Driver_8[.]0_0508[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Driver_8.0_0508.zip
Size

7.7MB
MD5

573247da28b2fffa7742f4b2bbdd3248
SHA1

222b811cd6c5b9f75c4a1a5302e0a733be3a88a7
SHA256

a155cb04ba07d51872274a9db4339b5119300b30fe250e40f65a06564a0dc967
SHA512

bb668926d7ef4159b1ea511a89914e13a73c05541022e97014faac011245755bee851a3d1e135227f499243b4501f8cfee2146808c94e8ee793bdc19e73e7697
SSDEEP

196608:DLntrupOwsVWvXdCwIOh9XtcWJ02CJ7cWaM:H3AVCyDiWySWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Driver_8.0_0508/WIN2000/WinTab32.dll
unpack001/Driver_8.0_0508/WIN7_32/WinTab32.dll
unpack001/Driver_8.0_0508/WIN7_64/32/WinTab32.dll
unpack001/Driver_8.0_0508/WIN7_64/WinTab32.dll
unpack001/Driver_8.0_0508/WinX64/32/WinTab32.dll
unpack001/Driver_8.0_0508/WinX64/WinTab32.dll

Files

Driver_8.0_0508.zip
.zip
Driver_8.0_0508/AUTORUN.INF
Driver_8.0_0508/Common/DESK.scf
Driver_8.0_0508/Common/Driver.w2k
Driver_8.0_0508/Common/Driver.w7
Driver_8.0_0508/Common/Driver.w7.x64
Driver_8.0_0508/Common/Driver.wvt
Driver_8.0_0508/Common/Driver.wvt.x64
Driver_8.0_0508/Common/Driver.x64
Driver_8.0_0508/Common/HotCells.inf
Driver_8.0_0508/Common/LHtool.exe
.exe windows:4 windows x86 arch:x86

390275f137a2fac1e2b1ea2ffa1d33e2

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:dd:8a:51:a6:91:e7:56:f3:b6:43:f1:df:57:e0:61:c1:3e:e5:d6
Signer

Actual PE Digest

42:dd:8a:51:a6:91:e7:56:f3:b6:43:f1:df:57:e0:61:c1:3e:e5:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeLibrary
GetProcAddress
LoadLibraryA
GetStdHandle
GetFileType
GetStringTypeA
LCMapStringW
GetStringTypeW
LCMapStringA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
lstrcpyA
SetHandleCount
MultiByteToWideChar
WriteFile
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

CharUpperA
GetForegroundWindow
SendMessageA

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Driver_8.0_0508/Common/PLaunch.exe
.exe windows:4 windows x86 arch:x86

59ad46def4a8200b435652f521ec8a18

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:53:6b:e3:b4:08:b3:38:dd:0a:42:88:4b:09:d7:be:25:1a:d2:44
Signer

Actual PE Digest

10:53:6b:e3:b4:08:b3:38:dd:0a:42:88:4b:09:d7:be:25:1a:d2:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WinExec
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/Common/TKey3325.exe
.exe windows:4 windows x86 arch:x86

5c8f7c59c6ae7d6123c0eaac4e367f39

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7d:23:2f:64:b4:50:b3:bd:21:bb:67:6c:0e:8c:01:5f:5a:b9:ec:51
Signer

Actual PE Digest

7d:23:2f:64:b4:50:b3:bd:21:bb:67:6c:0e:8c:01:5f:5a:b9:ec:51

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
FreeLibrary
GetProcAddress
lstrlenA
CloseHandle
ReleaseMutex
WaitForSingleObject
LoadLibraryA
GetLastError
GetModuleHandleA
GetStartupInfoA
RtlUnwind
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
MulDiv
CreateMutexA
WideCharToMultiByte
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
LCMapStringW
LCMapStringA
FreeEnvironmentStringsW
TerminateProcess
GetCommandLineA
GetVersion
ExitProcess

user32

PtInRect
InflateRect
SetRect
TranslateMessage
IsRectEmpty
LoadIconA
MapVirtualKeyA
keybd_event
GetAsyncKeyState
DefWindowProcA
PostQuitMessage
GetDC
wsprintfA
ReleaseDC
PostMessageA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetKeyState
SendMessageA
GetMessageA
FindWindowA
DispatchMessageA

gdi32

TextOutA

advapi32

RegSetValueExA
RegCreateKeyA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegDeleteKeyA
RegOpenKeyA

shell32

Shell_NotifyIconA

winmm

PlaySoundA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/Common/hc1006.inf
Driver_8.0_0508/Common/hccv720p.inf
Driver_8.0_0508/Common/hcex05.inf
Driver_8.0_0508/Common/hcg10p.inf
Driver_8.0_0508/Common/hcg3.inf
Driver_8.0_0508/Common/hcg5.inf
Driver_8.0_0508/Common/hcmr15.inf
Driver_8.0_0508/Common/hcmr19.inf
Driver_8.0_0508/Common/hcmr21.inf
Driver_8.0_0508/Common/hcr3.inf
Driver_8.0_0508/Common/hcrb8x6.inf
Driver_8.0_0508/Common/popmenu.inf
Driver_8.0_0508/DrvManual/Driver_English.pdf
.pdf
Driver_8.0_0508/SETUP.EXE
.exe windows:4 windows x86 arch:x86

6c5d3e952d52f6deb91c4041c236adc5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:c8:a2:47:af:0c:06:bc:ee:f4:aa:06:ef:eb:9b:0c:32:61:c4:b9
Signer

Actual PE Digest

ba:c8:a2:47:af:0c:06:bc:ee:f4:aa:06:ef:eb:9b:0c:32:61:c4:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
lstrcpyA
WinExec
OpenFile
GetWindowsDirectoryA
GetModuleFileNameA
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
lstrlenA
GetEnvironmentStrings
GetEnvironmentStringsW
VirtualAlloc
HeapReAlloc
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc

user32

wsprintfA
MessageBoxA

shell32

ShellExecuteA

lz32

LZOpenFileA
CopyLZFile
LZClose
LZDone

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/SetupExt.WVT
Driver_8.0_0508/SetupExt.w7
Driver_8.0_0508/SetupI64.WVT
Driver_8.0_0508/SetupX64.WVT
Driver_8.0_0508/SetupX64.inf
Driver_8.0_0508/SetupX64.w7
Driver_8.0_0508/Setupext.w2k
Driver_8.0_0508/Setupx32.ex_
Driver_8.0_0508/TabletPmt/CV720.bmp
Driver_8.0_0508/TabletPmt/CV720L.bmp
Driver_8.0_0508/TabletPmt/G10pro.bmp
Driver_8.0_0508/TabletPmt/G10prol.bmp
Driver_8.0_0508/TabletPmt/G5.bmp
Driver_8.0_0508/TabletPmt/G5L.bmp
Driver_8.0_0508/TabletPmt/HA60.bmp
Driver_8.0_0508/TabletPmt/HA60l.bmp
Driver_8.0_0508/TabletPmt/HK708.bmp
Driver_8.0_0508/TabletPmt/HK708L.bmp
Driver_8.0_0508/TabletPmt/RainBow3S.bmp
Driver_8.0_0508/TabletPmt/RainBow3SL.bmp
Driver_8.0_0508/TabletPmt/TABCFG_HotKey.inf
Driver_8.0_0508/TabletPmt/TM215.bmp
Driver_8.0_0508/TabletPmt/hc9056M0501.bmp
Driver_8.0_0508/TabletPmt/hc9056M0501l.bmp
Driver_8.0_0508/TabletPmt/rainbow3.bmp
Driver_8.0_0508/TabletPmt/rainbow3l.bmp
Driver_8.0_0508/TabletPmt/tm156.bmp
Driver_8.0_0508/TabletPmt/tm156l.bmp
Driver_8.0_0508/WIN2000/DRIVERS/PTSimBus.sys
.sys windows:5 windows x86 arch:x86

202e4eeee1178144d2d3383a8b41cee1

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

93:ea:57:fa:8b:3b:66:09:de:3d:76:1c:88:79:35:0d:42:b1:6a:9c
Signer

Actual PE Digest

93:ea:57:fa:8b:3b:66:09:de:3d:76:1c:88:79:35:0d:42:b1:6a:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\diskf\drvsrc5\kernel\ptsimbus.500\objfre_wnet_x86\i386\PTSimBus.pdb

Imports

ntoskrnl.exe

IoAcquireRemoveLockEx
PoStartNextPowerIrp
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
KeInitializeEvent
IoInitializeRemoveLockEx
PoSetPowerState
IoSetDeviceInterfaceState
ExFreePoolWithTag
ObfReferenceObject
ExAllocatePoolWithTag
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
wcslen
RtlCopyUnicodeString
ExFreePool
KeWaitForSingleObject
memmove
KeSetEvent
IofCompleteRequest
RtlCompareUnicodeString
RtlEqualString
RtlInitAnsiString
ObfDereferenceObject
IoGetDeviceObjectPointer
RtlFreeUnicodeString
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
IoReleaseCancelSpinLock
KeRemoveDeviceQueue
IoAcquireCancelSpinLock
IoStartPacket
IoStartNextPacket
KeRemoveEntryDeviceQueue
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
PoSetSystemState
IoInvalidateDeviceRelations
KeInitializeSpinLock
KeTickCount
KeBugCheckEx
IofCallDriver
IoReleaseRemoveLockEx
RtlInitUnicodeString
IoCreateDevice
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoBuildDeviceIoControlRequest
IoDeleteDevice
RtlAnsiCharToUnicodeChar

hal

KfRaiseIrql
KfLowerIrql
KfAcquireSpinLock
KfReleaseSpinLock
ExAcquireFastMutex
ExReleaseFastMutex
KeGetCurrentIrql

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/DRIVERS/PTSimHid.sys
.sys windows:6 windows x86 arch:x86

bd0359eaa0dc32fe25f7c1844a48f569

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c3:fa:3b:17:c9:24:6b:74:a2:dd:33:29:77:85:28:f3:76:79:68:21
Signer

Actual PE Digest

c3:fa:3b:17:c9:24:6b:74:a2:dd:33:29:77:85:28:f3:76:79:68:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\vc6\driver\ericdriver\20120621_20120531_eraserforink\ptsimhid.500\20120621\objfre_wlh_x86\i386\PTSimHid.pdb

Imports

ntoskrnl.exe

IofCompleteRequest
PoStartNextPowerIrp
IoAcquireRemoveLockEx
ExFreePool
IoInitializeRemoveLockEx
memset
ExAllocatePoolWithTag
memcpy
MmMapLockedPagesSpecifyCache
RtlCopyUnicodeString
ExAllocatePool
RtlInitUnicodeString
KeWaitForSingleObject
IofCallDriver
KeSetEvent
KeInitializeEvent
IoBuildDeviceIoControlRequest
IoReleaseRemoveLockAndWaitEx
PoCallDriver
RtlQueryRegistryValues
RtlAppendUnicodeToString
KeTickCount
KeBugCheckEx
RtlUnwind
IoReleaseRemoveLockEx

hidclass.sys

HidRegisterMinidriver

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/DRIVERS/TClass2k.sys
.sys windows:6 windows x86 arch:x86

129d377de47bb6f07765ad8f8e73b413

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:9f:00:71:e8:d6:46:49:14:90:79:fd:8e:4c:66:ce:c5:13:28:ad
Signer

Actual PE Digest

08:9f:00:71:e8:d6:46:49:14:90:79:fd:8e:4c:66:ce:c5:13:28:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\TCLASS2K.800\obj\x86\TClass2k.pdb

Imports

ntoskrnl.exe

IofCallDriver
ZwQueryValueKey
memcpy
InterlockedExchange
KeRemoveDeviceQueue
KeRemoveEntryDeviceQueue
IoAcquireCancelSpinLock
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoStartNextPacket
PoSetSystemState
RtlQueryRegistryValues
RtlAppendUnicodeToString
ExAllocatePoolWithTag
IoOpenDeviceRegistryKey
ZwClose
memset
InterlockedCompareExchange
ExQueueWorkItem
IoCancelIrp
PoRequestPowerIrp
PoSetPowerState
PoCallDriver
ZwSetValueKey
RtlFreeUnicodeString
IoDeleteDevice
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
IoSetDeviceInterfaceState
IoStartPacket
ProbeForWrite
RtlIntegerToUnicodeString
RtlWriteRegistryValue
RtlCompareMemory
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
IoCreateDevice
IoInitializeRemoveLockEx
IoRegisterDeviceInterface
KeTickCount
KeBugCheckEx
RtlUnwind
IoBuildDeviceIoControlRequest
ExFreePool
ExAllocatePool
KeWaitForSingleObject
KeSetEvent
KeInitializeEvent
RtlCopyUnicodeString
RtlInitUnicodeString
PoStartNextPowerIrp
memmove

hal

KeGetCurrentIrql
KfRaiseIrql
ExReleaseFastMutex
ExAcquireFastMutex
KfLowerIrql
KfReleaseSpinLock
KfAcquireSpinLock

wmilib.sys

WmiCompleteRequest
WmiSystemControl

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/DRIVERS/UCTBLHID.sys
.sys windows:6 windows x86 arch:x86

162e0338355e1f7669b04942085fdb03

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:ff:b5:25:88:bd:75:94:f7:27:c3:93:20:5a:c0:e8:0c:ab:3f:92
Signer

Actual PE Digest

cb:ff:b5:25:88:bd:75:94:f7:27:c3:93:20:5a:c0:e8:0c:ab:3f:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\UCTBLHID.800\obj\x86\UCTBLHID.pdb

Imports

ntoskrnl.exe

IoAllocateMdl
IoBuildAsynchronousFsdRequest
IoBuildDeviceIoControlRequest
IofCallDriver
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoFreeIrp
IoFreeMdl
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
PoSetPowerState
PoCallDriver
PoStartNextPowerIrp
memmove
KeWaitForSingleObject
IoAttachDeviceToDeviceStack
MmBuildMdlForNonPagedPool
IoGetDriverObjectExtension
IoInitializeRemoveLockEx
memset
RtlCompareMemory
KeClearEvent
KeSetEvent
IoCancelIrp
IoReuseIrp
ProbeForWrite
KeTickCount
KeBugCheckEx
RtlUnwind
KeDelayExecutionThread
KeInitializeEvent
_wcslwr
ExFreePoolWithTag
IoCreateDevice
ExAllocatePoolWithTag
IoAllocateDriverObjectExtension
wcsstr

hal

KfRaiseIrql
KfLowerIrql

wmilib.sys

WmiCompleteRequest
WmiSystemControl

hidparse.sys

HidP_GetCaps

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/DRIVERS/WTSRV.exe
.exe windows:5 windows x86 arch:x86

eacd6f1a6688b28ff3e9e2171ef1bdc9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03
Signer

Actual PE Digest

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03

Digest Algorithm

sha256

PE Digest Matches

true

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b
Signer

Actual PE Digest

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SourceCode(Combo)\WTSrv_None_V8_TailProcess\20160905-20160728\Release\WTSRV.pdb

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

hid

HidD_GetIndexedString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

StartServiceCtrlDispatcherA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
ReportEventA
RegisterServiceCtrlHandlerExA
DeregisterEventSource
OpenServiceA
CloseServiceHandle
RegisterEventSourceA
DeleteService
CreateServiceA

kernel32

GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
FlushFileBuffers
HeapReAlloc
WriteConsoleW
CancelIo
CreateFileA
CreateFileW
GetLastError
lstrcmpiA
DeviceIoControl
CloseHandle
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
GetCurrentProcess
FormatMessageA
Sleep
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
LocalFree
PulseEvent
SetPriorityClass
Process32First
WaitForSingleObject
SetEvent
GetCurrentThread
InitializeCriticalSection
OpenProcess
WideCharToMultiByte
CreateEventA
LeaveCriticalSection
ReadFile
GetOverlappedResult
SetThreadPriority
EnterCriticalSection
ResetEvent
Process32Next
WaitForMultipleObjects
CreateToolhelp32Snapshot
ResumeThread
CreateThread
lstrcpyA
ConnectNamedPipe
WriteFile
DisconnectNamedPipe
CreateNamedPipeA
LCMapStringW
GetStringTypeW
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
GetFileType
DeleteCriticalSection
LoadLibraryExW
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW

user32

wsprintfA
UnregisterDeviceNotification
RegisterDeviceNotificationA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/MenuWnd.dll
.dll windows:5 windows x86 arch:x86

44436c525164184c6b0f4f4ce0dec04a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5
Signer

Actual PE Digest

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
RaiseException
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GetTickCount
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetForegroundWindow

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/MyDrawLineWindowDll.dll
.dll windows:5 windows x86 arch:x86

c83d5bde34c832451530b2f3d0487180

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb
Signer

Actual PE Digest

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC6\Driver\EricDriver\20111012_20111006_TabletMonitor\MyDrawLineWindowDll\Release\MyDrawLineWindowDll.pdb

Imports

winmm

mixerGetNumDevs
mixerGetDevCapsW
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
mixerClose
mixerOpen

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
lstrlenA
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
LoadLibraryA
GetLastError
SetLastError
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
MultiByteToWideChar
FreeEnvironmentStringsW

user32

UnregisterClassW
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
GetWindowThreadProcessId
IsWindowEnabled
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
SendMessageW
DefWindowProcW
CallWindowProcW
LoadCursorW
DestroyMenu
LoadIconW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
EnableWindow
FillRect
KillTimer
SystemParametersInfoW
SetWindowRgn
SetWindowPos
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongW
GetWindowLongW
ReleaseDC
LoadImageW
GetClientRect
GetDC
SetTimer
GetSysColorBrush
RegisterWindowMessageW
GetWindowTextW

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
PtVisible
BitBlt
CreateCompatibleDC
GetObjectW
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectW
CreateRoundRectRgn

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MyDLW_AddText
MyDLW_AddTextA
MyDLW_Create
MyDLW_Destroy
MyDLW_GetHWND
MyDLW_SendTrack
MyDLW_SetBKColor
MyDLW_SetDrawStatus
MyDLW_SetDrawVoiceColor
MyDLW_SetDrawVoiceValue
MyDLW_SetPicture
MyDLW_SetPictureA
MyDLW_SetShowWindowTimer
MyDLW_SetTextA
MyDLW_SetTextFont
MyDLW_SetTextFontColor
MyDLW_SetWindowAttributes
MyDLW_SetWindowDirection
MyDLW_SetWindowSize

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/PCPANEL.CPL
.dll windows:5 windows x86 arch:x86

2c88ea5963ea6d4ad72cc36b873a4f26

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b
Signer

Actual PE Digest

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b

Digest Algorithm

sha256

PE Digest Matches

true

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94
Signer

Actual PE Digest

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/PTSimBus.inf
Driver_8.0_0508/WIN2000/PTSimHid.inf
Driver_8.0_0508/WIN2000/TabCfg.exe
.exe windows:5 windows x86 arch:x86

8fecb1ff83a59dacf66342abc361bd13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12
Signer

Actual PE Digest

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12

Digest Algorithm

sha256

PE Digest Matches

true

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20
Signer

Actual PE Digest

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
PropertySheetA

kernel32

WritePrivateProfileStringA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
GetModuleFileNameW
WriteFile
GetStdHandle
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetVersionExA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GetModuleHandleA
CreateMutexA
GetTickCount
Sleep
OpenFile
GetLastError
GetCurrentProcess
MulDiv
lstrcpynA
lstrcmpiA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
lstrcatA
lstrcpyA
GlobalFree

user32

wsprintfA
SendMessageA
PostMessageA
ShowWindow
MoveWindow
GetParent
LoadStringA
SystemParametersInfoA
GetDC
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
GetKeyState
SetTimer
KillTimer
EnableWindow
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
InvalidateRect
SetWindowTextA
GetWindowTextA
GetWindowRect
ScreenToClient
GetWindow
SendDlgItemMessageA
LoadCursorA
SetCursor
ReleaseCapture
SetCapture
IntersectRect
GetSystemMetrics
CreateDialogParamA
GetDoubleClickTime
CallWindowProcA
FindWindowA
SetFocus
GetCursorPos
MapWindowPoints
ClientToScreen
GetClientRect
SetDlgItemInt
PeekMessageA
MessageBoxA
CheckRadioButton
ExitWindowsEx
PtInRect
ShowCursor
GetDlgItemInt
EndDialog
DialogBoxParamA
IsIconic
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
RedrawWindow
DrawTextA
SetWindowPos
CreateWindowExA
LoadImageA
EqualRect
IsRectEmpty
OffsetRect
InflateRect
CopyRect
SetRectEmpty
SetRect
FillRect
ReleaseDC
SetWindowLongA

gdi32

SetROP2
SetPixel
GetPixel
GetDCOrgEx
GetClipBox
SetTextColor
StretchBlt
SetBkMode
CreateDCA
IntersectClipRect
EndPage
StartPage
EndDoc
StartDocA
SaveDC
RoundRect
RestoreDC
GetDeviceCaps
MoveToEx
LineTo
Ellipse
CreatePen
GetObjectA
SetBkColor
SelectObject
Rectangle
GetStockObject
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateFontA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/Tablet2k.inf
Driver_8.0_0508/WIN2000/UCmfg.exe
.exe windows:5 windows x86 arch:x86

8868ace04d1b3f70f22625ea080ebe15

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:1b:af:09:01:d1:3d:23:71:f7:9e:d7:38:e3:45:f7:54:35:ae:a1
Signer

Actual PE Digest

ee:1b:af:09:01:d1:3d:23:71:f7:9e:d7:38:e3:45:f7:54:35:ae:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nita\uc-logic\kernal\ucmfg.500\d20090819_0407\objfre_wxp_x86\i386\ucmfg.pdb

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
ChangeServiceConfigA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceA
QueryServiceStatus
ControlService
DeleteService
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyA

kernel32

lstrlenA
ExitProcess
SetCurrentDirectoryA
CreateThread
GetCurrentDirectoryA
GetLastError
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
lstrcpyA
DeleteFileA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
lstrcmpiA
RtlUnwind
InterlockedExchange
VirtualQuery
GetTimeZoneInformation
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetCPInfo

user32

SetTimer
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetWindowRect
GetSystemMetrics
SetRect
SetWindowPos
UpdateWindow
SetWindowTextA
SetDlgItemTextA
InvalidateRect
DestroyWindow
GetDlgItem
SendMessageA
KillTimer
BeginPaint
GetDlgItemTextA
GetClientRect
InflateRect
DrawTextA
PostQuitMessage
EndPaint

setupapi

CM_Reenumerate_DevNode
CM_Delete_DevNode_Key
CM_Remove_SubTree
SetupPromptReboot
SetupDiInstallClassA
SetupCopyOEMInfA
CM_Get_Parent
SetupDiDeleteDevRegKey
SetupDiChangeState
SetupDiRemoveDevice
SetupGetInfInformationA
SetupQueryInfOriginalFileInformationA
CM_Get_Child
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/WTClient.exe
.exe windows:5 windows x86 arch:x86

5906095fceb42c557876632e3fe9b1d2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a
Signer

Actual PE Digest

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a

Digest Algorithm

sha256

PE Digest Matches

true

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40
Signer

Actual PE Digest

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateEventA
LoadLibraryA
GetWindowsDirectoryA
WriteConsoleW
SetFilePointerEx
lstrcatA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CloseHandle
Sleep
SetEvent
SetErrorMode
GetLastError
GetCurrentProcessId
GetProcAddress
FreeLibrary
SetPriorityClass
lstrcmpiA
SetStdHandle
GetCurrentProcess
HeapSize
GetStringTypeW
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
RaiseException
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
CreateFileW

user32

GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
CreateDialogParamA
ShowWindow
FindWindowA
EndDialog
PostQuitMessage
PostMessageA

advapi32

QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/WinTab32.dll
.dll windows:6 windows x86 arch:x86

56c160062838d412abdf12ac18550b1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
DispatchMessageA
PeekMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
SendInput

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YGHXZ
?UCLogicCursor@@YGXPAXIIIIIIHHH@Z
?UCLogicFKey@@YGXPAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW
_TskBarIconProc@16

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN2000/ptsimbus.cat
Driver_8.0_0508/WIN2000/ptsimhid.cat
Driver_8.0_0508/WIN2000/tablet2k.cat
Driver_8.0_0508/WIN2000/ucinst32.dll
.dll windows:5 windows x86 arch:x86

24a7d7feb6ee49a7f322c55f3d6595bc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fd:08:5e:29:cb:d3:42:a7:9a:7a:20:fa:3e:ad:20:c7:82:d2:95:e1
Signer

Actual PE Digest

fd:08:5e:29:cb:d3:42:a7:9a:7a:20:fa:3e:ad:20:c7:82:d2:95:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\diskf\drvsrc5\kernel\ucinst32.500\objfre_wnet_x86\i386\ucinst32.pdb

Imports

msvcrt

_adjust_fdiv
_initterm
malloc
free
strstr

setupapi

SetupCopyOEMInfA
SetupDiSetSelectedDevice
SetupDiEnumDriverInfoA
SetupDiGetDriverInstallParamsA
SetupDiSetDriverInstallParamsA
SetupDiSetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

kernel32

Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcmpA
GetLastError
lstrcatA
lstrlenA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary

advapi32

RegOpenKeyExA
RegCloseKey

user32

CharUpperBuffA
wsprintfA
CharUpperA

Exports

Exports

ClassInstall
HidTabletCoInstaller
SerTabletCoInstaller

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/DRIVERS/PTSimBus.sys
.sys windows:6 windows x86 arch:x86

e6ae23aa03b4eb3de74e655dfbf61d3b

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:90:9e:29:21:5c:ea:60:13:86:dc:19:e3:66:d3:73:b7:0b:28:13
Signer

Actual PE Digest

90:90:9e:29:21:5c:ea:60:13:86:dc:19:e3:66:d3:73:b7:0b:28:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nita_20090402\uc-logic\kernel\ptsimbus.500\d20090618\objfre_win7_x86\i386\PTSimBus.pdb

Imports

ntoskrnl.exe

IofCompleteRequest
PoStartNextPowerIrp
KeInitializeEvent
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
IoInitializeRemoveLockEx
memset
PoSetPowerState
IoSetDeviceInterfaceState
ExFreePoolWithTag
ObfReferenceObject
ExAllocatePoolWithTag
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
DbgPrint
memcpy
RtlCopyUnicodeString
ExAllocatePool
ExFreePool
KeWaitForSingleObject
memmove
IoAcquireRemoveLockEx
IoBuildDeviceIoControlRequest
RtlCompareUnicodeString
RtlEqualString
RtlInitAnsiString
ObfDereferenceObject
IoGetDeviceObjectPointer
RtlFreeUnicodeString
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
IoReleaseCancelSpinLock
KeRemoveDeviceQueue
IoAcquireCancelSpinLock
IoStartPacket
IoStartNextPacket
KeRemoveEntryDeviceQueue
KefReleaseSpinLockFromDpcLevel
KefAcquireSpinLockAtDpcLevel
PoSetSystemState
IoInvalidateDeviceRelations
KeTickCount
KeBugCheckEx
IofCallDriver
IoReleaseRemoveLockEx
RtlInitUnicodeString
IoCreateDevice
IoCreateSymbolicLink
IoDeleteSymbolicLink
KeSetEvent
IoDeleteDevice
RtlAnsiCharToUnicodeChar

hal

KfRaiseIrql
KfLowerIrql
KfAcquireSpinLock
KfReleaseSpinLock
ExAcquireFastMutex
ExReleaseFastMutex
KeGetCurrentIrql

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 566B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/DRIVERS/PTSimHid.sys
.sys windows:6 windows x86 arch:x86

bd0359eaa0dc32fe25f7c1844a48f569

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

97:41:10:78:04:68:bb:6b:d7:10:44:7c:cf:90:67:f9:19:c8:e1:ae
Signer

Actual PE Digest

97:41:10:78:04:68:bb:6b:d7:10:44:7c:cf:90:67:f9:19:c8:e1:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\vc6\driver\ericdriver\20120621_20120531_eraserforink\ptsimhid.500\20120621\objfre_win7_x86\i386\PTSimHid.pdb

Imports

ntoskrnl.exe

IofCompleteRequest
PoStartNextPowerIrp
IoAcquireRemoveLockEx
ExFreePool
IoInitializeRemoveLockEx
memset
ExAllocatePoolWithTag
memcpy
MmMapLockedPagesSpecifyCache
RtlCopyUnicodeString
ExAllocatePool
RtlInitUnicodeString
KeWaitForSingleObject
IofCallDriver
KeSetEvent
KeInitializeEvent
IoBuildDeviceIoControlRequest
IoReleaseRemoveLockAndWaitEx
PoCallDriver
RtlQueryRegistryValues
RtlAppendUnicodeToString
KeTickCount
KeBugCheckEx
RtlUnwind
IoReleaseRemoveLockEx

hidclass.sys

HidRegisterMinidriver

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/DRIVERS/TClass2k.sys
.sys windows:6 windows x86 arch:x86

129d377de47bb6f07765ad8f8e73b413

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:9f:00:71:e8:d6:46:49:14:90:79:fd:8e:4c:66:ce:c5:13:28:ad
Signer

Actual PE Digest

08:9f:00:71:e8:d6:46:49:14:90:79:fd:8e:4c:66:ce:c5:13:28:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\TCLASS2K.800\obj\x86\TClass2k.pdb

Imports

ntoskrnl.exe

IofCallDriver
ZwQueryValueKey
memcpy
InterlockedExchange
KeRemoveDeviceQueue
KeRemoveEntryDeviceQueue
IoAcquireCancelSpinLock
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoStartNextPacket
PoSetSystemState
RtlQueryRegistryValues
RtlAppendUnicodeToString
ExAllocatePoolWithTag
IoOpenDeviceRegistryKey
ZwClose
memset
InterlockedCompareExchange
ExQueueWorkItem
IoCancelIrp
PoRequestPowerIrp
PoSetPowerState
PoCallDriver
ZwSetValueKey
RtlFreeUnicodeString
IoDeleteDevice
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
IoSetDeviceInterfaceState
IoStartPacket
ProbeForWrite
RtlIntegerToUnicodeString
RtlWriteRegistryValue
RtlCompareMemory
KeInitializeSpinLock
IoAttachDeviceToDeviceStack
IoCreateDevice
IoInitializeRemoveLockEx
IoRegisterDeviceInterface
KeTickCount
KeBugCheckEx
RtlUnwind
IoBuildDeviceIoControlRequest
ExFreePool
ExAllocatePool
KeWaitForSingleObject
KeSetEvent
KeInitializeEvent
RtlCopyUnicodeString
RtlInitUnicodeString
PoStartNextPowerIrp
memmove

hal

KeGetCurrentIrql
KfRaiseIrql
ExReleaseFastMutex
ExAcquireFastMutex
KfLowerIrql
KfReleaseSpinLock
KfAcquireSpinLock

wmilib.sys

WmiCompleteRequest
WmiSystemControl

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/DRIVERS/UCTBLHID.sys
.sys windows:6 windows x86 arch:x86

162e0338355e1f7669b04942085fdb03

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:ff:b5:25:88:bd:75:94:f7:27:c3:93:20:5a:c0:e8:0c:ab:3f:92
Signer

Actual PE Digest

cb:ff:b5:25:88:bd:75:94:f7:27:c3:93:20:5a:c0:e8:0c:ab:3f:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\UCTBLHID.800\obj\x86\UCTBLHID.pdb

Imports

ntoskrnl.exe

IoAllocateMdl
IoBuildAsynchronousFsdRequest
IoBuildDeviceIoControlRequest
IofCallDriver
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoFreeIrp
IoFreeMdl
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
PoSetPowerState
PoCallDriver
PoStartNextPowerIrp
memmove
KeWaitForSingleObject
IoAttachDeviceToDeviceStack
MmBuildMdlForNonPagedPool
IoGetDriverObjectExtension
IoInitializeRemoveLockEx
memset
RtlCompareMemory
KeClearEvent
KeSetEvent
IoCancelIrp
IoReuseIrp
ProbeForWrite
KeTickCount
KeBugCheckEx
RtlUnwind
KeDelayExecutionThread
KeInitializeEvent
_wcslwr
ExFreePoolWithTag
IoCreateDevice
ExAllocatePoolWithTag
IoAllocateDriverObjectExtension
wcsstr

hal

KfRaiseIrql
KfLowerIrql

wmilib.sys

WmiCompleteRequest
WmiSystemControl

hidparse.sys

HidP_GetCaps

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/DRIVERS/WTSRV.exe
.exe windows:5 windows x86 arch:x86

eacd6f1a6688b28ff3e9e2171ef1bdc9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03
Signer

Actual PE Digest

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03

Digest Algorithm

sha256

PE Digest Matches

true

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b
Signer

Actual PE Digest

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SourceCode(Combo)\WTSrv_None_V8_TailProcess\20160905-20160728\Release\WTSRV.pdb

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

hid

HidD_GetIndexedString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

StartServiceCtrlDispatcherA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
ReportEventA
RegisterServiceCtrlHandlerExA
DeregisterEventSource
OpenServiceA
CloseServiceHandle
RegisterEventSourceA
DeleteService
CreateServiceA

kernel32

GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
FlushFileBuffers
HeapReAlloc
WriteConsoleW
CancelIo
CreateFileA
CreateFileW
GetLastError
lstrcmpiA
DeviceIoControl
CloseHandle
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
GetCurrentProcess
FormatMessageA
Sleep
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
LocalFree
PulseEvent
SetPriorityClass
Process32First
WaitForSingleObject
SetEvent
GetCurrentThread
InitializeCriticalSection
OpenProcess
WideCharToMultiByte
CreateEventA
LeaveCriticalSection
ReadFile
GetOverlappedResult
SetThreadPriority
EnterCriticalSection
ResetEvent
Process32Next
WaitForMultipleObjects
CreateToolhelp32Snapshot
ResumeThread
CreateThread
lstrcpyA
ConnectNamedPipe
WriteFile
DisconnectNamedPipe
CreateNamedPipeA
LCMapStringW
GetStringTypeW
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
GetFileType
DeleteCriticalSection
LoadLibraryExW
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW

user32

wsprintfA
UnregisterDeviceNotification
RegisterDeviceNotificationA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/MenuWnd.dll
.dll windows:5 windows x86 arch:x86

44436c525164184c6b0f4f4ce0dec04a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5
Signer

Actual PE Digest

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
RaiseException
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GetTickCount
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetForegroundWindow

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/MyDrawLineWindowDll.dll
.dll windows:5 windows x86 arch:x86

c83d5bde34c832451530b2f3d0487180

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb
Signer

Actual PE Digest

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC6\Driver\EricDriver\20111012_20111006_TabletMonitor\MyDrawLineWindowDll\Release\MyDrawLineWindowDll.pdb

Imports

winmm

mixerGetNumDevs
mixerGetDevCapsW
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
mixerClose
mixerOpen

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
lstrlenA
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
LoadLibraryA
GetLastError
SetLastError
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
MultiByteToWideChar
FreeEnvironmentStringsW

user32

UnregisterClassW
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
GetWindowThreadProcessId
IsWindowEnabled
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
SendMessageW
DefWindowProcW
CallWindowProcW
LoadCursorW
DestroyMenu
LoadIconW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
EnableWindow
FillRect
KillTimer
SystemParametersInfoW
SetWindowRgn
SetWindowPos
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongW
GetWindowLongW
ReleaseDC
LoadImageW
GetClientRect
GetDC
SetTimer
GetSysColorBrush
RegisterWindowMessageW
GetWindowTextW

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
PtVisible
BitBlt
CreateCompatibleDC
GetObjectW
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectW
CreateRoundRectRgn

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MyDLW_AddText
MyDLW_AddTextA
MyDLW_Create
MyDLW_Destroy
MyDLW_GetHWND
MyDLW_SendTrack
MyDLW_SetBKColor
MyDLW_SetDrawStatus
MyDLW_SetDrawVoiceColor
MyDLW_SetDrawVoiceValue
MyDLW_SetPicture
MyDLW_SetPictureA
MyDLW_SetShowWindowTimer
MyDLW_SetTextA
MyDLW_SetTextFont
MyDLW_SetTextFontColor
MyDLW_SetWindowAttributes
MyDLW_SetWindowDirection
MyDLW_SetWindowSize

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/PCPANEL.CPL
.dll windows:5 windows x86 arch:x86

2c88ea5963ea6d4ad72cc36b873a4f26

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b
Signer

Actual PE Digest

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b

Digest Algorithm

sha256

PE Digest Matches

true

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94
Signer

Actual PE Digest

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/PTSimBus.inf
Driver_8.0_0508/WIN7_32/PTSimHid.inf
Driver_8.0_0508/WIN7_32/TabCfg.exe
.exe windows:5 windows x86 arch:x86

8fecb1ff83a59dacf66342abc361bd13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12
Signer

Actual PE Digest

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12

Digest Algorithm

sha256

PE Digest Matches

true

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20
Signer

Actual PE Digest

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
PropertySheetA

kernel32

WritePrivateProfileStringA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
GetModuleFileNameW
WriteFile
GetStdHandle
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetVersionExA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GetModuleHandleA
CreateMutexA
GetTickCount
Sleep
OpenFile
GetLastError
GetCurrentProcess
MulDiv
lstrcpynA
lstrcmpiA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
lstrcatA
lstrcpyA
GlobalFree

user32

wsprintfA
SendMessageA
PostMessageA
ShowWindow
MoveWindow
GetParent
LoadStringA
SystemParametersInfoA
GetDC
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
GetKeyState
SetTimer
KillTimer
EnableWindow
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
InvalidateRect
SetWindowTextA
GetWindowTextA
GetWindowRect
ScreenToClient
GetWindow
SendDlgItemMessageA
LoadCursorA
SetCursor
ReleaseCapture
SetCapture
IntersectRect
GetSystemMetrics
CreateDialogParamA
GetDoubleClickTime
CallWindowProcA
FindWindowA
SetFocus
GetCursorPos
MapWindowPoints
ClientToScreen
GetClientRect
SetDlgItemInt
PeekMessageA
MessageBoxA
CheckRadioButton
ExitWindowsEx
PtInRect
ShowCursor
GetDlgItemInt
EndDialog
DialogBoxParamA
IsIconic
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
RedrawWindow
DrawTextA
SetWindowPos
CreateWindowExA
LoadImageA
EqualRect
IsRectEmpty
OffsetRect
InflateRect
CopyRect
SetRectEmpty
SetRect
FillRect
ReleaseDC
SetWindowLongA

gdi32

SetROP2
SetPixel
GetPixel
GetDCOrgEx
GetClipBox
SetTextColor
StretchBlt
SetBkMode
CreateDCA
IntersectClipRect
EndPage
StartPage
EndDoc
StartDocA
SaveDC
RoundRect
RestoreDC
GetDeviceCaps
MoveToEx
LineTo
Ellipse
CreatePen
GetObjectA
SetBkColor
SelectObject
Rectangle
GetStockObject
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateFontA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/Tablet2k.inf
Driver_8.0_0508/WIN7_32/UCmfg.exe
.exe windows:5 windows x86 arch:x86

8868ace04d1b3f70f22625ea080ebe15

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:1b:af:09:01:d1:3d:23:71:f7:9e:d7:38:e3:45:f7:54:35:ae:a1
Signer

Actual PE Digest

ee:1b:af:09:01:d1:3d:23:71:f7:9e:d7:38:e3:45:f7:54:35:ae:a1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nita\uc-logic\kernal\ucmfg.500\d20090819_0407\objfre_wxp_x86\i386\ucmfg.pdb

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
ChangeServiceConfigA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceA
QueryServiceStatus
ControlService
DeleteService
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyA

kernel32

lstrlenA
ExitProcess
SetCurrentDirectoryA
CreateThread
GetCurrentDirectoryA
GetLastError
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
lstrcpyA
DeleteFileA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetACP
GetOEMCP
lstrcmpiA
RtlUnwind
InterlockedExchange
VirtualQuery
GetTimeZoneInformation
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetCPInfo

user32

SetTimer
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetWindowRect
GetSystemMetrics
SetRect
SetWindowPos
UpdateWindow
SetWindowTextA
SetDlgItemTextA
InvalidateRect
DestroyWindow
GetDlgItem
SendMessageA
KillTimer
BeginPaint
GetDlgItemTextA
GetClientRect
InflateRect
DrawTextA
PostQuitMessage
EndPaint

setupapi

CM_Reenumerate_DevNode
CM_Delete_DevNode_Key
CM_Remove_SubTree
SetupPromptReboot
SetupDiInstallClassA
SetupCopyOEMInfA
CM_Get_Parent
SetupDiDeleteDevRegKey
SetupDiChangeState
SetupDiRemoveDevice
SetupGetInfInformationA
SetupQueryInfOriginalFileInformationA
CM_Get_Child
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/WTClient.exe
.exe windows:5 windows x86 arch:x86

5906095fceb42c557876632e3fe9b1d2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a
Signer

Actual PE Digest

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a

Digest Algorithm

sha256

PE Digest Matches

true

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40
Signer

Actual PE Digest

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateEventA
LoadLibraryA
GetWindowsDirectoryA
WriteConsoleW
SetFilePointerEx
lstrcatA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CloseHandle
Sleep
SetEvent
SetErrorMode
GetLastError
GetCurrentProcessId
GetProcAddress
FreeLibrary
SetPriorityClass
lstrcmpiA
SetStdHandle
GetCurrentProcess
HeapSize
GetStringTypeW
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
RaiseException
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
CreateFileW

user32

GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
CreateDialogParamA
ShowWindow
FindWindowA
EndDialog
PostQuitMessage
PostMessageA

advapi32

QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/WinTab32.dll
.dll windows:6 windows x86 arch:x86

56c160062838d412abdf12ac18550b1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
DispatchMessageA
PeekMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
SendInput

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YGHXZ
?UCLogicCursor@@YGXPAXIIIIIIHHH@Z
?UCLogicFKey@@YGXPAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW
_TskBarIconProc@16

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_32/ptsimbus.cat
Driver_8.0_0508/WIN7_32/ptsimhid.cat
Driver_8.0_0508/WIN7_32/tablet2k.cat
Driver_8.0_0508/WIN7_32/ucinst32.dll
.dll windows:5 windows x86 arch:x86

24a7d7feb6ee49a7f322c55f3d6595bc

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fd:08:5e:29:cb:d3:42:a7:9a:7a:20:fa:3e:ad:20:c7:82:d2:95:e1
Signer

Actual PE Digest

fd:08:5e:29:cb:d3:42:a7:9a:7a:20:fa:3e:ad:20:c7:82:d2:95:e1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\diskf\drvsrc5\kernel\ucinst32.500\objfre_wnet_x86\i386\ucinst32.pdb

Imports

msvcrt

_adjust_fdiv
_initterm
malloc
free
strstr

setupapi

SetupCopyOEMInfA
SetupDiSetSelectedDevice
SetupDiEnumDriverInfoA
SetupDiGetDriverInstallParamsA
SetupDiSetDriverInstallParamsA
SetupDiSetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

kernel32

Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcmpA
GetLastError
lstrcatA
lstrlenA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary

advapi32

RegOpenKeyExA
RegCloseKey

user32

CharUpperBuffA
wsprintfA
CharUpperA

Exports

Exports

ClassInstall
HidTabletCoInstaller
SerTabletCoInstaller

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/32/MenuWnd.dll
.dll windows:5 windows x86 arch:x86

44436c525164184c6b0f4f4ce0dec04a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5
Signer

Actual PE Digest

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
RaiseException
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GetTickCount
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetForegroundWindow

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/32/MyDrawLineWindowDll.dll
.dll windows:5 windows x86 arch:x86

c83d5bde34c832451530b2f3d0487180

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb
Signer

Actual PE Digest

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC6\Driver\EricDriver\20111012_20111006_TabletMonitor\MyDrawLineWindowDll\Release\MyDrawLineWindowDll.pdb

Imports

winmm

mixerGetNumDevs
mixerGetDevCapsW
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
mixerClose
mixerOpen

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
lstrlenA
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
LoadLibraryA
GetLastError
SetLastError
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
MultiByteToWideChar
FreeEnvironmentStringsW

user32

UnregisterClassW
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
GetWindowThreadProcessId
IsWindowEnabled
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
SendMessageW
DefWindowProcW
CallWindowProcW
LoadCursorW
DestroyMenu
LoadIconW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
EnableWindow
FillRect
KillTimer
SystemParametersInfoW
SetWindowRgn
SetWindowPos
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongW
GetWindowLongW
ReleaseDC
LoadImageW
GetClientRect
GetDC
SetTimer
GetSysColorBrush
RegisterWindowMessageW
GetWindowTextW

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
PtVisible
BitBlt
CreateCompatibleDC
GetObjectW
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectW
CreateRoundRectRgn

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MyDLW_AddText
MyDLW_AddTextA
MyDLW_Create
MyDLW_Destroy
MyDLW_GetHWND
MyDLW_SendTrack
MyDLW_SetBKColor
MyDLW_SetDrawStatus
MyDLW_SetDrawVoiceColor
MyDLW_SetDrawVoiceValue
MyDLW_SetPicture
MyDLW_SetPictureA
MyDLW_SetShowWindowTimer
MyDLW_SetTextA
MyDLW_SetTextFont
MyDLW_SetTextFontColor
MyDLW_SetWindowAttributes
MyDLW_SetWindowDirection
MyDLW_SetWindowSize

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/32/PCPANEL.CPL
.dll windows:5 windows x86 arch:x86

2c88ea5963ea6d4ad72cc36b873a4f26

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b
Signer

Actual PE Digest

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b

Digest Algorithm

sha256

PE Digest Matches

true

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94
Signer

Actual PE Digest

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/32/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/32/WinTab32.dll
.dll windows:6 windows x86 arch:x86

56c160062838d412abdf12ac18550b1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
DispatchMessageA
PeekMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
SendInput

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YGHXZ
?UCLogicCursor@@YGXPAXIIIIIIHHH@Z
?UCLogicFKey@@YGXPAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW
_TskBarIconProc@16

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DRIVERS/PTSimBus.sys
.sys windows:6 windows x64 arch:x64

e2b36a24caa790dcba11b53c191a91ac

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:74:62:74:4c:a7:08:90:6a:95:02:b3:bc:c0:8d:13:33:a6:db:2f
Signer

Actual PE Digest

cb:74:62:74:4c:a7:08:90:6a:95:02:b3:bc:c0:8d:13:33:a6:db:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\nita_20090402\uc-logic\kernel\ptsimbus.500\d20090618\objfre_win7_amd64\amd64\PTSimBus.pdb

Imports

ntoskrnl.exe

IoAcquireRemoveLockEx
IoDeleteSymbolicLink
RtlInitUnicodeString
IoDeleteDevice
IoReleaseRemoveLockEx
PoStartNextPowerIrp
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
IofCallDriver
ExFreePoolWithTag
IoRegisterDeviceInterface
IoSetDeviceInterfaceState
KeInitializeEvent
PoSetPowerState
IoAttachDeviceToDeviceStack
IoInitializeRemoveLockEx
ExAllocatePoolWithTag
ExReleaseFastMutex
ExAcquireFastMutex
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
ObfReferenceObject
DbgPrint
IoBuildDeviceIoControlRequest
KeSetEvent
ExAllocatePool
ExFreePool
KeWaitForSingleObject
RtlCopyUnicodeString
IoRegisterPlugPlayNotification
RtlInitAnsiString
RtlFreeUnicodeString
IoGetDeviceObjectPointer
IoUnregisterPlugPlayNotification
RtlCompareUnicodeString
RtlEqualString
ObfDereferenceObject
IoStartPacket
KeReleaseSpinLock
KeRemoveDeviceQueue
IoReleaseCancelSpinLock
IoAcquireCancelSpinLock
KeAcquireSpinLockRaiseToDpc
PoSetSystemState
KeReleaseSpinLockFromDpcLevel
IoStartNextPacket
KeRemoveEntryDeviceQueue
KeAcquireSpinLockAtDpcLevel
IoInvalidateDeviceRelations
KeBugCheckEx
RtlAnsiCharToUnicodeChar

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DRIVERS/PTSimHid.sys
.sys windows:6 windows x64 arch:x64

cee8002b123e529a137100333f7440a8

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f5:a6:6c:26:5b:04:f7:43:b0:ef:99:4d:97:39:50:e6:5f:95:d9:da
Signer

Actual PE Digest

f5:a6:6c:26:5b:04:f7:43:b0:ef:99:4d:97:39:50:e6:5f:95:d9:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

e:\vc6\driver\ericdriver\20120621_20120531_eraserforink\ptsimhid.500\20120621\objfre_win7_amd64\amd64\PTSimHid.pdb

Imports

ntoskrnl.exe

ExFreePool
PoStartNextPowerIrp
IofCompleteRequest
IoInitializeRemoveLockEx
IofCallDriver
ExAllocatePoolWithTag
MmMapLockedPagesSpecifyCache
IoBuildDeviceIoControlRequest
RtlInitUnicodeString
KeSetEvent
KeInitializeEvent
IoReleaseRemoveLockEx
ExAllocatePool
KeWaitForSingleObject
RtlCopyUnicodeString
IoReleaseRemoveLockAndWaitEx
PoCallDriver
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeBugCheckEx
IoAcquireRemoveLockEx
__C_specific_handler

hidclass.sys

HidRegisterMinidriver

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DRIVERS/TClass2k.sys
.sys windows:6 windows x64 arch:x64

839bfed494f16c81563db3d4b2ca6687

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:86:ee:a9:87:64:f9:06:5e:b7:71:b9:07:a9:ad:13:23:e6:79:5a
Signer

Actual PE Digest

55:86:ee:a9:87:64:f9:06:5e:b7:71:b9:07:a9:ad:13:23:e6:79:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\TCLASS2K.800\obj\x64\TClass2k.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
ExAllocatePool
ExFreePool
IoBuildDeviceIoControlRequest
IofCallDriver
ZwQueryValueKey
KeRemoveDeviceQueue
KeRemoveEntryDeviceQueue
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
IoAcquireCancelSpinLock
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoStartNextPacket
PoSetSystemState
RtlQueryRegistryValues
RtlAppendUnicodeToString
ExAllocatePoolWithTag
IoOpenDeviceRegistryKey
ZwClose
ExQueueWorkItem
IoCancelIrp
PoRequestPowerIrp
KeInitializeEvent
PoCallDriver
PoStartNextPowerIrp
ZwSetValueKey
RtlFreeUnicodeString
IoDeleteDevice
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
IoSetDeviceInterfaceState
ExAcquireFastMutex
ExReleaseFastMutex
IoStartPacket
ProbeForWrite
__C_specific_handler
RtlIntegerToUnicodeString
RtlWriteRegistryValue
RtlCompareMemory
IoAttachDeviceToDeviceStack
IoCreateDevice
IoInitializeRemoveLockEx
IoRegisterDeviceInterface
KeBugCheckEx
RtlCopyUnicodeString
PoSetPowerState
RtlInitUnicodeString

wmilib.sys

WmiCompleteRequest
WmiSystemControl

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DRIVERS/UCTBLHID.sys
.sys windows:6 windows x64 arch:x64

bfac290c7be14545427f1776e7263183

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:80:e8:ff:b6:69:81:3a:82:29:72:bb:25:73:d7:24:c1:dd:95:11
Signer

Actual PE Digest

dd:80:e8:ff:b6:69:81:3a:82:29:72:bb:25:73:d7:24:c1:dd:95:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\UCTBLHID.800\obj\x64\UCTBLHID.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
MmBuildMdlForNonPagedPool
IoAllocateMdl
IoBuildAsynchronousFsdRequest
IoBuildDeviceIoControlRequest
IofCallDriver
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoFreeIrp
IoFreeMdl
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
PoSetPowerState
KeWaitForSingleObject
PoStartNextPowerIrp
IoAllocateDriverObjectExtension
IoAttachDeviceToDeviceStack
IoCreateDevice
IoGetDriverObjectExtension
IoInitializeRemoveLockEx
RtlCompareMemory
KeClearEvent
KeSetEvent
IoCancelIrp
IoReuseIrp
ProbeForWrite
__C_specific_handler
KeBugCheckEx
KeDelayExecutionThread
_wcslwr
KeInitializeEvent
PoCallDriver
wcsstr

wmilib.sys

WmiCompleteRequest
WmiSystemControl

hidparse.sys

HidP_GetCaps

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DRIVERS/WtSrv.exe
.exe windows:5 windows x86 arch:x86

eacd6f1a6688b28ff3e9e2171ef1bdc9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03
Signer

Actual PE Digest

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03

Digest Algorithm

sha256

PE Digest Matches

true

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b
Signer

Actual PE Digest

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SourceCode(Combo)\WTSrv_None_V8_TailProcess\20160905-20160728\Release\WTSRV.pdb

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

hid

HidD_GetIndexedString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

StartServiceCtrlDispatcherA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
ReportEventA
RegisterServiceCtrlHandlerExA
DeregisterEventSource
OpenServiceA
CloseServiceHandle
RegisterEventSourceA
DeleteService
CreateServiceA

kernel32

GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
FlushFileBuffers
HeapReAlloc
WriteConsoleW
CancelIo
CreateFileA
CreateFileW
GetLastError
lstrcmpiA
DeviceIoControl
CloseHandle
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
GetCurrentProcess
FormatMessageA
Sleep
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
LocalFree
PulseEvent
SetPriorityClass
Process32First
WaitForSingleObject
SetEvent
GetCurrentThread
InitializeCriticalSection
OpenProcess
WideCharToMultiByte
CreateEventA
LeaveCriticalSection
ReadFile
GetOverlappedResult
SetThreadPriority
EnterCriticalSection
ResetEvent
Process32Next
WaitForMultipleObjects
CreateToolhelp32Snapshot
ResumeThread
CreateThread
lstrcpyA
ConnectNamedPipe
WriteFile
DisconnectNamedPipe
CreateNamedPipeA
LCMapStringW
GetStringTypeW
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
GetFileType
DeleteCriticalSection
LoadLibraryExW
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW

user32

wsprintfA
UnregisterDeviceNotification
RegisterDeviceNotificationA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/DoExec.exe
.exe windows:5 windows x64 arch:x64

d2db0f5a25a8d0879940c1fe2794f715

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b6:0a:64:4f:c4:bf:f3:bd:5a:47:08:82:12:e8:5e:0c:ae:5d:12:84
Signer

Actual PE Digest

b6:0a:64:4f:c4:bf:f3:bd:5a:47:08:82:12:e8:5e:0c:ae:5d:12:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Nita\uc-logic\DoExec\D20100510\x64\Release\DoExec.pdb

Imports

kernel32

HeapReAlloc
RaiseException
RtlPcToFileHeader
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
ExitProcess
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
Sleep
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetModuleHandleW
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
MultiByteToWideChar
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
CloseHandle
GlobalUnlock
lstrlenA
WritePrivateProfileStringA
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
GetFileType
WideCharToMultiByte

user32

RegisterClipboardFormatA
PostThreadMessageA
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
LoadCursorA
SetCapture
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetSysColor
SystemParametersInfoA
DestroyMenu
CopyRect
UnhookWindowsHookEx
RegisterWindowMessageA
LoadIconA
GetSystemMenu
AppendMenuA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
UnregisterClassA
CharUpperA
GetMessageA
TranslateMessage
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
PostMessageA
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
DispatchMessageA
GetPropA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
GetObjectA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/MenuWnd.dll
.dll windows:5 windows x64 arch:x64

1d2745d588c40c083805247b6f62f1e5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:b6:94:d3:cb:19:13:2d:60:3a:73:90:36:8f:98:fe:59:34:60:82
Signer

Actual PE Digest

4b:b6:94:d3:cb:19:13:2d:60:3a:73:90:36:8f:98:fe:59:34:60:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
Sleep
ExitProcess
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlPcToFileHeader
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
FlsSetValue
RtlUnwindEx
RtlLookupFunctionEntry
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
HeapSetInformation
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
SetForegroundWindow
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateWindowExA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/PCPANEL.CPL
.dll windows:6 windows x64 arch:x64

97491393a010c836e9acf03a12dbdf25

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:e2:ee:72:84:79:9d:58:58:83:0a:b2:bd:69:bd:c8:08:a4:8e:62:ac:4d:d1:f4:bc:2e:d0:95:92:4d:a9:60
Signer

Actual PE Digest

55:e2:ee:72:84:79:9d:58:58:83:0a:b2:bd:69:bd:c8:08:a4:8e:62:ac:4d:d1:f4:bc:2e:d0:95:92:4d:a9:60

Digest Algorithm

sha256

PE Digest Matches

true

83:96:32:52:21:04:97:6d:dd:43:98:d0:a8:7d:fa:a1:b1:71:69:24
Signer

Actual PE Digest

83:96:32:52:21:04:97:6d:dd:43:98:d0:a8:7d:fa:a1:b1:71:69:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/PTSimBus.inf
Driver_8.0_0508/WIN7_64/PTSimHid.inf
Driver_8.0_0508/WIN7_64/TabCfg.exe
.exe windows:5 windows x86 arch:x86

8fecb1ff83a59dacf66342abc361bd13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12
Signer

Actual PE Digest

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12

Digest Algorithm

sha256

PE Digest Matches

true

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20
Signer

Actual PE Digest

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
PropertySheetA

kernel32

WritePrivateProfileStringA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
GetModuleFileNameW
WriteFile
GetStdHandle
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetVersionExA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GetModuleHandleA
CreateMutexA
GetTickCount
Sleep
OpenFile
GetLastError
GetCurrentProcess
MulDiv
lstrcpynA
lstrcmpiA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
lstrcatA
lstrcpyA
GlobalFree

user32

wsprintfA
SendMessageA
PostMessageA
ShowWindow
MoveWindow
GetParent
LoadStringA
SystemParametersInfoA
GetDC
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
GetKeyState
SetTimer
KillTimer
EnableWindow
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
InvalidateRect
SetWindowTextA
GetWindowTextA
GetWindowRect
ScreenToClient
GetWindow
SendDlgItemMessageA
LoadCursorA
SetCursor
ReleaseCapture
SetCapture
IntersectRect
GetSystemMetrics
CreateDialogParamA
GetDoubleClickTime
CallWindowProcA
FindWindowA
SetFocus
GetCursorPos
MapWindowPoints
ClientToScreen
GetClientRect
SetDlgItemInt
PeekMessageA
MessageBoxA
CheckRadioButton
ExitWindowsEx
PtInRect
ShowCursor
GetDlgItemInt
EndDialog
DialogBoxParamA
IsIconic
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
RedrawWindow
DrawTextA
SetWindowPos
CreateWindowExA
LoadImageA
EqualRect
IsRectEmpty
OffsetRect
InflateRect
CopyRect
SetRectEmpty
SetRect
FillRect
ReleaseDC
SetWindowLongA

gdi32

SetROP2
SetPixel
GetPixel
GetDCOrgEx
GetClipBox
SetTextColor
StretchBlt
SetBkMode
CreateDCA
IntersectClipRect
EndPage
StartPage
EndDoc
StartDocA
SaveDC
RoundRect
RestoreDC
GetDeviceCaps
MoveToEx
LineTo
Ellipse
CreatePen
GetObjectA
SetBkColor
SelectObject
Rectangle
GetStockObject
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateFontA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/Tablet2k.inf
Driver_8.0_0508/WIN7_64/UCmfg.exe
.exe windows:5 windows x64 arch:x64

bf4b88bb781824ad30067fe431b0b2ca

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d3:ea:a3:b4:fb:41:c6:53:ae:13:36:79:3f:a3:6e:14:00:c9:3b:19
Signer

Actual PE Digest

d3:ea:a3:b4:fb:41:c6:53:ae:13:36:79:3f:a3:6e:14:00:c9:3b:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\nita\uc-logic\kernal\ucmfg.500\d20090819_0407\objfre_wnet_AMD64\amd64\ucmfg.pdb

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
CloseServiceHandle
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
CreateServiceA
QueryServiceStatus
ControlService
DeleteService
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyA

kernel32

lstrlenA
ExitProcess
SetCurrentDirectoryA
CreateThread
GetCurrentDirectoryA
GetLastError
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
lstrcpyA
DeleteFileA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
GetACP
lstrcmpiA
GetCPInfo
GetTimeZoneInformation
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapReAlloc
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetOEMCP

user32

SetTimer
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetWindowRect
GetSystemMetrics
SetRect
SetWindowPos
UpdateWindow
SetWindowTextA
SetDlgItemTextA
InvalidateRect
DestroyWindow
GetDlgItem
SendMessageA
KillTimer
BeginPaint
GetDlgItemTextA
GetClientRect
InflateRect
DrawTextA
PostQuitMessage
EndPaint

setupapi

CM_Reenumerate_DevNode
CM_Delete_DevNode_Key
CM_Remove_SubTree
SetupPromptReboot
SetupDiInstallClassA
SetupCopyOEMInfA
CM_Get_Parent
SetupDiChangeState
SetupDiDeleteDevRegKey
SetupDiRemoveDevice
SetupGetInfInformationA
SetupQueryInfOriginalFileInformationA
CM_Get_Child
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/WTClient.exe
.exe windows:5 windows x86 arch:x86

5906095fceb42c557876632e3fe9b1d2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a
Signer

Actual PE Digest

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a

Digest Algorithm

sha256

PE Digest Matches

true

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40
Signer

Actual PE Digest

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateEventA
LoadLibraryA
GetWindowsDirectoryA
WriteConsoleW
SetFilePointerEx
lstrcatA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CloseHandle
Sleep
SetEvent
SetErrorMode
GetLastError
GetCurrentProcessId
GetProcAddress
FreeLibrary
SetPriorityClass
lstrcmpiA
SetStdHandle
GetCurrentProcess
HeapSize
GetStringTypeW
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
RaiseException
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
CreateFileW

user32

GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
CreateDialogParamA
ShowWindow
FindWindowA
EndDialog
PostQuitMessage
PostMessageA

advapi32

QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/WinTab32.dll
.dll windows:6 windows x64 arch:x64

ad1958b8e5c18f1b655fea066628abf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\x64\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
RtlPcToFileHeader

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
SendInput
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
PeekMessageA

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YAHXZ
?UCLogicCursor@@YAXPEAXIIIIIIHHH@Z
?UCLogicFKey@@YAXPEAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
TskBarIconProc
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WIN7_64/ptsimbus_x64.cat
Driver_8.0_0508/WIN7_64/ptsimhid_x64.cat
Driver_8.0_0508/WIN7_64/tablet2k_x64.cat
Driver_8.0_0508/WIN7_64/ucinst32.dll
.dll windows:5 windows x64 arch:x64

8e17cd59fd245d01357c11f9c757c182

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

49:24:c7:2e:54:3e:e4:c7:e6:e8:a7:43:96:97:0d:b3:f4:ef:3c:cb
Signer

Actual PE Digest

49:24:c7:2e:54:3e:e4:c7:e6:e8:a7:43:96:97:0d:b3:f4:ef:3c:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\diskf\drvsrc5\kernel\ucinst32.500\objfre_wnet_AMD64\amd64\ucinst32.pdb

Imports

msvcrt

_initterm
malloc
free
strstr

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

setupapi

SetupDiGetDriverInstallParamsA
SetupDiEnumDriverInfoA
SetupDiSetSelectedDevice
SetupCopyOEMInfA
SetupDiSetDriverInstallParamsA
SetupDiSetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA

kernel32

GetProcAddress
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcmpA
GetLastError
lstrcatA
lstrlenA
lstrcpyA
GetCurrentProcessId
LoadLibraryA
GetSystemTimeAsFileTime
FreeLibrary

advapi32

RegOpenKeyExA
RegCloseKey

user32

CharUpperBuffA
CharUpperA
wsprintfA

Exports

Exports

ClassInstall
HidTabletCoInstaller
SerTabletCoInstaller

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/32/MenuWnd.dll
.dll windows:5 windows x86 arch:x86

44436c525164184c6b0f4f4ce0dec04a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5
Signer

Actual PE Digest

43:f0:8e:58:45:09:38:9a:4b:07:81:b0:2c:77:b2:bb:a6:d5:cc:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
RaiseException
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
GetTickCount
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
CreateWindowExA
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetForegroundWindow

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/32/MyDrawLineWindowDll.dll
.dll windows:5 windows x86 arch:x86

c83d5bde34c832451530b2f3d0487180

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb
Signer

Actual PE Digest

3c:b4:21:2a:19:8b:31:31:f6:dd:33:03:dd:72:fe:23:38:86:c3:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\VC6\Driver\EricDriver\20111012_20111006_TabletMonitor\MyDrawLineWindowDll\Release\MyDrawLineWindowDll.pdb

Imports

winmm

mixerGetNumDevs
mixerGetDevCapsW
mixerGetLineInfoW
mixerGetLineControlsW
mixerGetControlDetailsW
mixerClose
mixerOpen

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
Sleep
ExitProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
WritePrivateProfileStringW
lstrlenA
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
LoadLibraryA
GetLastError
SetLastError
lstrcmpW
GetModuleHandleW
GetProcAddress
GetVersionExA
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
MultiByteToWideChar
FreeEnvironmentStringsW

user32

UnregisterClassW
SetCursor
GetMessageW
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
SetWindowTextW
GetWindowThreadProcessId
IsWindowEnabled
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetMenuState
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
IsWindow
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
GetParent
CopyRect
PtInRect
GetDlgCtrlID
SendMessageW
DefWindowProcW
CallWindowProcW
LoadCursorW
DestroyMenu
LoadIconW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
EnableWindow
FillRect
KillTimer
SystemParametersInfoW
SetWindowRgn
SetWindowPos
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongW
GetWindowLongW
ReleaseDC
LoadImageW
GetClientRect
GetDC
SetTimer
GetSysColorBrush
RegisterWindowMessageW
GetWindowTextW

gdi32

RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject
PtVisible
BitBlt
CreateCompatibleDC
GetObjectW
DeleteObject
Rectangle
SelectObject
CreateSolidBrush
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
CreateFontIndirectW
CreateRoundRectRgn

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MyDLW_AddText
MyDLW_AddTextA
MyDLW_Create
MyDLW_Destroy
MyDLW_GetHWND
MyDLW_SendTrack
MyDLW_SetBKColor
MyDLW_SetDrawStatus
MyDLW_SetDrawVoiceColor
MyDLW_SetDrawVoiceValue
MyDLW_SetPicture
MyDLW_SetPictureA
MyDLW_SetShowWindowTimer
MyDLW_SetTextA
MyDLW_SetTextFont
MyDLW_SetTextFontColor
MyDLW_SetWindowAttributes
MyDLW_SetWindowDirection
MyDLW_SetWindowSize

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/32/PCPANEL.CPL
.dll windows:5 windows x86 arch:x86

2c88ea5963ea6d4ad72cc36b873a4f26

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b
Signer

Actual PE Digest

0a:2b:f1:14:4c:d1:de:33:5a:27:25:58:7e:33:6e:0e:5d:cc:6c:a2:dc:56:54:79:e8:ab:ff:f4:89:db:a9:8b

Digest Algorithm

sha256

PE Digest Matches

true

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94
Signer

Actual PE Digest

90:71:5a:c8:f5:0a:fc:4d:08:09:72:c7:88:f8:d7:03:35:9c:cb:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/32/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/32/WinTab32.dll
.dll windows:6 windows x86 arch:x86

56c160062838d412abdf12ac18550b1d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
ExitProcess
RtlUnwind
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
DispatchMessageA
PeekMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
SendInput

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YGHXZ
?UCLogicCursor@@YGXPAXIIIIIIHHH@Z
?UCLogicFKey@@YGXPAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW
_TskBarIconProc@16

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DRIVERS/PTSimBus.sys
.sys windows:5 windows x64 arch:x64

8b45c25409b906ec4af351c2aec41f03

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:dc:c8:3b:e9:bf:a9:87:36:2a:f3:c2:5e:a9:7b:34:7d:da:9a:ac
Signer

Actual PE Digest

1e:dc:c8:3b:e9:bf:a9:87:36:2a:f3:c2:5e:a9:7b:34:7d:da:9a:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

e:\diskf\drvsrc5\kernel\ptsimbus.500\objfre_wnet_AMD64\amd64\PTSimBus.pdb

Imports

ntoskrnl.exe

IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoReleaseRemoveLockEx
IofCallDriver
IoAcquireRemoveLockEx
IofCompleteRequest
PoStartNextPowerIrp
IoAttachDeviceToDeviceStack
IoRegisterDeviceInterface
KeInitializeEvent
IoInitializeRemoveLockEx
PoSetPowerState
IoSetDeviceInterfaceState
ExFreePoolWithTag
ObfReferenceObject
ExAllocatePoolWithTag
IoDetachDevice
ExReleaseFastMutex
IoReleaseRemoveLockAndWaitEx
ExAcquireFastMutex
RtlCopyUnicodeString
ExFreePool
KeWaitForSingleObject
KeSetEvent
IoBuildDeviceIoControlRequest
RtlCompareUnicodeString
RtlEqualString
RtlInitAnsiString
ObfDereferenceObject
IoGetDeviceObjectPointer
RtlFreeUnicodeString
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
KeReleaseSpinLock
IoReleaseCancelSpinLock
KeRemoveDeviceQueue
IoAcquireCancelSpinLock
KeAcquireSpinLockRaiseToDpc
IoStartPacket
IoStartNextPacket
KeRemoveEntryDeviceQueue
KeReleaseSpinLockFromDpcLevel
KeAcquireSpinLockAtDpcLevel
PoSetSystemState
IoInvalidateDeviceRelations
KeBugCheckEx
RtlAnsiCharToUnicodeChar

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DRIVERS/PTSimHid.sys
.sys windows:6 windows x64 arch:x64

cee8002b123e529a137100333f7440a8

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:fa:f8:f5:54:e5:80:8f:05:33:cf:d6:c8:be:49:f9:9e:52:5b:33
Signer

Actual PE Digest

6e:fa:f8:f5:54:e5:80:8f:05:33:cf:d6:c8:be:49:f9:9e:52:5b:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

e:\vc6\driver\ericdriver\20120621_20120531_eraserforink\ptsimhid.500\20120621\objfre_wlh_amd64\amd64\PTSimHid.pdb

Imports

ntoskrnl.exe

ExFreePool
PoStartNextPowerIrp
IofCompleteRequest
IoInitializeRemoveLockEx
IofCallDriver
ExAllocatePoolWithTag
MmMapLockedPagesSpecifyCache
IoBuildDeviceIoControlRequest
RtlInitUnicodeString
KeSetEvent
KeInitializeEvent
IoReleaseRemoveLockEx
ExAllocatePool
KeWaitForSingleObject
RtlCopyUnicodeString
IoReleaseRemoveLockAndWaitEx
PoCallDriver
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeBugCheckEx
IoAcquireRemoveLockEx
__C_specific_handler

hidclass.sys

HidRegisterMinidriver

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DRIVERS/TClass2k.sys
.sys windows:6 windows x64 arch:x64

839bfed494f16c81563db3d4b2ca6687

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

55:86:ee:a9:87:64:f9:06:5e:b7:71:b9:07:a9:ad:13:23:e6:79:5a
Signer

Actual PE Digest

55:86:ee:a9:87:64:f9:06:5e:b7:71:b9:07:a9:ad:13:23:e6:79:5a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\TCLASS2K.800\obj\x64\TClass2k.pdb

Imports

ntoskrnl.exe

KeSetEvent
KeWaitForSingleObject
ExAllocatePool
ExFreePool
IoBuildDeviceIoControlRequest
IofCallDriver
ZwQueryValueKey
KeRemoveDeviceQueue
KeRemoveEntryDeviceQueue
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
IoAcquireCancelSpinLock
IofCompleteRequest
IoReleaseCancelSpinLock
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoStartNextPacket
PoSetSystemState
RtlQueryRegistryValues
RtlAppendUnicodeToString
ExAllocatePoolWithTag
IoOpenDeviceRegistryKey
ZwClose
ExQueueWorkItem
IoCancelIrp
PoRequestPowerIrp
KeInitializeEvent
PoCallDriver
PoStartNextPowerIrp
ZwSetValueKey
RtlFreeUnicodeString
IoDeleteDevice
IoDetachDevice
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
IoSetDeviceInterfaceState
ExAcquireFastMutex
ExReleaseFastMutex
IoStartPacket
ProbeForWrite
__C_specific_handler
RtlIntegerToUnicodeString
RtlWriteRegistryValue
RtlCompareMemory
IoAttachDeviceToDeviceStack
IoCreateDevice
IoInitializeRemoveLockEx
IoRegisterDeviceInterface
KeBugCheckEx
RtlCopyUnicodeString
PoSetPowerState
RtlInitUnicodeString

wmilib.sys

WmiCompleteRequest
WmiSystemControl

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DRIVERS/UCTBLHID.sys
.sys windows:6 windows x64 arch:x64

bfac290c7be14545427f1776e7263183

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:80:e8:ff:b6:69:81:3a:82:29:72:bb:25:73:d7:24:c1:dd:95:11
Signer

Actual PE Digest

dd:80:e8:ff:b6:69:81:3a:82:29:72:bb:25:73:d7:24:c1:dd:95:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Jery\Documents\Visual Studio 2012\Projects\UCTBLHID.800\obj\x64\UCTBLHID.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
MmBuildMdlForNonPagedPool
IoAllocateMdl
IoBuildAsynchronousFsdRequest
IoBuildDeviceIoControlRequest
IofCallDriver
IofCompleteRequest
IoDeleteDevice
IoDetachDevice
IoFreeIrp
IoFreeMdl
IoAcquireRemoveLockEx
IoReleaseRemoveLockEx
IoReleaseRemoveLockAndWaitEx
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
IoWMIRegistrationControl
PoSetPowerState
KeWaitForSingleObject
PoStartNextPowerIrp
IoAllocateDriverObjectExtension
IoAttachDeviceToDeviceStack
IoCreateDevice
IoGetDriverObjectExtension
IoInitializeRemoveLockEx
RtlCompareMemory
KeClearEvent
KeSetEvent
IoCancelIrp
IoReuseIrp
ProbeForWrite
__C_specific_handler
KeBugCheckEx
KeDelayExecutionThread
_wcslwr
KeInitializeEvent
PoCallDriver
wcsstr

wmilib.sys

WmiCompleteRequest
WmiSystemControl

hidparse.sys

HidP_GetCaps

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DRIVERS/WTSRV.exe
.exe windows:5 windows x86 arch:x86

eacd6f1a6688b28ff3e9e2171ef1bdc9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03
Signer

Actual PE Digest

cf:7d:f6:31:8c:54:4a:fb:e4:a1:20:3f:54:f6:87:d8:97:01:2a:49:f6:dd:87:80:5d:d6:0b:e5:bd:c2:9e:03

Digest Algorithm

sha256

PE Digest Matches

true

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b
Signer

Actual PE Digest

df:df:b2:91:1f:ba:7b:9e:c4:a3:1c:c9:bc:6c:7c:56:b2:cf:ef:6b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\SourceCode(Combo)\WTSrv_None_V8_TailProcess\20160905-20160728\Release\WTSRV.pdb

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

hid

HidD_GetIndexedString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

StartServiceCtrlDispatcherA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
ControlService
OpenSCManagerA
SetServiceStatus
QueryServiceStatus
ReportEventA
RegisterServiceCtrlHandlerExA
DeregisterEventSource
OpenServiceA
CloseServiceHandle
RegisterEventSourceA
DeleteService
CreateServiceA

kernel32

GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
FlushFileBuffers
HeapReAlloc
WriteConsoleW
CancelIo
CreateFileA
CreateFileW
GetLastError
lstrcmpiA
DeviceIoControl
CloseHandle
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
GetCurrentProcess
FormatMessageA
Sleep
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
LocalFree
PulseEvent
SetPriorityClass
Process32First
WaitForSingleObject
SetEvent
GetCurrentThread
InitializeCriticalSection
OpenProcess
WideCharToMultiByte
CreateEventA
LeaveCriticalSection
ReadFile
GetOverlappedResult
SetThreadPriority
EnterCriticalSection
ResetEvent
Process32Next
WaitForMultipleObjects
CreateToolhelp32Snapshot
ResumeThread
CreateThread
lstrcpyA
ConnectNamedPipe
WriteFile
DisconnectNamedPipe
CreateNamedPipeA
LCMapStringW
GetStringTypeW
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetCommandLineA
GetProcessHeap
GetStdHandle
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
GetFileType
DeleteCriticalSection
LoadLibraryExW
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW

user32

wsprintfA
UnregisterDeviceNotification
RegisterDeviceNotificationA

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/DoExec.exe
.exe windows:5 windows x64 arch:x64

d2db0f5a25a8d0879940c1fe2794f715

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b6:0a:64:4f:c4:bf:f3:bd:5a:47:08:82:12:e8:5e:0c:ae:5d:12:84
Signer

Actual PE Digest

b6:0a:64:4f:c4:bf:f3:bd:5a:47:08:82:12:e8:5e:0c:ae:5d:12:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\Nita\uc-logic\DoExec\D20100510\x64\Release\DoExec.pdb

Imports

kernel32

HeapReAlloc
RaiseException
RtlPcToFileHeader
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
ExitProcess
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
Sleep
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetFileTime
GetFileSizeEx
GetFileAttributesA
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetOEMCP
GetCPInfo
GetModuleHandleW
FileTimeToSystemTime
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
MultiByteToWideChar
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
CloseHandle
GlobalUnlock
lstrlenA
WritePrivateProfileStringA
FreeResource
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
GetFileType
WideCharToMultiByte

user32

RegisterClipboardFormatA
PostThreadMessageA
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
ReleaseCapture
LoadCursorA
SetCapture
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetSysColor
SystemParametersInfoA
DestroyMenu
CopyRect
UnhookWindowsHookEx
RegisterWindowMessageA
LoadIconA
GetSystemMenu
AppendMenuA
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetLastActivePopup
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
UnregisterClassA
CharUpperA
GetMessageA
TranslateMessage
GetSysColorBrush
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SendMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
PostMessageA
PostQuitMessage
SetWindowPos
MapDialogRect
GetParent
SetWindowContextHelpId
GetWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
DispatchMessageA
GetPropA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
GetObjectA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/MenuWnd.dll
.dll windows:5 windows x64 arch:x64

1d2745d588c40c083805247b6f62f1e5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:b6:94:d3:cb:19:13:2d:60:3a:73:90:36:8f:98:fe:59:34:60:82
Signer

Actual PE Digest

4b:b6:94:d3:cb:19:13:2d:60:3a:73:90:36:8f:98:fe:59:34:60:82

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

HeapReAlloc
Sleep
ExitProcess
HeapSize
HeapQueryInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlPcToFileHeader
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
FlsSetValue
RtlUnwindEx
RtlLookupFunctionEntry
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
GlobalFlags
WritePrivateProfileStringA
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetModuleFileNameW
GetCurrentProcessId
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
LoadLibraryA
CompareStringA
lstrcmpA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
HeapSetInformation
lstrlenA

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
UnregisterClassA
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindowTextA
SetWindowPos
ShowWindow
GetDlgCtrlID
IsWindow
SetWindowTextA
GetDlgItem
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxA
RegisterWindowMessageA
GetClientRect
PostMessageA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
SetForegroundWindow
IsRectEmpty
SetRect
OffsetRect
CopyRect
SendMessageA
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
PtInRect
GetSystemMetrics
EnableWindow
GetCursorPos
EnumDisplaySettingsExA
EnumDisplayDevicesA
UpdateLayeredWindow
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
SetCursorPos
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateWindowExA

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontIndirectA
DeleteObject
MoveToEx
LineTo
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
RoundRect
Ellipse
PtInRegion
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
GetObjectA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

MW_AddChildMenu
MW_ClearSelectedFlag
MW_CreateMenu
MW_CreateMenuWnd
MW_DestoryMenu
MW_DestroyMenuWnd
MW_GetExtraInfo
MW_GetMenuID
MW_GetMenuString
MW_GetSelectedMenuID

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/PCPANEL.CPL
.dll windows:6 windows x64 arch:x64

97491393a010c836e9acf03a12dbdf25

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:e2:ee:72:84:79:9d:58:58:83:0a:b2:bd:69:bd:c8:08:a4:8e:62:ac:4d:d1:f4:bc:2e:d0:95:92:4d:a9:60
Signer

Actual PE Digest

55:e2:ee:72:84:79:9d:58:58:83:0a:b2:bd:69:bd:c8:08:a4:8e:62:ac:4d:d1:f4:bc:2e:d0:95:92:4d:a9:60

Digest Algorithm

sha256

PE Digest Matches

true

83:96:32:52:21:04:97:6d:dd:43:98:d0:a8:7d:fa:a1:b1:71:69:24
Signer

Actual PE Digest

83:96:32:52:21:04:97:6d:dd:43:98:d0:a8:7d:fa:a1:b1:71:69:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
CreateFileW

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/PCPANELXP.CPL
.dll windows:5 windows x86 arch:x86

31f2ce9d0123376f2e0c5d39f5e8e603

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7c:cb:3c:e3:e6:75:4b:21:d6:ef:12:f5:e6:d5:9d:fd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

11/08/2014, 00:00

Not After

09/09/2016, 23:59

Subject

CN=UC-Logic Technology Corporation,O=UC-Logic Technology Corporation,L=NEW TAIPEI CITY,ST=Taiwan,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89
Signer

Actual PE Digest

50:3c:f4:c0:f5:4e:21:b2:3b:14:8c:0a:48:3b:4c:06:fa:83:cc:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar
IsProcessorFeaturePresent

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/PTSimBus.inf
Driver_8.0_0508/WinX64/PTSimHid.inf
Driver_8.0_0508/WinX64/TabCfg.exe
.exe windows:5 windows x86 arch:x86

8fecb1ff83a59dacf66342abc361bd13

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3f:4f:20:61:ec:14:b4:31:70:35:d7:8c:ed:e2:cf:54
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

15/05/2017, 00:00

Not After

15/05/2018, 23:59

Subject

SERIALNUMBER=9144010174990639XQ,CN=Guangzhou Ugee Computers Technology Co.\,Ltd,O=Guangzhou Ugee Computers Technology Co.\,Ltd,L=Guangzhou,ST=Guangdong,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13094775616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13094775616e67646f6e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12
Signer

Actual PE Digest

2b:c2:99:ea:c3:4e:b8:0a:4e:90:ca:98:06:c7:76:46:03:49:46:41:05:0b:8f:0d:0f:b7:9f:3d:2d:5f:86:12

Digest Algorithm

sha256

PE Digest Matches

true

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20
Signer

Actual PE Digest

79:a1:4e:f8:a8:28:02:67:67:d8:91:3a:bc:26:ae:38:52:f4:92:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
PropertySheetA

kernel32

WritePrivateProfileStringA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetProcessHeap
GetModuleFileNameW
WriteFile
GetStdHandle
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
HeapAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetVersionExA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GetModuleHandleA
CreateMutexA
GetTickCount
Sleep
OpenFile
GetLastError
GetCurrentProcess
MulDiv
lstrcpynA
lstrcmpiA
DeleteFileA
GetFileAttributesA
GetWindowsDirectoryA
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrlenA
lstrcatA
lstrcpyA
GlobalFree

user32

wsprintfA
SendMessageA
PostMessageA
ShowWindow
MoveWindow
GetParent
LoadStringA
SystemParametersInfoA
GetDC
GetDlgItem
CheckDlgButton
IsDlgButtonChecked
GetKeyState
SetTimer
KillTimer
EnableWindow
UpdateWindow
GetForegroundWindow
BeginPaint
EndPaint
InvalidateRect
SetWindowTextA
GetWindowTextA
GetWindowRect
ScreenToClient
GetWindow
SendDlgItemMessageA
LoadCursorA
SetCursor
ReleaseCapture
SetCapture
IntersectRect
GetSystemMetrics
CreateDialogParamA
GetDoubleClickTime
CallWindowProcA
FindWindowA
SetFocus
GetCursorPos
MapWindowPoints
ClientToScreen
GetClientRect
SetDlgItemInt
PeekMessageA
MessageBoxA
CheckRadioButton
ExitWindowsEx
PtInRect
ShowCursor
GetDlgItemInt
EndDialog
DialogBoxParamA
IsIconic
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
RedrawWindow
DrawTextA
SetWindowPos
CreateWindowExA
LoadImageA
EqualRect
IsRectEmpty
OffsetRect
InflateRect
CopyRect
SetRectEmpty
SetRect
FillRect
ReleaseDC
SetWindowLongA

gdi32

SetROP2
SetPixel
GetPixel
GetDCOrgEx
GetClipBox
SetTextColor
StretchBlt
SetBkMode
CreateDCA
IntersectClipRect
EndPage
StartPage
EndDoc
StartDocA
SaveDC
RoundRect
RestoreDC
GetDeviceCaps
MoveToEx
LineTo
Ellipse
CreatePen
GetObjectA
SetBkColor
SelectObject
Rectangle
GetStockObject
ExcludeClipRect
DeleteDC
CreateSolidBrush
CreateHatchBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
CreateFontA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/Tablet2k.inf
Driver_8.0_0508/WinX64/UCmfg.exe
.exe windows:5 windows x64 arch:x64

bf4b88bb781824ad30067fe431b0b2ca

Code Sign

02:3a:64
Certificate

Issuer

CN=GeoTrust Global CA,O=GeoTrust Inc.,C=US

Not Before

18/10/2012, 14:38

Not After

20/05/2022, 14:38

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

19/05/2022, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d3:ea:a3:b4:fb:41:c6:53:ae:13:36:79:3f:a3:6e:14:00:c9:3b:19
Signer

Actual PE Digest

d3:ea:a3:b4:fb:41:c6:53:ae:13:36:79:3f:a3:6e:14:00:c9:3b:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\nita\uc-logic\kernal\ucmfg.500\d20090819_0407\objfre_wnet_AMD64\amd64\ucmfg.pdb

Imports

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
CloseServiceHandle
ChangeServiceConfigA
OpenServiceA
OpenSCManagerA
CreateServiceA
QueryServiceStatus
ControlService
DeleteService
AdjustTokenPrivileges
OpenProcessToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyA

kernel32

lstrlenA
ExitProcess
SetCurrentDirectoryA
CreateThread
GetCurrentDirectoryA
GetLastError
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
lstrcpyA
DeleteFileA
lstrcatA
GetWindowsDirectoryA
GetSystemDirectoryA
Sleep
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindNextFileA
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSetInformation
HeapCreate
GetACP
lstrcmpiA
GetCPInfo
GetTimeZoneInformation
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapReAlloc
GetLocaleInfoA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersionExA
GetOEMCP

user32

SetTimer
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetWindowRect
GetSystemMetrics
SetRect
SetWindowPos
UpdateWindow
SetWindowTextA
SetDlgItemTextA
InvalidateRect
DestroyWindow
GetDlgItem
SendMessageA
KillTimer
BeginPaint
GetDlgItemTextA
GetClientRect
InflateRect
DrawTextA
PostQuitMessage
EndPaint

setupapi

CM_Reenumerate_DevNode
CM_Delete_DevNode_Key
CM_Remove_SubTree
SetupPromptReboot
SetupDiInstallClassA
SetupCopyOEMInfA
CM_Get_Parent
SetupDiChangeState
SetupDiDeleteDevRegKey
SetupDiRemoveDevice
SetupGetInfInformationA
SetupQueryInfOriginalFileInformationA
CM_Get_Child
CM_Get_Sibling
CM_Get_DevNode_Registry_PropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiSetDeviceRegistryPropertyA

comctl32

InitCommonControlsEx

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/WTClient.exe
.exe windows:5 windows x86 arch:x86

5906095fceb42c557876632e3fe9b1d2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19/06/2016, 00:00

Not After

10/01/2019, 23:59

Subject

CN=Guangzhou Ugee Computer Technology Co.\,Ltd,O=Guangzhou Ugee Computer Technology Co.\,Ltd,L=广州,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12/01/2016, 00:00

Not After

11/04/2027, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a
Signer

Actual PE Digest

6c:c2:fe:52:4d:b3:58:c5:e0:e8:cb:e0:8a:67:c4:5b:f9:51:51:a2:10:73:76:69:85:b5:00:36:6d:33:c9:9a

Digest Algorithm

sha256

PE Digest Matches

true

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40
Signer

Actual PE Digest

92:e7:90:7d:8e:59:d8:e3:a1:cb:45:c9:33:b6:ef:90:97:9c:ae:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateEventA
LoadLibraryA
GetWindowsDirectoryA
WriteConsoleW
SetFilePointerEx
lstrcatA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CloseHandle
Sleep
SetEvent
SetErrorMode
GetLastError
GetCurrentProcessId
GetProcAddress
FreeLibrary
SetPriorityClass
lstrcmpiA
SetStdHandle
GetCurrentProcess
HeapSize
GetStringTypeW
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
RaiseException
HeapFree
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapReAlloc
CreateFileW

user32

GetMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
CreateDialogParamA
ShowWindow
FindWindowA
EndDialog
PostQuitMessage
PostMessageA

advapi32

QueryServiceStatus
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
StartServiceA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/WinTab32.dll
.dll windows:6 windows x64 arch:x64

ad1958b8e5c18f1b655fea066628abf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\SourceCode(Combo)\Wintab32\Wintab_None_20170319_20171106\x64\Release\WinTab32.pdb

Imports

hid

HidD_GetHidGuid

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

menuwnd

MW_ClearSelectedFlag
MW_CreateMenuWnd
MW_CreateMenu
MW_DestoryMenu
MW_AddChildMenu

kernel32

GlobalHandle
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
FreeLibrary
GetWindowsDirectoryA
GetPrivateProfileIntA
GetSystemDirectoryA
LoadLibraryA
GetCurrentProcessId
CreateFileA
GetTickCount
CloseHandle
Process32First
SetEvent
OpenProcess
ResetEvent
Process32Next
CreateToolhelp32Snapshot
CreateEventA
MapViewOfFile
UnmapViewOfFile
SetErrorMode
lstrcatA
ExitThread
GetLastError
CreateFileMappingA
CreateMutexA
CreateThread
LCMapStringW
CompareStringW
GetPrivateProfileStringA
HeapReAlloc
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetFileAttributesExW
GetTimeZoneInformation
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
SetLastError
HeapSize
WideCharToMultiByte
SetEnvironmentVariableA
MultiByteToWideChar
AreFileApisANSI
GetModuleHandleExW
GlobalFree
GetProcAddress
lstrcmpiA
GlobalUnlock
GetFileAttributesA
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
lstrcpyA
lstrcpyW
ReleaseMutex
DeviceIoControl
lstrlenW
MulDiv
WaitForSingleObject
lstrlenA
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadFile
ReadConsoleW
FlushFileBuffers
CreateFileW
ExitProcess
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
RtlPcToFileHeader

user32

GetCursorPos
ShowWindow
GetWindowThreadProcessId
GetShellWindow
DestroyWindow
EnumDisplaySettingsExA
CreateDialogParamA
PostQuitMessage
SendNotifyMessageA
GetDesktopWindow
SystemParametersInfoA
GetSystemMetrics
EnumDisplayDevicesA
GetWindowModuleFileNameA
MessageBoxA
WindowFromPoint
keybd_event
GetWindowRect
ExitWindowsEx
SendMessageA
RegisterWindowMessageA
InflateRect
GetForegroundWindow
GetWindowLongA
PostMessageA
FindWindowA
VkKeyScanA
LoadStringA
wsprintfA
wsprintfW
SetRect
CopyRect
mouse_event
IsRectEmpty
EnumDisplaySettingsA
GetParent
KillTimer
SetTimer
GetClassNameA
SendInput
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
IsWindow
PeekMessageA

gdi32

MoveToEx
RestoreDC
GetPixel
CreatePen
SaveDC
SelectObject
DeleteObject
SetPixel
LineTo
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
RegDeleteKeyA
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameA
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameA
ConvertSidToStringSidA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegEnumValueA
RegQueryInfoKeyA

shell32

Shell_NotifyIconA
ExtractIconA
ShellExecuteA

Exports

Exports

?RunTaskBarIconEx@@YAHXZ
?UCLogicCursor@@YAXPEAXIIIIIIHHH@Z
?UCLogicFKey@@YAXPEAXIIIIIIHHH@Z
CloseTabletDevice
CreateTaskBarIcon
GetFunctionKeysExV2
OpenTabletDevice
PenNotInContext
RegDeleteFKeys
RegGetFKeys
RemoveTaskBarIcon
RunClientSideService
RunTaskBarIcon
SetFunctionKeys
SetFunctionKeysEx
TDCalibration
TDConnectPenTablet
TDDriverControl
TDGetClientMapMonitorRect
TDGetDeviceCount
TDGetHwInfoExV3
TDGetInfoExMouseBtn
TDGetInfoExV2
TDGetMapMonitorState
TDGetProtectData
TDGetSupportMapMonitorState
TDIsTabletPCAPIAvailable
TDSetClientMapMonitorRect
TDSetDeviceExtraInfo
TDSetHW_bNoHotCell
TDSetInfoExMouseBtn
TDSetInfoExMouseBtnDefault
TDSetInfoExV2
TDSetMapMonitorState
TGL_Attach
TGL_Close
TGL_Detach
TGL_EndLine
TGL_Get
TGL_LineTo
TGL_MoveTo
TGL_Open
TGL_Set
TskBarIconProc
UCGetHotCellAddWindow
UCGetHotCellRecoverType
UCGetHotCellRemoveWindow
UCGetHotCellSetReceiveType
UCGetHotCellSetType
UCLogicTabletEvent
UpdateTaskBar
WTClose
WTConfig
WTDataGet
WTDataPeek
WTEnable
WTExtGet
WTExtSet
WTGetA
WTGetActiveSessionID
WTGetW
WTInfoA
WTInfoW
WTMgrClose
WTMgrConfigReplaceExA
WTMgrConfigReplaceExW
WTMgrContextEnum
WTMgrContextOwner
WTMgrCsrButtonMap
WTMgrCsrEnable
WTMgrCsrExt
WTMgrCsrPressureBtnMarks
WTMgrCsrPressureBtnMarksEx
WTMgrCsrPressureResponse
WTMgrDefContext
WTMgrDefContextEx
WTMgrDeviceConfig
WTMgrExt
WTMgrOpen
WTMgrPacketHookExA
WTMgrPacketHookExW
WTMgrPacketHookNext
WTMgrPacketUnhook
WTOnEvent
WTOpenA
WTOpenW
WTOverlap
WTPacket
WTPacketsGet
WTPacketsPeek
WTQueuePacketsEx
WTQueueSizeGet
WTQueueSizeSet
WTRestore
WTSave
WTSetA
WTSetActiveSessionID
WTSetDeviceEx
WTSetW

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/WinX64/ptsimbus_x64.cat
Driver_8.0_0508/WinX64/ptsimhid_x64.cat
Driver_8.0_0508/WinX64/tablet2k_x64.cat
Driver_8.0_0508/WinX64/ucinst32.dll
.dll windows:5 windows x64 arch:x64

8e17cd59fd245d01357c11f9c757c182

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/08/2012, 00:00

Not After

22/08/2014, 23:59

Subject

CN=UC-Logic Technology Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=UC-Logic Technology Corporation,L=Sanchung City,ST=Taipei Hsien,C=TW

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2011, 19:25

Not After

22/02/2021, 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

49:24:c7:2e:54:3e:e4:c7:e6:e8:a7:43:96:97:0d:b3:f4:ef:3c:cb
Signer

Actual PE Digest

49:24:c7:2e:54:3e:e4:c7:e6:e8:a7:43:96:97:0d:b3:f4:ef:3c:cb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\diskf\drvsrc5\kernel\ucinst32.500\objfre_wnet_AMD64\amd64\ucinst32.pdb

Imports

msvcrt

_initterm
malloc
free
strstr

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

setupapi

SetupDiGetDriverInstallParamsA
SetupDiEnumDriverInfoA
SetupDiSetSelectedDevice
SetupCopyOEMInfA
SetupDiSetDriverInstallParamsA
SetupDiSetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiGetDeviceInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupDiGetINFClassA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiSetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA

kernel32

GetProcAddress
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemDirectoryA
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
lstrcmpA
GetLastError
lstrcatA
lstrlenA
lstrcpyA
GetCurrentProcessId
LoadLibraryA
GetSystemTimeAsFileTime
FreeLibrary

advapi32

RegOpenKeyExA
RegCloseKey

user32

CharUpperBuffA
CharUpperA
wsprintfA

Exports

Exports

ClassInstall
HidTabletCoInstaller
SerTabletCoInstaller

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Driver_8.0_0508/bg.bmp

Sharing

General

Malware Config

Signatures

Files

390275f137a2fac1e2b1ea2ffa1d33e2

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

42:dd:8a:51:a6:91:e7:56:f3:b6:43:f1:df:57:e0:61:c1:3e:e5:d6Signer

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

59ad46def4a8200b435652f521ec8a18

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

10:53:6b:e3:b4:08:b3:38:dd:0a:42:88:4b:09:d7:be:25:1a:d2:44Signer

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 928B

5c8f7c59c6ae7d6123c0eaac4e367f39

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7d:23:2f:64:b4:50:b3:bd:21:bb:67:6c:0e:8c:01:5f:5a:b9:ec:51Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

Sections

.text Size: 20KB - Virtual size: 16KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

42:dd:8a:51:a6:91:e7:56:f3:b6:43:f1:df:57:e0:61:c1:3e:e5:d6
Signer

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

10:53:6b:e3:b4:08:b3:38:dd:0a:42:88:4b:09:d7:be:25:1a:d2:44
Signer

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 928B

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7d:23:2f:64:b4:50:b3:bd:21:bb:67:6c:0e:8c:01:5f:5a:b9:ec:51
Signer

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 13KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

11:46:ec:ae:5b:66:cb:42:95:f3:a5:ac:15:97:94:37
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

ba:c8:a2:47:af:0c:06:bc:ee:f4:aa:06:ef:eb:9b:0c:32:61:c4:b9
Signer

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 928B

02:3a:64
Certificate

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate

3c:25:2c:8d:6a:c6:2e:f6:db:a8:68:05:67:50:99:48
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

93:ea:57:fa:8b:3b:66:09:de:3d:76:1c:88:79:35:0d:42:b1:6a:9c
Signer

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 228B

PAGE
Size: 4KB - Virtual size: 3KB

INIT
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 1024B - Virtual size: 776B

02:3a:64
Certificate

7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Certificate