInfoBase@@6B@
??_7CSongListBase@@6B@
??_7ICreateFactory@@6B@
?AddSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@H@Z
?AddSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@QAVCSongInfoBase@@H@Z
?AddSongList@CSongListMgr@@QAE?AW4enListNameErrCode@@PAVCSongListBase@@0H@Z
?BackupList@CSongListMgr@@SAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?CancleAllSelect@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?CancleSearchSelect@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?CancleSelect@CSongListMgr@@QAEHAAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?CancleSelect@CSongListMgr@@QAEHPAVCSongInfoBase@@@Z
?CancleSelect@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?CancleSelect@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@HV?$allocator@H@std@@@std@@@Z
?CancleSelect@CSongListMgr@@QAEHPAVCSongListBase@@H@Z
?CancleSelectListAllSongs@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?ChildLoad@CNetSongInfo@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CNetSongList@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CPlayList@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CPlaySongInfo@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CSongInfoBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoad@CSongListBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildLoadOldSongInfo@CNetSongInfo@@UAEXAAUSONG_INFO@@@Z
?ChildLoadOldSongInfo@CSongInfoBase@@UAEXAAUSONG_INFO@@@Z
?ChildSave@CNetSongInfo@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSave@CNetSongList@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSave@CPlayList@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSave@CPlaySongInfo@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSave@CSongInfoBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSave@CSongListBase@@UAEXAAVXmlNode@Xml@KwLib@@@Z
?ChildSaveOldSongInfo@CNetSongInfo@@UAEXAAUSONG_INFO@@@Z
?ChildSaveOldSongInfo@CSongInfoBase@@UAEXAAUSONG_INFO@@@Z
?Clear@CLocalResource@@AAEXXZ
?Clear@CNetResource@@AAEXXZ
?Clear@CNetSongInfo@@AAEXXZ
?Clear@CNetSongList@@AAEXXZ
?Clear@CPlayList@@AAEXXZ
?Clear@CPlaySongInfo@@AAEXXZ
?Clear@CSongInfoBase@@AAEXXZ
?Clear@CSongListBase@@AAEXXZ
?ClearAll@CSongListMgr@@QAEHXZ
?Clone@CLocalResource@@QAEPAV1@XZ
?Clone@CNetResource@@QAEPAV1@XZ
?Clone@CNetSongInfo@@UAEPAVCSongInfoBase@@XZ
?Clone@CNetSongList@@UAEPAVCSongListBase@@XZ
?Clone@CPlayList@@UAEPAVCSongListBase@@XZ
?Clone@CPlaySongInfo@@UAEPAVCSongInfoBase@@XZ
?Clone@CSongInfoBase@@UAEPAV1@XZ
?Clone@CSongListBase@@UAEPAV1@XZ
?CopyData@CLocalResource@@AAEXABV1@@Z
?CopyData@CNetResource@@AAEXABV1@@Z
?CopyData@CNetSongInfo@@AAEXABV1@@Z
?CopyData@CNetSongList@@AAEXABV1@@Z
?CopyData@CPlayList@@AAEXABV1@@Z
?CopyData@CPlaySongInfo@@AAEXABV1@@Z
?CopyData@CSongInfoBase@@AAEXABV1@@Z
?CopyData@CSongListBase@@AAEXABV1@@Z
?CreateSongInfo@CNetSongList@@UAEPAVCSongInfoBase@@XZ
?CreateSongInfo@CPlayList@@UAEPAVCSongInfoBase@@XZ
?CreateSongInfo@CSongInfoBase@@UAEPAV1@XZ
?CreateSongInfo@CSongListBase@@UAEPAVCSongInfoBase@@XZ
?CreateSongList@CNetSongList@@UAEPAVCSongListBase@@XZ
?CreateSongList@CPlayList@@UAEPAVCSongListBase@@XZ
?CreateSongList@CSongListBase@@UAEPAV1@XZ
?DeleteListAllSongs@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?DeleteListFile@CSongListBase@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?DeleteRepeat@CSongListMgr@@QAEHPAVCSongListBase@@QAVCSongInfoBase@@H@Z
?DeleteSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@HV?$allocator@H@std@@@std@@@Z
?DeleteSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?DeleteSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@PAVCSongInfoBase@@@Z
?DeleteSongList@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?GetAPE@CSongInfoBase@@QAEPAVCNetResource@@XZ
?GetAddTime@CSongInfoBase@@QAEJXZ
?GetAlbum@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetAlbumID@CSongInfoBase@@QBEKXZ
?GetArtist@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetArtistID@CSongInfoBase@@QAEKXZ
?GetBaseUrl@CNetSongList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetBps@CLocalResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetChildrenVector@CSongListBase@@QAEPAV?$vector@PAVCSongListBase@@V?$allocator@PAVCSongListBase@@@std@@@std@@XZ
?GetChildrenVector_s@CSongListMgr@@QAEHQAVCSongListBase@@AAPAV?$vector@PAVCSongListBase@@V?$allocator@PAVCSongListBase@@@std@@@std@@@Z
?GetConsequentPercent@CNetResource@@QAEHXZ
?GetCount@CNetSongList@@QAEHXZ
?GetDepthIndex@CSongListBase@@AAEHXZ
?GetDwSortType@CSongListBase@@QAEKXZ
?GetEndPos@CLocalResource@@QAEHXZ
?GetFileSize@CLocalResource@@QAEHXZ
?GetFileSize@CNetResource@@QAEHXZ
?GetFormat@CLocalResource@@QAEKXZ
?GetFormat@CNetResource@@QAEKXZ
?GetFp@CLocalResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetFullName@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?GetFullShowName@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?GetHtmlUrl@CNetSongList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetIcoFile@CNetSongList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetId@CPlayList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetKalaOk@CNetResource@@QAE?AW4enKalaOk@@XZ
?GetKpbs@CNetResource@@QAEHXZ
?GetLastPlayTime@CLocalResource@@QAEJXZ
?GetLastPlayTime@CNetResource@@QAEJXZ
?GetLength@CLocalResource@@QAEHXZ
?GetLength@CNetResource@@QAEHXZ
?GetListAllSongInfos@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?GetListType@CNetSongList@@QAEKXZ
?GetLocalMarks@CNetResource@@QAEHXZ
?GetLocalPath@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetLocalRes@CSongInfoBase@@QAEPAVCLocalResource@@XZ
?GetLyricFilePath@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetMKV@CSongInfoBase@@QAEPAVCNetResource@@XZ
?GetMP3@CSongInfoBase@@QAEPAVCNetResource@@XZ
?GetMarks@CNetResource@@QAEHXZ
?GetMediaCode@CNetResource@@QBE?AW4eMediaCode@@XZ
?GetMediaCode@CSongInfoBase@@QBE?AV?$vector@W4eMediaCode@@V?$allocator@W4eMediaCode@@@std@@@std@@XZ
?GetMsShow@CNetSongInfo@@QAEHXZ
?GetName@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetNetUrl@CNetSongList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetP2PCachePath@CNetResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetParent@CSongInfoBase@@QAEPAVCSongListBase@@XZ
?GetParent@CSongListBase@@QAEPAV1@XZ
?GetPartLyric@CNetSongInfo@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPath@CLocalResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPicture@CPlayList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPlayCnt@CNetSongInfo@@QAEHXZ
?GetPlaySource@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetPlayedTimes@CLocalResource@@QAEHXZ
?GetPlayedTimes@CNetResource@@QAEHXZ
?GetPopularity@CNetResource@@QAEHXZ
?GetProvider@CNetResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetRankingState@CNetSongInfo@@QAEEXZ
?GetRecoSongId@CLocalResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetRecoState@CLocalResource@@QAEKXZ
?GetRecommendPlayListName@CSongListMgr@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAVCSongListBase@@ABV23@@Z
?GetReleaseTime@CNetSongInfo@@QAEHXZ
?GetRid@CNetResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetRid@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetRiseType@CNetSongList@@QAE?AW4ARTIST_RISE_TYPE@@XZ
?GetSampleRate@CLocalResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSampleRate@CNetResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSaveFileName@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSearchSelectedSong@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@HV?$allocator@H@std@@@std@@@Z
?GetSearchSelectedSong@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?GetSelectedSongInfos@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@HV?$allocator@H@std@@@std@@@Z
?GetSelectedSongInfos@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?GetSelectedSongList@CSongListMgr@@QAEHQAVCSongListBase@@AAV?$vector@PAVCSongListBase@@V?$allocator@PAVCSongListBase@@@std@@@std@@PAV?$vector@HV?$allocator@H@std@@@4@@Z
?GetShowName@CSongListBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSig@CLocalResource@@QAE?AUSign@@XZ
?GetSign@CNetResource@@QAE?AUSign@@XZ
?GetSingerInfo@CNetSongList@@QAEAAVONE_SINGER_INFO@@XZ
?GetSongInfo@CSongListMgr@@QAEHQAVCSongListBase@@HAAPAVCSongInfoBase@@@Z
?GetSongInfoVector@CSongListBase@@QAEPAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@XZ
?GetSongInfos@CSongListMgr@@QAEHQAVCSongListBase@@V?$vector@HV?$allocator@H@std@@@std@@AAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@4@@Z
?GetSongList@CSongListMgr@@QAEHAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAPAVCSongListBase@@@Z
?GetSongList@CSongListMgr@@QAEHQAVCSongListBase@@HAAPAV2@@Z
?GetSongList@CSongListMgr@@QAEHQAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPAV2@@Z
?GetSongList@CSongListMgr@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPAVCSongListBase@@@Z
?GetSongName@CSongInfoBase@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetSource@CNetResource@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetStartPos@CLocalResource@@QAEHXZ
?GetTotalDownPercent@CNetResource@@QAEHXZ
?GetUrl@CNetSongList@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetWMA@CSongInfoBase@@QAEPAVCNetResource@@XZ
?GetWMV@CSongInfoBase@@QAEPAVCNetResource@@XZ
?IfHasCopyRight@CNetResource@@QAEHXZ
?IfHasRing@CSongInfoBase@@QAEHXZ
?Init@SONG_INFO@@QAEXXZ
?IsAllowMultChoice@CSongListBase@@QAEHXZ
?IsAscSort@CSongListBase@@QAEHXZ
?IsChecked@CSongInfoBase@@QAEHXZ
?IsDefaultShow@CNetSongList@@QAEHXZ
?IsExistMediaCode@CSongInfoBase@@QBEHW4eMediaCode@@@Z
?IsFailed@CPlaySongInfo@@QAEHXZ
?IsFavorite@CPlaySongInfo@@QAEHXZ
?IsHot@CNetSongInfo@@QAEHXZ
?IsHot@CNetSongList@@QAEHXZ
?IsKalaOk@CNetResource@@QAEHXZ
?IsListValid@CSongListMgr@@SAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?IsLocalFile@CSongListBase@@QAEHXZ
?IsNew@CNetSongInfo@@QAEHXZ
?IsNew@CNetSongList@@QAEHXZ
?IsPlaying@CPlayList@@QAEHXZ
?IsPlaying@CPlaySongInfo@@QAEHXZ
?IsRecommand@CNetSongInfo@@QAEHXZ
?IsSearchHit@CSongInfoBase@@QAEHXZ
?IsSelected@CSongInfoBase@@QAEHXZ
?IsSelected@CSongListBase@@QAEHXZ
?IsVirtual@CSongListBase@@QAEHXZ
?LoadFromOldSongInfo@CSongInfoBase@@QAEXAAUSONG_INFO@@@Z
?LoadFromXml@CSongInfoBase@@QAEXViterator@Xml@KwLib@@@Z
?LoadFromXml@CSongListBase@@QAEHAAViterator@Xml@KwLib@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LoadSongListFromXmlFile@CSongListMgr@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPAVCSongListBase@@@Z
?LoadSongListFromXmlString@CSongListMgr@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPAVCSongListBase@@0@Z
?LoadSongsFromOldXmlFile@CSongListMgr@@QAEHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@3@@Z
?MakeFileName@CSongListBase@@AAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?MediaCode2Format@@YA?AW4enNetSongFormat@@W4eMediaCode@@@Z
?MediaCode2String@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4eMediaCode@@@Z
?ModifyFileName@CSongListBase@@AAEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?OpenKwlFile@CSongListBase@@QAE_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?ReadListNodes@CSongListBase@@AAEXPAV1@AAViterator@Xml@KwLib@@@Z
?RealLoad@CSongListBase@@AAEHXZ
?RealLoadSongInfo@CSongListBase@@AAEHXZ
?RemoveSongInfo@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?RenameSongList@CSongListMgr@@QAE?AW4enListNameErrCode@@PAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?RenewList@CSongListMgr@@SAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?SaveListNode@CSongListBase@@AAEXPAV1@AAViterator@Xml@KwLib@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveOneLocalRes@CSongInfoBase@@AAEXAAVXmlNode@Xml@KwLib@@PAVCLocalResource@@@Z
?SaveOneNetRes@CSongInfoBase@@AAEXAAVXmlNode@Xml@KwLib@@PAVCNetResource@@@Z
?SaveSongListMainFile@CSongListMgr@@QAEHPAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveSongListToXmlFile@CSongListMgr@@QAEHPAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveSongNode@CSongListBase@@AAEXAAViterator@Xml@KwLib@@@Z
?SaveToFile@CSongListBase@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveToKwlFile@CSongListBase@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveToOldSongInfo@CSongInfoBase@@QAEXAAUSONG_INFO@@@Z
?SaveToXml@CSongInfoBase@@QAEXViterator@Xml@KwLib@@@Z
?SaveToXml@CSongListBase@@QAEHAAViterator@Xml@KwLib@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SelectBySearch@CSongListMgr@@QAEHPAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SelectSongInfos@CSongListMgr@@QAEHABV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@H@Z
?SelectSongInfos@CSongListMgr@@QAEHPAVCSongListBase@@ABV?$vector@HV?$allocator@H@std@@@std@@H@Z
?SelectSongList@CSongListMgr@@QAEHPAVCSongListBase@@@Z
?SetAPE@CSongInfoBase@@QAEXPAVCNetResource@@@Z
?SetAddTime@CSongInfoBase@@QAEXJ@Z
?SetAlbum@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetAlbumID@CSongInfoBase@@QAEXK@Z
?SetAllowMultChoice@CSongListBase@@QAEXH@Z
?SetArtist@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetArtistID@CSongInfoBase@@QAEXK@Z
?SetAscSort@CSongListBase@@QAEXH@Z
?SetBps@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetChecked@CSongInfoBase@@QAEXH@Z
?SetConsequentPercent@CNetResource@@QAEXH@Z
?SetCount@CNetSongList@@QAEXH@Z
?SetDefaultShow@CNetSongList@@QAEXH@Z
?SetEndPos@CLocalResource@@QAEXH@Z
?SetFailed@CPlaySongInfo@@QAEXH@Z
?SetFavorite@CPlaySongInfo@@QAEXH@Z
?SetFileSize@CLocalResource@@QAEXH@Z
?SetFileSize@CNetResource@@QAEXH@Z
?SetFormat@CLocalResource@@QAEXK@Z
?SetFormat@CNetResource@@QAEXK@Z
?SetFp@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetHasCopyRight@CNetResource@@QAEXH@Z
?SetHasRing@CSongInfoBase@@QAEXH@Z
?SetHot@CNetSongInfo@@QAEXH@Z
?SetHot@CNetSongList@@QAEXH@Z
?SetIcoFile@CNetSongList@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetId@CPlayList@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetKalaOk@CNetResource@@QAEXW4enKalaOk@@@Z
?SetKpbs@CNetResource@@QAEXH@Z
?SetLastPlayTime@CLocalResource@@QAEXJ@Z
?SetLastPlayTime@CNetResource@@QAEXJ@Z
?SetLength@CLocalResource@@QAEXH@Z
?SetLength@CNetResource@@QAEXH@Z
?SetLocalMarks@CNetResource@@QAEXH@Z
?SetLocalPath@CSongListBase@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetLocalRes@CSongInfoBase@@QAEXPAVCLocalResource@@@Z
?SetLyricFilePath@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetMKV@CSongInfoBase@@QAEXPAVCNetResource@@@Z
?SetMP3@CSongInfoBase@@QAEXPAVCNetResource@@@Z
?SetMarks@CNetResource@@QAEXH@Z
?SetMediaCode@CNetResource@@QAEXW4eMediaCode@@@Z
?SetMediaCode@CSongInfoBase@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetMediaCode@CSongInfoBase@@QAEXABV?$vector@W4eMediaCode@@V?$allocator@W4eMediaCode@@@std@@@std@@@Z
?SetMsShow@CNetSongInfo@@QAEXH@Z
?SetName@CSongListBase@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetNew@CNetSongInfo@@QAEXH@Z
?SetNew@CNetSongList@@QAEXH@Z
?SetP2pCachePath@CNetResource@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetParent@CSongInfoBase@@QAEXPAVCSongListBase@@@Z
?SetParent@CSongListBase@@QAEXPAV1@@Z
?SetPartLyric@CNetSongInfo@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetPath@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetPicture@CPlayList@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetPlayCnt@CNetSongInfo@@QAEXH@Z
?SetPlaySource@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetPlayedTimes@CLocalResource@@QAEXH@Z
?SetPlayedTimes@CNetResource@@QAEXH@Z
?SetPlaying@CPlayList@@QAEXH@Z
?SetPlaying@CPlaySongInfo@@QAEXH@Z
?SetPopularity@CNetResource@@QAEXH@Z
?SetProvider@CNetResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetRankingState@CNetSongInfo@@QAEXE@Z
?SetRecoSongId@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetRecoState@CLocalResource@@QAEXK@Z
?SetRecommand@CNetSongInfo@@QAEXH@Z
?SetReleaseTime@CNetSongInfo@@QAEXH@Z
?SetRid@CNetResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetRid@CSongInfoBase@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetRiseType@CNetSongList@@QAEXW4ARTIST_RISE_TYPE@@@Z
?SetSampleRate@CLocalResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSampleRate@CNetResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSearchHit@CSongInfoBase@@QAEXH@Z
?SetSelected@CSongInfoBase@@QAEXH@Z
?SetSelected@CSongListBase@@QAEXH@Z
?SetShowName@CSongListBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSig@CLocalResource@@QAEXUSign@@@Z
?SetSign@CNetResource@@QAEXUSign@@@Z
?SetSongName@CSongInfoBase@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSortType@CSongListBase@@QAEXK@Z
?SetSource@CNetResource@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetStartPos@CLocalResource@@QAEXH@Z
?SetTotalDownPercent@CNetResource@@QAEXH@Z
?SetVirtual@CSongListBase@@QAEXH@Z
?SetWMA@CSongInfoBase@@QAEXPAVCNetResource@@@Z
?SetWMV@CSongInfoBase@@QAEXPAVCNetResource@@@Z
?SongFileExtense@@YA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?SongFileFilter@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?SortSongInfos@CSongListMgr@@QAEHPAVCSongListBase@@KAAH@Z
?String2MediaCode@@YA?AW4eMediaCode@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_AlertError@CSongListMgr@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_CancleAll@CSongListMgr@@AAEHPAVCSongListBase@@@Z
?_CheckListValid@CSongListMgr@@CAHPAVCSongListBase@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_DeleteSongListInThread@CSongListMgr@@AAEXPAVCSongListBase@@@Z
?_FindListInVec@CSongListMgr@@AAEHQAV?$vector@PAVCSongListBase@@V?$allocator@PAVCSongListBase@@@std@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@AAPAVCSongListBase@@@Z
?_GetSongInfoVector_s@CSongListMgr@@AAEHQAVCSongListBase@@AAPAV?$vector@PAVCSongInfoBase@@V?$allocator@PAVCSongInfoBase@@@std@@@std@@@Z
?_GetSongListByFullName@CSongListMgr@@AAEPAVCSongListBase@@ABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?_GetSongListByFullName@CSongListMgr@@AAEPAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_IsNameExist@CSongListMgr@@AAEHQAVCSongListBase@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_IsValid@CSongListMgr@@AAEHXZ
?_OldGetAttr@CSongListMgr@@AAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@Viterator@Xml@KwLib@@V23@@Z
?_ReadNode@CSongListMgr@@AAEXPAVCSongListBase@@AAViterator@Xml@KwLib@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_ReadOneSongInfo@CSongListMgr@@AAEXViterator@Xml@KwLib@@AAUSONG_INFO@@@Z
?_SaveMainFileNode@CSongListMgr@@AAEXPAVCSongListBase@@Viterator@Xml@KwLib@@@Z
?_SaveNode@CSongListMgr@@AAEXPAVCSongListBase@@AAViterator@Xml@KwLib@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?_ThreadDeleteSongList@CSongListMgr@@CGIPAX@Z

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/KwHttpRequestMgr.dll
.dll windows:5 windows x86 arch:x86

ad594ec826926d69e57f260286f54364

Code Sign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2d:11:e8:e7:8f:3b:34:51:03:8c:22:82:80:bc:62:31:34:6e:6c:df
Signer

Actual PE Digest

2d:11:e8:e7:8f:3b:34:51:03:8c:22:82:80:bc:62:31:34:6e:6c:df

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KwHttpRequestMgr.pdb

Imports

ws2_32

WSAWaitForMultipleEvents
WSASend
WSARecv
WSACloseEvent
WSACleanup
WSAStartup
WSAAddressToStringA
WSAStringToAddressA
gethostbyname
inet_addr
ntohl
ntohs
recvfrom
sendto
socket
WSAGetOverlappedResult
WSAResetEvent
htons
WSAConnect
select
__WSAFDIsSet
getsockopt
WSACreateEvent
closesocket
WSASocketA
setsockopt
WSAGetLastError
ioctlsocket

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
FindFirstFileA
FindNextFileA
FindClose
GetFileSize
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReadFile
GetFileAttributesExA
CopyFileA
CloseHandle
CreateFileA
MoveFileA
WriteFile
CreateDirectoryA
GetTickCount
GetLastError
DeleteFileA

msvcp90

??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

msvcr90

memcpy
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_time64
_snprintf_s
rand
_invalid_parameter_noinfo
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
_beginthreadex
srand
strstr
??_V@YAXPAX@Z
vsprintf
_vscprintf
atoi
strncat_s
realloc
memset
_encode_pointer
sscanf
sscanf_s
tolower
strncat
strncpy
malloc
free
_unlock
__dllonexit
__clean_type_info_names_internal

Exports

Exports

AfxGetFileCache
AfxGetHtchFileMgr
AfxGetHttpRequestMgr

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/KwInfos.exe
.exe windows:5 windows x86 arch:x86

070fa26a8607adbba405b5c46456a213

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\正式发布打包(勿动)\521_金秋版\金秋版_全面发布_0926\KwResource\bin\release\pdb\KwInfos.pdb

Imports

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
IsDebuggerPresent
LocalFree
lstrlenA
MultiByteToWideChar
GetLastError
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedDecrement
Sleep

user32

RegisterClassExA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
IsWindow
SystemParametersInfoA
LoadAcceleratorsA
SendMessageA
UpdateLayeredWindow
GetWindowDC
GetParent
EqualRect
ReleaseDC
GetDC
InvalidateRect
SetWindowPos
GetWindowRect
ShowWindow
LoadStringA
PostQuitMessage
DrawTextA
KillTimer
DestroyWindow
BeginPaint
EndPaint
GetClientRect
DefWindowProcA
CreateWindowExA
GetWindowLongA
SetWindowLongA
UpdateWindow
PostMessageA
GetSystemMetrics
GetForegroundWindow

gdi32

DeleteObject
BitBlt
GetDeviceCaps
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC

ole32

OleCreate
CoCreateInstance
OleRun
OleDraw
OleInitialize
OleUninitialize
OleSetContainedObject

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

kwlib

?Tokenize@StringUtility@KwLib@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@@Z
?GetUserID@UserId@KwLib@@YA_NQADH@Z

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

kwmodconfig

AfxGetConfigManager

msvcr90

_onexit
_amsg_exit
_decode_pointer
_lock
_encode_pointer
__dllonexit
_controlfp_s
_invoke_watson
_crt_debugger_hook
_unlock
malloc
free
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
??3@YAXPAX@Z
__CxxFrameHandler3
_invalid_parameter_noinfo
_CxxThrowException
??2@YAPAXI@Z
memset
??_V@YAXPAX@Z
_purecall
__getmainargs

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 290KB

.ndata Size: - Virtual size: 480KB

.rsrc Size: 33KB - Virtual size: 36KB

472def3d6dc5d4ffe27376a831b4d49b

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

4ab986f64a1874664feabca76ad3c867

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 480KB

.rsrc
Size: 33KB - Virtual size: 36KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 494B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

70:1a:a4:39:5a:b1:1a:1c:cf:6e:6d:7c:b7:df:2a:30:60:36:ba:3d
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 288KB

.rsrc
Size: 16KB - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 12KB