28a401175294498db07c34a3110e92f0N[.]exe

resource
28a401175294498db07c34a3110e92f0N.exe
unpack001/$PLUGINSDIR/nsDialogs.dll

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/$PLUGINSDIR/installtools.exe	nsis_installer_1
static1/unpack001/$PLUGINSDIR/installtools.exe	nsis_installer_2

28a401175294498db07c34a3110e92f0N.exe

.exe windows:5 windows x86 arch:x86

03e79a94d0dcb51acdcf1e8fbb5bd993

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime

SearchPathA

GetShortPathNameA

GetFullPathNameA

MoveFileA

SetCurrentDirectoryA

GetFileAttributesA

GetLastError

CreateDirectoryA

SetFileAttributesA

Sleep

GetTickCount

CreateFileA

GetFileSize

GetModuleFileNameA

GetCurrentProcess

CopyFileA

ExitProcess

GetWindowsDirectoryA

GetTempPathA

SetFileTime

SetErrorMode

lstrcpynA

GetDiskFreeSpaceA

LocalFree

WideCharToMultiByte

OutputDebugStringA

GetCommandLineW

GlobalUnlock

GlobalLock

CreateThread

LoadLibraryA

CreateProcessA

GetTempFileNameA

lstrlenA

lstrcatA

GetSystemDirectoryA

GetVersion

RemoveDirectoryA

CloseHandle

lstrcmpiA

lstrcmpA

ExpandEnvironmentStringsA

GlobalAlloc

WaitForSingleObject

GetExitCodeProcess

GlobalFree

GetModuleHandleA

LoadLibraryExA

GetProcAddress

FreeLibrary

MultiByteToWideChar

WritePrivateProfileStringA

GetPrivateProfileStringA

WriteFile

MulDiv

ReadFile

SetFilePointer

FindClose

FindNextFileA

FindFirstFileA

DeleteFileA

GetCommandLineA

user32

ScreenToClient

GetMessagePos

CallWindowProcA

IsWindowVisible

LoadBitmapA

CloseClipboard

SetClipboardData

EmptyClipboard

OpenClipboard

TrackPopupMenu

GetWindowRect

AppendMenuA

CreatePopupMenu

GetSystemMetrics

EndDialog

EnableMenuItem

GetSystemMenu

SetClassLongA

IsWindowEnabled

SetWindowPos

CheckDlgButton

GetClassInfoA

CreateWindowExA

SystemParametersInfoA

RegisterClassA

SetDlgItemTextA

GetDlgItemTextA

MessageBoxIndirectA

CharPrevA

DispatchMessageA

PeekMessageA

CreateDialogParamA

SetTimer

SetWindowTextA

PostQuitMessage

SetForegroundWindow

ShowWindow

wsprintfA

SendMessageA

FindWindowExA

LoadCursorA

SetCursor

GetWindowLongA

GetSysColor

CharNextA

ExitWindowsEx

DialogBoxParamA

DestroyWindow

IsWindow

GetDlgItem

SetWindowLongA

LoadImageA

GetDC

EnableWindow

InvalidateRect

PostMessageA

DefWindowProcA

BeginPaint

GetClientRect

FillRect

DrawTextA

EndPaint

SendMessageTimeoutA

gdi32

SetBkColor

GetDeviceCaps

DeleteObject

CreateBrushIndirect

CreateFontIndirectA

SetBkMode

SetTextColor

SelectObject

shell32

CommandLineToArgvW

SHBrowseForFolderA

SHGetPathFromIDListA

SHGetFileInfoA

ShellExecuteA

SHFileOperationA

SHGetSpecialFolderLocation

advapi32

RegEnumKeyA

RegOpenKeyExA

RegCloseKey

RegDeleteKeyA

RegDeleteValueA

RegCreateKeyExA

RegSetValueExA

RegQueryValueExA

RegEnumValueA

comctl32

ImageList_AddMasked

ImageList_Destroy

ord17

ImageList_Create

ole32

CoTaskMemFree

OleInitialize

OleUninitialize

CoCreateInstance

version

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/Converter.exe

.exe windows:5 windows x86 arch:x86

3064b0bd200442b27ae9eae7ef76ecfa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

40:03:4a:06:d5:57:0f:f1:d9:c1:e2:9f:d7:8d:38:07:f4:ba:f4:47
Signer

Actual PE Digest

40:03:4a:06:d5:57:0f:f1:d9:c1:e2:9f:d7:8d:38:07:f4:ba:f4:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\PE.pdb

Imports

kernel32

GetProcAddress

LoadLibraryExW

GetPrivateProfileIntW

GetTickCount

Sleep

GetCommandLineA

GetLastError

ReleaseMutex

CreateMutexW

OpenProcess

FindResourceExW

SizeofResource

LockResource

LoadResource

FindResourceW

WritePrivateProfileStringW

lstrlenW

OutputDebugStringW

WaitForSingleObject

LoadLibraryW

GetVersionExW

SetEnvironmentVariableW

LocalFree

LocalAlloc

LoadLibraryA

GetTempPathW

GetSystemInfo

ReadFile

CreateFileW

GetModuleHandleW

FreeLibrary

SetLastError

GetFullPathNameW

FindFirstFileW

FindNextFileW

FindClose

VirtualQuery

InterlockedCompareExchange

VirtualProtect

ResumeThread

FlushInstructionCache

SetThreadContext

GetThreadContext

VirtualFree

SuspendThread

VirtualAlloc

QueryPerformanceCounter

UnhandledExceptionFilter

GetStartupInfoW

HeapSetInformation

InterlockedExchange

DecodePointer

EncodePointer

InitializeCriticalSectionAndSpinCount

GetProcessHeap

HeapSize

HeapReAlloc

HeapFree

HeapAlloc

HeapDestroy

GetEnvironmentVariableW

GetPrivateProfileStringW

GetModuleFileNameW

GetCommandLineW

IsDebuggerPresent

GetCurrentProcess

TerminateProcess

GetCurrentProcessId

CreateProcessW

CloseHandle

CreateEventW

WaitForMultipleObjects

GetCurrentThreadId

SetUnhandledExceptionFilter

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InitializeCriticalSection

GetCurrentThread

RaiseException

lstrcmpiW

GetSystemTimeAsFileTime

user32

wsprintfW

GetShellWindow

GetWindowThreadProcessId

GetDesktopWindow

FindWindowExW

advapi32

OpenProcessToken

InitializeSecurityDescriptor

RegCloseKey

LookupPrivilegeValueW

AdjustTokenPrivileges

DuplicateTokenEx

SetSecurityDescriptorDacl

GetTokenInformation

GetSidSubAuthorityCount

GetSidSubAuthority

RegDeleteKeyW

RegDeleteValueW

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegCreateKeyExW

shell32

CommandLineToArgvW

SHGetFolderPathW

ole32

StringFromCLSID

CoCreateGuid

CoCreateInstance

CoUninitialize

CoInitialize

oleaut32

SysFreeString

shlwapi

PathFileExistsW

PathAppendW

PathRemoveFileSpecW

StrCpyW

PathIsRelativeW

PathStripPathW

msvcp100

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr100

_except_handler4_common

__set_app_type

_fmode

_commode

__setusermatherr

_configthreadlocale

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_initterm

_wcmdln

exit

_XcptFilter

_exit

_cexit

__wgetmainargs

_amsg_exit

_crt_debugger_hook

_invoke_watson

_initterm_e

wmemcpy_s

??3@YAXPAX@Z

wcslen

_CxxThrowException

memcpy_s

memmove_s

__CxxFrameHandler3

??2@YAPAXI@Z

signal

_set_abort_behavior

_set_invalid_parameter_handler

_set_purecall_handler

_set_error_mode

?set_unexpected@@YAP6AXXZP6AXXZ@Z

?set_terminate@@YAP6AXXZP6AXXZ@Z

memcpy

memset

__pxcptinfoptrs

_wcsicmp

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABV01@@Z

vswprintf_s

_vscwprintf

??1exception@std@@UAE@XZ

wcsnlen

??_V@YAXPAX@Z

strlen

memmove

wcsrchr

__wargv

__argc

wcscpy_s

wcsstr

wcscspn

?terminate@@YAXXZ

free

_wcsdup

wcscpy

wcschr

wcscat_s

malloc

wcstoul

memcmp

memchr

strcmp

_unlock

__dllonexit

_lock

_onexit

_controlfp_s

Exports

?Set_CrashUploadParams@@YAXHPB_W@Z

GetExternElapseTime

GetStartTickCount

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/MngModule.dll

.dll regsvr32 windows:5 windows x86 arch:x86

e7fb39e3b1d569c985a87216fe29fcca

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

d6:91:a3:47:35:92:e8:cb:01:c6:7f:e1:e5:0d:b7:35:31:32:26:77
Signer

Actual PE Digest

d6:91:a3:47:35:92:e8:cb:01:c6:7f:e1:e5:0d:b7:35:31:32:26:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\MngModule.pdb

Imports

kernel32

GetEnvironmentVariableW

WaitForSingleObject

CreateEventW

TerminateThread

GetExitCodeThread

CopyFileW

CreateDirectoryW

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

SystemTimeToFileTime

FileTimeToSystemTime

TerminateProcess

DuplicateHandle

DisableThreadLibraryCalls

GetFileTime

DeleteFileW

FileTimeToLocalFileTime

SetLastError

GetFullPathNameW

FindFirstFileW

FindNextFileW

FindClose

SetProcessWorkingSetSize

GetSystemTime

ResetEvent

FlushInstructionCache

GetACP

GetProcessId

OpenProcess

lstrcpyW

lstrcpyA

LoadLibraryW

WritePrivateProfileStringA

GetPrivateProfileStringA

IsBadReadPtr

RemoveDirectoryW

SetFileAttributesW

GetPrivateProfileStringW

FlushFileBuffers

GetSystemDirectoryW

LocalAlloc

TlsSetValue

TlsGetValue

GetQueuedCompletionStatus

InterlockedCompareExchange

SetWaitableTimer

CreateIoCompletionPort

QueueUserAPC

WaitForMultipleObjects

GetFileSize

FormatMessageA

OpenEventA

ReleaseSemaphore

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

DecodePointer

EncodePointer

InterlockedPopEntrySList

VirtualAlloc

VirtualFree

IsProcessorFeaturePresent

InterlockedPushEntrySList

HeapSize

HeapReAlloc

HeapDestroy

HeapFree

HeapAlloc

GetProcessHeap

CreateWaitableTimerA

GetSystemTimeAsFileTime

SleepEx

ResumeThread

CreateThread

lstrlenW

WideCharToMultiByte

lstrlenA

MultiByteToWideChar

FindResourceW

LoadResource

LockResource

SizeofResource

FindResourceExW

CreateMutexW

GlobalFindAtomW

GlobalAddAtomW

GetVersionExW

GetSystemInfo

CreateProcessW

FreeLibrary

LoadLibraryExW

TlsFree

InterlockedDecrement

TlsAlloc

InitializeCriticalSectionAndSpinCount

GetLastError

InterlockedExchangeAdd

InterlockedIncrement

GetCurrentProcessId

GetCurrentProcess

GetCurrentThreadId

GetTempPathW

WritePrivateProfileStringW

Sleep

CreateEventA

SetEvent

PostQueuedCompletionStatus

InterlockedExchange

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetTickCount

CloseHandle

GetModuleFileNameW

GetPrivateProfileIntW

GetLocalTime

CreateFileW

SetFilePointer

WriteFile

GetModuleHandleW

GetProcAddress

RaiseException

LocalFree

DeleteCriticalSection

user32

DestroyWindow

SetTimer

IsWindow

GetMessageW

SystemParametersInfoW

GetClassInfoExW

LoadCursorW

OpenInputDesktop

CloseDesktop

GetLastInputInfo

PostThreadMessageW

LoadIconW

GetForegroundWindow

MonitorFromWindow

RegisterClassExW

CharNextW

UnregisterClassA

GetMonitorInfoW

GetWindowRect

FindWindowExW

DispatchMessageW

FindWindowW

SendMessageTimeoutW

wsprintfW

CreateWindowExW

CallWindowProcW

SetWindowLongW

DefWindowProcW

GetWindowLongW

KillTimer

advapi32

CryptGenRandom

LookupPrivilegeValueW

OpenProcessToken

RegCloseKey

RegQueryValueExW

RegOpenKeyExW

CryptDestroyHash

CryptEncrypt

CryptSetKeyParam

CryptDecrypt

CryptContextAddRef

CryptDuplicateKey

CryptAcquireContextW

CryptExportKey

CryptReleaseContext

CryptGetProvParam

CryptGenKey

CryptGetKeyParam

CryptDestroyKey

AdjustTokenPrivileges

CryptImportKey

RegOpenKeyExA

RegQueryValueExA

RegEnumValueA

GetSecurityInfo

BuildExplicitAccessWithNameW

SetEntriesInAclW

SetSecurityInfo

RegDeleteKeyW

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

RegSetValueExW

RegDeleteValueW

RegCreateKeyExW

shell32

SHCreateDirectoryExW

SHGetFolderPathW

Shell_NotifyIconW

CommandLineToArgvW

ord165

ole32

CoSuspendClassObjects

CoSetProxyBlanket

CoRevokeClassObject

CoRegisterClassObject

CoInitialize

CoUninitialize

CoCreateInstance

oleaut32

UnRegisterTypeLi

SysFreeString

RegisterTypeLi

SysStringLen

VariantClear

VariantInit

SysAllocString

SysAllocStringByteLen

SysStringByteLen

SysAllocStringLen

VarBstrCmp

VariantTimeToSystemTime

SystemTimeToVariantTime

LoadTypeLi

LoadRegTypeLi

atl100

ord20

ord17

ord49

ord56

ord23

ord61

ord31

ord30

ord64

ord15

ord32

ord58

ord44

ord43

ord68

shlwapi

PathRemoveFileSpecW

PathAppendW

PathFindFileNameW

PathStripPathW

PathFileExistsW

msvcp100

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@_JHH@Z

?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z

?min@?$numeric_limits@I@std@@SAIXZ

?min@?$numeric_limits@_J@std@@SA_JXZ

?max@?$numeric_limits@_J@std@@SA_JXZ

??0_Container_base12@std@@QAE@XZ

??1_Container_base12@std@@QAE@XZ

?_Orphan_all@_Container_base12@std@@QAEXXZ

?good@ios_base@std@@QBE_NXZ

?flags@ios_base@std@@QBEHXZ

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??7ios_base@std@@QBE_NXZ

??Bios_base@std@@QBEPAXXZ

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?is@?$ctype@D@std@@QBE_NFD@Z

?id@?$ctype@D@std@@2V0locale@2@A

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?uncaught_exception@std@@YA_NXZ

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?max@?$numeric_limits@I@std@@SAIXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?_BADOFF@std@@3_JB

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?always_noconv@codecvt_base@std@@QBE_NXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_Decref@facet@locale@std@@QAEPAV123@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

??1_Lockit@std@@QAE@XZ

?_Incref@facet@locale@std@@QAEXXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

??Bid@locale@std@@QAEIXZ

?id@?$codecvt@DDH@std@@2V0locale@2@A

??0_Lockit@std@@QAE@H@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?width@ios_base@std@@QAE_J_J@Z

?width@ios_base@std@@QBE_JXZ

?getloc@ios_base@std@@QBE?AVlocale@2@XZ

uilib

sqlite3_column_text

sqlite3_column_int64

sqlite3_column_count

sqlite3_reset

sqlite3_step

sqlite3_next_stmt

sqlite3_finalize

sqlite3_close

?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ

?GetText@TiXmlElement@@QBEPBDXZ

?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z

?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ

??1TiXmlDocument@@UAE@XZ

?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z

sqlite3_prepare_v2

sqlite3_vmprintf

sqlite3_exec

sqlite3_free

sqlite3_open

??0TiXmlDocument@@QAE@XZ

?asCString@Value@Json@@QBEPBDXZ

PPTVLogOutW

PP_GetDiskId

ord5

?isString@Value@Json@@QBE_NXZ

??AValue@Json@@QAEAAV01@PBD@Z

??1Reader@Json@@QAE@XZ

??1Value@Json@@QAE@XZ

?parse@Reader@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVValue@2@_N@Z

??0Value@Json@@QAE@W4ValueType@1@@Z

??0Reader@Json@@QAE@XZ

PP_GetPPLivePath

PP_CheckPPLiveRunning

ord392

PP_ElapsedTickSince

PP_OpenUrlW

PP_GetProxyType

PP_GetComManager

PP_RunEXE

PP_KillProcess

PP_GetMaxUsableDisk

PP_GetUsableFolder

PP_AddEveryoneAccessToFile

PP_GetAllUserAppData

PP_GetCurrentUserAppdata

?isMember@Value@Json@@QBE_NPBD@Z

??AValue@Json@@QAEAAV01@H@Z

?size@Value@Json@@QBEIXZ

?asString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

??0Value@Json@@QAE@ABV01@@Z

?asInt@Value@Json@@QBEHXZ

?clear@Value@Json@@QAEXXZ

?isObject@Value@Json@@QBE_NXZ

?isInt64@Value@Json@@QBE_NXZ

?isInt@Value@Json@@QBE_NXZ

?asInt64@Value@Json@@QBE_JXZ

PP_GetCurrentVersion

wininet

HttpOpenRequestW

DeleteUrlCacheEntryW

HttpSendRequestW

HttpQueryInfoW

HttpQueryInfoA

InternetOpenW

InternetConnectW

InternetReadFile

InternetCloseHandle

msvcr100

vswprintf_s

__clean_type_info_names_internal

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

__CppXcptFilter

_amsg_exit

_initterm_e

_initterm

_encoded_null

_malloc_crt

_except_handler4_common

_onexit

_lock

__dllonexit

_unlock

?terminate@@YAXXZ

_beginthreadex

_wassert

??8type_info@@QBE_NABV0@@Z

_snprintf

isdigit

tolower

vsprintf_s

swscanf_s

_atoi64

ceil

isalnum

isspace

wcscat

strstr

strcmp

??0exception@std@@QAE@XZ

memchr

strcpy

malloc

_resetstkoflw

_i64tow

wcsrchr

wcscpy_s

_mktime64

_localtime64_s

wcsftime

_itow

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@PBD@Z

iswspace

fflush

setvbuf

fsetpos

fgetpos

fgetc

ungetc

fputc

_unlock_file

_lock_file

_wcslwr_s

wcsstr

wcschr

atoi

_gmtime64

srand

rand

_wcsdup

wcstok

_wtol

wcscpy

atol

_wtoi

wcscmp

calloc

memmove_s

wmemcpy_s

_wcsicmp

_itow_s

_time64

wcslen

??0exception@std@@QAE@ABQBDH@Z

_vscwprintf

strerror

memcpy_s

wcsnlen

_fseeki64

fwrite

_ftelli64

fclose

fopen

_purecall

memset

fread

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABV01@@Z

?what@exception@std@@UBEPBDXZ

??2@YAPAXI@Z

??0exception@std@@QAE@ABQBD@Z

memmove

memcpy

swprintf_s

free

_recalloc

__CxxFrameHandler3

sprintf

strlen

_swprintf

??_V@YAXPAX@Z

memcmp

_CxxThrowException

wcsncpy_s

??3@YAXPAX@Z

psapi

GetProcessMemoryInfo

ws2_32

closesocket

listen

WSAStartup

WSACleanup

getsockopt

WSASocketA

ioctlsocket

WSASetLastError

connect

inet_addr

getaddrinfo

WSARecv

WSASend

select

WSAGetLastError

getsockname

setsockopt

bind

freeaddrinfo

__WSAFDIsSet

accept

ppmessager

?create@PushMessageReceiver@push_service@@SAPAV12@PAVListener@12@@Z

?destroy@PushMessageReceiver@push_service@@SAXPAV12@@Z

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Exports

CheckSource

DisableUpload

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

ExecCommand

NotifyJoinLeave

NotifyTastStatusChange

RD_XXXX

SetPushServerCallBack

StartTCPUpnpForUpload

Upload

UploadEx

Sections

.text
Size: 589KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

compid
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/$OUTDIR/PPAP.exe

.exe windows:5 windows x86 arch:x86

3064b0bd200442b27ae9eae7ef76ecfa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

40:03:4a:06:d5:57:0f:f1:d9:c1:e2:9f:d7:8d:38:07:f4:ba:f4:47
Signer

Actual PE Digest

40:03:4a:06:d5:57:0f:f1:d9:c1:e2:9f:d7:8d:38:07:f4:ba:f4:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\PE.pdb

Imports

kernel32

GetProcAddress

LoadLibraryExW

GetPrivateProfileIntW

GetTickCount

Sleep

GetCommandLineA

GetLastError

ReleaseMutex

CreateMutexW

OpenProcess

FindResourceExW

SizeofResource

LockResource

LoadResource

FindResourceW

WritePrivateProfileStringW

lstrlenW

OutputDebugStringW

WaitForSingleObject

LoadLibraryW

GetVersionExW

SetEnvironmentVariableW

LocalFree

LocalAlloc

LoadLibraryA

GetTempPathW

GetSystemInfo

ReadFile

CreateFileW

GetModuleHandleW

FreeLibrary

SetLastError

GetFullPathNameW

FindFirstFileW

FindNextFileW

FindClose

VirtualQuery

InterlockedCompareExchange

VirtualProtect

ResumeThread

FlushInstructionCache

SetThreadContext

GetThreadContext

VirtualFree

SuspendThread

VirtualAlloc

QueryPerformanceCounter

UnhandledExceptionFilter

GetStartupInfoW

HeapSetInformation

InterlockedExchange

DecodePointer

EncodePointer

InitializeCriticalSectionAndSpinCount

GetProcessHeap

HeapSize

HeapReAlloc

HeapFree

HeapAlloc

HeapDestroy

GetEnvironmentVariableW

GetPrivateProfileStringW

GetModuleFileNameW

GetCommandLineW

IsDebuggerPresent

GetCurrentProcess

TerminateProcess

GetCurrentProcessId

CreateProcessW

CloseHandle

CreateEventW

WaitForMultipleObjects

GetCurrentThreadId

SetUnhandledExceptionFilter

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InitializeCriticalSection

GetCurrentThread

RaiseException

lstrcmpiW

GetSystemTimeAsFileTime

user32

wsprintfW

GetShellWindow

GetWindowThreadProcessId

GetDesktopWindow

FindWindowExW

advapi32

OpenProcessToken

InitializeSecurityDescriptor

RegCloseKey

LookupPrivilegeValueW

AdjustTokenPrivileges

DuplicateTokenEx

SetSecurityDescriptorDacl

GetTokenInformation

GetSidSubAuthorityCount

GetSidSubAuthority

RegDeleteKeyW

RegDeleteValueW

RegSetValueExW

RegQueryValueExW

RegOpenKeyExW

RegCreateKeyExW

shell32

CommandLineToArgvW

SHGetFolderPathW

ole32

StringFromCLSID

CoCreateGuid

CoCreateInstance

CoUninitialize

CoInitialize

oleaut32

SysFreeString

shlwapi

PathFileExistsW

PathAppendW

PathRemoveFileSpecW

StrCpyW

PathIsRelativeW

PathStripPathW

msvcp100

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr100

_except_handler4_common

__set_app_type

_fmode

_commode

__setusermatherr

_configthreadlocale

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_initterm

_wcmdln

exit

_XcptFilter

_exit

_cexit

__wgetmainargs

_amsg_exit

_crt_debugger_hook

_invoke_watson

_initterm_e

wmemcpy_s

??3@YAXPAX@Z

wcslen

_CxxThrowException

memcpy_s

memmove_s

__CxxFrameHandler3

??2@YAPAXI@Z

signal

_set_abort_behavior

_set_invalid_parameter_handler

_set_purecall_handler

_set_error_mode

?set_unexpected@@YAP6AXXZP6AXXZ@Z

?set_terminate@@YAP6AXXZP6AXXZ@Z

memcpy

memset

__pxcptinfoptrs

_wcsicmp

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABV01@@Z

vswprintf_s

_vscwprintf

??1exception@std@@UAE@XZ

wcsnlen

??_V@YAXPAX@Z

strlen

memmove

wcsrchr

__wargv

__argc

wcscpy_s

wcsstr

wcscspn

?terminate@@YAXXZ

free

_wcsdup

wcscpy

wcschr

wcscat_s

malloc

wcstoul

memcmp

memchr

strcmp

_unlock

__dllonexit

_lock

_onexit

_controlfp_s

Exports

?Set_CrashUploadParams@@YAXHPB_W@Z

GetExternElapseTime

GetStartTickCount

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/3.5.5.0143/$OUTDIR/Converter.dll

.dll regsvr32 windows:5 windows x86 arch:x86

97795768b2e58da3fb769c1b4af84f0e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

e3:5c:c3:27:40:c7:60:50:f5:7b:fa:0a:a4:71:b8:29:c4:f8:c9:2f
Signer

Actual PE Digest

e3:5c:c3:27:40:c7:60:50:f5:7b:fa:0a:a4:71:b8:29:c4:f8:c9:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\Converter.pdb

Imports

urlmon

URLDownloadToFileW

kernel32

GetEnvironmentVariableW

FreeResource

GlobalUnlock

GlobalLock

GlobalAlloc

LoadResource

SizeofResource

FindResourceW

WaitForSingleObject

RaiseException

FreeLibrary

GetFileSize

CreateFileW

DeviceIoControl

CreateFileA

GetVersionExW

GetModuleFileNameA

GetVersion

InterlockedPopEntrySList

EncodePointer

DecodePointer

InterlockedExchange

TerminateProcess

UnhandledExceptionFilter

LocalFree

OutputDebugStringW

IsProcessorFeaturePresent

WritePrivateProfileStringW

GetProcessHeap

HeapFree

GetModuleFileNameW

LeaveCriticalSection

lstrlenW

InterlockedDecrement

InterlockedIncrement

EnterCriticalSection

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

GetModuleHandleW

GetProcAddress

lstrlenA

InterlockedPushEntrySList

MultiByteToWideChar

CreateMutexW

GetLastError

VirtualFree

GetTickCount

InterlockedCompareExchange

SetUnhandledExceptionFilter

IsDebuggerPresent

QueryPerformanceCounter

GetCurrentThreadId

GetCurrentProcessId

DeleteFileW

OpenEventW

CloseHandle

Sleep

SetLastError

GetPrivateProfileStringW

GetPrivateProfileIntW

LoadLibraryExW

WideCharToMultiByte

GetSystemTime

SystemTimeToFileTime

CreateDirectoryW

GetCurrentProcess

FlushInstructionCache

HeapAlloc

LoadLibraryW

DisableThreadLibraryCalls

GetSystemTimeAsFileTime

VirtualAlloc

user32

GetSystemMetrics

GetShellWindow

GetDesktopWindow

WindowFromPoint

GetWindowThreadProcessId

wsprintfW

UnregisterClassA

SendMessageW

PtInRect

InvalidateRect

GetClientRect

GetClassInfoExW

LoadCursorW

CreateWindowExW

EndPaint

RegisterClassExW

BringWindowToTop

SetActiveWindow

SetTimer

SystemParametersInfoW

GetLayeredWindowAttributes

SetLayeredWindowAttributes

KillTimer

SetWindowPos

BeginPaint

DestroyWindow

SetWindowRgn

CallWindowProcW

GetWindowLongW

SetWindowLongW

LoadStringW

DefWindowProcW

CharNextW

CharLowerW

PostQuitMessage

GetMessageW

TranslateMessage

DispatchMessageW

ShowWindow

gdi32

DeleteDC

CreateCompatibleDC

DeleteObject

SetViewportOrgEx

SelectObject

CreateCompatibleBitmap

BitBlt

ExtCreateRegion

advapi32

RegCreateKeyExW

RegCloseKey

RegQueryValueExW

RegSetValueExW

RegDeleteValueW

RegDeleteKeyW

RegOpenKeyExW

shell32

ShellExecuteExW

SHGetFolderPathW

CommandLineToArgvW

ole32

CoUninitialize

CoCreateInstance

CreateStreamOnHGlobal

CoInitialize

oleaut32

DispCallFunc

RegisterTypeLi

SysStringLen

SysFreeString

SysAllocString

SysAllocStringLen

VariantCopy

LoadRegTypeLi

VariantInit

LoadTypeLi

VariantClear

UnRegisterTypeLi

atl100

ord23

ord61

ord68

ord56

ord64

ord15

ord32

ord30

ord58

ord31

ord11

ord10

ord44

ord43

ord49

shlwapi

PathAppendW

PathRemoveFileSpecW

PathFileExistsW

comctl32

_TrackMouseEvent

gdiplus

GdipCreateFromHDC

GdipDrawImageRectI

GdipDrawImageRectRectI

GdipDeleteBrush

GdipAlloc

GdipDeleteFont

GdipCloneImage

GdipDisposeImage

GdipLoadImageFromStreamICM

GdipLoadImageFromStream

GdipGetImageHeight

GdipGetImageWidth

GdipGetGenericFontFamilySansSerif

GdipCreateFontFamilyFromName

GdipDeleteFontFamily

GdipCloneBrush

GdipDeleteGraphics

GdiplusStartup

GdiplusShutdown

GdipCreateFont

GdipDrawString

GdipCreateSolidFill

GdipFree

wintrust

WTHelperGetProvSignerFromChain

WTHelperProvDataFromStateData

WinVerifyTrust

WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

msvcp100

?_Xlength_error@std@@YAXPBD@Z

?_Xout_of_range@std@@YAXPBD@Z

uilib

?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ

??1TiXmlDocument@@UAE@XZ

?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z

??0TiXmlDocument@@QAE@XZ

ord392

?Attribute@TiXmlElement@@QBEPBDPBD@Z

PP_GetComManager

PP_GetProxyType

?LoadFile@TiXmlDocument@@QAE_NPBDW4TiXmlEncoding@@@Z

msvcr100

?terminate@@YAXXZ

_unlock

_wcsdup

__dllonexit

_lock

strncpy

strrchr

strcat

memchr

sprintf

_onexit

_malloc_crt

_encoded_null

_initterm

_initterm_e

_amsg_exit

__CppXcptFilter

_except_handler4_common

_crt_debugger_hook

?_type_info_dtor_internal_method@type_info@@QAEXXZ

__clean_type_info_names_internal

strcpy

??3@YAXPAX@Z

??_V@YAXPAX@Z

_wtoi

wcscmp

__CxxFrameHandler3

_CxxThrowException

wcsncpy_s

memcmp

??2@YAPAXI@Z

_purecall

memset

wcslen

free

memcpy_s

vswprintf_s

iswdigit

memcpy

malloc

memmove

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

??0exception@std@@QAE@ABV01@@Z

??1exception@std@@UAE@XZ

_recalloc

swprintf_s

atol

strlen

_wcsicmp

wininet

HttpQueryInfoW

InternetOpenW

InternetOpenUrlW

InternetCloseHandle

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

RD_XXXX

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/3.5.5.0143/$OUTDIR/MngModule.dll

.dll regsvr32 windows:5 windows x86 arch:x86

e7fb39e3b1d569c985a87216fe29fcca

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

d6:91:a3:47:35:92:e8:cb:01:c6:7f:e1:e5:0d:b7:35:31:32:26:77
Signer

Actual PE Digest

d6:91:a3:47:35:92:e8:cb:01:c6:7f:e1:e5:0d:b7:35:31:32:26:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\MngModule.pdb

Imports

kernel32

GetEnvironmentVariableW

WaitForSingleObject

CreateEventW

TerminateThread

GetExitCodeThread

CopyFileW

CreateDirectoryW

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

SystemTimeToFileTime

FileTimeToSystemTime

TerminateProcess

DuplicateHandle

DisableThreadLibraryCalls

GetFileTime

DeleteFileW

FileTimeToLocalFileTime

SetLastError

GetFullPathNameW

FindFirstFileW

FindNextFileW

FindClose

SetProcessWorkingSetSize

GetSystemTime

ResetEvent

FlushInstructionCache

GetACP

GetProcessId

OpenProcess

lstrcpyW

lstrcpyA

LoadLibraryW

WritePrivateProfileStringA

GetPrivateProfileStringA

IsBadReadPtr

RemoveDirectoryW

SetFileAttributesW

GetPrivateProfileStringW

FlushFileBuffers

GetSystemDirectoryW

LocalAlloc

TlsSetValue

TlsGetValue

GetQueuedCompletionStatus

InterlockedCompareExchange

SetWaitableTimer

CreateIoCompletionPort

QueueUserAPC

WaitForMultipleObjects

GetFileSize

FormatMessageA

OpenEventA

ReleaseSemaphore

QueryPerformanceCounter

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

DecodePointer

EncodePointer

InterlockedPopEntrySList

VirtualAlloc

VirtualFree

IsProcessorFeaturePresent

InterlockedPushEntrySList

HeapSize

HeapReAlloc

HeapDestroy

HeapFree

HeapAlloc

GetProcessHeap

CreateWaitableTimerA

GetSystemTimeAsFileTime

SleepEx

ResumeThread

CreateThread

lstrlenW

WideCharToMultiByte

lstrlenA

MultiByteToWideChar

FindResourceW

LoadResource

LockResource

SizeofResource

FindResourceExW

CreateMutexW

GlobalFindAtomW

GlobalAddAtomW

GetVersionExW

GetSystemInfo

CreateProcessW

FreeLibrary

LoadLibraryExW

TlsFree

InterlockedDecrement

TlsAlloc

InitializeCriticalSectionAndSpinCount

GetLastError

InterlockedExchangeAdd

InterlockedIncrement

GetCurrentProcessId

GetCurrentProcess

GetCurrentThreadId

GetTempPathW

WritePrivateProfileStringW

Sleep

CreateEventA

SetEvent

PostQueuedCompletionStatus

InterlockedExchange

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

GetTickCount

CloseHandle

GetModuleFileNameW

GetPrivateProfileIntW

GetLocalTime

CreateFileW

SetFilePointer

WriteFile

GetModuleHandleW

GetProcAddress

RaiseException

LocalFree

DeleteCriticalSection

user32

DestroyWindow

SetTimer

IsWindow

GetMessageW

SystemParametersInfoW

GetClassInfoExW

LoadCursorW

OpenInputDesktop

CloseDesktop

GetLastInputInfo

PostThreadMessageW

LoadIconW

GetForegroundWindow

MonitorFromWindow

RegisterClassExW

CharNextW

UnregisterClassA

GetMonitorInfoW

GetWindowRect

FindWindowExW

DispatchMessageW

FindWindowW

SendMessageTimeoutW

wsprintfW

CreateWindowExW

CallWindowProcW

SetWindowLongW

DefWindowProcW

GetWindowLongW

KillTimer

advapi32

CryptGenRandom

LookupPrivilegeValueW

OpenProcessToken

RegCloseKey

RegQueryValueExW

RegOpenKeyExW

CryptDestroyHash

CryptEncrypt

CryptSetKeyParam

CryptDecrypt

CryptContextAddRef

CryptDuplicateKey

CryptAcquireContextW

CryptExportKey

CryptReleaseContext

CryptGetProvParam

CryptGenKey

CryptGetKeyParam

CryptDestroyKey

AdjustTokenPrivileges

CryptImportKey

RegOpenKeyExA

RegQueryValueExA

RegEnumValueA

GetSecurityInfo

BuildExplicitAccessWithNameW

SetEntriesInAclW

SetSecurityInfo

RegDeleteKeyW

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

RegSetValueExW

RegDeleteValueW

RegCreateKeyExW

shell32

SHCreateDirectoryExW

SHGetFolderPathW

Shell_NotifyIconW

CommandLineToArgvW

ord165

ole32

CoSuspendClassObjects

CoSetProxyBlanket

CoRevokeClassObject

CoRegisterClassObject

CoInitialize

CoUninitialize

CoCreateInstance

oleaut32

UnRegisterTypeLi

SysFreeString

RegisterTypeLi

SysStringLen

VariantClear

VariantInit

SysAllocString

SysAllocStringByteLen

SysStringByteLen

SysAllocStringLen

VarBstrCmp

VariantTimeToSystemTime

SystemTimeToVariantTime

LoadTypeLi

LoadRegTypeLi

atl100

ord20

ord17

ord49

ord56

ord23

ord61

ord31

ord30

ord64

ord15

ord32

ord58

ord44

ord43

ord68

shlwapi

PathRemoveFileSpecW

PathAppendW

PathFindFileNameW

PathStripPathW

PathFileExistsW

msvcp100

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@_JHH@Z

?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z

?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z

?min@?$numeric_limits@I@std@@SAIXZ

?min@?$numeric_limits@_J@std@@SA_JXZ

?max@?$numeric_limits@_J@std@@SA_JXZ

??0_Container_base12@std@@QAE@XZ

??1_Container_base12@std@@QAE@XZ

?_Orphan_all@_Container_base12@std@@QAEXXZ

?good@ios_base@std@@QBE_NXZ

?flags@ios_base@std@@QBEHXZ

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z

?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z

?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z

??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ

??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

??7ios_base@std@@QBE_NXZ

??Bios_base@std@@QBEPAXXZ

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?is@?$ctype@D@std@@QBE_NFD@Z

?id@?$ctype@D@std@@2V0locale@2@A

?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z

?uncaught_exception@std@@YA_NXZ

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?max@?$numeric_limits@I@std@@SAIXZ

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

?_Orphan_all@_Container_base0@std@@QAEXXZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?_BADOFF@std@@3_JB

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?always_noconv@codecvt_base@std@@QBE_NXZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?_Decref@facet@locale@std@@QAEPAV123@XZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z

??1_Lockit@std@@QAE@XZ

?_Incref@facet@locale@std@@QAEXXZ

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

??Bid@locale@std@@QAEIXZ

?id@?$codecvt@DDH@std@@2V0locale@2@A

??0_Lockit@std@@QAE@H@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?width@ios_base@std@@QAE_J_J@Z

?width@ios_base@std@@QBE_JXZ

?getloc@ios_base@std@@QBE?AVlocale@2@XZ

uilib

sqlite3_column_text

sqlite3_column_int64

sqlite3_column_count

sqlite3_reset

sqlite3_step

sqlite3_next_stmt

sqlite3_finalize

sqlite3_close

?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ

?GetText@TiXmlElement@@QBEPBDXZ

?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z

?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ

??1TiXmlDocument@@UAE@XZ

?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z

sqlite3_prepare_v2

sqlite3_vmprintf

sqlite3_exec

sqlite3_free

sqlite3_open

??0TiXmlDocument@@QAE@XZ

?asCString@Value@Json@@QBEPBDXZ

PPTVLogOutW

PP_GetDiskId

ord5

?isString@Value@Json@@QBE_NXZ

??AValue@Json@@QAEAAV01@PBD@Z

??1Reader@Json@@QAE@XZ

??1Value@Json@@QAE@XZ

?parse@Reader@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVValue@2@_N@Z

??0Value@Json@@QAE@W4ValueType@1@@Z

??0Reader@Json@@QAE@XZ

PP_GetPPLivePath

PP_CheckPPLiveRunning

ord392

PP_ElapsedTickSince

PP_OpenUrlW

PP_GetProxyType

PP_GetComManager

PP_RunEXE

PP_KillProcess

PP_GetMaxUsableDisk

PP_GetUsableFolder

PP_AddEveryoneAccessToFile

PP_GetAllUserAppData

PP_GetCurrentUserAppdata

?isMember@Value@Json@@QBE_NPBD@Z

??AValue@Json@@QAEAAV01@H@Z

?size@Value@Json@@QBEIXZ

?asString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ

??0Value@Json@@QAE@ABV01@@Z

?asInt@Value@Json@@QBEHXZ

?clear@Value@Json@@QAEXXZ

?isObject@Value@Json@@QBE_NXZ

?isInt64@Value@Json@@QBE_NXZ

?isInt@Value@Json@@QBE_NXZ

?asInt64@Value@Json@@QBE_JXZ

PP_GetCurrentVersion

wininet

HttpOpenRequestW

DeleteUrlCacheEntryW

HttpSendRequestW

HttpQueryInfoW

HttpQueryInfoA

InternetOpenW

InternetConnectW

InternetReadFile

InternetCloseHandle

msvcr100

vswprintf_s

__clean_type_info_names_internal

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

__CppXcptFilter

_amsg_exit

_initterm_e

_initterm

_encoded_null

_malloc_crt

_except_handler4_common

_onexit

_lock

__dllonexit

_unlock

?terminate@@YAXXZ

_beginthreadex

_wassert

??8type_info@@QBE_NABV0@@Z

_snprintf

isdigit

tolower

vsprintf_s

swscanf_s

_atoi64

ceil

isalnum

isspace

wcscat

strstr

strcmp

??0exception@std@@QAE@XZ

memchr

strcpy

malloc

_resetstkoflw

_i64tow

wcsrchr

wcscpy_s

_mktime64

_localtime64_s

wcsftime

_itow

??0bad_cast@std@@QAE@ABV01@@Z

??1bad_cast@std@@UAE@XZ

??0bad_cast@std@@QAE@PBD@Z

iswspace

fflush

setvbuf

fsetpos

fgetpos

fgetc

ungetc

fputc

_unlock_file

_lock_file

_wcslwr_s

wcsstr

wcschr

atoi

_gmtime64

srand

rand

_wcsdup

wcstok

_wtol

wcscpy

atol

_wtoi

wcscmp

calloc

memmove_s

wmemcpy_s

_wcsicmp

_itow_s

_time64

wcslen

??0exception@std@@QAE@ABQBDH@Z

_vscwprintf

strerror

memcpy_s

wcsnlen

_fseeki64

fwrite

_ftelli64

fclose

fopen

_purecall

memset

fread

??1exception@std@@UAE@XZ

??0exception@std@@QAE@ABV01@@Z

?what@exception@std@@UBEPBDXZ

??2@YAPAXI@Z

??0exception@std@@QAE@ABQBD@Z

memmove

memcpy

swprintf_s

free

_recalloc

__CxxFrameHandler3

sprintf

strlen

_swprintf

??_V@YAXPAX@Z

memcmp

_CxxThrowException

wcsncpy_s

??3@YAXPAX@Z

psapi

GetProcessMemoryInfo

ws2_32

closesocket

listen

WSAStartup

WSACleanup

getsockopt

WSASocketA

ioctlsocket

WSASetLastError

connect

inet_addr

getaddrinfo

WSARecv

WSASend

select

WSAGetLastError

getsockname

setsockopt

bind

freeaddrinfo

__WSAFDIsSet

accept

ppmessager

?create@PushMessageReceiver@push_service@@SAPAV12@PAVListener@12@@Z

?destroy@PushMessageReceiver@push_service@@SAXPAV12@@Z

version

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

Exports

CheckSource

DisableUpload

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

ExecCommand

NotifyJoinLeave

NotifyTastStatusChange

RD_XXXX

SetPushServerCallBack

StartTCPUpnpForUpload

Upload

UploadEx

Sections

.text
Size: 589KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

compid
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

$COMMONFILES/PPLiveNetwork/3.5.5.0143/$OUTDIR/bubblectrl.dll

.dll regsvr32 windows:5 windows x86 arch:x86

1b316ab2d25e191e96c68a09ce28e08f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

70:d9:a6:4c:ff:b3:e1:f6:49:29:ef:fd:88:f4:7e:db
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

10/10/2012, 00:00

Not After

09/01/2016, 23:59

Subject

CN=PPLive Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Planning Dept.,O=PPLive Corporation,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

KeyUsageCRLSign

b1:39:3b:da:b7:a8:f5:cc:a3:e0:1d:89:93:e1:2e:1a:aa:99:f1:62
Signer

Actual PE Digest

b1:39:3b:da:b7:a8:f5:cc:a3:e0:1d:89:93:e1:2e:1a:aa:99:f1:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

PDB Paths

D:\jenkins_home\workspace\PPTVClient_Jenkins_Release_3.5.5\output\Win32_Release\pdb\bubblectrl.pdb

Imports

kernel32

SetThreadLocale

GetThreadLocale

CreateDirectoryW

GetProcAddress

GetModuleHandleW

EnterCriticalSection

SetLastError

GetFullPathNameW

FindFirstFileW

FindNextFileW

FindClose

LeaveCriticalSection

DeleteFileW

FileTimeToLocalFileTime

LocalFileTimeToFileTime

FileTimeToSystemTime

SystemTimeToFileTime

GetSystemTime

UnmapViewOfFile

MapViewOfFile

OpenFileMappingW

Sleep

CreateThread

CreateEventW

TerminateThread

GetExitCodeThread

WaitForSingleObject

SetEvent

OpenMutexW

GetCurrentProcessId

FindResourceW

RaiseException

FreeLibrary

LoadLibraryW

CopyFileW

GetTimeZoneInformation

CreateFileMappingW

ReadFile

GetFileSize

SystemTimeToTzSpecificLocalTime

LocalFree

GetSystemTimeAsFileTime

GetCurrentThreadId

QueryPerformanceCounter

IsProcessorFeaturePresent

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

InterlockedCompareExchange

InterlockedExchange

DecodePointer

EncodePointer

GetProcessHeap

HeapSize

HeapReAlloc

HeapFree

HeapAlloc

HeapDestroy

LoadResource

lstrlenA

LockResource

SizeofResource

FindResourceExW

DeleteCriticalSection

MultiByteToWideChar

InterlockedDecrement

InterlockedIncrement

InitializeCriticalSectionAndSpinCount

GetLastError

WideCharToMultiByte

CreateProcessW

GetTickCount

CloseHandle

GetModuleFileNameW

GetLocalTime

CreateFileW

SetFilePointer

WriteFile

lstrlenW

WritePrivateProfileStringW

GetPrivateProfileStringW

GetEnvironmentVariableW

GetPrivateProfileIntW

user32

SetTimer

KillTimer

wsprintfW

CharNextW

IsWindowVisible

FindWindowExW

GetLastInputInfo

UnregisterClassW

DestroyWindow

SendMessageW

DefWindowProcW

RegisterClassW

CreateWindowExW

FindWindowW

SendMessageTimeoutW

advapi32

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

RegSetValueExW

RegDeleteValueW

RegDeleteKeyW

RegQueryValueExA

RegOpenKeyExA

RegCreateKeyExW

shell32

ord165

SHGetFolderPathW

SHCreateDirectoryExW

ole32

CoCreateInstance

oleaut32

SysAllocString

SysStringLen

SysAllocStringByteLen

SysStringByteLen

SysAllocStringLen

UnRegisterTypeLi

RegisterTypeLi

LoadRegTypeLi

LoadTypeLi

VariantClear

VariantInit

VariantTimeToSystemTime

SystemTimeToVariantTime

SysFreeString

atl100

ord31

ord30

ord49

ord56

ord68

ord61

ord23

ord67

ord15

ord58

ord64

ord32

shlwapi

PathAppendW

PathRemoveFileSpecW

PathFileExistsW

msvcp100

?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z

?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ

?always_noconv@codecvt_base@std@@QBE_NXZ

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z

?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

?id@?$codecvt@DDH@std@@2V0locale@2@A

?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ

?_Xinvalid_argument@std@@YAXPBD@Z

?eof@ios_base@std@@QBE_NXZ

?ignore@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JG@Z

?get@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@AAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@_W@Z

??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z

?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ

?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z

?_Xout_of_range@std@@YAXPBD@Z

?_Xlength_error@std@@YAXPBD@Z

??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ

??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ

??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ

?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ

?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ

?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z

?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z

?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ

?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z

?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z

?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z

?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ

?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z

?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ

?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z

?_BADOFF@std@@3_JB

??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ

?_Orphan_all@_Container_base0@std@@QAEXXZ

?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z

?width@ios_base@std@@QAE_J_J@Z

?widen@?$ctype@_W@std@@QBE_WD@Z

?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z

?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ

?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ

?flags@ios_base@std@@QBEHXZ

?getloc@ios_base@std@@QBE?AVlocale@2@XZ

?width@ios_base@std@@QBE_JXZ

?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z

?is@?$ctype@_W@std@@QBE_NF_W@Z

?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ

?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z

?_Decref@facet@locale@std@@QAEPAV123@XZ

?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ

?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ

?good@ios_base@std@@QBE_NXZ

?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ

?uncaught_exception@std@@YA_NXZ

??1_Lockit@std@@QAE@XZ

?_Incref@facet@locale@std@@QAEXXZ

?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z

??Bid@locale@std@@QAEIXZ

?id@?$ctype@_W@std@@2V0locale@2@A

??0_Lockit@std@@QAE@H@Z

?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z

??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z