c16fad68c19c240a9730ac2efcce745e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c16fad68c19c240a9730ac2efcce745e_JaffaCakes118
Size

21.6MB
MD5

c16fad68c19c240a9730ac2efcce745e
SHA1

5e2da9eba56489ce164243e73c8404ce993b3164
SHA256

6a9ec76eb4844f99593016949c027b13ac8e4b468a1866f6fa97c266305540ce
SHA512

eac4ea758a28436c5fae7fe94fcead4ba351612024bb1528e00c7651ebb5a30c46e1f804ed94d92835c7f8ac13fab79436d45b3300ebbd164c598fa06c5ee506
SSDEEP

393216:kv6jCfa58A8pLb1HS2a8MSey5XFxVl9PkFe9u6ztuNafrs1gGT6wDJQ:kCmY8A6VS2j5ln7jsOGT7

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/TSSafeEdit.dat	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/TSSafeEdit.dat	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/InstallAsm/Microsoft.VC80.ATL/ATL80.dll
unpack001/InstallAsm/Microsoft.VC80.CRT/msvcm80.dll
unpack002/out.upx

Files

c16fad68c19c240a9730ac2efcce745e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5efd74892a893f15c566623cc8a8cc76

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cf:49:8a:a7:1d:67:93:31:e0:6d:e2:ad:ee:9b:3a:89:25:5b:e2:f5
Signer

Actual PE Digest

cf:49:8a:a7:1d:67:93:31:e0:6d:e2:ad:ee:9b:3a:89:25:5b:e2:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
LocalFree
OutputDebugStringW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
GetClassInfoW
ScreenToClient
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
CreateWindowExW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/0001.bmp
$PLUGINSDIR/0002.bmp
$PLUGINSDIR/0003.bmp
$PLUGINSDIR/0004.bmp
$PLUGINSDIR/0005.bmp
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ProcDll.dll
.dll windows:4 windows x86 arch:x86

fc48f1867996469168a737dda79223c9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:a8:af:55:25:37:c2:bc:cf:0f:2c:da:36:65:a0:14:63:f7:8c:54
Signer

Actual PE Digest

d1:a8:af:55:25:37:c2:bc:cf:0f:2c:da:36:65:a0:14:63:f7:8c:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\trunk\Setup\PluginSource\ProcDLL\Release\ProcDLL.pdb

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
DeleteFileW
SetFileAttributesW
CreateDirectoryW
DuplicateHandle
DebugBreak
OutputDebugStringW
QueryDosDeviceW
TerminateThread
WaitForSingleObject
VirtualFree
VirtualAlloc
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
GetLongPathNameW
TerminateProcess
WritePrivateProfileStringW
GetPrivateProfileStringW
FindClose
FindNextFileW
FindFirstFileW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
CopyFileW
SetFilePointer
GetFileType
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
DosDateTimeToFileTime
SetFileTime
WriteFile
FileTimeToSystemTime
FileTimeToDosDateTime
GetFileSize
GetLocalTime
GetSystemTime
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetFullPathNameA
GetDriveTypeA
SetCurrentDirectoryA
GetCurrentDirectoryA
FileTimeToLocalFileTime
lstrlenW
Sleep
LoadLibraryExW
GlobalAlloc
lstrcpyW
GlobalFree
DeviceIoControl
lstrlenA
MultiByteToWideChar
GetCurrentProcessId
CreateProcessW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetVersion
OpenSemaphoreW
CreateNamedPipeW
OpenEventW
OpenMutexW
WaitForMultipleObjects
SetErrorMode
GetFullPathNameW
ResetEvent
IsBadReadPtr
LocalFileTimeToFileTime
GetDriveTypeW
GetLogicalDrives
GetDiskFreeSpaceExW
SetEvent
CreateEventW
GetTempPathW
GetWindowsDirectoryW
GetSystemDirectoryW
ExpandEnvironmentStringsW
WritePrivateProfileStructW
GetPrivateProfileStructW
GetPrivateProfileSectionNamesW
VirtualQuery
GetSystemDefaultLangID
GetSystemInfo
GetProcessTimes
SleepEx
LockResource
FreeResource
GetPrivateProfileIntW
FindResourceExW
LocalFree
GetCommandLineW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FindResourceW
LoadResource
SizeofResource
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThreadId
WideCharToMultiByte
CreateThread
GetProcessHeap
HeapAlloc
HeapFree
GetLastError
GetFileAttributesW
GetVersionExW
CreateFileW
InterlockedDecrement
GetCurrentProcess
CreateToolhelp32Snapshot
Process32FirstW
Module32FirstW
Module32NextW
Process32NextW
LoadLibraryA
GetProcAddress
lstrcpynW
OpenProcess
lstrcmpiW
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetTimeZoneInformation
HeapSize
GetModuleFileNameA
GetStdHandle
ExitProcess
CloseHandle
FreeLibrary
FatalAppExitA
HeapCreate
HeapDestroy
IsValidCodePage
GetOEMCP
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
ResumeThread
ExitThread
HeapReAlloc
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
GetVersionExA
GetThreadLocale
InterlockedExchange
GetACP
GetLocaleInfoA

user32

IsIconic
FindWindowA
GetDesktopWindow
EnumChildWindows
GetWindowLongW
FindWindowW
GetWindowThreadProcessId
RegisterClassExW
DefWindowProcW
DestroyWindow
IsWindow
PostMessageW
wsprintfW
EndPaint
GetClientRect
BeginPaint
CallWindowProcW
SetWindowLongW
SetWindowPos
RedrawWindow
GetWindow
LoadImageW
GetDlgItem
UpdateWindow
DialogBoxParamW
CharLowerW
ScreenToClient
MoveWindow
SetTimer
SetWindowTextW
SetDlgItemTextW
BringWindowToTop
EndDialog
SendMessageTimeoutW
KillTimer
GetParent
UnregisterClassW
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetClassNameW
ClientToScreen
OffsetRect
FindWindowExW
EnumWindows
GetWindowTextW
CharNextW
LoadStringW
FillRect
LoadBitmapW
ReleaseDC
GetForegroundWindow
SetForegroundWindow
IsWindowVisible
AttachThreadInput
CreateDialogParamW
SetLayeredWindowAttributes
CreateWindowExW
ShowWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnregisterClassA
RemovePropW
PostQuitMessage
SetPropW
GetPropW
CharUpperW
SendMessageW

gdi32

CreateSolidBrush
SetBkMode
CreateFontW
SetTextColor
TextOutW
DeleteObject
GetObjectW
CreateCompatibleDC
SelectObject
StretchBlt
GetStockObject

advapi32

LookupAccountNameW
CloseServiceHandle
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegCloseKey
DuplicateTokenEx
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
LookupAccountSidW
OpenServiceW
SetSecurityInfo
GetSidIdentifierAuthority
GetSecurityInfo
BuildExplicitAccessWithNameW
SetEntriesInAclW
RegOpenKeyW
OpenSCManagerW
QueryServiceConfigW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
SHFileOperationW
CommandLineToArgvW
ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemFree
CoLoadLibrary
CLSIDFromProgID
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
StringFromGUID2
CoFreeLibrary
CoCreateGuid
CoInitialize
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysFreeString
SysAllocString
SysStringLen
VarUI4FromStr

shlwapi

PathFindFileNameW
PathIsDirectoryW
PathFileExistsW
PathAddBackslashW
PathRemoveBackslashW
PathRemoveFileSpecW
PathAppendW
wnsprintfW

comctl32

_TrackMouseEvent

msimg32

TransparentBlt

netapi32

NetApiBufferFree
NetWkstaTransportEnum
Netbios

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

urlmon

URLDownloadToFileW

psapi

GetModuleFileNameExW
GetModuleBaseNameW

ws2_32

htons
ntohl
htonl

wininet

InternetGetConnectedState
InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

Exports

Exports

AddToFirewall
AsynDownload
AsynPCMgrDownload
ChangeCacheACL
CheckDownload
CheckInstallType
CheckModuleUsing
CheckPCMgrDownload
ClearP2PCache
ClearSSOConfig
CreateBitmapCtrl
CreatePath
Destroy
ExcuteAsExplorer
GetCheckBoxStatus
GetCommentsInfo
GetFileVersion
GetOSVersion
GetParentProcName
GetProtocalVersion
GetShortCutOfApplicationInDirectory
GetUserGUID
HasUserAborted
InitPCMgrDetector
IsProcRunning
KillProcByID
KillProcByName
KillProcByPath
ModifyDirPage
NsisGetDectectorResult
NsisRunDetector
NsisWaitDetectorComplete
OpenFirewall
ParseCmdLine
PinOrUnpinStartMenuIcon
PinOrUnpinTaskBarIcon
PopupTipBesideShortcut
RegMultiSzEdit
RegisterQQLiveProtocal
RemoveFirewall
RemoveFromFirewall
RunPCMgrDetector
SetCompletionRate
SetCtrlFontTitle
SetIEMainPage
SetInstallPath
SetInstallProgress
Show
ShowMsgBox
UnRegisterQQLiveProtocal
UnitPCMgrDetector
Update
UpdateAppData
free_instfilespage_bitmap
getWindow
kill_instfilespage_timer
load_instfilespage_bitmap
start_instfilespage_timer

Sections

.text
Size: 648KB - Virtual size: 646KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Statistics.exe
.exe windows:4 windows x86 arch:x86

c2ca8c749efd139a74ece1566852cf56

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d5:bb:01:2b:db:0e:e3:de:97:c0:89:58:20:2c:e0:cd:00:c0:24:49
Signer

Actual PE Digest

d5:bb:01:2b:db:0e:e3:de:97:c0:89:58:20:2c:e0:cd:00:c0:24:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\QQLive_proj\trunk\Setup\Statistics.pdb

Imports

kernel32

WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
OutputDebugStringW
MultiByteToWideChar
lstrlenA
CloseHandle
WriteFile
CreateFileW
lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
Sleep

shell32

CommandLineToArgvW

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wininet

HttpAddRequestHeadersW
InternetReadFile
HttpOpenRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetConnectW
InternetOpenW
InternetCloseHandle

msvcr80

_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_exit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_wtoi
_recalloc
calloc
free
memmove_s
__CxxFrameHandler3
wcslen
vswprintf_s
_vscwprintf
_CxxThrowException
memcpy_s
??3@YAXPAX@Z
_cexit
memset
_decode_pointer
_amsg_exit
__getmainargs

user32

UnregisterClassA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
ADManage.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f7cad460f73f66c77935d462e78a3269

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c2:31:5a:01:59:cc:8a:de:45:ef:45:46:1e:90:f2:50:6d:bd:bf:af
Signer

Actual PE Digest

c2:31:5a:01:59:cc:8a:de:45:ef:45:46:1e:90:f2:50:6d:bd:bf:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\ADManage.pdb

Imports

tinyxml

?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?Value@TiXmlNode@@QBEPBDXZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
??0TiXmlDocument@@QAE@XZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
??1TiXmlDocument@@UAE@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?GetText@TiXmlElement@@QBEPBDXZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z

kernel32

MultiByteToWideChar
lstrlenA
SetLastError
InterlockedIncrement
InterlockedDecrement
CreateEventW
DeleteFileW
GetVersionExW
GetPrivateProfileIntW
CopyFileW
ResetEvent
FindClose
FindNextFileW
SetFileAttributesW
FindFirstFileW
SetThreadLocale
GetThreadLocale
ReadFile
GetFileSize
CreateFileW
Sleep
TerminateThread
CreateMutexW
ReleaseMutex
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
CloseHandle
TerminateProcess
WaitForMultipleObjects
ResumeThread
CreateProcessW
VirtualAlloc
VirtualFree
GetSystemDirectoryW
GetCurrentProcessId
RaiseException
WideCharToMultiByte
lstrlenW
GetCurrentThreadId
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
SetEvent
FreeLibrary
GetModuleHandleW
LoadLibraryExW
GetProcAddress
LoadLibraryW
WaitForSingleObject
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetModuleFileNameW
lstrcpynW
VirtualQuery
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetTickCount

user32

SetWindowLongW
IsWindow
DestroyWindow
SetWindowPos
MessageBoxW
ReplyMessage
GetCursorPos
PtInRect
ShowWindow
MoveWindow
SendMessageTimeoutW
EqualRect
CopyRect
SetForegroundWindow
IsWindowVisible
LoadCursorW
DispatchMessageW
UnregisterClassA
SetTimer
KillTimer
TranslateMessage
ClientToScreen
GetClientRect
GetWindowRect
PostThreadMessageW
InSendMessage
GetMessageW
SendMessageW
RegisterWindowMessageW
CallWindowProcW
PostMessageW
GetWindowLongW
RegisterClassExW
DefWindowProcW
CreateWindowExW
GetClassInfoExW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegQueryValueW
RegCloseKey

shell32

ShellExecuteExW

ole32

CoFreeLibrary
CoCreateInstance

oleaut32

SysAllocStringLen
VarBstrCmp
VariantCopy
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
SysStringLen

encrypt

?oi_symmetry_decrypt2@@YAHPBEH0PAEPAH@Z
?oi_symmetry_encrypt2@@YAXPBEH0PAEPAH@Z

atl80

ord44
ord43
ord18
ord23
ord64
ord42
ord30
ord61
ord32
ord58
ord31
ord22
ord15

shlwapi

PathFileExistsW

msvcp80

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?eof@?$char_traits@_W@std@@SAGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?length@?$char_traits@_W@std@@SAIPB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?width@ios_base@std@@QAEHH@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

livelog

?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetOnLine@@YAHXZ
?CreateTempFile@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@@Z
?CreateAllDirectory@@YAHPB_W@Z
?SaveFileUTF8_2@@YAXPB_W0@Z
?GetFileSize@@YAHPB_WAA_K@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?GetStatCorrectTime@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserGuid@@YAXPADAAH@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?ConvertTime@@YAI_J@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?GetRandomNum@@YAKKK@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?OpenQQLive@@YAHPB_W@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?SplitString@@YAXAAV?$vector@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V?$allocator@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@std@@@std@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@1@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?GetEmbededFlashOcxName@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?IsFlashEmbeded@@YAHXZ
?GetExeFileProcessID@@YAIV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?NavigateURL@@YAHPB_WH@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?UrlDecode@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?GetFlashIeProcess@@YAAAVCQQLiveExternalWrapper@@XZ

msvcr80

fopen_s
wcschr
ldiv
swscanf_s
_vsnwprintf_s
_resetstkoflw
malloc
wprintf_s
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
fputc
_errno
strncpy
fopen
fread
fprintf
ferror
ftell
_wfopen_s
??3@YAXPAX@Z
_time32
memcpy_s
_CxxThrowException
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
??0exception@std@@QAE@XZ
wcscmp
_wcsicmp
_vscwprintf
vswprintf_s
wcslen
_mktime64
wcsncpy_s
_time64
_wtoi
memcpy
memset
wcstoul
wcstok_s
wcstod
_wtoi64
wcsncmp
strtoul
wcsrchr
_vswprintf_c_l
_purecall
swprintf_s
wcscat_s
wcsstr
strlen
_itow_s
free
calloc
_recalloc
??_V@YAXPAX@Z
strncpy_s
wcsftime
_localtime64_s
_beginthreadex
memcmp
fclose
fwrite

httpmodule

?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
??0CDownloadMgrProxy@@QAE@XZ
??1CDownloadMgrProxy@@UAE@XZ
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
?StartTask@CDownloadMgrProxy@@QAEHH@Z

wininet

InternetOpenW
InternetOpenUrlW
InternetCloseHandle

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CertFreeCertificateContext
CryptQueryObject
CryptMsgGetParam
CertGetNameStringW
CertCreateCertificateContext
CertCloseStore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AppLaunch.prf
BugReporter.exe
.exe windows:4 windows x86 arch:x86

7eb076debb1bc582c331a3211e9f71b3

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a6:79:25:a8:c2:23:4d:7c:5f:3f:63:0a:5d:74:11:3e:bf:77:a9:74
Signer

Actual PE Digest

a6:79:25:a8:c2:23:4d:7c:5f:3f:63:0a:5d:74:11:3e:bf:77:a9:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\BugReporter.pdb

Imports

comctl32

ImageList_SetBkColor
ImageList_AddMasked
ImageList_Create
ImageList_Draw

wininet

InternetCloseHandle
HttpSendRequestA
InternetConnectA
InternetOpenA
HttpOpenRequestA

livelog

?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?ParseURL@@YAHPB_WAAW4INTERNET_SCHEME@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@2AAG@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?GetUserIniPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
InterlockedExchange
GetLocaleInfoA
GetThreadLocale
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
InterlockedCompareExchange
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CloseHandle
CreateFileA
VirtualQueryEx
FlushInstructionCache
GetCurrentProcess
MultiByteToWideChar
lstrlenA
GetCurrentThreadId
SetLastError
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
GetPrivateProfileIntW
GetVersionExW
WritePrivateProfileStringW
ReadProcessMemory
SetFileAttributesW
WaitForSingleObject
Sleep
SetUnhandledExceptionFilter
GetProcAddress
LoadLibraryW
CreateFileW
GetCommandLineW
WideCharToMultiByte
lstrlenW
GetModuleHandleW
GetUserDefaultLCID
GetSystemDefaultLCID
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetOEMCP
GetACP
OpenProcess
GetCurrentProcessId
TerminateProcess
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile

user32

GetWindowRect
GetClientRect
ShowWindow
SendMessageW
GetWindowLongW
EndDialog
MessageBeep
GetWindow
GetParent
EndPaint
BeginPaint
SetWindowTextW
LoadBitmapW
GetSystemMetrics
GetActiveWindow
DialogBoxParamW
SetWindowLongW
MoveWindow
UnregisterClassA
SetTimer
KillTimer
SystemParametersInfoW
MapWindowPoints
SetWindowPos
IsWindow
GetDlgItem
SetDlgItemTextW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegCloseKey

shell32

SHGetFolderPathW
ShellExecuteExW
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoFreeLibrary

oleaut32

SystemTimeToVariantTime
SysFreeString
VariantTimeToSystemTime

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
??0?$allocator@D@std@@QAE@XZ
?allocate@?$allocator@D@std@@QAEPADI@Z
?max_size@?$allocator@D@std@@QBEIXZ
??0?$allocator@D@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ

psapi

EnumProcessModules
GetModuleFileNameExA
GetModuleFileNameExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

imagehlp

SymInitialize
SymSetOptions
StackWalk
SymGetModuleInfo
SymLoadModule
SymGetSymFromAddr
SymFunctionTableAccess

msvcr80

_fseeki64
srand
rand
??_V@YAXPAX@Z
_controlfp_s
_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
wcsncmp
_wfopen_s
fseek
??3@YAXPAX@Z
_time64
strchr
memcpy_s
_CxxThrowException
memset
_invalid_parameter_noinfo
_vsnprintf_s
memmove_s
wcsstr
wcschr
wcsrchr
_wcslwr_s
_vscwprintf
vswprintf_s
wcslen
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
free
calloc
_recalloc
_localtime64_s
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
wcsftime
_i64tow_s
fclose
fread
_ftelli64
fwrite
_wfopen
strlen
wcstoul
ftell

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
COPYING.GPLv3
COPYING.LGPLv3
ChannelMgr.dll
.dll regsvr32 windows:4 windows x86 arch:x86

2dbb56b7ddaf9e775602de5b5555b28f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:0e:a9:44:e7:17:3c:59:bb:89:82:a4:62:66:e3:6f:6e:47:d5:df
Signer

Actual PE Digest

bd:0e:a9:44:e7:17:3c:59:bb:89:82:a4:62:66:e3:6f:6e:47:d5:df

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\ChannelMgr.pdb

Imports

tinyxml

?SetDoubleAttribute@TiXmlElement@@QAEXPBDN@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHPBDPAN@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
??1TiXmlElement@@UAE@XZ
??0TiXmlElement@@QAE@PBD@Z
?Value@TiXmlNode@@QBEPBDXZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?GetText@TiXmlElement@@QBEPBDXZ
??1TiXmlDocument@@UAE@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
??0TiXmlDocument@@QAE@XZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
?SetAttribute@TiXmlElement@@QAEXPBDH@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z

kernel32

lstrlenA
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceExW
GetVersionExW
lstrlenW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetLastError
InterlockedIncrement
CreateFileW
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
VirtualAlloc
DeleteCriticalSection
VirtualFree
GetModuleFileNameW
GetPrivateProfileIntW
GetThreadLocale
SetThreadLocale
CreateEventW
VirtualQuery
OpenEventW
SetLastError
ReleaseMutex
CreateMutexW
OpenMutexW
FindNextFileW
GetProcAddress
SetEvent
GetComputerNameW
GetModuleHandleW
LoadLibraryW
GetCurrentThreadId
ReadFile
WriteFile
GetFileInformationByHandle
FormatMessageW
EnterCriticalSection
Sleep
MoveFileExW
FreeResource
TerminateThread
GetVersionExA
LocalFree
FormatMessageA
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
GlobalFree
LoadLibraryA
GetFullPathNameW
GetDiskFreeSpaceA
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
GetCurrentProcessId
SetEndOfFile
GetTempPathA
FreeLibrary
GetSystemTime
QueryPerformanceCounter
AreFileApisANSI
DeleteFileA
UnlockFile
LockFile
GetSystemTimeAsFileTime
GetFileAttributesA
FlushFileBuffers
GetTempPathW
LockFileEx
GetDiskFreeSpaceW
CreateDirectoryA
FindFirstFileA
FindNextFileA
GetFileSizeEx
GetStdHandle
SetFilePointerEx
OutputDebugStringA
GetSystemDirectoryA
SetThreadPriority
CreateMutexA
GetTimeZoneInformation
IsDebuggerPresent
MoveFileW
WideCharToMultiByte
FindClose
FindFirstFileW
DeleteFileW
FindResourceW
GetFileAttributesW
InterlockedDecrement
GetTickCount
InterlockedCompareExchange
LeaveCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException

user32

SetTimer
PostMessageW
GetWindowLongW
DefWindowProcW
IsWindow
CreateWindowExW
DestroyWindow
CallWindowProcW
LoadCursorW
GetClassInfoExW
RegisterClassExW
UnregisterClassA
MessageBoxW
SetWindowLongW
KillTimer

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA

shell32

ShellExecuteExW
SHFileOperationW
SHGetFolderPathA

ole32

StringFromGUID2
CoCreateGuid
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
SysAllocString
SysAllocStringByteLen
VarBstrCmp
SysStringByteLen
VariantInit
DispCallFunc
VariantClear
LoadRegTypeLi
LoadTypeLi
SysAllocStringLen
VarBstrCat

livelog

?EncodeURIComponent@@YAJPBEJAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?GetLiveServerIP@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?SetKeyValue@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@1@Z
?GetLiveServerPort@@YAIPB_W@Z
?CaleInstructionLevel@@YAH_N00000@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?CalcCoresLevel@@YAHH@Z
?GetInstructionLevel@@YAHXZ
?GetFreqLevel@@YAHXZ
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetCoresLevel@@YAHXZ
?GetDefaultDLNAVFormat@@YAJXZ
?GetDefaultVFormat@@YAJXZ
?GetFavouriteVFormat@@YAJXZ
?GetStatCorrectTime@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?GetOnLine@@YAHXZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?GetIEUseableDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetUserGuid@@YAXPADAAH@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?GetCommonAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?IsQQLiveClient@@YAHXZ
?IsDLNAMode@@YAHXZ
?GetFolderByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?CheckUnadvise@@YAXPB_W@Z
?CalcFreqLevel@@YAHN@Z
?GetSecurityAttributesWithoutDACL@@YAHAAU_SECURITY_ATTRIBUTES@@@Z
?GetProcessModuleVersion@@YAPB_WPB_WQA_WH@Z
?IsDoLog@@YAHXZ
?IsEnableUAC@@YAHXZ
?LogToFile@@YAXPB_WZZ
?StrToAddr@@YAHAAUsockaddr_in@@PB_WF@Z

atl80

ord44
ord43
ord11
ord58
ord32
ord23
ord61
ord31
ord30
ord18
ord22
ord64
ord15
ord10

shlwapi

PathFileExistsW

msvcp80

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z

wininet

InternetSetCookieW
InternetQueryOptionA

ws2_32

WSAGetLastError
inet_ntoa
htonl
ntohl
getservbyname
gethostbyaddr
gethostbyname
htons
ntohs
getservbyport
WSASetLastError
WSAStartup
closesocket
recv
send
ioctlsocket
getpeername
getsockname
bind
setsockopt
connect
sendto
recvfrom
getsockopt
__WSAFDIsSet
select
listen
socket
accept
shutdown
WSACleanup
inet_addr

msvcr80

fprintf
setvbuf
strtol
_wtol
strcmp
abs
sprintf_s
_vsnwprintf_s
wcsftime
_time64
strtoul
_localtime64_s
memmove
ftell
abort
__CxxFrameHandler3
_CxxThrowException
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_wfopen
feof
fflush
_ftelli64
_fseeki64
_wfsopen
_wstat64
_errno
_dupenv_s
strcat_s
strcpy_s
printf
isspace
_vsnprintf_s
qsort
toupper
clock
realloc
_snprintf_s
_ftime64_s
isalnum
_strdup
strncmp
strncpy_s
strchr
wcstok_s
__iob_func
sprintf
_beginthreadex
_itow_s
atoi
_wtoi
??3@YAXPAX@Z
wcsstr
vswprintf_s
wcscmp
calloc
_invalid_parameter_noinfo
srand
??0exception@std@@QAE@ABQBD@Z
fwrite
??0exception@std@@QAE@ABV01@@Z
fclose
_recalloc
memmove_s
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
rand
memcpy
memset
_vscwprintf
??_V@YAXPAX@Z
swprintf_s
free
strlen
??2@YAPAXI@Z
??0exception@std@@QAE@XZ
wcslen
memcpy_s
_resetstkoflw
malloc
memcmp
_purecall
_vscprintf
_mbsinc
vsprintf_s
_mbscmp
strtod
wcstoul
wcsrchr
wcschr
fseek
fread

httpmodule

?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
??0CDownloadMgrProxy@@QAE@XZ
??1CDownloadMgrProxy@@UAE@XZ
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z

iphlpapi

GetAdaptersAddresses

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CreateObj1
CreateObj2
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetObj3
ProcessObj2
ReleaseObj1
ReleaseObj2
ReleaseObj3

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Common.dll
.dll regsvr32 windows:4 windows x86 arch:x86

33d4898835ff42691109f3e9dbc50929

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f5:d4:6b:4b:11:bd:a7:40:b7:45:93:1b:44:e9:73:bd:a5:f0:5d:c5
Signer

Actual PE Digest

f5:d4:6b:4b:11:bd:a7:40:b7:45:93:1b:44:e9:73:bd:a5:f0:5d:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\Common.pdb

Imports

zlib

inflateReset
deflateReset
inflateInit2_
deflateInit2_
crc32
inflateInit_
inflate
inflateEnd
deflateInit_
deflate
deflateEnd
compress
compress2
uncompress

libexpatw

ord53
ord50
ord25
ord35
ord48
ord52
ord20
ord7
ord17
ord21
ord63
ord64
ord65

ws2_32

WSAAsyncSelect
sendto
WSAGetLastError
getsockname
inet_ntoa
inet_addr
WSACleanup
WSAStartup
closesocket
recvfrom
connect
listen
getsockopt
getpeername
setsockopt
bind
WSASetLastError
getservbyport
gethostbyaddr
__WSAFDIsSet
select
recv
ioctlsocket
socket
accept
WSACancelAsyncRequest
WSAAsyncGetHostByName
gethostname
WSACreateEvent
gethostbyname
getservbyname
WSACloseEvent
send

wininet

HttpQueryInfoW
InternetSetOptionW
HttpSendRequestW
HttpOpenRequestW
InternetErrorDlg
InternetConnectW
InternetOpenW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetSetCookieW
InternetQueryOptionW
InternetGetCookieW
InternetCloseHandle

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

avicap32

capGetDriverDescriptionW

setupapi

SetupIterateCabinetW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

iphlpapi

GetIpForwardTable
CancelIPChangeNotify
GetIpAddrTable
NotifyAddrChange

dbghelp

SymCleanup
SymInitialize
SymLoadModule
SymSetOptions
SymGetModuleInfo

tinyxml

?ErrorDesc@TiXmlDocument@@QBEPBDXZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?condenseWhiteSpace@TiXmlBase@@0_NA
??0TiXmlDocument@@QAE@XZ
?Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?ToDocument@TiXmlDocument@@UAEPAV1@XZ
?ToDocument@TiXmlDocument@@UBEPBV1@XZ
?ToElement@TiXmlNode@@UAEPAVTiXmlElement@@XZ
?ToElement@TiXmlNode@@UBEPBVTiXmlElement@@XZ
?ToComment@TiXmlNode@@UAEPAVTiXmlComment@@XZ
?ToComment@TiXmlNode@@UBEPBVTiXmlComment@@XZ
?ToUnknown@TiXmlNode@@UAEPAVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@UBEPBVTiXmlUnknown@@XZ
?ToText@TiXmlNode@@UAEPAVTiXmlText@@XZ
?ToText@TiXmlNode@@UBEPBVTiXmlText@@XZ
?ToDeclaration@TiXmlNode@@UAEPAVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@UBEPBVTiXmlDeclaration@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
??1TiXmlDocument@@UAE@XZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
?SaveFile@TiXmlDocument@@QBE_NPB_W@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
??0TiXmlElement@@QAE@PBD@Z
??1TiXmlElement@@UAE@XZ

kernel32

FlushInstructionCache
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
HeapSize
HeapReAlloc
HeapDestroy
GetLocaleInfoA
InterlockedCompareExchange
GetVersionExA
OutputDebugStringW
IsDBCSLeadByte
SetProcessWorkingSetSize
lstrcpynW
LoadLibraryExW
LoadLibraryExA
GetSystemDirectoryW
GetWindowsDirectoryW
GetWindowsDirectoryA
GetACP
SetErrorMode
VirtualAllocEx
SetUnhandledExceptionFilter
WriteProcessMemory
SearchPathW
TerminateProcess
CreateToolhelp32Snapshot
Thread32First
Thread32Next
HeapAlloc
GetCurrentThread
GetThreadTimes
SuspendThread
GetThreadContext
ResumeThread
OpenThread
GetThreadSelectorEntry
VirtualQueryEx
ReadProcessMemory
WaitForMultipleObjects
GetCPInfoExW
DebugBreak
VirtualLock
VirtualUnlock
CreateFileMappingW
MapViewOfFile
lstrcmpiW
lstrcmpiA
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue
ConnectNamedPipe
CreateNamedPipeW
DisconnectNamedPipe
WaitNamedPipeW
SetNamedPipeHandleState
FileTimeToLocalFileTime
GetNumberFormatW
GetCurrencyFormatW
GetCalendarInfoW
GetTimeFormatW
GetDateFormatW
SetLocaleInfoW
GetUserDefaultLangID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
IsValidLocale
GetSystemDefaultLCID
GetUserDefaultLCID
GetLocaleInfoW
TerminateThread
FormatMessageW
HeapFree
GetProcessHeap
LocalFree
SetLastError
SetEvent
CreateEventW
CreateThread
ResetEvent
GetSystemDirectoryA
LoadLibraryA
GlobalFree
GetProcessAffinityMask
SetProcessAffinityMask
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetProcAddress
GetModuleHandleW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
SetThreadPriority
GetVersionExW
OpenProcess
GetCurrentProcessId
LoadLibraryW
GetVersion
OutputDebugStringA
InterlockedIncrement
InterlockedDecrement
SetThreadLocale
GetThreadLocale
RaiseException
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
DeviceIoControl
GetVolumeInformationW
GetDriveTypeW
IsBadReadPtr
ReadFile
CreateProcessW
CreatePipe
DuplicateHandle
GetCurrentProcess
GetStdHandle
lstrlenW
GetModuleFileNameW
GetFileSizeEx
GetFileAttributesW
CreateDirectoryW
GetFileType
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
SetFilePointer
WriteFile
GetLocalTime
GetTempPathW
GetCommandLineW
GetFileSize
SetFilePointerEx
FlushFileBuffers
SetEndOfFile
GetDiskFreeSpaceW
GetFullPathNameW
InterlockedExchange
Sleep
lstrcmpW
CopyFileW
MoveFileExW
DeleteFileA
FileTimeToSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
GetSystemTime
MoveFileA
SetFileAttributesA
GetFileAttributesA
CreateFileA
GetFileAttributesExA
CompareFileTime
SystemTimeToTzSpecificLocalTime
MoveFileW
GetSystemTimeAsFileTime
GetProcessTimes
GetModuleHandleA
GetPrivateProfileStringA
GetModuleFileNameA
VirtualQuery

user32

UnregisterClassA
FindWindowW
CharLowerW
CharUpperW
CharLowerA
CharUpperA
CharNextA
PeekMessageW
TranslateMessage
DispatchMessageW
SendMessageTimeoutW
SetWindowLongW
KillTimer
SetTimer
PostMessageW
CreateWindowExW
ShowWindow
DefWindowProcW
DestroyWindow
GetFocus
EnableWindow
IsWindowEnabled
SetFocus
SetPropW
RemovePropW
SendMessageW
GetPropW
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
GetDesktopWindow
OpenInputDesktop
GetUserObjectInformationW
GetThreadDesktop
CloseDesktop
GetSystemMetrics
IsWindow
IsWindowVisible
GetClassNameW
GetGUIThreadInfo
GetWindowLongW
GetWindowThreadProcessId
GetParent
GetWindowRect
GetWindowTextW
SystemParametersInfoW
RegisterClassExW
GetClassInfoExW
CharNextW

gdi32

GetStockObject

comdlg32

CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyW
RegCloseKey
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
LookupPrivilegeValueW
AdjustTokenPrivileges
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
DuplicateTokenEx

shell32

ShellExecuteW
ShellExecuteExW
SHCreateDirectoryExW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFolderLocation

ole32

CLSIDFromString
CoFreeLibrary
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CoGetMalloc
CoLoadLibrary
StringFromGUID2
StgOpenStorage
StgCreateDocfile

oleaut32

LoadRegTypeLi
LoadTypeLi
SysFreeString
SysAllocString
VariantClear
VariantTimeToSystemTime
SysAllocStringLen
SysStringLen
SysStringByteLen
VarBstrCmp
VectorFromBstr
VariantChangeType
SysReAllocStringLen
VariantInit
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocStringByteLen
BstrFromVector
VarDateFromStr

atl80

ord18
ord22
ord64
ord23
ord61
ord30
ord32
ord58
ord31
ord15

shlwapi

PathFindFileNameW
PathFileExistsA
PathFileExistsW
StrCmpW
StrCmpIW

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
_Inf
_Nan
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIABV12@@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
_FNan
_FInf
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z

msvcr80

_localtime64_s
wcsftime
sprintf_s
setlocale
strncpy
wcscpy_s
_beginthreadex
_endthreadex
memmove_s
wcschr
isxdigit
??_V@YAXPAX@Z
iswspace
isspace
strlen
wcslen
memcpy
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_time64
_invalid_parameter_noinfo
__CxxFrameHandler3
_recalloc
_CxxThrowException
memset
??3@YAXPAX@Z
_gmtime64_s
free
isalnum
_snprintf
_snwprintf
memcmp
strtoul
_purecall
__dllonexit
_unlock
__RTDynamicCast
strtod
sprintf
strerror
_errno
strtol
_strtoui64
_strtoi64
fflush
ldiv
atof
_wcslwr_s
wcstol
_wcsnicmp
_heapmin
wcscat_s
_gmtime32
wcsnlen
_msize
wcsspn
wcscspn
_wcsrev
wcspbrk
_wtoi
wcsstr
fwrite
_wcsicoll
wcscoll
_ismbcspace
_strrev
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_malloc_crt
wcstombs_s
mbstowcs_s
_vswprintf
__iob_func
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_mbsinc
_mbspbrk
vsprintf
_vscprintf
fgetc
realloc
exit
fputc
wcstok
wcscpy
fprintf
malloc
printf
toupper
_byteswap_ulong
_byteswap_ushort
memcpy_s
labs
wcsrchr
_wcsicmp
_wtof
wcsncmp
wcscmp
memmove
_gmtime64
_localtime64
_mktime64
_byteswap_uint64
_wtol
wcstoul
iswalnum
iswalpha
atoi
strcat_s
strcmp
strncpy_s
calloc
strcpy_s
_wfopen
_fseeki64
_ftelli64
srand
rand
sscanf
_strdup
strstr
_beginthread
_endthread
_vscwprintf
_vsnwprintf
iswdigit
wcsncpy
strrchr
strchr
_write
?_open@@YAHPBDHH@Z
_close
fopen
fseek
fclose
fread
ferror
feof

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
WTHelperGetProvCertFromChain
CryptCATCatalogInfoFromContext

crypt32

CertGetNameStringW

netapi32

Netbios

rasapi32

RasGetProjectionInfoW
RasEnumConnectionsW

Exports

Exports

??0?$RefCountedThreadSafe@VCShortStreamContainer@@U?$RefCountedThreadPtrDestruct@VCShortStreamContainer@@@destruct@base@@$00@base@@QAE@XZ
??0?$RefCountedThreadSafe@VCStorageIterator@@U?$RefCountedThreadPtrDestruct@VCStorageIterator@@@destruct@base@@$00@base@@QAE@XZ
??0?$SupportsWeakPtr@VCShortStreamContainer@@@base@@QAE@XZ
??0?$SupportsWeakPtr@VCStorageIterator@@@base@@QAE@XZ
??0Big@@QAE@AAPAI@Z
??0Big@@QAE@ABV0@@Z
??0Big@@QAE@H@Z
??0Big@@QAE@J@Z
??0Big@@QAE@PAD@Z
??0Big@@QAE@XZ
??0CCmdCodecBase@@QAE@XZ
??0CDataSenderBase@@QAE@W4DataSenderType@@@Z
??0CEcdsa@@QAE@W4ECCBIT@eccparam@@@Z
??0CExpatDataCompat@@QAE@XZ
??0CExpatFileReader@@QAE@XZ
??0CExpatMemReader@@QAE@XZ
??0CFmtString@@QAE@XZ
??0CGUnzipBuffer@@QAE@XZ
??0CGZipBuffer@@QAE@HH@Z
??0CMACReader@@QAE@XZ
??0CP2PDownload@@QAE@AAV0@@Z
??0CP2PDownload@@QAE@XZ
??0CP2PDownloadParam@@QAE@AAV0@@Z
??0CP2PDownloadParam@@QAE@XZ
??0CP2PDownloadUIInterface@@QAE@ABV0@@Z
??0CP2PDownloadUIInterface@@QAE@XZ
??0CRootStorage@@QAE@AAV?$WeakPtr@VCCompoundDocument@@@base@@@Z
??0CScopeToggler@@QAE@PA_N_N@Z
??0CShortStreamContainer@@QAE@XZ
??0CStorage@@QAE@AAV?$WeakPtr@VCCompoundDocument@@@base@@H@Z
??0CStorageIterator@@QAE@XZ
??0CStream@@QAE@AAV?$WeakPtr@VCCompoundDocument@@@base@@H@Z
??0CTXArray@@QAE@ABV0@@Z
??0CTXArray@@QAE@PAUITXArray@@@Z
??0CTXArray@@QAE@XZ
??0CTXArrayField@@QAE@ABV0@@Z
??0CTXArrayField@@QAE@XZ
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??0CTXBSTR@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??0CTXBSTR@@QAE@H@Z
??0CTXBSTR@@QAE@HPB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
??0CTXCommPack@@QAE@ABV0@@Z
??0CTXCommPack@@QAE@XZ
??0CTXCriticalSection@@QAE@ABV0@@Z
??0CTXCriticalSection@@QAE@XZ
??0CTXData@@QAE@ABV0@@Z
??0CTXData@@QAE@PAUITXData@@@Z
??0CTXData@@QAE@XZ
??0CTXDataField@@QAE@ABV0@@Z
??0CTXDataField@@QAE@XZ
??0CTXFileDialog@@IAE@XZ
??0CTXFileDialog@@QAE@ABV0@@Z
??0CTXFileDialog@@QAE@HPB_W00K0PAUHWND__@@HPAVVFileDialgCallback@@@Z
??0CTXHttpDownload@@QAE@XZ
??0CTXHttpDownloadSink@@IAE@XZ
??0CTXHttpDownloadSink@@QAE@ABV0@@Z
??0CTXHttpUpload@@QAE@XZ
??0CTXHttpUploadBuffer@@QAE@XZ
??0CTXHttpUploadStandard@@QAE@XZ
??0CTXStringA@@QAE@ABV0@@Z
??0CTXStringA@@QAE@DH@Z
??0CTXStringA@@QAE@PBD@Z
??0CTXStringA@@QAE@PBDH@Z
??0CTXStringA@@QAE@UtagEN@@PB_WH@Z
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??0CTXStringA@@QAE@XZ
??0CTXStringW@@QAE@ABU_GUID@@@Z
??0CTXStringW@@QAE@ABUtagVARIANT@@@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@H@Z
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@PB_WH@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??0CTXStringW@@QAE@UtagGBK@@PBDH@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@_WH@Z
??0CTXTCPDataSender@@QAE@XZ
??0CTXTCPThread@@QAE@XZ
??0CTXTLVCodecBase@@QAE@XZ
??0CTXThreadModel@@IAE@XZ
??0CTXTime@@QAE@ABU_FILETIME@@H@Z
??0CTXTime@@QAE@ABU_SYSTEMTIME@@H@Z
??0CTXTime@@QAE@ABV0@@Z
??0CTXTime@@QAE@GGH@Z
??0CTXTime@@QAE@HHHHHHH@Z
??0CTXTime@@QAE@XZ
??0CTXTime@@QAE@_J@Z
??0CTXTimeSpan@@QAE@ABV0@@Z
??0CTXTimeSpan@@QAE@JHHH@Z
??0CTXTimeSpan@@QAE@XZ
??0CTXTimeSpan@@QAE@_J@Z
??0CTXUDPDataSender@@QAE@XZ
??0CTXVariant@@QAE@ABVCTXBuffer@@@Z
??0CUnZipFile@@QAE@ABV0@@Z
??0CUnZipFile@@QAE@XZ
??0CUnzipBuffers@@QAE@ABV0@@Z
??0CUnzipBuffers@@QAE@XZ
??0CZipBuffers@@QAE@ABV0@@Z
??0CZipBuffers@@QAE@XZ
??0CZipFiles@@QAE@ABV0@@Z
??0CZipFiles@@QAE@XZ
??0VTXDataSenderTimeOutCallback@@QAE@ABV0@@Z
??0VTXDataSenderTimeOutCallback@@QAE@XZ
??1?$RefCountedThreadSafe@VCShortStreamContainer@@U?$RefCountedThreadPtrDestruct@VCShortStreamContainer@@@destruct@base@@$00@base@@QAE@XZ
??1?$RefCountedThreadSafe@VCStorageIterator@@U?$RefCountedThreadPtrDestruct@VCStorageIterator@@@destruct@base@@$00@base@@QAE@XZ
??1?$SupportsWeakPtr@VCShortStreamContainer@@@base@@QAE@XZ
??1?$SupportsWeakPtr@VCStorageIterator@@@base@@QAE@XZ
??1Big@@QAE@XZ
??1CCmdCodecBase@@UAE@XZ
??1CDataSenderBase@@UAE@XZ
??1CEcdsa@@QAE@XZ
??1CExpatDataCompat@@QAE@XZ
??1CExpatFileReader@@UAE@XZ
??1CExpatMemReader@@UAE@XZ
??1CFmtString@@QAE@XZ
??1CGUnzipBuffer@@QAE@XZ
??1CGZipBuffer@@QAE@XZ
??1CMACReader@@QAE@XZ
??1CP2PDownload@@UAE@XZ
??1CP2PDownloadParam@@UAE@XZ
??1CP2PDownloadUIInterface@@UAE@XZ
??1CRootStorage@@UAE@XZ
??1CScopeToggler@@QAE@XZ
??1CShortStreamContainer@@QAE@XZ
??1CStorage@@UAE@XZ
??1CStorageIterator@@QAE@XZ
??1CStream@@UAE@XZ
??1CTXArray@@QAE@XZ
??1CTXArrayField@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??1CTXCommPack@@UAE@XZ
??1CTXCriticalSection@@UAE@XZ
??1CTXData@@QAE@XZ
??1CTXDataField@@QAE@XZ
??1CTXFileDialog@@QAE@XZ
??1CTXHttpDownload@@UAE@XZ
??1CTXHttpDownloadSink@@UAE@XZ
??1CTXHttpUpload@@UAE@XZ
??1CTXHttpUploadBuffer@@UAE@XZ
??1CTXHttpUploadStandard@@UAE@XZ
??1CTXStringA@@QAE@XZ
??1CTXStringW@@QAE@XZ
??1CTXTCPDataSender@@UAE@XZ
??1CTXTCPThread@@UAE@XZ
??1CTXTLVCodecBase@@UAE@XZ
??1CTXThreadModel@@MAE@XZ
??1CTXUDPDataSender@@UAE@XZ
??1CUnZipFile@@QAE@XZ
??1CUnzipBuffers@@QAE@XZ
??1CWriteBuffer@@QAE@XZ
??1CZipBuffers@@QAE@XZ
??1CZipFiles@@QAE@XZ
??4Big@@QAEAAV0@ABV0@@Z
??4Big@@QAEAAV0@H@Z
??4Big@@QAEAAV0@J@Z
??4Big@@QAEAAV0@PAD@Z
??4CGUnzipBuffer@@QAEAAV0@ABV0@@Z
??4CGZipBuffer@@QAEAAV0@ABV0@@Z
??4CP2PDownload@@QAEAAV0@ABV0@@Z
??4CP2PDownloadParam@@QAEAAV0@ABV0@@Z
??4CP2PDownloadUIInterface@@QAEAAV0@ABV0@@Z
??4CScopeToggler@@QAEAAV0@ABV0@@Z
??4CTXArray@@QAEAAV0@ABV0@@Z
??4CTXArray@@QAEAAV0@PAUITXArray@@@Z
??4CTXArrayField@@QAEAAV0@ABV0@@Z
??4CTXArrayField@@QAEAAV0@D@Z
??4CTXArrayField@@QAEAAV0@E@Z
??4CTXArrayField@@QAEAAV0@F@Z
??4CTXArrayField@@QAEAAV0@G@Z
??4CTXArrayField@@QAEAAV0@H@Z
??4CTXArrayField@@QAEAAV0@K@Z
??4CTXArrayField@@QAEAAV0@N@Z
??4CTXArrayField@@QAEAAV0@PAUITXArray@@@Z
??4CTXArrayField@@QAEAAV0@PAUITXData@@@Z
??4CTXArrayField@@QAEAAV0@PAUIUnknown@@@Z
??4CTXArrayField@@QAEAAV0@PB_W@Z
??4CTXArrayField@@QAEAAV0@U_GUID@@@Z
??4CTXArrayField@@QAEAAV0@VCTXBSTR@@@Z
??4CTXArrayField@@QAEAAV0@_J@Z
??4CTXArrayField@@QAEAAV0@_K@Z
??4CTXArrayField@@QAEAAV0@_N@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXCriticalSection@@QAEAAV0@ABV0@@Z
??4CTXData@@QAEAAV0@ABV0@@Z
??4CTXData@@QAEAAV0@PAUITXData@@@Z
??4CTXDataField@@QAEAAV0@ABV0@@Z
??4CTXDataField@@QAEAAV0@D@Z
??4CTXDataField@@QAEAAV0@E@Z
??4CTXDataField@@QAEAAV0@F@Z
??4CTXDataField@@QAEAAV0@G@Z
??4CTXDataField@@QAEAAV0@H@Z
??4CTXDataField@@QAEAAV0@K@Z
??4CTXDataField@@QAEAAV0@N@Z
??4CTXDataField@@QAEAAV0@PAUITXArray@@@Z
??4CTXDataField@@QAEAAV0@PAUITXData@@@Z
??4CTXDataField@@QAEAAV0@PAUIUnknown@@@Z
??4CTXDataField@@QAEAAV0@PB_W@Z
??4CTXDataField@@QAEAAV0@U_GUID@@@Z
??4CTXDataField@@QAEAAV0@VCTXBSTR@@@Z
??4CTXDataField@@QAEAAV0@_J@Z
??4CTXDataField@@QAEAAV0@_K@Z
??4CTXDataField@@QAEAAV0@_N@Z
??4CTXFileDialog@@QAEAAV0@ABV0@@Z
??4CTXHttpDownloadSink@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@D@Z
??4CTXStringA@@QAEAAV0@PBD@Z
??4CTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@_W@Z
??4CTXTime@@QAEAAV0@V0@@Z
??4CTXTime@@QAEAAV0@_J@Z
??4CTXTimeSpan@@QAEAAV0@V0@@Z
??4CUnZipFile@@QAEAAV0@ABV0@@Z
??4CUnzipBuffers@@QAEAAV0@ABV0@@Z
??4CZipBuffers@@QAEAAV0@ABV0@@Z
??4CZipFiles@@QAEAAV0@ABV0@@Z
??4VTXDataSenderTimeOutCallback@@QAEAAV0@ABV0@@Z
??7CTXStringA@@QBE_NXZ
??7CTXStringW@@QBE_NXZ
??8@YA_NABVCTXStringA@@0@Z
??8@YA_NABVCTXStringA@@D@Z
??8@YA_NABVCTXStringA@@PBD@Z
??8@YA_NABVCTXStringW@@0@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??8@YA_NABVCTXStringW@@_W@Z
??8@YA_NDABVCTXStringA@@@Z
??8@YA_NPA_WABVCTXBSTR@@@Z
??8@YA_NPA_WABVCTXStringW@@@Z
??8@YA_NPBDABVCTXStringA@@@Z
??8@YA_NPB_WABVCTXBSTR@@@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??8@YA_N_WABVCTXStringW@@@Z
??8CP2PDownloadParam@@QAEHABV0@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??8CTXBSTR@@QBE_NPA_W@Z
??8CTXBSTR@@QBE_NPB_W@Z
??8CTXTime@@QBE_NV0@@Z
??8CTXTimeSpan@@QBE_NV0@@Z
??9@YA_NABVCTXStringA@@0@Z
??9@YA_NABVCTXStringA@@D@Z
??9@YA_NABVCTXStringA@@PBD@Z
??9@YA_NABVCTXStringW@@0@Z
??9@YA_NABVCTXStringW@@PB_W@Z
??9@YA_NABVCTXStringW@@_W@Z
??9@YA_NDABVCTXStringA@@@Z
??9@YA_NPA_WABVCTXBSTR@@@Z
??9@YA_NPBDABVCTXStringA@@@Z
??9@YA_NPB_WABVCTXBSTR@@@Z
??9@YA_NPB_WABVCTXStringW@@@Z
??9@YA_N_WABVCTXStringW@@@Z
??9CP2PDownloadParam@@QAEHABV0@@Z
??9CTXBSTR@@QBE_NABV0@@Z
??9CTXBSTR@@QBE_NPA_W@Z
??9CTXBSTR@@QBE_NPB_W@Z
??9CTXTime@@QBE_NV0@@Z
??9CTXTimeSpan@@QBE_NV0@@Z
??ABig@@QAEAAIH@Z
??ACTXArray@@QAEAAVCTXArrayField@@H@Z
??ACTXArray@@QAEAAVCTXArrayField@@I@Z
??ACTXData@@QAEAAVCTXDataField@@PBD@Z
??ACTXData@@QAEAAVCTXDataField@@PB_W@Z
??ACTXStringA@@QBEDH@Z
??ACTXStringW@@QBE_WH@Z
??BCTXArray@@QBEPAUITXArray@@XZ
??BCTXArrayField@@QBE?AU_GUID@@XZ
??BCTXArrayField@@QBE?AV?$CComPtr@UITXArray@@@ATL@@XZ
??BCTXArrayField@@QBE?AV?$CComPtr@UITXData@@@ATL@@XZ
??BCTXArrayField@@QBE?AVCTXBSTR@@XZ
??BCTXArrayField@@QBE?AVCTXStringW@@XZ
??BCTXArrayField@@QBEDXZ
??BCTXArrayField@@QBEEXZ
??BCTXArrayField@@QBEFXZ
??BCTXArrayField@@QBEGXZ
??BCTXArrayField@@QBEHXZ
??BCTXArrayField@@QBEJXZ
??BCTXArrayField@@QBEKXZ
??BCTXArrayField@@QBENXZ
??BCTXArrayField@@QBEPAUITXArray@@XZ
??BCTXArrayField@@QBEPAUITXData@@XZ
??BCTXArrayField@@QBEPAUIUnknown@@XZ
??BCTXArrayField@@QBE_JXZ
??BCTXArrayField@@QBE_KXZ
??BCTXArrayField@@QBE_NXZ
??BCTXBSTR@@QBEPA_WXZ
??BCTXCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
??BCTXData@@QBEPAUITXData@@XZ
??BCTXDataField@@QBE?AU_GUID@@XZ
??BCTXDataField@@QBE?AV?$CComPtr@UITXArray@@@ATL@@XZ
??BCTXDataField@@QBE?AV?$CComPtr@UITXData@@@ATL@@XZ
??BCTXDataField@@QBE?AVCTXBSTR@@XZ
??BCTXDataField@@QBE?AVCTXStringW@@XZ
??BCTXDataField@@QBEDXZ
??BCTXDataField@@QBEEXZ
??BCTXDataField@@QBEFXZ
??BCTXDataField@@QBEGXZ
??BCTXDataField@@QBEHXZ
??BCTXDataField@@QBEJXZ
??BCTXDataField@@QBEKXZ
??BCTXDataField@@QBENXZ
??BCTXDataField@@QBEPAUITXArray@@XZ
??BCTXDataField@@QBEPAUITXData@@XZ
??BCTXDataField@@QBEPAUIUnknown@@XZ
??BCTXDataField@@QBE_JXZ
??BCTXDataField@@QBE_KXZ
??BCTXDataField@@QBE_NXZ
??BCTXStringA@@QBEPBDXZ
??BCTXStringW@@QBEPB_WXZ
??CCTXArray@@QBEPAUITXArray@@XZ
??CCTXData@@QBEPAUITXData@@XZ
??EBig@@QAEAAV0@XZ
??FBig@@QAEAAV0@XZ
??GCTXTime@@QBE?AV0@VCTXTimeSpan@@@Z
??GCTXTime@@QBE?AVCTXTimeSpan@@V0@@Z
??GCTXTimeSpan@@QBE?AV0@V0@@Z
??H@YA?AVCTXStringA@@ABV0@0@Z
??H@YA?AVCTXStringA@@ABV0@D@Z
??H@YA?AVCTXStringA@@ABV0@PBD@Z
??H@YA?AVCTXStringA@@DABV0@@Z
??H@YA?AVCTXStringA@@PBDABV0@@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??HCTXTime@@QBE?AV0@VCTXTimeSpan@@@Z
??HCTXTimeSpan@@QBE?AV0@V0@@Z
??ICTXArray@@QAEPAPAUITXArray@@XZ
??ICTXBSTR@@QAEPAPA_WXZ
??ICTXData@@QAEPAPAUITXData@@XZ
??M@YA_NABVCTXStringA@@0@Z
??M@YA_NABVCTXStringA@@PBD@Z
??M@YA_NABVCTXStringW@@0@Z
??M@YA_NABVCTXStringW@@PB_W@Z
??M@YA_NPBDABVCTXStringA@@@Z
??M@YA_NPB_WABVCTXStringW@@@Z
??MCTXBSTR@@QBE_NABV0@@Z
??MCTXBSTR@@QBE_NPA_W@Z
??MCTXBSTR@@QBE_NPB_W@Z
??MCTXTime@@QBE_NV0@@Z
??MCTXTimeSpan@@QBE_NV0@@Z
??N@YA_NABVCTXStringA@@0@Z
??N@YA_NABVCTXStringA@@PBD@Z
??N@YA_NABVCTXStringW@@0@Z
??N@YA_NABVCTXStringW@@PB_W@Z
??N@YA_NPBDABVCTXStringA@@@Z
??N@YA_NPB_WABVCTXStringW@@@Z
??NCTXTime@@QBE_NV0@@Z
??NCTXTimeSpan@@QBE_NV0@@Z
??O@YA_NABVCTXStringA@@0@Z
??O@YA_NABVCTXStringA@@PBD@Z
??O@YA_NABVCTXStringW@@0@Z
??O@YA_NABVCTXStringW@@PB_W@Z
??O@YA_NPBDABVCTXStringA@@@Z
??O@YA_NPB_WABVCTXStringW@@@Z
??OCTXBSTR@@QBE_NABV0@@Z
??OCTXBSTR@@QBE_NPA_W@Z
??OCTXBSTR@@QBE_NPB_W@Z
??OCTXTime@@QBE_NV0@@Z
??OCTXTimeSpan@@QBE_NV0@@Z
??P@YA_NABVCTXStringA@@0@Z
??P@YA_NABVCTXStringA@@PBD@Z
??P@YA_NABVCTXStringW@@0@Z
??P@YA_NABVCTXStringW@@PB_W@Z
??P@YA_NPBDABVCTXStringA@@@Z
??P@YA_NPB_WABVCTXStringW@@@Z
??PCTXTime@@QBE_NV0@@Z
??PCTXTimeSpan@@QBE_NV0@@Z
??XBig@@QAEAAV0@ABV0@@Z
??XBig@@QAEAAV0@H@Z
??YBig@@QAEAAV0@ABV0@@Z
??YBig@@QAEAAV0@H@Z
??YCTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@PB_W@Z
??YCTXStringA@@QAEAAV0@ABV0@@Z
??YCTXStringA@@QAEAAV0@D@Z
??YCTXStringA@@QAEAAV0@PBD@Z
??YCTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??YCTXStringW@@QAEAAV0@_W@Z
??YCTXTime@@QAEAAV0@VCTXTimeSpan@@@Z
??YCTXTimeSpan@@QAEAAV0@V0@@Z
??ZBig@@QAEAAV0@ABV0@@Z
??ZBig@@QAEAAV0@H@Z
??ZCTXTime@@QAEAAV0@VCTXTimeSpan@@@Z
??ZCTXTimeSpan@@QAEAAV0@V0@@Z
??_0Big@@QAEAAV0@ABV0@@Z
??_0Big@@QAEAAV0@H@Z
??_1Big@@QAEAAV0@ABV0@@Z
??_1Big@@QAEAAV0@H@Z
??_2Big@@QAEAAV0@H@Z
??_3Big@@QAEAAV0@H@Z
??_7CDataSenderBase@@6B@
??_7CP2PDownload@@6B@
??_7CP2PDownloadParam@@6B@
??_7CP2PDownloadUIInterface@@6B@
??_7CRootStorage@@6B@
??_7CStorage@@6B@
??_7CStream@@6B@
??_7CTXCommPack@@6B@
??_7CTXCriticalSection@@6B@
??_7CTXHttpDownload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpDownload@@6BCTXThreadModel@@@
??_7CTXHttpDownloadSink@@6B@
??_7CTXHttpUpload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUpload@@6BCTXThreadModel@@@
??_7CTXHttpUploadBuffer@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadBuffer@@6BCTXThreadModel@@@
??_7CTXHttpUploadStandard@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadStandard@@6BCTXThreadModel@@@
??_7CTXTCPDataSender@@6B@
??_7CTXTCPThread@@6B@
??_7CTXUDPDataSender@@6B@
??_7VTXDataSenderTimeOutCallback@@6B@
??_FCEcdsa@@QAEXXZ
??_FCGZipBuffer@@QAEXXZ
?AbortDownload@CP2PDownload@@QAEXXZ
?Activate@TXBugMonitor@@YAXXZ
?ActiveMode@RegistryCenter@Util@@YAJW4__MIDL___MIDL_itf_IRegistry_0000_0004@@@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBuf@CTXCommPack@@QAEHPBEI@Z
?AddBufLenByte@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBufLenDWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBuffer@CZipBuffers@@QAE_NPBXIPBD@Z
?AddBundleFile@TXStringBundle@@YAXPB_W0@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddCacheTask@CP2PDownload@@IAEXAAVCTXStringA@@@Z
?AddConfigData@ModuleConfig@@YAJPB_W0@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?AddEncryptInfo@TXEncryptMgr@@YAJU_GUID@@PAUITXDataStorage@@PAUITXSvrSealCrypto@@PAUITXEncUIGetPass@@PAUITXCallback@@H@Z
?AddErrorSink@FS@@YAHPAUITXFileSystemErrorSink@@@Z
?AddEvent@CTXThreadModel@@IAEXPAX@Z
?AddFile@CZipFiles@@QAE_NABVCTXStringW@@0@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?AddFmtString@TXStringBundle@@YAXABVCFmtString@@@Z
?AddFormData@CTXHttpDownload@@QAEXABVCTXStringW@@0@Z
?AddHttpExtInfo@CP2PDownload@@QAEHABVCTXStringA@@0@Z
?AddIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@0@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@K@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@PBEK@Z
?AddObjectFactory@UtilOPCall@@YAHPAUITXOPObjectFactory@@@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
?AddPlugin@CoreCenter@Util@@YAHPA_WPAUITXData@@@Z
?AddPluginEx@CoreCenter@Util@@YAHPAUITXData@@PA_W0@Z
?AddRef@?$RefCountedThreadSafe@VCShortStreamContainer@@U?$RefCountedThreadPtrDestruct@VCShortStreamContainer@@@destruct@base@@$00@base@@QAEXXZ
?AddRef@?$RefCountedThreadSafe@VCStorageIterator@@U?$RefCountedThreadPtrDestruct@VCStorageIterator@@@destruct@base@@$00@base@@QAEXXZ
?AddRef@CCmdCodecBase@@MAGKXZ
?AddRelativeFileSystem@FS@@YAJPB_W00HH@Z
?AddResumeUrl@Http@Util@@YAHVCTXStringW@@W4__MIDL___MIDL_itf_IRegistry_0000_0003@@00@Z
?AddStrA@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrAEndChar@CTXCommPack@@QAEHABVCTXStringA@@E@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrALenDWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrW@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWEndChar@CTXCommPack@@QAEHABVCTXStringW@@E@Z
?AddStrWLenByte@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWLenDWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddStrWLenWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddTLV@CTXCommPack@@QAEHEABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHGABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHKABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
?AddUInt64@CTXCommPack@@QAEH_KH@Z
?AddVBuf@CTXCommPack@@IAEHABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?AllocSysString@CTXStringW@@QBEPA_WXZ
?AnalyseResponseData@CTXHttpDownload@@AAEHAAH@Z
?AnalyseResponseHead@CTXHttpDownload@@AAEHXZ
?AnsiToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?Append@CTXBSTR@@QAEJABV1@@Z
?Append@CTXBSTR@@QAEJD@Z
?Append@CTXBSTR@@QAEJPB_W@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
?Append@CTXBSTR@@QAEJ_W@Z
?Append@CTXStringA@@QAEXABV1@@Z
?Append@CTXStringA@@QAEXPBD@Z
?Append@CTXStringA@@QAEXPBDH@Z
?Append@CTXStringW@@QAEXABV1@@Z
?Append@CTXStringW@@QAEXPB_W@Z
?Append@CTXStringW@@QAEXPB_WH@Z
?AppendBSTR@CTXBSTR@@QAEJPA_W@Z

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DataManager.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d75962fa56bab7cf8a2ad045a5869dc7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1c:e3:70:29:5a:52:9c:e5:f2:14:49:7b:f8:a3:15:7e:03:bb:f2:d9
Signer

Actual PE Digest

1c:e3:70:29:5a:52:9c:e5:f2:14:49:7b:f8:a3:15:7e:03:bb:f2:d9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\DataManager.pdb

Imports

common

??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
??OCTXTime@@QBE_NV0@@Z
??0CTXTime@@QAE@ABV0@@Z
??0CTXTime@@QAE@ABU_SYSTEMTIME@@H@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??4CTXTime@@QAEAAV0@V0@@Z
??0CTXTime@@QAE@HHHHHHH@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
?GetLength@CTXStringW@@QBEHXZ
??8@YA_NABVCTXStringW@@PB_W@Z
??0CTXStringW@@QAE@PA_W@Z
?GetDay@CTXTime@@QBEHXZ
?GetMonth@CTXTime@@QBEHXZ
?GetDayOfWeek@CTXTime@@QBEHXZ
?Mid@CTXStringW@@QBE?AV1@HH@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??0CTXTime@@QAE@XZ
?TXAssert@@YAHPB_W0H@Z

wininet

InternetTimeToSystemTimeW

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenW
GetModuleFileNameW
RaiseException
GetLastError
MultiByteToWideChar
lstrlenA
GetModuleHandleW
InterlockedExchange
ReleaseSemaphore
WaitForSingleObject
CloseHandle
TerminateThread
ResumeThread
CreateSemaphoreW
Sleep
SetEvent
CreateEventW
DeleteFileW
MoveFileExW
GetSystemTime
GetProcAddress
GetTickCount
CreateFileMappingW
QueryPerformanceCounter
GetDiskFreeSpaceA
GetSystemInfo
UnlockFile
LockFile
GetFileAttributesExW
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
GetCurrentProcessId
WriteFile
GetTempPathA
WideCharToMultiByte
LocalFree
LoadLibraryW
AreFileApisANSI
SizeofResource
FormatMessageW
GetVersionExW
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetFullPathNameW
GetFullPathNameA
FlushFileBuffers
CreateFileA
GetTempPathW
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
LockFileEx
SetEndOfFile
GetDiskFreeSpaceW
FreeLibrary
LoadLibraryA
InterlockedCompareExchange
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetCurrentThreadId
IsDebuggerPresent
InitializeCriticalSection
DeleteCriticalSection
SetThreadLocale
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
DeleteFileA

user32

CreateWindowExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PostMessageW
IsWindow
DestroyWindow
RegisterClassExW
LoadCursorW
UnregisterClassA

ole32

CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString
DispCallFunc
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VarBstrCmp

livelog

?GetProtocolVersion@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckUnadvise@@YAXPB_W@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?Utf8ToWS@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?LogToFile@@YAXPB_WZZ
?IsDoLog@@YAHXZ
?CheckFileExist@@YAHPB_W@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?CreateAllDirectory@@YAHPB_W@Z
?CheckDirectoryExist@@YAHPB_W@Z
?GetComModuleHandle@@YAPAUHINSTANCE__@@PB_W@Z

atl80

ord18
ord22
ord64
ord10
ord11
ord32
ord58
ord31
ord30
ord15

msvcp80

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr80

atol
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z
memset
memcpy_s
_CxxThrowException
sprintf_s
wcslen
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_purecall
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memcmp
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??2@YAPAXI@Z
memmove_s
??_V@YAXPAX@Z
_recalloc
free
memcpy
malloc
strlen
_stricmp
strcmp
strtoul
wcscmp
wcschr
_vscwprintf
vswprintf_s
wcstoul
_wcsicmp
calloc
wcsstr
_beginthreadex
_unlock
sscanf
modf
wcsrchr
ldiv
_wcsupr_s
??8type_info@@QBE_NABV0@@Z
wcscpy_s
wcstok_s
_wcsdup
wcsncpy_s
_wtoi
_wtol
swscanf
wcstol
_itow_s
realloc
memmove
strncmp
_localtime64_s
_except_handler4_common
__CppXcptFilter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 724KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHelper.dll
.dll windows:4 windows x86 arch:x86

357f6a6ffa9b44dc2f7090d9443d2a2d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:54:39:3b:17:88:a3:ca:72:5a:0e:bb:ae:76:6e:9a:ab:0e:3a:4b
Signer

Actual PE Digest

02:54:39:3b:17:88:a3:ca:72:5a:0e:bb:ae:76:6e:9a:ab:0e:3a:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\DesktopHelper.pdb

Imports

kernel32

GetStringTypeA
InitializeCriticalSection
GetStringTypeW
GetLocaleInfoA
MultiByteToWideChar
LoadLibraryA
IsValidCodePage
GetOEMCP
LCMapStringA
LCMapStringW
GetCurrentProcessId
GetVersionExW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetLastError
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP

user32

UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
CallNextHookEx
FillRect
InvalidateRect
GetClientRect
ReleaseDC
RegisterWindowMessageW
GetDC
GetPropW
CallWindowProcW
RemovePropW
SetPropW
IsWindow
FindWindowW
DefWindowProcW
FindWindowExW
PostMessageW
SendMessageW
SetWindowLongW

gdi32

DeleteObject
CreateSolidBrush
CreateCompatibleDC
ExtTextOutW
DeleteDC
SetBkColor
CreateCompatibleBitmap
SelectObject

Exports

Exports

EndHelper
StartHelper

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DLLShare
Size: 4KB - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DesktopHelperX.dll
.dll windows:4 windows x64 arch:x64

ff526651f4ac3d1d5e5749075c6ac7b5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ef:65:04:d9:50:0e:4b:bd:a2:61:c9:1b:9f:40:a2:9f:7b:d1:64:d7
Signer

Actual PE Digest

ef:65:04:d9:50:0e:4b:bd:a2:61:c9:1b:9f:40:a2:9f:7b:d1:64:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\DesktopHelperX.pdb

Imports

kernel32

GetStringTypeA
InitializeCriticalSection
GetStringTypeW
HeapReAlloc
GetLocaleInfoA
MultiByteToWideChar
LoadLibraryA
IsValidCodePage
GetOEMCP
LCMapStringA
LCMapStringW
GetVersionExW
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetCurrentThreadId
FlsSetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
GetModuleHandleA
GetProcAddress
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
RtlVirtualUnwind
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP

user32

DefWindowProcW
IsWindow
FindWindowW
PostMessageW
FindWindowExW
SendMessageW
SetWindowLongPtrW
UnhookWindowsHookEx
SetWindowsHookExW
GetWindowThreadProcessId
CallNextHookEx
FillRect
InvalidateRect
GetClientRect
ReleaseDC
RegisterWindowMessageW
GetDC
GetPropW
CallWindowProcW
RemovePropW
SetPropW

gdi32

DeleteObject
CreateSolidBrush
ExtTextOutW
CreateCompatibleDC
SetBkColor
DeleteDC
CreateCompatibleBitmap
SelectObject

Exports

Exports

EndHelper
StartHelper

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DLLShare
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Encrypt.dll
.dll windows:4 windows x86 arch:x86

47da59b804814b3aca9123d6dfe114e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

83:14:28:cf:b1:f9:b5:67:15:c1:07:1b:eb:06:fc:db:f6:4f:6c:f8
Signer

Actual PE Digest

83:14:28:cf:b1:f9:b5:67:15:c1:07:1b:eb:06:fc:db:f6:4f:6c:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Encrypt.pdb

Imports

msvcr80

_crt_debugger_hook
__clean_type_info_names_internal
__dllonexit
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
memset
rand
_unlock
??3@YAXPAX@Z

ws2_32

ntohl
htonl

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTickCount

Exports

Exports

?TeaDecryptECB@@YAXPBE0PAE@Z
?TeaEncryptECB@@YAXPBE0PAE@Z
?oi_symmetry_decrypt2@@YAHPBEH0PAEPAH@Z
?oi_symmetry_decrypt@@YAHPBEH0PAEPAH@Z
?oi_symmetry_encrypt2@@YAXPBEH0PAEPAH@Z
?oi_symmetry_encrypt@@YAXPBEH0PAEPAH@Z

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GF.dll
.dll regsvr32 windows:4 windows x86 arch:x86

067a241b75f85b1720f830ab09f50af0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:f9:a1:d8:a3:cb:4d:29:6e:23:a2:32:01:4c:3f:66:67:66:81:0e
Signer

Actual PE Digest

2e:f9:a1:d8:a3:cb:4d:29:6e:23:a2:32:01:4c:3f:66:67:66:81:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\GF.pdb

Imports

xgraphic32

GetTextureMode
CreateTextureRgn
GetTextureCurSlice
ARGBColorize
DrawTextureEx
RotateTexture
FlipTexture
ColorizeTexture
GeoRectangle
GeoRoundRect
CanvasToTexture
SetCanvasWindow
SetViewportOrg
GeoRectFocusEx
FillGradualRect
GetTextureSize
DrawTexture
GrayTexture
GetTextureFilter
NormalizeTexture
SetTextureMode
TranslateTexture
SetTextureSlice
SetTextureCurSlice
GetCanvasBkColor
GetCanvasFilter
GetCanvasHandle
DrawModulation
CopyTexture
LightTexture
DeleteTexture
CreateTexture
LockTextureBits
UnlockTextureBits
GetTextureHandle
ShuffleTextureEx
SetTextureFilter
GetWindowOrg
GetCanvasWindow
FillSolidRectEx
CreateCanvas
SetCanvasFilter
InvertTexture
GeoRectangleEx
FillSolidRect
CanvasScroll
SetCanvasBkColor
SetWindowOrg
ReleaseTexture
GetTexture
GetViewportOrg
GdiTransCanvas
MixCanvasWithColor
BlendCanvas
DeleteCanvas
MixCanvas

arkgraphic

arkCanvasDrawLine
arkCanvasDrawRectangle
arkCanvasDrawCircle
arkCanvasGetStrokeWidth
arkPathDestroy
arkCanvasDestroy
arkGradientDestroy
arkCanvasDrawPath
arkPathGetBounds
arkCanvasDrawEllipse
arkCanvasGetMapRect
arkGradientCreateLinear
arkGradientCreateRadial
arkGradientAddColorStop
arkBitmapCreate
arkCanvasDrawBitmap
arkCanvasSetMapPolygon
arkCanvasClipRect
arkPathQuadraticCurveTo
arkPathAddArc
arkPathAddRectangle
arkCanvasSetStrokeJoin
arkCanvasSetStrokeCap
arkCanvasClear
arkPathCreate
arkBitmapDestroy
arkCanvasCreateFromBitmap
arkBitmapCreateFromData
arkCanvasSetColor
arkCanvasSetGradient
arkCanvasSetStrokeWidth
arkCanvasSetDrawStyle
arkCanvasSetBlendValue
arkCanvasSetBlendMode
arkPathAddCircle
arkPathAddEllipse
arkCanvasClipPath
arkCanvasSave
arkCanvasRestore
arkCanvasRotate
arkCanvasScale
arkCanvasTranslate
arkPathBegin
arkPathClose
arkPathMoveTo
arkPathLineTo
arkPathArcTo
arkPathBezierCurveTo

common

??1CTXData@@QAE@XZ
?SetCreateObjectFactory@CoreCenter@Util@@YAXP6AJABU_GUID@@0PAPAX@Z@Z
?SetGetServiceFactory@CoreCenter@Util@@YAXP6AJABU_GUID@@PA_WPAPAX@Z@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
?Empty@CTXStringA@@QAEXXZ
?GetBufferSetLength@CTXStringA@@QAEPADH@Z
?ReleaseBuffer@CTXStringA@@QAEXH@Z
ord27
?AppendFormat@CTXStringW@@QAAXPB_WZZ
?GetCore@CoreCenter@Util@@YAHPA_WPAPAUITXCore@@@Z
?CreateExtensionSort@Extension@Util@@YAXABU_GUID@@PAPAUITXExtensionSort@@@Z
?GetMainThreadLoop@Misc@Util@@YAPAVMessageLoopForUI@@XZ
?CreateExtensionLogic@Extension@Util@@YAXABU_GUID@@PAPAUITXExtensionLogic@@@Z
??0CTXBSTR@@QAE@ABU_GUID@@@Z
?Tokenize@CTXStringW@@QBE?AV1@PB_WAAH@Z
?GetCurrentCallStack@Sys@Util@@YA?AVCTXStringW@@V3@HH@Z
?StartThread@CTXThreadModel@@QAEHXZ
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
??0CTXThreadModel@@IAE@XZ
??1CTXThreadModel@@MAE@XZ
?StopThread@CTXThreadModel@@QAEXK@Z
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
??YCTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
?NotifyIdle@Window@Util@@YAJXZ
??OCTXBSTR@@QBE_NABV0@@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
ord25
?GetBSTRPtr@CTXStringW@@QAEPAPA_WXZ
?GetBufferSetLength@CTXStringW@@QAEPA_WH@Z
?TrimLeft@CTXStringW@@QAEAAV1@PB_W@Z
??0CTXStringA@@QAE@PBD@Z
?CompareNoCase@CTXStringA@@QBEHPBD@Z
??0CFmtString@@QAE@XZ
?PropertyStr@CFmtString@@QAEHPB_W0@Z
?DoFormat@CFmtString@@QAEPB_WPB_W@Z
??1CFmtString@@QAE@XZ
?MakeUpper@CTXStringW@@QAEAAV1@XZ
??4CTXData@@QAEAAV0@PAUITXData@@@Z
?Create@CTXData@@QAEXXZ
??8CTXBSTR@@QBE_NABV0@@Z
?OpenUrlWithDefBrowser@UrlBase@Util@@YAXABVCTXStringW@@@Z
??BCTXDataField@@QBEHXZ
??9CTXBSTR@@QBE_NPA_W@Z
??8CTXBSTR@@QBE_NPA_W@Z
??4CTXDataField@@QAEAAV0@K@Z
??4CTXDataField@@QAEAAV0@PAUIUnknown@@@Z
??BCTXDataField@@QBE_NXZ
??0CTXData@@QAE@PAUITXData@@@Z
??BCTXDataField@@QBEJXZ
??H@YA?AVCTXStringW@@ABV0@_W@Z
??YCTXBSTR@@QAEAAV0@ABV0@@Z
?CopyTo@CTXBSTR@@QBEJPAPA_W@Z
?Empty@CTXStringW@@QAEXXZ
?CopyTXDataField@Data@Util@@YAHPAUITXDataRead@@PAUITXData@@PB_W2@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
?SBCToDBC@Convert@Util@@YA_NAAVCTXStringW@@@Z
??M@YA_NABVCTXStringA@@0@Z
??0CTXStringA@@QAE@XZ
?Format@CTXStringA@@QAAXPBDZZ
?GetString@CTXStringA@@QBEPBDXZ
??4CTXDataField@@QAEAAV0@_N@Z
??0CTXData@@QAE@XZ
??ACTXData@@QAEAAVCTXDataField@@PBD@Z
??4CTXDataField@@QAEAAV0@VCTXBSTR@@@Z
??BCTXData@@QBEPAUITXData@@XZ
??4CTXDataField@@QAEAAV0@H@Z
?Append@CTXStringW@@QAEXABV1@@Z
?ConvertXMLStrToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
?ConvertTXDataStringBundle@Convert@Util@@YAHPAUITXData@@@Z
?Right@CTXStringW@@QBE?AV1@H@Z
??9@YA_NPB_WABVCTXStringW@@@Z
??9@YA_NABVCTXStringW@@PB_W@Z
??8@YA_NABVCTXStringW@@0@Z
??8CTXBSTR@@QBE_NPB_W@Z
?Remove@CTXStringW@@QAEH_W@Z
?Empty@CTXBSTR@@QAEXXZ
??9CTXBSTR@@QBE_NABV0@@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??1CTXBSTR@@QAE@XZ
?ConvertXMLToTXData@Convert@Util@@YAHPA_WPAPA_WPAUITXData@@0@Z
??ICTXBSTR@@QAEPAPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??1CTXStringW@@QAE@XZ
?IsFileExist@FS@@YAHPB_W@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXBSTR@@QAE@ABV0@@Z
?CreateTXArray@Data@Util@@YAHPAPAUITXArray@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
?Length@CTXBSTR@@QBEIXZ
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?GetLength@CTXStringW@@QBEHXZ
??4CTXStringW@@QAEAAV0@PA_W@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??0CTXStringW@@QAE@XZ
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?IsFileSystemFile@FS@@YAHPB_W@Z
??BCTXStringW@@QBEPB_WXZ
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
??0CTXStringW@@QAE@PB_W@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
??0CTXStringW@@QAE@ABV0@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?Format@CTXStringW@@QAAXPB_WZZ
??M@YA_NABVCTXStringW@@0@Z
??1CTXStringA@@QAE@XZ
??BCTXStringA@@QBEPBDXZ
?Utf8FromWS@Convert@Util@@YA?AVCTXStringA@@PB_WH@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
?Trim@CTXStringW@@QAEAAV1@XZ
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??0CTXStringW@@QAE@PA_W@Z
??ACTXStringW@@QBE_WH@Z
?Delete@CTXStringW@@QAEHHH@Z
?Mid@CTXStringW@@QBE?AV1@HH@Z
?FindOneOf@CTXStringW@@QBEHPB_W@Z
??9@YA_NABVCTXStringW@@0@Z
wcslcpy
??0CTXStringW@@QAE@PB_WH@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?Compare@CTXStringW@@QBEHPB_W@Z
?GetLCID@TXI18N@@YAKXZ
??YCTXStringW@@QAEAAV0@ABV0@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?FreeComLibrary@Com@Util@@YGJPB_W@Z
?GetString@CTXStringW@@QBEPB_WXZ
?Find@CTXStringW@@QBEHPB_WH@Z
?GuidFromString@Com@Util@@YAJPA_WAAU_GUID@@@Z
?IsEmpty@CTXBSTR@@QAEHXZ
?MakeLower@CTXStringW@@QAEAAV1@XZ
?Find@CTXStringW@@QBEH_WH@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?LoadTinyXmlByContent@FS@Util@@YAHPA_WPAPAVTiXmlDocument@@H@Z
?ConvertXMLSpecialLabel@Convert@Util@@YAHPA_W0PAPA_W@Z
?LoadTinyXmlByName@FS@Util@@YAHPB_WPAPAVTiXmlDocument@@H@Z
?SplitCmdString@Misc@Util@@YAXABVCTXStringW@@AAV?$vector@VCTXStringW@@V?$allocator@VCTXStringW@@@std@@@std@@@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
?GetAt@CTXStringW@@QBE_WH@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??9CTXBSTR@@QBE_NPB_W@Z
?IsStopped@CoreCenter@Util@@YAHXZ
??MCTXBSTR@@QBE_NABV0@@Z
?SafeLoadLibrary@Sys@Util@@YAPAUHINSTANCE__@@PB_W@Z
ord34
ord33
?Copy@CTXBSTR@@QBEPA_WXZ
?AllocSysString@CTXStringW@@QBEPA_WXZ
??YCTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@_WH@Z
?GetLength@CTXStringA@@QBEHXZ
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z

imm32

ImmAssociateContext
ImmReleaseContext
ImmGetContext

rpcrt4

UuidToStringW
RpcStringFreeW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

arkimage

arkSetActiveFrame
arkCreateDecoder
arkReadImageInfo
arkReadImageFrame
arkDestroyDecoder

arkiostub

arkCreateStub
arkDeleteStub
arkRegisterFS

tinyxml

?SetStreamPrinting@TiXmlPrinter@@QAEXXZ
?CStr@TiXmlPrinter@@QAEPBDXZ
??1TiXmlPrinter@@UAE@XZ
?FirstChild@TiXmlNode@@QAEPAV1@XZ
?Value@TiXmlNode@@QBEPBDXZ
?NextSibling@TiXmlNode@@QAEPAV1@XZ
??0TiXmlPrinter@@QAE@XZ
?Type@TiXmlNode@@QBEHXZ
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?Next@TiXmlAttribute@@QAEPAV1@XZ
?Value@TiXmlAttribute@@QBEPBDXZ
?Name@TiXmlAttribute@@QBEPBDXZ
?FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?GetText@TiXmlElement@@QBEPBDXZ
?LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlElement@@QAE@PBD@Z
?Print@TiXmlElement@@UBEXPAU_iobuf@@H@Z
?Parse@TiXmlElement@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?ToDocument@TiXmlNode@@UAEPAVTiXmlDocument@@XZ
?ToDocument@TiXmlNode@@UBEPBVTiXmlDocument@@XZ
?ToElement@TiXmlElement@@UAEPAV1@XZ
?ToElement@TiXmlElement@@UBEPBV1@XZ
?ToComment@TiXmlNode@@UAEPAVTiXmlComment@@XZ
?ToComment@TiXmlNode@@UBEPBVTiXmlComment@@XZ
?ToUnknown@TiXmlNode@@UAEPAVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@UBEPBVTiXmlUnknown@@XZ
?ToText@TiXmlNode@@UAEPAVTiXmlText@@XZ
?ToText@TiXmlNode@@UBEPBVTiXmlText@@XZ
?ToDeclaration@TiXmlNode@@UAEPAVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@UBEPBVTiXmlDeclaration@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?Print@TiXmlText@@UBEXPAU_iobuf@@H@Z
?Parse@TiXmlText@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?ToElement@TiXmlNode@@UAEPAVTiXmlElement@@XZ
?ToElement@TiXmlNode@@UBEPBVTiXmlElement@@XZ
?ToText@TiXmlText@@UAEPAV1@XZ
?ToText@TiXmlText@@UBEPBV1@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z
??1TiXmlElement@@UAE@XZ
??1TiXmlText@@UAE@XZ
?Parent@TiXmlNode@@QAEPAV1@XZ

lua

?lua_pushboolean@@YAXPAUlua_State@@H@Z
?lua_toboolean@@YAHPAUlua_State@@H@Z
?lua_pushinteger@@YAXPAUlua_State@@H@Z
?lua_tointeger@@YAHPAUlua_State@@H@Z
?lua_pushlstring@@YAXPAUlua_State@@PBDI@Z
?lua_createtable@@YAXPAUlua_State@@HH@Z
?lua_getfield@@YAXPAUlua_State@@HPBD@Z
?lua_setfield@@YAXPAUlua_State@@HPBD@Z
?lua_pushvalue@@YAXPAUlua_State@@H@Z
?luaL_loadbuffer@@YAHPAUlua_State@@PBDI1@Z
?lua_type@@YAHPAUlua_State@@H@Z
?lua_tolstring@@YAPBDPAUlua_State@@HPAI@Z
?lua_setfenv@@YAHPAUlua_State@@H@Z
?lua_pcall@@YAHPAUlua_State@@HHH@Z
?lua_objlen@@YAIPAUlua_State@@H@Z
?lua_gettop@@YAHPAUlua_State@@@Z
?luaopen_os@@YAHPAUlua_State@@@Z
?lua_settop@@YAXPAUlua_State@@H@Z
?lua_tonumber@@YANPAUlua_State@@H@Z
?lua_pushnil@@YAXPAUlua_State@@@Z
?lua_pushnumber@@YAXPAUlua_State@@N@Z
?lua_insert@@YAXPAUlua_State@@H@Z
?lua_settable@@YAXPAUlua_State@@H@Z
?lua_pushcclosure@@YAXPAUlua_State@@P6AH0@ZH@Z
?lua_pushstring@@YAXPAUlua_State@@PBD@Z
?luaopen_debug@@YAHPAUlua_State@@@Z
?luaopen_math@@YAHPAUlua_State@@@Z
?luaopen_string@@YAHPAUlua_State@@@Z
?luaopen_table@@YAHPAUlua_State@@@Z
?luaopen_base@@YAHPAUlua_State@@@Z
?luaL_newstate@@YAPAUlua_State@@XZ
?lua_close@@YAXPAUlua_State@@@Z
?luaL_register@@YAXPAUlua_State@@PBDPBUluaL_Reg@@@Z
?luaL_newmetatable@@YAHPAUlua_State@@PBD@Z
?luaL_checkudata@@YAPAXPAUlua_State@@HPBD@Z
?lua_touserdata@@YAPAXPAUlua_State@@H@Z
?lua_remove@@YAXPAUlua_State@@H@Z
?lua_newuserdata@@YAPAXPAUlua_State@@I@Z
?lua_pushlightuserdata@@YAXPAUlua_State@@PAX@Z
?lua_gettable@@YAXPAUlua_State@@H@Z
?lua_replace@@YAXPAUlua_State@@H@Z
?lua_getfenv@@YAXPAUlua_State@@H@Z
?lua_setmetatable@@YAHPAUlua_State@@H@Z

oleacc

AccessibleObjectFromWindow
LresultFromObject

wininet

InternetErrorDlg

kernel32

SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
GetModuleHandleW
GetModuleFileNameW
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
IsBadReadPtr
GetVersionExW
GetVersion
RaiseException
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
InterlockedCompareExchange
InitializeCriticalSection
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalFree
MulDiv
WideCharToMultiByte
MultiByteToWideChar
FlushInstructionCache
GetCurrentProcess
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcessId
VirtualProtect
LocalAlloc
HeapFree
ExpandEnvironmentStringsW
lstrcpynW
Sleep
GetSystemTime
SetLastError
ReleaseSemaphore
ReleaseMutex
WaitForSingleObject
SetEvent
WaitForMultipleObjects
SetThreadPriority
CreateEventW
CloseHandle
CreateSemaphoreW
CreateMutexW
ResetEvent
FreeLibrary
OutputDebugStringA
SetThreadLocale
GetThreadLocale
lstrlenW
HeapAlloc
GetCommandLineW

user32

InvalidateRect
GetParent
GetWindowLongW
FindWindowExW
GetClassInfoExW
LoadCursorW
GetActiveWindow
CharNextW
RegisterClassExW
CopyRect
OffsetRect
GetDC
GetDesktopWindow
ReleaseDC
DefWindowProcW
InvalidateRgn
IsWindow
SetWindowPos
IsRectEmpty
InflateRect
GetSystemMetrics
DestroyIcon
LoadImageW
DrawIconEx
SetRectEmpty
DrawTextExW
DrawTextW
GetWindowDC
DestroyCursor
LoadCursorFromFileW
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExW
PtInRect
SetForegroundWindow
BringWindowToTop
ScreenToClient
FillRect
GetWindowRgn
GetClassLongW
IsWindowVisible
SendMessageW
GetClassNameW
EnumThreadWindows
SetFocus
SetParent
SystemParametersInfoW
IsChild
EqualRect
CreateWindowExW
DestroyWindow
IntersectRect
UnionRect
ClientToScreen
NotifyWinEvent
ShowWindow
EnableWindow
GetCursorPos
SetCursor
UpdateWindow
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetKeyState
ReleaseCapture
SetCapture
GetSysColor
SetRect
GetCaretBlinkTime
IsIconic
PostMessageW
SetWindowLongW
GetWindowRect
GetCursor
GetFocus
CallWindowProcW
GetAsyncKeyState
GetKeyNameTextW
MapVirtualKeyW
GetMonitorInfoW
MonitorFromPoint
RedrawWindow
SubtractRect
MessageBoxW
GetDoubleClickTime
GetWindow
SetLayeredWindowAttributes
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
MonitorFromWindow
SetActiveWindow
GetUpdateRect
ValidateRect
ValidateRgn
BeginPaint
SetWindowTextW
SetWindowRgn
MapWindowPoints
GetClientRect
IsZoomed
GetWindowTextW
GetWindowTextLengthW
EndPaint
PeekMessageW
WindowFromPoint
UpdateLayeredWindow
IsWindowEnabled
GetCapture
TrackMouseEvent
CreateIconFromResource
CreateIconFromResourceEx
UnregisterClassA
RegisterClipboardFormatW
GetForegroundWindow

gdi32

SaveDC
GetViewportOrgEx
OffsetRgn
GetWindowOrgEx
ExtSelectClipRgn
DeleteObject
RestoreDC
CreateCompatibleDC
SetViewportOrgEx
SetTextColor
SetBkMode
SelectObject
SetWindowOrgEx
DeleteDC
GetDeviceCaps
GetRgnBox
CreateRectRgn
GetClipBox
GetTextExtentExPointW
CreateFontW
SetDIBits
BitBlt
CreateCompatibleBitmap
GetDIBits
SelectClipRgn
ExtTextOutW
SetBkColor
PatBlt
SetRectRgn
CreatePatternBrush
CreateBitmap
GetTextExtentPoint32W
GetPixel
SetPixel
CreatePolygonRgn
CreateDIBSection
CreatePen
GetObjectW
EnumFontFamiliesExW
DPtoLP
CreateFontIndirectW
GetTextMetricsW
CombineRgn
CreateRectRgnIndirect
GetRegionData
ExtCreateRegion
CreateRoundRectRgn
GetStockObject

advapi32

RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExA

shell32

DragQueryFileW
DragFinish
SHGetSpecialFolderPathW
SHGetFileInfoW

ole32

RegisterDragDrop
StringFromCLSID
CoCreateInstance
CLSIDFromProgID
CoFreeUnusedLibraries
CoFileTimeNow
DoDragDrop
CoTaskMemFree
RevokeDragDrop

oleaut32

SysFreeString
SysStringLen
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocString
SysAllocStringLen
VarBstrCmp
DispCallFunc
VariantInit
VariantClear

atl80

ord32
ord30
ord58
ord31
ord11
ord10
ord15
ord18
ord22
ord64

shlwapi

wnsprintfW

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

_CxxThrowException
wcscpy_s
wcsncpy_s
memset
_invalid_parameter_noinfo
wcslen
swprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
??_V@YAXPAX@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
_purecall
_recalloc
memcmp
memcpy
_time64
free
realloc
wcschr
labs
wcsncpy
_wcsicmp
wcscmp
wcsrchr
wcsncmp
swscanf
_wtof
_wtoi
abs
strlen
fabs
srand
ceil
floor
strncpy
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
malloc
memcpy_s
??3@YAXPAX@Z
memmove

usp10

ScriptGetFontProperties
ScriptTextOut
ScriptLayout
ScriptGetProperties
ScriptGetLogicalWidths
ScriptBreak
ScriptShape
ScriptFreeCache
ScriptPlace
ScriptItemize

urlmon

CoInternetGetSession

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

Exports

Exports

??0CGFAnchor@@QAE@XZ
??0CGFFrameAnchorHelper@@QAE@XZ
??4CGFAnchor@@QAEAAV0@ABV0@@Z
??4CGFFrameAnchorHelper@@QAEAAV0@ABV0@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
?AddAnchor@CGFAnchor@@QAEXEEVCRect@@VCPoint@@@Z
?AddColorizeListener@GF@Util@@YAJPAUIGFColorizeListener@@@Z
?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?AlphaMode2BlendFilter@GF@Util@@YAHH@Z
?CheckPermitActiveX@IEActiveX@Util@@YAHABU_GUID@@@Z
?CheckValidVersion@Flash@Util@@YAHKK@Z
?ClearMousePointer@GF@Util@@YAJPAUIGFFrame@@@Z
?CloseAllPopupMenu@GF@Util@@YAJXZ
?ClosePopupWindows@GF@Util@@YAXXZ
?Colorize@GF@Util@@YA?ATtagARGB@@T3@@Z
?Colorize@GF@Util@@YA?ATtagARGB@@T3@NNN@Z
?ConvertConfigMd@Metadata@Util@@YAJPA_W@Z
?CreateDropSource@GF@Util@@YA_NPAPAUIDropSource@@PAPAUIDataObject@@IPAE@Z
?CreateImagePlayer@GF@Util@@YAPAXVCTXStringW@@P6AXHPAX@Z1@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?CreateTxFile@GF@Util@@YAXPAPAVCxTXFile2@@VCTXStringW@@K@Z
?DelColorizeListener@GF@Util@@YAJPAUIGFColorizeListener@@@Z
?DeleteImagePlayer@GF@Util@@YAXPAX@Z
?DispatchFrameMsg@GF@Util@@YAJPAUIGFFrame@@PAUtagBaseArg@@PAHPAJH@Z
?DispatchMsg_LocationChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagPOINT@@1@Z
?DispatchMsg_Lock@MsgEvt@Util@@YAJPAUIGFFrame@@H@Z
?DispatchMsg_PaddingChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagRECT@@1@Z
?DispatchMsg_SizeChange@MsgEvt@Util@@YAJPAUIGFFrame@@UtagSIZE@@1@Z
?DwmEnableBlurBehindWindow@GF@Util@@YAHPAUHWND__@@HPAUHRGN__@@@Z
?DwmIsCompositionEnabled@GF@Util@@YAHXZ
?EmptyResource@GF@Util@@YAXPAX@Z
?ExtractOleDDData@GF@Util@@YA_NPAUIDataObject@@AAIAAPAE@Z
?FindDomodalChildren@GF@Util@@YAXPAUHWND__@@AAV?$vector@PAUHWND__@@V?$allocator@PAUHWND__@@@std@@@std@@@Z
?FlashFrameBorder@GF@Util@@YAJPAUIGFFrame@@EEKDKHKKPAUIGFAnimationEvent@@@Z
?FramePoint2WindowPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?FreeData@Metadata@Util@@YAJAAPA_W@Z
?FreeFlashLibrary@Flash@Util@@YAHHABVCTXStringW@@@Z
?FreeOleDDData@GF@Util@@YAXAAPAE@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAD@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAE@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAG@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAI@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAK@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAN@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPATtagARGB@@@Z
?GetAnchor@CGFFrameAnchorHelper@@QAEJPAK@Z
?GetAnchor@CGFFrameAnchorHelper@@QAEJPAPA_W@Z
?GetAnchorResult@CGFAnchor@@QAE?AVCRect@@PAVVCalcSizeSupporter@@PAUtagSIZE@@@Z
?GetAnchorResult@CGFFrameAnchorHelper@@QAE?AVCRect@@V2@0PAVVCalcSizeSupporter@@@Z
?GetBOOL@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?GetColorizeInfo@GF@Util@@YAXAAN00@Z
?GetCurrentModeId@GF@Util@@YAHXZ
?GetCurrentTexture@GF@Util@@YAPAUHGTEXTURE__@@PAX@Z
?GetCustomFlashCLSID@Flash@Util@@YAHAAU_GUID@@@Z
?GetElementExtControl@GF@Util@@YAJPAUITXExtensionAgent@@PA_WPAUITXDataRead@@PAUIGFElement@@PAPAUIGFControl@@@Z
?GetElementExtProperties@GF@Util@@YAJPAUITXExtensionAgent@@HPA_WPAUITXDataRead@@PAPAUITXData@@@Z
?GetFlashPath@Flash@Util@@YAHAAVCTXStringW@@@Z
?GetFlashVersion@Flash@Util@@YAHAAK0@Z
?GetFrameByIndex@GFSpyFuncHelper@@YAJPAUIGFFrame@@HPAPAU2@@Z
?GetFrameCount@GFSpyFuncHelper@@YAJPAUIGFFrame@@PAI@Z
?GetFrameInfo@GFSpyFuncHelper@@YAJPAUIGFFrame@@PAUtagFrameInfo@@@Z
?GetGFFrameCount@@YAMXZ
?GetIEAcxContainer@IEEvent@Util@@YAXPAPAUIActiveXContainer@@@Z
?GetImageInfo@GF@Util@@YAHPAXPAUtagImageInfo@12@@Z
?GetInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAPAU3@@Z
?GetInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAPAUITXArray@@@Z
?GetLightColor@Text@GF@Util@@YA?ATtagARGB@@T4@@Z
?GetLoadedFlashPath@Flash@Util@@YAHAAVCTXStringW@@@Z
?GetService@GF@Util@@YAJABU_GUID@@PA_WPAPAX@Z
?GetTextColor@Text@GF@Util@@YA?ATtagARGB@@T4@@Z
?GetTexture@GF@Util@@YAPAUHGTEXTURE__@@PAXI@Z
?GetTotalGFFrameCount@@YAMXZ
?GetVersionByPath@Flash@Util@@YAHPB_WAAK1@Z
?GetWindowByHWnd@GFSpyFuncHelper@@YAJPAUHWND__@@PAPAUIGFPopupWin@@@Z
?InitGFElementByTemplate@GF@Util@@YAJPA_WPAUIGFElement@@10H@Z
?IsAccessibilityEnabled@GF@Util@@YAHXZ
?IsFrameReachable@GF@Util@@YAHPAUIGFFrame@@@Z
?IsPopupMenuTracked@GF@Util@@YAHXZ
?IsValidGFElement@GF@Util@@YAHPAUIGFElement@@@Z
?LightInLightOut@GF@Util@@YAJPAUIGFFrame@@EEKDKHKKPAUIGFAnimationEvent@@@Z
?LoadIconW@GF@Util@@YAJPA_WAAPAUHICON__@@@Z
?LoadImageW@GF@Util@@YAPAXPB_WIHHI@Z
?MessageBoxW@GF@Util@@YAJPAUIGFFrame@@PAPAUIGFSysMessageBox@@VCTXStringW@@2H@Z
?MinimizeResource@GF@Util@@YAXPAX@Z
?OnColorizeChanged@GF@Util@@YAJXZ
?OnElementExtEvent@GF@Util@@YAJPAUITXExtensionAgent@@HPAUITXDataRead@@1@Z
?PopupMenu@GF@Util@@YAXPAUIGFMenu@@PAUIGFFrame@@@Z
?PrintFrame@GF@Util@@YAPAUHGTEXTURE__@@PAUIGFFrame@@KH@Z
?PrintFrameEx@GF@Util@@YAPAUHGTEXTURE__@@PAUIGFFrame@@KH@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_W1@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WD@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WE@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WG@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WH@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WI@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WK@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WN@Z
?Put@Metadata@Util@@YAJPAUITXData@@PA_WTtagARGB@@@Z
?PutBOOL@Metadata@Util@@YAJPAUITXData@@PA_WH@Z
?PutInterface@Metadata@Util@@YAJPAUITXData@@PA_W0@Z
?PutInterface@Metadata@Util@@YAJPAUITXData@@PA_WPAUITXArray@@@Z
?RawCreateGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAPAUIGFElement@@PAU4@PAUITXCore@@@Z
?RawCreateGFElementByMetadata@GF@Util@@YAJPAUITXData@@PAPAUIGFElement@@PAU4@PA_W@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@PAUITXCore@@H@Z
?RawCreateGFObjectByName@GF@Util@@YAJPA_WPAPAUIGFElement@@@Z
?RawCreateGFObjectByName@GF@Util@@YAJPA_WPAPAUIGFElement@@PAUITXCore@@@Z
?RectExToRect@CGFAnchor@@IAE?AVCRect@@AAVCRectEx@@PAVVCalcSizeSupporter@@PAUtagSIZE@@@Z
?ReloadResource@GF@Util@@YAXPAX@Z
?RestoreResource@GF@Util@@YAXPAX@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?SetAnchor@CGFAnchor@@QAEXEVCRect@@@Z
?SetAnchor@CGFFrameAnchorHelper@@QAEJK@Z
?SetAnchor@CGFFrameAnchorHelper@@QAEJPA_W@Z
?SetColorizeInfo@GF@Util@@YAXNNN@Z
?SetCurrentMode@GF@Util@@YAJH@Z
?SetCustomCheckValidVersion@Flash@Util@@YAP6AHKK@ZP6AHKK@Z@Z
?SetCustomFlashCLSID@Flash@Util@@YAHABU_GUID@@@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?SetForegroundWindow@GF@Util@@YAXPAUIGFWin@@@Z
?SetFrameAttribute@GFSpyFuncHelper@@YAJPAUIGFFrame@@PB_W1@Z
?SetImageCacheCount@@YAXK@Z
?SetLoadCustomFlashLibraryFlag@Flash@Util@@YAHH@Z
?SetModeAttr@GF@Util@@YAJHPAUITXData@@@Z
?SetPermitActiveFileList@IEActiveX@Util@@YAHPAUITXArrayRead@@@Z
?SetPermitActiveXClsidList@IEActiveX@Util@@YAHPAUITXArrayRead@@@Z
?SetPermitEnable@IEActiveX@Util@@YAHH@Z
?SetStopCreateCompoent@GF@Util@@YAXXZ
?SetUseGFFontGDIMode@GF@Util@@YAXH@Z
?SlideFrame@GF@Util@@YAJPAUIGFFrame@@VCRect@@1KDKHKKPAUIGFAnimationEvent@@@Z
?StopFlashFrameBorder@GF@Util@@YAJPAUIGFFrame@@@Z
?StopLightInLightOut@GF@Util@@YAJPAUIGFFrame@@@Z
?StopSlideFrame@GF@Util@@YAJPAUIGFFrame@@@Z
?TopFrameFromPoint@GF@Util@@YAJPAUIGFFrame@@PBUtagPOINT@@PAPAU3@@Z
?TopFrameInfoFromPoint@GFSpyFuncHelper@@YAJPAUIGFFrame@@PBUtagPOINT@@PAUtagFrameInfo@@@Z
?TransMd2GFElement@Metadata@Util@@YAJPAUITXData@@PAPAUIGFElement@@PA_W@Z
?TransStringValue@Metadata@Util@@YA?AVCTXBSTR@@V3@@Z
?TryRegisterClassFromMetadata@Script@@YA_NPA_WPAUITXData@@@Z
?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
AccessorialFocusRect
AccessorialTextOut
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetAccessorialCanvas
GetAccessorialDC
GetAccessorialHwnd
SetAccessorialCanvas
SetAccessorialDC
SetAccessorialHwnd

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HEVCDecoder.dll
.dll windows:4 windows x86 arch:x86

a25feafdaec43d6489cfbf8f91bd9037

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c9:e3:50:c2:45:a4:73:5f:a0:bd:fa:d6:1b:49:fe:62:26:c6:1e:30
Signer

Actual PE Digest

c9:e3:50:c2:45:a4:73:5f:a0:bd:fa:d6:1b:49:fe:62:26:c6:1e:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\HEVCDecoder.pdb

Imports

kernel32

GetFileAttributesW
CreateEventW
WideCharToMultiByte
CreateMutexW
InitializeCriticalSection
CloseHandle
MultiByteToWideChar
GetModuleHandleW
lstrlenA
CreateDirectoryA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrlenW
WaitForSingleObject
SetEvent
GetLastError
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
GetProcAddress
FreeLibrary
LoadLibraryW
GetLocalTime
GetTempPathW
GetModuleFileNameW
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TerminateProcess

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysStringLen

msvcp80

?length@?$char_traits@D@std@@SAIPBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?uncaught_exception@std@@YA_NXZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr80

fseek
fflush
fwrite
fopen
wcslen
memcpy_s
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_recalloc
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
_purecall
vswprintf_s
rename
_invalid_parameter_noinfo
sprintf_s
memcpy
wcsncat_s
??_V@YAXPAX@Z
wcsrchr
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_vsnprintf_s
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
ftell
free
calloc
fclose
strcpy_s
memset
strlen
??2@YAPAXI@Z
memmove_s
__RTDynamicCast
swprintf_s
??3@YAXPAX@Z
__CxxFrameHandler3
vsprintf_s
_CxxThrowException

Exports

Exports

PI_CreateDecoder
PI_DestroyDecoder

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HWDecoder.dll
.dll windows:4 windows x86 arch:x86

fd1d34b02b795f5dcc2a5781c5f1c105

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

93:76:eb:98:14:3f:04:45:b5:53:e8:f0:62:75:5a:f0:36:ba:4a:74
Signer

Actual PE Digest

93:76:eb:98:14:3f:04:45:b5:53:e8:f0:62:75:5a:f0:36:ba:4a:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\HWDecoder.pdb

Imports

d3d9

Direct3DCreate9

kernel32

InterlockedCompareExchange
GetThreadLocale
GetVersionExW
GetFileAttributesW
lstrlenW
EnterCriticalSection
CreateMutexW
GetModuleHandleW
LeaveCriticalSection
WaitForSingleObject
GetLastError
CreateEventW
DeleteCriticalSection
GetLocalTime
SetEvent
CloseHandle
lstrlenA
CreateDirectoryA
InitializeCriticalSection
MultiByteToWideChar
DeleteFileA
WideCharToMultiByte
Sleep
IsBadWritePtr
ReleaseSemaphore
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA

user32

MonitorFromWindow

shell32

SHGetFolderPathW

oleaut32

SysStringLen
SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
SysStringByteLen

msvcp80

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z

msvcr80

fwrite
_recalloc
??2@YAPAXI@Z
strcpy_s
rename
memcpy
memset
calloc
wcslen
sprintf_s
_CxxThrowException
_purecall
swprintf_s
memcmp
toupper
fputs
fprintf
__iob_func
_snprintf
_aligned_malloc
_aligned_realloc
_aligned_free
_CIpow
memmove
_wassert
??_V@YAXPAX@Z
abort
malloc
qsort
strncmp
_vsnprintf_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_vsnprintf
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
??3@YAXPAX@Z
memcpy_s
fclose
strlen
fopen
ftell
fflush
sscanf
memmove_s
__CxxFrameHandler3
free
fseek

Exports

Exports

BuildDXVA1Decoder
BuildDXVA2Decoder
DetectVideoCardExport

Sections

.text
Size: 748KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HttpModule.dll
.dll windows:4 windows x86 arch:x86

aea159028cdb222e0c787b71a642573d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a9:89:5c:f9:97:9e:91:fa:1f:fc:40:6c:81:5d:db:f6:57:7d:46:28
Signer

Actual PE Digest

a9:89:5c:f9:97:9e:91:fa:1f:fc:40:6c:81:5d:db:f6:57:7d:46:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\HttpModule.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
CreateEventW
WaitForMultipleObjects
CloseHandle
TerminateThread
SetEvent
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
InitializeCriticalSection
GetPrivateProfileIntW
DeleteCriticalSection
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetTickCount
GetModuleHandleW
OutputDebugStringW
ResetEvent
GetSystemTime
GetLastError
DeleteFileW
GetFileAttributesW
CreateDirectoryW
CreateFileW
SetFilePointerEx
GetCurrentThreadId
WriteFile
GetVersionExA
HeapDestroy
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
Sleep
RaiseException

user32

DestroyWindow
PostMessageW
DefWindowProcW
UnregisterClassA
CreateWindowExW
GetDesktopWindow
IsWindow
RegisterClassW
RegisterWindowMessageW

shell32

SHGetFolderPathW

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

wininet

InternetOpenW
InternetQueryOptionW
InternetSetStatusCallbackW
InternetTimeFromSystemTimeW
InternetCrackUrlW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetErrorDlg
InternetReadFileExA
InternetCloseHandle
InternetTimeToSystemTimeW

msvcr80

__CxxFrameHandler3
_CxxThrowException
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_onexit
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
wcsstr
memcpy_s
??_V@YAXPAX@Z
memmove_s
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
_purecall
_vscwprintf
??2@YAPAXI@Z
vswprintf_s
srand
swprintf_s
rand
_wcsicmp
wcschr
wcsrchr
_wcslwr_s
wcstoul
_time64
_beginthreadex
_gmtime64_s
_mktime64
_tzset
_get_timezone
free
memset
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_unlock
__dllonexit
_lock
memcpy

Exports

Exports

??0CDownloadMgrProxy@@QAE@ABV0@@Z
??0CDownloadMgrProxy@@QAE@XZ
??1CDownloadMgrProxy@@UAE@XZ
??4CDownloadMgrProxy@@QAEAAV0@ABV0@@Z
??_7CDownloadMgrProxy@@6B@
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?CreateMsgWindow@CDownloadMgrProxy@@AAEPAUHWND__@@XZ
?OnHttpEventCallback@CDownloadMgrProxy@@UAEXAAUSTaskCallbackData@@@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z
?SetBackupUrl@CDownloadMgrProxy@@QAEHHPB_WI@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
?SetRetryTimes@CDownloadMgrProxy@@QAEHHI@Z
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?WndProc@CDownloadMgrProxy@@CGJPAUHWND__@@IIJ@Z
FinalReleaseHttpDownloadMgr
GetHttpDownloadMgr

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IPC.dll
.dll windows:4 windows x86 arch:x86

b65a8523c8a635dcd7c92d15d287c71e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6a:44:a3:cc:13:e0:e0:d4:32:15:41:10:9a:97:c3:40:48:62:de:1d
Signer

Actual PE Digest

6a:44:a3:cc:13:e0:e0:d4:32:15:41:10:9a:97:c3:40:48:62:de:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\IPC.pdb

Imports

kernel32

CloseHandle
ResumeThread
WaitForSingleObject
MapViewOfFile
UnmapViewOfFile
GetLastError
OpenFileMappingA
CreateFileMappingA
ReleaseSemaphore
ReleaseMutex
OpenMutexA
OpenSemaphoreA
CreateSemaphoreA
CreateMutexA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
InitializeCriticalSection
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
SetUnhandledExceptionFilter

user32

PostMessageW
RegisterClassExW
DefWindowProcW
DestroyWindow
GetWindowLongW
CreateWindowExW
SetWindowLongW

msvcr80

_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_encoded_null
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
??1exception@std@@UAE@XZ
_unlock
??_U@YAPAXI@Z
??_V@YAXPAX@Z
memcpy
??2@YAPAXI@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??3@YAXPAX@Z
_purecall
_beginthreadex
__CxxFrameHandler3
_CxxThrowException
__dllonexit
memset

msvcp80

??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z

Exports

Exports

?SessionCreate@@YAPAXXZ
?SessionDestroy@@YAXPAX@Z
?SessionFactoryRegSessionCreator@@YA_NPBDUtagSessionCreatorNode@@@Z
?SessionManagerCheckDestActive@@YA_NPAXPBD@Z
?SessionManagerCreate@@YAPAXXZ
?SessionManagerDestroy@@YAXPAX@Z
?SessionManagerGetSession@@YAPAXPAXPBD@Z
?SessionManagerInitSession@@YA_NPAX0PBD@Z
?SessionManagerStart@@YA_NPAXPBD@Z
?SessionManagerStop@@YA_NPAX@Z
?SessionManagerWaitForEnd@@YAHPAX@Z
?SessionPostPacket@@YA_NPAXPBUtagSharePacketData@@@Z
?SessionSetRecvPacketHandler@@YAXPAXP6AX0PBUtagSharePacketData@@@Z@Z
?SessionSetSendFailHandler@@YAXPAXP6AX0PBD@Z@Z
?SessionSetUserData@@YAXPAX0@Z
?ShareMemoryAppendData@@YA_NPAXPAEK@Z
?ShareMemoryCheckInit@@YA_NPAX@Z
?ShareMemoryConnect@@YA_NPAXPBD@Z
?ShareMemoryCreate@@YAPAXXZ
?ShareMemoryDestroy@@YAXPAX@Z
?ShareMemoryDisconnect@@YA_NPAX@Z
?ShareMemoryGetBuffer@@YAPAEPAX@Z
?ShareMemoryGetHandle@@YAPAXPAX@Z
?ShareMemoryGetLength@@YAKPAX@Z
?ShareMemoryGetName@@YAPBDPAX@Z
?ShareMemoryGetUseLength@@YAKPAX@Z
?ShareMemoryInit@@YA_NPAXPBDK@Z

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstAsm.exe
.exe windows:4 windows x86 arch:x86

bf6535af786405697a8295e4a1400021

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

68:4f:7d:1b:ec:ba:38:a4:f9:86:23:49:64:9b:09:30:be:1b:8c:a7
Signer

Actual PE Digest

68:4f:7d:1b:ec:ba:38:a4:f9:86:23:49:64:9b:09:30:be:1b:8c:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\work\views\QQ1.41_Proj\Basic_Hummer2_VOB\Hummer2008\Misc\Setup\InstAsm\Release\InstAsm.pdb

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceExW
FindFirstFileW
CopyFileW
GetFileAttributesW
FindNextFileW
FindClose
GetSystemDirectoryW
FindResourceW
GetVersion
GetFullPathNameW
CloseHandle
CreateFileW
ReadFile
MultiByteToWideChar
GetWindowsDirectoryW
RemoveDirectoryW
LocalAlloc
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
GetLastError
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
WriteFile
GetStdHandle
GetModuleFileNameA
FreeLibrary
InterlockedExchange
LoadLibraryA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
Sleep
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA

ole32

CoInitialize
CoUninitialize

user32

UnregisterClassA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
InstallAsm/Microsoft.VC80.ATL/8.0.50727.4053.cat
InstallAsm/Microsoft.VC80.ATL/8.0.50727.4053.policy
.xml
InstallAsm/Microsoft.VC80.ATL/ATL80.dll
.dll windows:4 windows x86 arch:x86

00c6e566e88c3d07ddc376fe4ce83c5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl80.i386.pdb

Imports

kernel32

RaiseException
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
FindClose
FindFirstFileW
CompareStringW
GetSystemDirectoryW
GetLongPathNameW
GetModuleFileNameW
GetProcAddress
GetModuleHandleW
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
GetLastError
DisableThreadLibraryCalls
DebugBreak
OutputDebugStringA
GetVersionExA
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
CloseHandle
ReadFile
GetFileSize
CreateFileW
WideCharToMultiByte
WaitForSingleObject
GlobalAlloc
FindResourceA
MulDiv
FlushInstructionCache
GetCurrentProcess
lstrcmpW
GlobalUnlock
GlobalLock
SetLastError
GlobalFree
GlobalHandle
LockResource
lstrcmpA
GetModuleHandleA
GetTickCount
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapSize
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
LocalAlloc

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRegisterServer
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlRegisterTypeLib
AtlSetErrorInfo
AtlUnRegisterTypeLib
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstallAsm/Microsoft.VC80.ATL/Microsoft.VC80.ATL.cat
InstallAsm/Microsoft.VC80.ATL/Microsoft.VC80.ATL.manifest
.xml
InstallAsm/Microsoft.VC80.CRT/8.0.50727.4053.cat
InstallAsm/Microsoft.VC80.CRT/8.0.50727.4053.policy
.xml
InstallAsm/Microsoft.VC80.CRT/Microsoft.VC80.CRT.cat
InstallAsm/Microsoft.VC80.CRT/Microsoft.VC80.CRT.manifest
InstallAsm/Microsoft.VC80.CRT/msvcm80.dll
.dll windows:4 windows x86 arch:x86

83e6ecedcb8a69cca8d85e1481140fa0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcm80.i386.pdb

Imports

msvcr80

__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
__setusermatherr
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_query_new_handler@@YAP6AHI@ZXZ
signal
_invalid_parameter
_errno
_set_invalid_parameter_handler
_get_invalid_parameter_handler
?set_terminate@@YAP6AXXZP6AXXZ@Z
_get_terminate
_set_purecall_handler
_get_purecall_handler
?set_unexpected@@YAP6AXXZP6AXXZ@Z
_get_unexpected
_fpieee_flt
_cexit
strcpy_s
strlen
_exit
_XcptFilter
_endthread
_freefls
___fls_setvalue@8
___fls_getvalue@4
__get_flsindex
__set_flsgetvalue
_dosmaperr
_initptd
calloc
_endthreadex
memcpy_s
wcslen
memcmp
memchr
memmove_s
memset
??_V@YAXPAX@Z
_malloc_crt
_invoke_watson
_CxxThrowException
??2@YAPAXI@Z
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
abort
fgetc
fputc
ungetc
fflush
setvbuf
fwrite
fgetpos
fseek
fsetpos
fclose
__iob_func
fgetwc
fputwc
ungetwc
localeconv
??_U@YAPAXI@Z
realloc
setlocale
strcspn
_strtoi64
_strtoui64
sprintf_s
_Gettnames
_Strftime
_Getdays
_Getmonths
___lc_handle_func
strtod
__crtGetStringTypeW
__pctype_func
___mb_cur_max_l_func
___lc_codepage_func
__crtLCMapStringW
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
memcpy
__crtCompareStringW
_fsopen
wcstombs_s
_wfsopen
_get_osplatform
mbstowcs_s
fputs
__uncaught_exception
isupper
islower
towlower
towupper
strcmp
__FrameUnwindFilter
tolower
isspace
isdigit
isalnum
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??3@YAXPAX@Z
_ui64toa_s
_create_locale
malloc
_free_locale
_invalid_parameter_noinfo
free

kernel32

DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoA
CreateThread
ResumeThread
GetLastError
ExitThread
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId

ole32

CoCreateInstance

mscoree

CorBindToRuntimeEx
_CorDllMain

Exports

Exports

?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF_func@std@@YAABJXZ
?_Cerr_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Cin_func@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@XZ
?_Clocptr_func@_Locimp@locale@std@@CAAAPAV123@XZ
?_Clog_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Cosh@@YANNN@Z
?_Cout_func@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@XZ
?_Debug_message@std@@YAXPBD0@Z
?_Dnorm@@YAFPAG@Z
?_Dscale@@YAFPANJ@Z
?_Dtentox@@YANNJPAH@Z
?_Dtest@@YAFPAN@Z
?_Dunscale@@YAFPAFPAN@Z
?_Exp@@YAFPANNF@Z
?_FCosh@@YAMMM@Z
?_FDnorm@@YAFPAG@Z
?_FDscale@@YAFPAMJ@Z
?_FDtentox@@YAMMJPAH@Z
?_FDtest@@YAFPAM@Z
?_FDunscale@@YAFPAFPAM@Z
?_FExp@@YAFPAMMF@Z
?_FSinh@@YAMMM@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fpz_func@std@@YAAA_JXZ
?_Getcoll@@YA?AU_Collvec@@XZ
?_Getctype@@YA?AU_Ctypevec@@XZ
?_Getcvt@@YA?AU_Cvtvec@@XZ
?_Getdateorder@@YAHXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getwctype@@YAFGPBU_Ctypevec@@@Z
?_Getwctype@@YAF_WPBU_Ctypevec@@@Z
?_Getwctypes@@YAPBGPBG0PAFPBU_Ctypevec@@@Z
?_Getwctypes@@YAPB_WPB_W0PAFPBU_Ctypevec@@@Z
?_Id_cnt_func@id@locale@std@@CAAAHXZ
?_Id_func@?$codecvt@GDH@std@@SAAAVid@locale@2@XZ
?_Id_func@?$codecvt@_WDH@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@D@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@G@std@@SAAAVid@locale@2@XZ
?_Id_func@?$ctype@_W@std@@SAAAVid@locale@2@XZ
?_Index_func@ios_base@std@@CAAAHXZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Init_cnt_func@Init@ios_base@std@@CAAAHXZ
?_Init_ctor@Init@ios_base@std@@CAXPAV123@@Z
?_Init_dtor@Init@ios_base@std@@CAXPAV123@@Z
?_Init_locks_ctor@_Init_locks@std@@CAXPAV12@@Z
?_Init_locks_dtor@_Init_locks@std@@CAXPAV12@@Z
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
?_LCosh@@YAOOO@Z
?_LDscale@@YAFPAOJ@Z
?_LDtentox@@YAOOJPAH@Z
?_LDtest@@YAFPAO@Z
?_LDunscale@@YAFPAFPAO@Z
?_LExp@@YAFPAOOF@Z
?_LPoly@@YAOOPBOH@Z
?_LSinh@@YAOOO@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
?_Locimp_ctor@_Locimp@locale@std@@CAXPAV123@ABV123@@Z
?_Locimp_dtor@_Locimp@locale@std@@CAXPAV123@@Z
?_Locinfo_Addcats@_Locinfo@std@@SAAAV12@PAV12@HPBD@Z
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@HPBD@Z
?_Locinfo_ctor@_Locinfo@std@@SAXPAV12@PBD@Z
?_Locinfo_dtor@_Locinfo@std@@SAXPAV12@@Z
?_Lockit_ctor@_Lockit@std@@CAXPAV12@@Z
?_Lockit_ctor@_Lockit@std@@CAXPAV12@H@Z
?_Lockit_ctor@_Lockit@std@@SAXH@Z
?_Lockit_dtor@_Lockit@std@@CAXPAV12@@Z
?_Lockit_dtor@_Lockit@std@@SAXH@Z
?_Makeloc@_Locimp@locale@std@@CAPAV123@ABV_Locinfo@3@HPAV123@PBV23@@Z
?_Makeushloc@_Locimp@locale@std@@CAXABV_Locinfo@3@HPAV123@PBV23@@Z
?_Makewloc@_Locimp@locale@std@@CAXABV_Locinfo@3@HPAV123@PBV23@@Z
?_Makexloc@_Locimp@locale@std@@CAXABV_Locinfo@3@HPAV123@PBV23@@Z
?_Mbrtowc@@YAHPAGPBDIPAHPBU_Cvtvec@@@Z
?_Mbrtowc@@YAHPA_WPBDIPAHPBU_Cvtvec@@@Z
?_Mtxdst@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxinit@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxlock@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mtxunlock@@YAXPAU_RTL_CRITICAL_SECTION@@@Z
?_Mutex_Lock@_Mutex@std@@CAXPAV12@@Z
?_Mutex_Unlock@_Mutex@std@@CAXPAV12@@Z
?_Mutex_ctor@_Mutex@std@@CAXPAV12@@Z
?_Mutex_dtor@_Mutex@std@@CAXPAV12@@Z
?_Nomemory@std@@YAXXZ
?_Once@@YAXPAJP6AXXZ@Z
?_Poly@@YANNPBNH@Z
?_Setgloballocale@locale@std@@CAXPAX@Z
?_Sinh@@YANNN@Z
?_Stod@@YANPBDPAPADJ@Z
?_Stodx@@YANPBDPAPADJPAH@Z
?_Stof@@YAMPBDPAPADJPAH@Z
?_Stoflt@@YAHPBD0PAPADQAJH@Z
?_Stofx@@YAMPBDPAPADJPAH@Z
?_Stold@@YAOPBDPAPADJPAH@Z
?_Stoldx@@YAOPBDPAPADJPAH@Z
?_Stolx@@YAJPBDPAPADHPAH@Z
?_Stopfx@@YAHPAPBDPAPAD@Z
?_Stoul@@YAKPBDPAPADH@Z
?_Stoulx@@YAKPBDPAPADHPAH@Z
?_Stoxflt@@YAHPBD0PAPADQAJH@Z
?_Strcoll@@YAHPBD000PBU_Collvec@@@Z
?_Strxfrm@@YAIPAD0PBD1PBU_Collvec@@@Z
?_Sync_func@ios_base@std@@CAAA_NXZ
?_Throw@std@@YAXABVexception@stdext@@@Z
?_Tolower@@YAHHPBU_Ctypevec@@@Z
?_Toupper@@YAHHPBU_Ctypevec@@@Z
?_Towlower@@YAGGPBU_Ctypevec@@@Z
?_Towlower@@YA_W_WPBU_Ctypevec@@@Z
?_Towupper@@YAGGPBU_Ctypevec@@@Z
?_Towupper@@YA_W_WPBU_Ctypevec@@@Z
?_Wcerr_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wcerr_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcin_func@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@1@XZ
?_Wcin_func@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@1@XZ
?_Wclog_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wclog_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcout_func@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@1@XZ
?_Wcout_func@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@1@XZ
?_Wcrtomb@@YAHPADGPAHPBU_Cvtvec@@@Z
?_Wcrtomb@@YAHPAD_WPAHPBU_Cvtvec@@@Z
?_Wcscoll@@YAHPBG000PBU_Collvec@@@Z
?_Wcscoll@@YAHPB_W000PBU_Collvec@@@Z
?_Wcsxfrm@@YAIPAG0PBG1PBU_Collvec@@@Z
?_Wcsxfrm@@YAIPA_W0PB_W1PBU_Collvec@@@Z
?_Xfsopen@std@@YAPAU_iobuf@@PB_W0H@Z
?_Xinvarg@_String_base@std@@SAXXZ
?_Xlen@_String_base@std@@SAXXZ
?_Xran@_String_base@std@@SAXXZ
?__Stodx@@YANPBDPAPADJPAH@Z
?__Stofx@@YAMPBDPAPADJPAH@Z
?__Stoldx@@YAOPBDPAPADJPAH@Z
?__Wcrtomb_lk@@YAHPAD_WPAHPBU_Cvtvec@@@Z
?__get_default_appdomain@@YAJPAPAUIUnknown@@@Z
?__query_new_handler_m@@YAP6MHI@ZXZ
?__release_appdomain@@YAXPAUIUnknown@@@Z
?_beginthread@@YAIP6MXPAX@ZI0@Z
?_beginthreadex@@YAIPAXIP6MI0@Z0IPAI@Z
?_fpieee_flt@@YAHKPAU_EXCEPTION_POINTERS@@P6MHPAU_FPIEEE_RECORD@@@Z@Z
?_set_invalid_parameter_handler@@YAP6AXPB_W00II@ZH@Z
?_set_invalid_parameter_handler@@YAP6MXPB_W00II@ZP6MX000II@Z@Z
?_set_new_handler@@YAP6MHI@ZP6MHI@Z@Z
?_set_purecall_handler@@YAP6AXXZH@Z
?_set_purecall_handler@@YAP6MXXZP6MXXZ@Z
?_uncaught_exception_m@std@@YA_NXZ
?classic@locale@std@@SAABV12@XZ
?empty@locale@std@@SA?AV12@XZ
?facet_Register@facet@locale@std@@CAXPAV123@@Z
?global@locale@std@@SA?AV12@ABV12@@Z
?resetiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?set_new_handler@std@@YAP6MXXZP6MXXZ@Z
?set_terminate@@YAP6MXXZP6MXXZ@Z
?set_unexpected@@YAP6MXXZP6MXXZ@Z
?setbase@std@@YA?AU?$_Smanip@H@1@H@Z
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?setprecision@std@@YA?AU?$_Smanip@H@1@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
?signal@@YAP6MXH@ZHH@Z
?signal@@YAP6MXH@ZHP6MXH@Z@Z
__setusermatherr_m
towctrans
wctrans
wctype

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstallAsm/Microsoft.VC80.CRT/msvcp80.dll
.dll windows:4 windows x86 arch:x86

6488997e312be12f8300ea7b1c34d497

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

f3:a8:5f:22:7e:72:2b:5b:ca:3e:f0:ec:95:7a:c0:45:66:72:e6:ca
Signer

Actual PE Digest

f3:a8:5f:22:7e:72:2b:5b:ca:3e:f0:ec:95:7a:c0:45:66:72:e6:ca

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp80.i386.pdb

Imports

msvcr80

setvbuf
fwrite
??0exception@std@@QAE@XZ
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
__iob_func
_invoke_watson
_fsopen
wcstombs_s
_wfsopen
_get_osplatform
mbstowcs_s
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
_Strftime
strcspn
_strtoi64
_strtoui64
sprintf_s
abort
??0exception@std@@QAE@ABQBDH@Z
_realloc_crt
setlocale
_malloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fputs
fflush
towlower
towupper
strcmp
_create_locale
_ui64toa_s
_free_locale
__pctype_func
_errno
___mb_cur_max_l_func
___lc_codepage_func
___lc_handle_func
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
memcpy
isupper
_calloc_crt
islower
__crtGetStringTypeW
__crtLCMapStringW
__crtCompareStringW
isspace
tolower
strtod
isdigit
isalnum
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
ungetc
fputc
fgetc
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
_invalid_parameter_noinfo
??_V@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove_s
memcpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
__uncaught_exception
??0exception@std@@QAE@ABQBD@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
InterlockedDecrement
InterlockedIncrement
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
GetSystemTimeAsFileTime

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5U?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@IAE@PBDI_N@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@IAE@PBDI_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@IAE@PBDI_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@ABV01@@Z
??0?$allocator@D@std@@QAE@XZ
??0?$allocator@G@std@@QAE@ABV01@@Z
??0?$allocator@G@std@@QAE@XZ
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBGHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PB_WHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@V?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@1@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@V?$_String_const_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@1@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@IAE@PBDI@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@IAE@PBDI@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@IAE@PBDI@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@IAE@PBDI@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@IAE@PBDI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@IAE@PBDI@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@IAE@PBDI@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@IAE@PBDI@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@IAE@PBDI@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@IAE@PBDI@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@IAE@PBDI@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@IAE@PBDI@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstallAsm/Microsoft.VC80.CRT/msvcr80.dll
.dll windows:4 windows x86 arch:x86

7fecbc4a16a5dc85a5394a1df6217680

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:27:81:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/10/2008, 21:24

Not After

22/01/2010, 21:34

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d
Signer

Actual PE Digest

33:c3:5f:8b:90:a4:1a:da:8a:31:e2:15:e8:8b:ff:62:ff:95:6b:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr80.i386.pdb

Imports

msvcrt

_getdrives

kernel32

GetStringTypeA
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
Sleep
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
VirtualAlloc
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
SetLocalTime
GetStringTypeW
LoadLibraryW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
Beep
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_callnewh
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_amblksiz
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_heap_handle
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_sbh_threshold
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveAPI.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4ed258f11272a787d3bbe763e75ca5fb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:09:bd:11:34:fe:c8:4b:f6:dc:37:71:e5:3a:4a:f1:05:2a:9c:f1
Signer

Actual PE Digest

50:09:bd:11:34:fe:c8:4b:f6:dc:37:71:e5:3a:4a:f1:05:2a:9c:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveAPI.pdb

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetModuleFileNameW
LockResource
FindResourceExW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrcmpiW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetThreadLocale
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange

user32

IsWindow
GetWindow
GetDesktopWindow
GetPropW
UnregisterClassA
CharNextW
SendMessageTimeoutW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

ShellExecuteW

ole32

CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc

oleaut32

VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
LoadRegTypeLi
SysAllocStringLen
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

livelog

?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?CheckFileExist@@YAHPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetDllVersion@@YAHPB_WAAH111@Z

msvcr80

__clean_type_info_names_internal
_crt_debugger_hook
??3@YAXPAX@Z
memcmp
vswprintf_s
malloc
free
memcpy_s
_CxxThrowException
wcscpy_s
wcsncpy_s
wcscat_s
memset
__CxxFrameHandler3
??_V@YAXPAX@Z
_recalloc
??_U@YAPAXI@Z
_vscwprintf
wcslen
memmove_s
_purecall
??2@YAPAXI@Z
calloc
_resetstkoflw
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
wcscmp
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveDLNA.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b49648275c2af4cbc4c9ca7d21d20760

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ec:35:05:c8:02:5d:d0:34:5c:c9:36:66:f9:b1:9d:a6:e5:b9:1e:b3
Signer

Actual PE Digest

ec:35:05:c8:02:5d:d0:34:5c:c9:36:66:f9:b1:9d:a6:e5:b9:1e:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveDLNA.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetPrivateProfileStringW
SetThreadLocale
GetThreadLocale
RaiseException
CloseHandle
WaitForSingleObject
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
FormatMessageW
HeapAlloc
lstrlenW
GetModuleFileNameW
VirtualQuery
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceCounter
GetLastError

user32

CreateWindowExW
PeekMessageW
GetMessageW
PostMessageW
UnregisterClassA
SetWindowLongW
LoadCursorW
RegisterClassExW
GetWindowLongW
DefWindowProcW
IsWindow
DestroyWindow

ole32

CoCreateInstance

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetElement
LoadRegTypeLi
LoadTypeLi
DispCallFunc
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
VarBstrCmp
SysStringLen

livelog

?IsDoLog@@YAHXZ
?SetDLNABusy@@YAXH@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?CheckAdvise@@YAXPB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckUnadvise@@YAXPB_W@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?LogToFile@@YAXPB_WZZ

atl80

ord32
ord30
ord23
ord61
ord58
ord15
ord18
ord22
ord64
ord10
ord11
ord31

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
memcpy_s
_CxxThrowException
memset
free
wcsstr
_vscwprintf
vswprintf_s
wcslen
_wtol
wcstok_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
memmove_s
calloc
_recalloc
??2@YAPAXI@Z
??_V@YAXPAX@Z
swprintf_s
memcmp
_purecall
malloc
_resetstkoflw
memcpy
strlen
_vsnprintf
abs
_beginthreadex
_decode_pointer
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
__clean_type_info_names_internal

httpmodule

??1CDownloadMgrProxy@@UAE@XZ
??0CDownloadMgrProxy@@QAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveLog.dll
.dll windows:4 windows x86 arch:x86

727e1bef48b1717f0381f29013f2e42e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

26:1a:cb:f7:e5:c9:67:14:92:d1:13:a7:0d:ef:3f:3e:4a:d1:78:7a
Signer

Actual PE Digest

26:1a:cb:f7:e5:c9:67:14:92:d1:13:a7:0d:ef:3f:3e:4a:d1:78:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveLog.pdb

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
CreateEventW
FreeResource
GetProcessHeap
GlobalAlloc
GlobalLock
ExpandEnvironmentStringsW
GetProcAddress
GetPrivateProfileStringW
GlobalUnlock
HeapAlloc
GetCurrentProcess
ResetEvent
GlobalFree
GetLocalTime
GlobalReAlloc
GetCurrentThreadId
GetEnvironmentVariableW
WritePrivateProfileStringW
GetShortPathNameW
VirtualQuery
InterlockedExchange
WinExec
GetTempPathW
GetTempFileNameW
LocalFree
CreateProcessW
SetProcessWorkingSetSize
CreateToolhelp32Snapshot
LockResource
GetCurrentProcessId
GetFileAttributesExW
Sleep
InterlockedIncrement
Process32FirstW
WaitForMultipleObjects
InterlockedDecrement
Process32NextW
GetLogicalDriveStringsW
TerminateProcess
GetWindowsDirectoryW
CreateMutexW
CopyFileW
GetSystemDirectoryW
LoadLibraryW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetEvent
GetSystemInfo
FormatMessageW
FreeLibrary
LoadLibraryExW
SizeofResource
MultiByteToWideChar
RemoveDirectoryW
lstrlenA
WideCharToMultiByte
FindClose
FindFirstFileW
DeleteFileW
GetTickCount
DeviceIoControl
CreateFileW
GetDriveTypeW
FindResourceW
SetFileAttributesW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetFileAttributesW
GetDiskFreeSpaceExW
FindResourceExW
GetLogicalDrives
MoveFileW
OpenProcess
LoadResource
lstrlenW
GetLastError
CreateDirectoryW
CloseHandle
GetExitCodeProcess
ResumeThread
WaitForSingleObject

user32

UnregisterClassA
SetRect
MessageBoxW
GetWindowLongW
OffsetRect
RegisterWindowMessageW
CopyRect
SetForegroundWindow
TrackMouseEvent
DestroyWindow
GetWindowTextW
SetTimer
GetCursorPos
WindowFromPoint
GetKeyState
GetAncestor
CreateWindowExW
SetWindowLongW
WaitForInputIdle
DefWindowProcW
RegisterClassExW
LoadCursorW
PostMessageW
SendMessageW
ShowWindow
GetWindow
GetWindowRect
IsWindow
GetDesktopWindow
MonitorFromRect
GetPropW
GetMonitorInfoW
SystemParametersInfoW
IsIconic

gdi32

CombineRgn
DeleteDC
SelectObject
CreateCompatibleDC
SetDIBColorTable
GetObjectW
BitBlt
CreateFontW
CreateDIBSection
ExtCreateRegion
DeleteObject

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegEnumValueA
GetNamedSecurityInfoW
RegDeleteKeyW
BuildExplicitAccessWithNameW
SetEntriesInAclW
RegSetValueExW
RegOpenKeyA
RegEnumKeyExW
SetNamedSecurityInfoW
RegDeleteValueW
GetEffectiveRightsFromAclW
RegOpenKeyW
SetSecurityDescriptorDacl

shell32

SHGetFolderPathW
ShellExecuteW
SHCreateDirectoryExW
SHChangeNotify
SHFileOperationW
ShellExecuteExW

ole32

CreateStreamOnHGlobal
StringFromGUID2
CoInitialize
CoUninitialize
CoLoadLibrary
CoCreateGuid
CLSIDFromString

oleaut32

SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen

shlwapi

PathFileExistsW
PathAppendW
StrRChrW
PathAddBackslashW

msvcp80

?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$_String_const_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI_W@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdiplus

GdiplusStartup
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDisposeImage
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageWidth
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown

ws2_32

WSACleanup
WSAGetLastError
htonl
gethostbyname
htons
WSAStartup
inet_addr
ntohl
inet_ntoa

msvcr80

_vsnwprintf_s
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_CxxThrowException
_wtoi
wcstok_s
swscanf_s
_vsnprintf_s
strncmp
wcspbrk
wcschr
wcscspn
toupper
wcsspn
wcsncpy
isxdigit
_time64
vsprintf_s
atoi
abs
sprintf_s
_vscprintf
_mbsstr
_mktime64
_purecall
strcmp
_snprintf
isalpha
_gmtime64_s
strstr
wcsrchr
iswdigit
wcstol
_wsplitpath_s
_wcsnicmp
strncpy_s
_resetstkoflw
wcsncmp
_strtoui64
isdigit
fread
ftell
fseek
malloc
isalnum
isspace
isprint
tolower
_beginthreadex
__CxxFrameHandler3
wprintf
_wcslwr_s
_recalloc
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
_vscwprintf
??_V@YAXPAX@Z
wcsncpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
wcscmp
?what@exception@std@@UBEPBDXZ
wcslen
swprintf_s
strlen
srand
memcpy_s
memmove_s
wcscat_s
memset
??0exception@std@@QAE@XZ
_wfopen_s
_wcsicmp
rand
fwrite
vswprintf_s
memcpy
fclose
wcsstr
calloc
free

wininet

InternetCrackUrlW
InternetGetCookieW

urlmon

UrlMkGetSessionOption

netapi32

Netbios
NetWkstaTransportEnum
NetApiBufferFree

Exports

Exports

?AddCloseHwnd@@YAXPAUHWND__@@@Z
?AddEveryoneAccessToFile@@YAHPB_W@Z
?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z
?BitmapToRegion@@YAPAUHRGN__@@PAUHBITMAP__@@E@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?BitsToHexString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEH@Z
?CalcCoresLevel@@YAHH@Z
?CalcFreqLevel@@YAHN@Z
?CaleInstructionLevel@@YAH_N00000@Z
?ChangeCacheACL@@YAXXZ
?CheckAdvise@@YAXPB_W@Z
?CheckAllAdviseValue@@YAXXZ
?CheckDXNASetting@@YAHXZ
?CheckDirectoryExist@@YAHPB_W@Z
?CheckDirectoryWriteable@@YAHPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?ClearComInst@@YAX_K@Z
?ClearP2PCache@@YAXXZ
?ClearRN@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ClearSSOConfig@@YAXXZ
?CloseAllCloseHwnd@@YAXXZ
?CloseLogEvent@@YAXXZ
?CloseLogMutex@@YAXXZ
?ConvertTime@@YAI_J@Z
?CopyLiveUpFiles@@YAHXZ
?CreateAllDirectory@@YAHPB_W@Z
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?CreateStandardFont@@YAXAAPAUHFONT__@@@Z
?CreateTempFile@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@@Z
?DelCloseHwnd@@YAXPAUHWND__@@@Z
?DeleteDirectory@@YAHPB_W@Z
?Encode16@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?EncodeURIComponent@@YAJPBEJAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?FindQQLiveDlgWnd@@YAPAUHWND__@@XZ
?FindQQLiveLogWnd@@YAPAUHWND__@@XZ
?FocusToTop@@YAXPAUHWND__@@@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?FreeAllComModule@@YAXXZ
?GernerateRandomKey@@YAXPADH@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetAutoDownloadTime@@YAIXZ
?GetChannelInfo@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetClientOsVersion@@YAEXZ
?GetComErrorDetail@@YA?AVCComBSTR@ATL@@AAV_com_error@@@Z
?GetComModuleHandle@@YAPAUHINSTANCE__@@PB_W@Z
?GetCommonAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?GetCookieByName@@YAHPB_W0AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetCoresLevel@@YAHXZ
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetDXVAStatus@@YAHXZ
?GetDefaultDLNAVFormat@@YAJXZ
?GetDefaultFormatsListCount@@YAJXZ
?GetDefaultFormatsListItem@@YAJJ@Z
?GetDefaultVFormat@@YAJXZ
?GetDllVersion@@YAHPB_WAAH111@Z
?GetEmbededFlashOcxName@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetExeFileProcessID@@YAIV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetFavouriteVFormat@@YAJXZ
?GetFileNameByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?GetFileSize@@YAHPB_WAA_K@Z
?GetFlashIeProcess@@YAAAVCQQLiveExternalWrapper@@XZ
?GetFolderByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?GetFreqLevel@@YAHXZ
?GetFullKeyCode@@YAKIJ@Z
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?GetIEUseableDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetInstructionLevel@@YAHXZ
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetLiveServerIP@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetLiveServerPort@@YAIPB_W@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetMMGFWindow@@YAHPAUHWND__@@PAPAUIUnknown@@@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?GetOnLine@@YAHXZ
?GetProcessModuleVersion@@YAPB_WPB_WQA_WH@Z
?GetProtocolVersion@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetQQLiveDaemonWnd@@YAPAUHWND__@@XZ
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?GetRandomNum@@YAKKK@Z
?GetRealStatInst@@YAJPAPAUIRealGuidStat@@_K@Z
?GetSecurityAttributesWithoutDACL@@YAHAAU_SECURITY_ATTRIBUTES@@@Z
?GetStatCorrectTime@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetStatSvrTime@@YAJXZ
?GetSysPreFetchValue@@YAKXZ
?GetUserGuid@@YAXPADAAH@Z
?GetUserIniPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetVFormatBandwidth@@YAJJ@Z
?GetVFormatBitrateName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetVFormatSimpleName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetWindowWorkArea@@YA?AUtagRECT@@PAUHWND__@@@Z
?GetXMLKeyValue@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@0PAH1@Z
?GetXMLMasterKeyValue@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetXPMenuState@@YAXAAHAAK@Z
?HashXMLFile2@@YAHPB_WAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?HexStringToBits@@YA_NPBDPAEAAH@Z
?InflateColor@@YAKKH@Z
?IsDLNABusy@@YAHXZ
?IsDLNAMode@@YAHXZ
?IsDoLog@@YAHXZ
?IsEnableUAC@@YAHXZ
?IsFlashEmbeded@@YAHXZ
?IsForegroundApplication@@YAHXZ
?IsInQuo@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?IsLiveOcxExist@@YA_NXZ
?IsNumber@@YAHPB_W@Z
?IsPathStringValid@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?IsQQLiveClient@@YAHXZ
?IsValidEmail@@YAHPB_W@Z
?IsValidQQUin@@YAHPB_W@Z
?IsWinXPOrLater@@YAHXZ
?IsWindows2KOrLater@@YAHXZ
?IsWindowsVista@@YAHXZ
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?LimitRect@@YA?AUtagRECT@@U1@0HH@Z
?LiveOcxStart@@YAPAXXZ
?LiveOcxStop@@YAXAAPAX@Z
?LoadImageFromResource@@YA_NPAVCImage@ATL@@IPB_WPAUHINSTANCE__@@@Z
?LogToFile@@YAXPB_WZZ
?MinimizeMemory@@YAXXZ
?NavigateURL@@YAHPB_WH@Z
?OpenQQLive@@YAHPB_W@Z
?ParseURL@@YAHPB_WAAW4INTERNET_SCHEME@@AAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@2AAG@Z
?PreTranslateMessage@CQMMouseWheelWithoutFocus@@SAHPAUtagMSG@@@Z
?PushChar2Hex@@YAXEAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?QQ_CheckEveryone@@YAHV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?QQ_GetDefaultDownloadPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?QQ_GetDownloadPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?QQ_GetUsableFolder@@YGHPB_W@Z
?QQ_GetUserAgentString@@YAPADXZ
?QQ_OpenURLUsingIEW@@YAJPB_W@Z
?QQ_OpenUrlW@@YAJPB_W@Z
?RegVideoFile@@YAXXZ
?RegistLocalInfo@@YAHXZ
?RegisterQQLiveProtocal@@YAXPB_W@Z
?RegisterQQLiveProtocal@@YAXXZ
?RegisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?RepairRegister@@YAHPB_W@Z
?ResetLiveServerUpdateStatus@@YAXXZ
?ResizeRect@@YA?AUtagRECT@@U1@UtagSIZE@@@Z
?SaveFileUTF8_2@@YAXPB_W0@Z
?SetDLNABusy@@YAXH@Z
?SetDNSStatus@@YAXW4DNS_STATUS@@@Z
?SetDXVAStatus@@YAXH@Z
?SetDoLog@@YAXH@Z
?SetForegroundApplication@@YAXH@Z
?SetIsDLNAMode@@YAXH@Z
?SetKeyValue@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@1@Z
?SetOnLine@@YAXH@Z
?SetQQliveDlgHwnd@@YAXPAUHWND__@@@Z
?SetStatSvrTime@@YAXJ@Z
?SetVFormatBitrateName@@YAXJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?SetXPMenuState@@YAXH@Z
?Shutdown@@YAXH@Z
?SplitString@@YAXAAV?$vector@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V?$allocator@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@std@@@std@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@1@Z
?StrToAddr@@YAHAAUsockaddr_in@@PB_WF@Z
?TestDNSConnection@@YAXXZ
?TraceComError@@YAXAAV_com_error@@@Z
?URLDecodeUTF8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?UnRegVideoFile@@YAXXZ
?UnRegisterQQLiveProtocal@@YAXXZ
?UnregisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?UrlDecode@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?Utf8ToWS@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?Utf8ToWS@@YAXPBDAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@H@Z
?Utf8ToWS@@YAXPBDAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@H@Z
?WriteConfigDword@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?WriteConfigInt@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?WriteFlashPlayerTrust@@YAX_N@Z
?gLoadString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
C_STYLE_ChangeCacheACL
C_STYLE_ClearP2PCache
C_STYLE_ClearSSOConfig
C_STYLE_RegisterQQLiveProtocal
C_STYLE_UnRegisterQQLiveProtocal

Sections

.text
Size: 148KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveLogin.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b1f24eac11ee29821b988b45b3535df1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8e:a1:23:15:20:08:cd:a9:9f:3d:5e:57:1b:84:aa:15:a5:39:d9:8d
Signer

Actual PE Digest

8e:a1:23:15:20:08:cd:a9:9f:3d:5e:57:1b:84:aa:15:a5:39:d9:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveLogin.pdb

Imports

common

??0CTXBSTR@@QAE@XZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?IsEmpty@CTXBSTR@@QAEHXZ
??ICTXBSTR@@QAEPAPA_WXZ
??M@YA_NABVCTXStringA@@0@Z
??0CTXStringA@@QAE@XZ
?Format@CTXStringA@@QAAXPBDZZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??1CTXStringA@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
?TXAssert@@YAHPB_W0H@Z

gf

?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z

tinyxml

?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?GetText@TiXmlElement@@QBEPBDXZ
??1TiXmlDocument@@UAE@XZ
??0TiXmlDocument@@QAE@XZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z

kernel32

MultiByteToWideChar
lstrlenA
GetVersionExW
RaiseException
lstrcmpiW
FreeLibrary
LoadLibraryA
GetProcAddress
LoadLibraryW
TerminateProcess
Sleep
GetPrivateProfileIntW
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
SetLastError
GetACP
InterlockedExchange
GetVersionExA
GetTickCount
SetFileAttributesW
FindResourceW
GetModuleFileNameW
GetModuleHandleW
lstrlenW
HeapSize
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
GetLastError
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
FlushInstructionCache
GetLocaleInfoA
FindResourceExW
DeleteFileW

user32

GetParent
GetWindow
CharNextW
SendMessageA
GetClientRect
MapWindowPoints
GetClassInfoExW
LoadCursorW
RegisterClassExW
SetWindowLongW
SystemParametersInfoW
IsIconic
SetWindowPos
IsWindowVisible
OffsetRect
IsZoomed
GetWindowRect
IsWindow
MessageBoxW
CallWindowProcW
GetWindowLongW
PostMessageW
DefWindowProcW
GetDesktopWindow
DestroyWindow
CreateWindowExW
UnregisterClassA

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW

shell32

SHCreateDirectoryExW
SHGetFileInfoW

ole32

StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

VarBstrCmp
SysFreeString
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen

livelog

?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z
?GetMMGFWindow@@YAHPAUHWND__@@PAPAUIUnknown@@@Z
?NavigateURL@@YAHPB_WH@Z
?IsValidQQUin@@YAHPB_W@Z
?IsValidEmail@@YAHPB_W@Z
?GetClientOsVersion@@YAEXZ
?SplitString@@YAXAAV?$vector@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V?$allocator@V?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@std@@@std@@ABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@1@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?EncodeURIComponent@@YAJPBEJAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?LogToFile@@YAXPB_WZZ
?IsDoLog@@YAHXZ
?CheckUnadvise@@YAXPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?BitsToHexString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEH@Z
?CheckFileExist@@YAHPB_W@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?WriteConfigInt@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?AddEveryoneAccessToFile@@YAHPB_W@Z
?QQ_CheckEveryone@@YAHV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?CheckAdvise@@YAXPB_W@Z
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?FocusToTop@@YAXPAUHWND__@@@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?GetChannelInfo@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetUserGuid@@YAXPADAAH@Z
?GetStatCorrectTime@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?GetOnLine@@YAHXZ

atl80

ord42
ord48
ord10
ord32
ord30
ord41
ord58
ord31
ord11
ord15
ord44
ord43
ord61
ord23
ord64
ord22
ord18

shlwapi

PathFileExistsW
PathAppendW

msvcp80

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

sprintf_s
strtoul
wcsnlen
strtol
memcpy
vsprintf_s
_vscprintf
_invalid_parameter_noinfo
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
iswspace
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
wcsncpy_s
wcscmp
abs
_adjust_fdiv
??0exception@std@@QAE@ABV01@@Z
??3@YAXPAX@Z
_CxxThrowException
memset
swprintf_s
_recalloc
memcmp
memcpy_s
_vscwprintf
vswprintf_s
wcslen
free
__CxxFrameHandler3
calloc
memmove_s
??_V@YAXPAX@Z
_purecall
??2@YAPAXI@Z
strlen
_snwprintf_s
malloc
_resetstkoflw
wcsstr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
wcscpy_s

httpmodule

??0CDownloadMgrProxy@@QAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
??1CDownloadMgrProxy@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveMaster.dll
.dll regsvr32 windows:4 windows x86 arch:x86

d96233a55e5831e3b78259928ebc3934

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:09:00:9a:93:a9:9a:ad:0d:79:ec:d0:12:7e:bb:c6:c9:cc:0d:4f
Signer

Actual PE Digest

77:09:00:9a:93:a9:9a:ad:0d:79:ec:d0:12:7e:bb:c6:c9:cc:0d:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveMaster.pdb

Imports

kernel32

GlobalAlloc
FlushInstructionCache
GetCurrentProcess
SetLastError
GetModuleFileNameW
FreeLibrary
LoadLibraryExW
GetModuleHandleW
VirtualQuery
LoadLibraryW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
lstrlenW
TerminateProcess
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GlobalLock
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
CreateFileW
DeviceIoControl
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
FindFirstFileW
FindClose
GetFileAttributesW
GetDriveTypeW
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GlobalUnlock
GetProcAddress
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
InitializeCriticalSection
GetLogicalDrives
GetDiskFreeSpaceExW
GetTickCount
DeleteFileW
CreateDirectoryW
SetFileAttributesW
MoveFileW
LoadLibraryA
InterlockedDecrement
GetVersionExW
InterlockedIncrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetLastError
UnhandledExceptionFilter
RaiseException

user32

IntersectRect
EndPaint
GetClientRect
BeginPaint
SetWindowLongW
GetWindowLongW
IsWindow
InvalidateRect
EqualRect
SendMessageW
ReplyMessage
KillTimer
SetTimer
OffsetRect
GetKeyState
UnregisterClassA
GetClassInfoExW
LoadCursorW
RegisterClassExW
DefWindowProcW
DestroyWindow
ShowWindow
SetWindowPos
GetParent
GetFocus
IsChild
SetFocus
UnionRect
PtInRect
CreateWindowExW
CallWindowProcW
SetWindowRgn

gdi32

LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileW
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
SetTextAlign
TextOutW
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW

ole32

CoTaskMemFree
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateOleAdviseHolder
CoTaskMemAlloc
CoCreateInstance
CoFreeLibrary
CreateDataAdviseHolder

oleaut32

SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen
VarBstrCmp
SysStringByteLen
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
LoadTypeLi
OleCreatePropertyFrame
SysAllocStringLen

livelog

?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetLiveServerPort@@YAIPB_W@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?GetUserGuid@@YAXPADAAH@Z
?HexStringToBits@@YA_NPBDPAEAAH@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z

atl80

ord23
ord15
ord64
ord32
ord61
ord18
ord30
ord27
ord26
ord43
ord44
ord58
ord31
ord50
ord51
ord52
ord53
ord22

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

ws2_32

htonl
ntohl
inet_addr
WSACleanup
WSAStartup
inet_ntoa
gethostbyname
gethostname

msvcr80

free
wcscat_s
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
calloc
?terminate@@YAXXZ
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
isdigit
sscanf_s
strchr
_recalloc
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
strlen
memcpy
wcsncpy_s
srand
_wcsicmp
_itow_s
__RTDynamicCast
memset
_purecall
_malloc_crt
abs
wcstoul
_time64
sprintf_s
strncpy_s
strcat_s
wcsrchr
memcmp
_resetstkoflw
??3@YAXPAX@Z
memcpy_s
memmove_s
rand
swprintf_s
wcscmp
wcsstr
_vscwprintf
vswprintf_s
wcslen
??2@YAPAXI@Z
??_V@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_wfopen_s
fclose
fwrite
malloc

Exports

Exports

CreateP2PAppCtrl
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
FinalReleaseP2PAppCtrl
ReleaseP2PAppCtrl

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveMedia.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b98b1287d23c4afc7a7790be887e2742

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:f7:90:20:00:72:bf:97:86:10:32:2f:2e:38:a0:d1:da:21:cc:ba
Signer

Actual PE Digest

44:f7:90:20:00:72:bf:97:86:10:32:2f:2e:38:a0:d1:da:21:cc:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveMedia.pdb

Imports

common

?Format@CTXStringA@@QAAXPBDZZ
??0CTXStringA@@QAE@XZ
??M@YA_NABVCTXStringA@@0@Z
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@XZ
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??1CTXStringA@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?GetTickCount@CTXTime@@SA?AV1@XZ
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
??1CTXStringW@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
?TXAssert@@YAHPB_W0H@Z

gf

?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?DispatchFrameMsg@GF@Util@@YAJPAUIGFFrame@@PAUtagBaseArg@@PAHPAJH@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

kernel32

GetFileAttributesW
GetPrivateProfileIntW
WideCharToMultiByte
GlobalHandle
GlobalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
HeapSize
FormatMessageW
GetVersion
VirtualAlloc
HeapFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
MulDiv
lstrcmpW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
lstrlenW
InterlockedDecrement
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
HeapDestroy
CloseHandle
HeapAlloc
GetVersionExW
HeapReAlloc
GetProcessHeap
VirtualFree
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedIncrement
LoadLibraryW
GetProcAddress
VirtualQuery
GetTickCount
GetThreadLocale
SetThreadLocale
GetModuleHandleW
LoadLibraryExW
FreeLibrary
lstrcmpiW
DeleteFileW
lstrlenA
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
SetLastError
GetCurrentThreadId
RaiseException
GlobalAlloc
GlobalUnlock
GlobalLock

user32

SendDlgItemMessageW
SetWindowLongW
GetWindowLongW
UnregisterClassA
CreateWindowExW
DestroyWindow
SetWindowTextW
IsWindow
SendMessageW
DefWindowProcW
CallWindowProcW
GetClientRect
GetSysColor
ShowWindow
FindWindowExW
CharNextW
MoveWindow
SetWindowPos
ClientToScreen
ScreenToClient
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
RedrawWindow
SetCapture
SetPropW
RemovePropW
GetCursorPos
WindowFromPoint
IsZoomed
TrackMouseEvent
FindWindowW
GetWindowThreadProcessId
SetRectEmpty
SetRect
CreateDialogIndirectParamW
IsWindowVisible
MessageBoxW
IsIconic
GetKeyState
UnionRect
PtInRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
DestroyIcon
IsChild
MapDialogRect
EndDialog
SetWindowContextHelpId
LoadIconW
EnumWindows
CopyRect
SetParent
GetDoubleClickTime
PostMessageW
GetWindowRect
KillTimer
SetTimer
SystemParametersInfoW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
CreateAcceleratorTableW
RegisterClassExW
LoadCursorW
GetClassInfoExW
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
GetParent
GetDlgItem
FillRect
ReleaseCapture
GetClassNameW

gdi32

DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectW
GetStockObject
TextOutW
SetTextAlign
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
CreateDCW
SetViewportOrgEx
SetMapMode
LPtoDP
DeleteObject

advapi32

RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
DragFinish
DragQueryFileW
DragAcceptFiles

ole32

OleSaveToStream
StringFromGUID2
OleLockRunning
CoGetClassObject
ReadClassStm
CLSIDFromString
CoCreateInstance
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
StringFromCLSID
StringFromIID
CLSIDFromProgID
CoTaskMemRealloc
CoTaskMemFree
CreateOleAdviseHolder
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
WriteClassStm

oleaut32

OleCreatePropertyFrame
VariantChangeType
VariantCopy
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
DispCallFunc
VariantClear
VariantInit
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringLen
GetErrorInfo

livelog

?IsValidQQUin@@YAHPB_W@Z
?IsValidEmail@@YAHPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckFileExist@@YAHPB_W@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?URLDecodeUTF8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?QQ_OpenURLUsingIEW@@YAJPB_W@Z
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?WriteConfigInt@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetOnLine@@YAHXZ
?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?OpenQQLive@@YAHPB_W@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?IsDLNAMode@@YAHXZ
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?NavigateURL@@YAHPB_WH@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?SetKeyValue@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@1@Z
?IsQQLiveClient@@YAHXZ
?IsNumber@@YAHPB_W@Z
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z

shlwapi

PathAppendW

msvcp80

?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

msvcr80

??2@YAPAXI@Z
__CxxFrameHandler3
vswprintf_s
_vscwprintf
memcpy_s
_CxxThrowException
free
??3@YAXPAX@Z
??_V@YAXPAX@Z
memset
_recalloc
memcmp
swprintf_s
malloc
__clean_type_info_names_internal
_invalid_parameter_noinfo
wcslen
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
?terminate@@YAXXZ
_wcsicmp
wprintf_s
memmove_s
??0exception@std@@QAE@ABV01@@Z
strlen
wcsstr
wcscpy_s
wcsncpy_s
wcscat_s
wcsrchr
_itow_s
wcscmp
_purecall
calloc
ldiv
_resetstkoflw
_wtof
wcstok_s
wcstol
memcpy
wcschr
abs
wcstoul

httpmodule

??1CDownloadMgrProxy@@UAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
??0CDownloadMgrProxy@@QAE@XZ

wintrust

WinVerifyTrust

crypt32

CertFreeCertificateContext
CertCreateCertificateContext
CertGetNameStringW
CryptMsgGetParam
CryptQueryObject
CryptMsgClose
CertCloseStore

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveOcx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

ae080b9577c1dfb89a1e107793d0465c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e2:44:c2:2b:66:de:49:20:5d:3b:bc:81:db:2f:03:a0:40:55:1c:be
Signer

Actual PE Digest

e2:44:c2:2b:66:de:49:20:5d:3b:bc:81:db:2f:03:a0:40:55:1c:be

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveOcx.pdb

Imports

winmm

mixerClose
mixerOpen
mixerGetID
waveOutGetDevCapsW
waveOutGetNumDevs

kernel32

GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetVersionExW
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetLastError
lstrlenW
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
FindResourceExW
FindResourceW
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
GetModuleHandleW
SizeofResource
LockResource
LoadResource
GetProcAddress
VirtualQuery
GetModuleFileNameW
RaiseException
GetSystemInfo
GetCurrentProcessId
GetProcessTimes
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
WideCharToMultiByte
lstrcpynW
CreateProcessW
WaitForSingleObject
TerminateProcess
CloseHandle
Sleep
DeleteFileW
GetTempFileNameW
GetTickCount
SetLastError
lstrlenA
MultiByteToWideChar
FreeLibrary
FormatMessageW
HeapAlloc
GetProcessHeap

user32

SetWindowLongW
SetCursor
CallWindowProcW
GetWindowLongW
SendMessageW
IsRectEmpty
DefWindowProcW
RegisterClassExW
EndPaint
GetClientRect
InvalidateRect
GetParent
SetWindowRgn
UnregisterClassA
GetClassInfoExW
LoadCursorW
GetDesktopWindow
MonitorFromRect
GetMonitorInfoW
GetClassNameW
CreatePopupMenu
TrackPopupMenu
DestroyMenu
CreateMenu
AppendMenuW
MonitorFromWindow
GetDC
GetKeyState
GetFocus
IsChild
SetFocus
UnionRect
IntersectRect
EqualRect
DrawTextW
SetRect
SetRectEmpty
BeginPaint
GetWindowDC
GetSystemMetrics
GetAsyncKeyState
PostThreadMessageW
FindWindowW
SetParent
SetWindowPos
ReleaseCapture
GetCapture
SetCapture
GetDoubleClickTime
CreateWindowExW
PostMessageW
MoveWindow
FillRect
GetCursorPos
PtInRect
ShowCursor
OpenDesktopW
SwitchDesktop
CloseDesktop
DestroyWindow
EnumWindows
FindWindowExW
OffsetRect
CopyRect
IsWindow
KillTimer
SetTimer
IsWindowVisible
ShowWindow
UpdateWindow
RegisterWindowMessageW
SetWindowTextW
ReleaseDC
GetWindowRect
TrackMouseEvent

gdi32

SetBkMode
DeleteDC
SelectObject
DeleteObject
CreateSolidBrush
SetPixel
GetObjectW
CreateFontIndirectW
CombineRgn
ExtCreateRegion
BitBlt
CreateDIBSection
GetPixel
SetTextColor
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileW
SetViewportOrgEx
SetMapMode
LPtoDP
GetDeviceCaps
CreateCompatibleBitmap
SetBkColor
CreateDCW
CreateCompatibleDC

advapi32

RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyW
RegSetValueExW

ole32

CoCreateGuid
CoFreeLibrary
CoTaskMemAlloc
CreateOleAdviseHolder
OleRegEnumVerbs
StringFromGUID2
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
StringFromIID
OleRegGetUserType
CoCreateInstance

oleaut32

VariantInit
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
LoadRegTypeLi
VariantChangeType
VariantCopy
DispCallFunc
SysAllocString
SysFreeString
VariantClear
VarBstrCmp

livelog

?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetVFormatBandwidth@@YAJJ@Z
?GetUserGuid@@YAXPADAAH@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetOnLine@@YAHXZ
?GetStatCorrectTime@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetProcessModuleVersion@@YAPB_WPB_WQA_WH@Z
?IsWindowsVista@@YAHXZ
?GetQQLiveDaemonWnd@@YAPAUHWND__@@XZ
?IsQQLiveClient@@YAHXZ
?NavigateURL@@YAHPB_WH@Z
?OpenQQLive@@YAHPB_W@Z
?IsForegroundApplication@@YAHXZ
?GetDllVersion@@YAHPB_WAAH111@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?SetIsDLNAMode@@YAXH@Z
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetRealStatInst@@YAJPAPAUIRealGuidStat@@_K@Z
?GetDXVAStatus@@YAHXZ
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?GetChannelInfo@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?ResetLiveServerUpdateStatus@@YAXXZ
?ClearComInst@@YAX_K@Z
?CloseLogEvent@@YAXXZ
?CloseLogMutex@@YAXXZ
?LiveOcxStop@@YAXAAPAX@Z
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetVFormatSimpleName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetVFormatBitrateName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?SetVFormatBitrateName@@YAXJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?GetDefaultVFormat@@YAJXZ
?GetFavouriteVFormat@@YAJXZ
?LiveOcxStart@@YAPAXXZ
?SetDNSStatus@@YAXW4DNS_STATUS@@@Z
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?SetXPMenuState@@YAXH@Z
?GetInstructionLevel@@YAHXZ
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?CheckDXNASetting@@YAHXZ
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?IsNumber@@YAHPB_W@Z
?GetDefaultDLNAVFormat@@YAJXZ
?CheckFileExist@@YAHPB_W@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?SetDXVAStatus@@YAXH@Z
?GetXPMenuState@@YAXAAHAAK@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?IsDLNAMode@@YAHXZ
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?LoadImageFromResource@@YA_NPAVCImage@ATL@@IPB_WPAUHINSTANCE__@@@Z
?BitmapToRegion@@YAPAUHRGN__@@PAUHBITMAP__@@E@Z

atl80

ord53
ord48
ord52
ord51
ord15
ord18
ord22
ord64
ord23
ord61
ord43
ord44
ord10
ord11
ord30
ord42
ord31
ord32
ord58
ord27
ord26
ord50

shlwapi

StrCmpW
PathFileExistsW

gdiplus

GdiplusShutdown

msimg32

AlphaBlend

msvcp80

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

psapi

GetProcessMemoryInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcr80

_vscwprintf
_purecall
memcpy
abs
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
strlen
free
calloc
??2@YAPAXI@Z
fread
fclose
ftell
fseek
_wfopen
wcsnlen
_wtol
_wtoi
wcsstr
wcsrchr
wcsncpy_s
malloc
_resetstkoflw
ceil
labs
strncpy_s
wcstol
_ltow_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_vsnwprintf_s
wcscmp
memcmp
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_time64
strchr
strcmp
memset
vswprintf_s
memmove_s
wcslen
sscanf
memcpy_s
_recalloc
??_V@YAXPAX@Z
__CxxFrameHandler3
swprintf_s
_CxxThrowException
??3@YAXPAX@Z
_itow_s

httpmodule

?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
??0CDownloadMgrProxy@@QAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
??1CDownloadMgrProxy@@UAE@XZ

wininet

InternetCrackUrlW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LivePlayer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

64e118bb82d6c070f4be20b81c661257

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6b:72:99:13:c1:83:55:46:69:60:0d:ce:b8:eb:78:59:36:d5:47:44
Signer

Actual PE Digest

6b:72:99:13:c1:83:55:46:69:60:0d:ce:b8:eb:78:59:36:d5:47:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\LivePlayer.pdb

Imports

comctl32

_TrackMouseEvent

kernel32

SetThreadLocale
GetThreadLocale
FreeLibrary
GetProcAddress
LoadLibraryExW
FlushInstructionCache
GetCurrentProcess
GetFileAttributesW
SetLastError
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
CreateDirectoryA
WritePrivateProfileStringW
lstrlenA
CloseHandle
SetEvent
CreateEventW
CreateMutexW
FindClose
FindFirstFileW
GetPrivateProfileIntW
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetLastError
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
DeleteFileA
WideCharToMultiByte
lstrlenW
GetLocalTime
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
Sleep

user32

EndPaint
GetClassInfoExW
LoadCursorW
RegisterClassExW
BeginPaint
SystemParametersInfoW
SendInput
CallWindowProcW
DefWindowProcW
CreateWindowExW
DestroyWindow
KillTimer
SetTimer
ClientToScreen
GetClientRect
MoveWindow
IsWindow
SendMessageW
SetWindowTextW
PostMessageW
GetWindowLongW
SetWindowLongW
UnregisterClassA

shell32

SHGetFolderPathW

ole32

PropVariantClear
CoCreateInstance

oleaut32

LoadTypeLi
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
LoadRegTypeLi

streamio

GetIOManager

atl80

ord18
ord31
ord58
ord30
ord32
ord44
ord43
ord61
ord23
ord64
ord22
ord15

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr80

memmove_s
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_vsnprintf_s
?terminate@@YAXXZ
__CppXcptFilter
??3@YAXPAX@Z
memset
_CxxThrowException
??_V@YAXPAX@Z
_invalid_parameter_noinfo
swprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
fclose
rename
sprintf_s
free
calloc
_recalloc
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
ftell
fseek
fflush
fwrite
strlen
fopen
memcpy
wcsrchr
memcpy_s
_purecall
wcslen
strcpy_s
malloc
_resetstkoflw
memcmp
_adjust_fdiv

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetAudioDeviceInfo

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveStream.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9a08e0b923511293ca3a3a9b54e0b3ee

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a9:e2:c4:4b:d8:f8:cc:d2:59:dd:db:47:a7:b2:35:b7:14:cb:6d:c1
Signer

Actual PE Digest

a9:e2:c4:4b:d8:f8:cc:d2:59:dd:db:47:a7:b2:35:b7:14:cb:6d:c1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\LiveStream.pdb

Imports

ws2_32

ioctlsocket
connect
WSAGetLastError
socket
recv
accept
closesocket
listen
htons
bind
send
select
inet_ntoa
inet_addr

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetProcessHeap
HeapSize
FormatMessageA
WideCharToMultiByte
GetLastError
LocalFree
lstrlenA
GetModuleFileNameA
MultiByteToWideChar
GetProcAddress
DeleteCriticalSection
CloseHandle
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
WriteFile
CreateEventW
CreateFileA
EnterCriticalSection
DeleteFileA
MoveFileA
InterlockedIncrement
FindResourceA
LoadResource
GetModuleHandleA
LoadLibraryExA
InterlockedDecrement
IsDBCSLeadByte
SizeofResource
SetUnhandledExceptionFilter
RaiseException
lstrcmpiA
FreeLibrary
DisableThreadLibraryCalls
CreateMutexA
GetTickCount
CreateEventA
SetEvent
CreateDirectoryA
FindClose
FindFirstFileA
GetCurrentThreadId
Sleep
GetVersionExA
CreateThread
InterlockedExchange
MapViewOfFile
UnmapViewOfFile
GetStringTypeExA
CompareStringA
CreateFileMappingA
lstrcmpiW
GetStringTypeExW
GetLocalTime
GetPrivateProfileIntW
GetEnvironmentVariableA
CompareStringW
GetVersion
GetEnvironmentVariableW
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrlenW

user32

TranslateMessage
DestroyWindow
PostMessageA
GetWindowLongA
KillTimer
GetMessageA
IsWindow
SetTimer
DispatchMessageA
SetWindowLongA
UnregisterClassA
CharNextA
CharLowerA
CharUpperW
CharLowerW
CharUpperA
CreateWindowExA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey

shell32

SHGetFolderPathW
SHGetFolderPathA

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoLoadLibrary
CLSIDFromString
CoFreeLibrary
StringFromCLSID
CoTaskMemFree

oleaut32

SysStringByteLen
SysAllocStringByteLen
VarBstrCat
VarUI4FromStr
LoadTypeLi
RegisterTypeLi
SysAllocString
UnRegisterTypeLi
LoadRegTypeLi
SysFreeString
SysStringLen
SysAllocStringLen

msvcp80

?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?width@ios_base@std@@QBEHXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?uncaught_exception@std@@YA_NXZ
?width@ios_base@std@@QAEHH@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?rdstate@ios_base@std@@QBEHXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
?good@ios_base@std@@QBE_NXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?flags@ios_base@std@@QBEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ
?eof@?$char_traits@D@std@@SAHXZ

msvcr80

fopen
fclose
_CxxThrowException
strstr
strftime
strrchr
fwrite
strchr
atoi
_localtime64
_vsnprintf
fflush
fseek
rename
wcscpy_s
wcslen
ftell
swprintf_s
strcmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_vsnprintf_s
_malloc_crt
_encoded_null
_initterm
_initterm_e
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_strnicmp
_stricmp
__CxxFrameHandler3
_amsg_exit
??3@YAXPAX@Z
_recalloc
sprintf
free
??_V@YAXPAX@Z
calloc
strcpy
wcstombs
_splitpath
strcat
strlen
_localtime64_s
sprintf_s
memset
??2@YAPAXI@Z
_time64
strcat_s
wcsncpy_s
malloc
_resetstkoflw
memcmp
memcpy_s
strcpy_s
_mbsnbcpy_s
_purecall
memcpy
memmove_s
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_beginthreadex

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LiveVOD.dll
.dll regsvr32 windows:4 windows x86 arch:x86

cbcef966011859c16242130df63fc715

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:c0:55:8a:f3:5b:41:17:a3:be:8b:2a:bd:c6:4f:02:f8:3e:14:d8
Signer

Actual PE Digest

7b:c0:55:8a:f3:5b:41:17:a3:be:8b:2a:bd:c6:4f:02:f8:3e:14:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\LiveVOD.pdb

Imports

ws2_32

WSACleanup
WSAStartup

wininet

InternetCrackUrlA

tinyxml

?GetText@TiXmlElement@@QBEPBDXZ
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
??0TiXmlDocument@@QAE@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
??1TiXmlDocument@@UAE@XZ

kernel32

lstrlenW
WideCharToMultiByte
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetThreadLocale
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
GetTickCount
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
SetEvent
CreateEventW
CreateMutexW
CloseHandle
GetModuleHandleW
CreateEventA
CreateMutexA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
InterlockedExchange
Sleep
PulseEvent
RaiseException
GetCurrentThreadId
GetFileAttributesW
CreateDirectoryW
GetModuleFileNameW
DeleteFileA
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetLocalTime
GetCurrentProcessId
MultiByteToWideChar
lstrlenA
GetProcessHeap
InterlockedCompareExchange
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

user32

DestroyWindow
DispatchMessageW
TranslateMessage
IsWindow
PostMessageW
UnregisterClassA
KillTimer
SetTimer
GetWindowLongW
CreateWindowExA
SetWindowLongA
SetWindowLongW
GetMessageW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
StringFromGUID2
CoCreateGuid

oleaut32

SysAllocStringLen
VariantCopy
VariantClear
VariantInit
DispCallFunc
SysStringByteLen
SysAllocStringByteLen
VarBstrCmp
SysStringLen
SysAllocString
SysFreeString

livelog

?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?GetAutoDownloadTime@@YAIXZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z

atl80

ord18
ord22
ord15
ord61
ord64
ord10
ord11
ord23
ord30

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

_vsnprintf_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_ltoa
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_strnicmp
wcschr
??3@YAXPAX@Z
__CxxFrameHandler3
memset
_CxxThrowException
??2@YAPAXI@Z
memcpy
strlen
_vsnprintf
sprintf_s
ftell
fseek
fflush
fwrite
fopen
fclose
rename
_vsnwprintf_s
wcsrchr
strncpy_s
memcmp
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
memmove_s
free
calloc
_recalloc
strncmp
_purecall
??_V@YAXPAX@Z
strcpy_s
wcstoul
wcstok_s
_resetstkoflw
memcpy_s
wcslen
malloc
swprintf_s
_beginthreadex
strrchr
fgetws
_wfsopen
strtod
_vscwprintf
vswprintf_s
isalpha
wcsncpy_s
_strlwr_s
_wsplitpath_s
wcscat_s

httpmodule

??1CDownloadMgrProxy@@UAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
??0CDownloadMgrProxy@@QAE@XZ

Exports

Exports

CreateQQLiveVOD
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MMInstaller.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fe14efa60f8adeac0e249746a4882da2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d7:fd:26:33:61:2c:6c:93:8a:7e:ee:91:e0:97:db:33:8f:1e:8b:f6
Signer

Actual PE Digest

d7:fd:26:33:61:2c:6c:93:8a:7e:ee:91:e0:97:db:33:8f:1e:8b:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MMInstaller.pdb

Imports

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
GetProcAddress
OutputDebugStringW
GetModuleFileNameW
CloseHandle
GetExitCodeProcess
WaitForMultipleObjects
WaitForSingleObject
TerminateThread
SetEvent
WideCharToMultiByte
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateEventW
GetModuleHandleW
RaiseException
lstrcmpiW
GetModuleHandleExW
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryExW
VirtualQuery
GetCurrentThreadId
LoadLibraryW
SetEndOfFile
CreateFileA
CreateFileW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SizeofResource
LoadLibraryA
lstrlenW
GetLocalTime
CreateDirectoryW
lstrlenA
MultiByteToWideChar
Sleep
GetTickCount
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
GetStringTypeW
GetStringTypeA
ReadFile
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetCPInfo
VirtualAlloc
VirtualFree
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
ExitProcess
LCMapStringW
LCMapStringA
GetFileAttributesW
GetVersionExW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetStdHandle
GetLastError
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GlobalAlloc
GlobalFree
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
IsValidCodePage

user32

IsWindow
PostMessageW
DefWindowProcW
GetWindowLongW
CreateWindowExW
RegisterClassExW
CharNextW
SetWindowLongW
PostQuitMessage
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
PeekMessageW
SetTimer
LoadCursorW
DestroyWindow
KillTimer
UnregisterClassA

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoLoadLibrary
CoFreeLibrary

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen

wininet

DeleteUrlCacheEntryW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CertFreeCertificateContext
CertCreateCertificateContext
CertGetNameStringW
CryptMsgGetParam
CertCloseStore
CryptQueryObject

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaCtrl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

fe669197dbdfc89457a011df16730a04

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

21:f0:19:70:2a:ae:ed:73:a3:68:05:10:4d:1e:b9:0d:31:17:82:c5
Signer

Actual PE Digest

21:f0:19:70:2a:ae:ed:73:a3:68:05:10:4d:1e:b9:0d:31:17:82:c5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MediaCtrl.pdb

Imports

comctl32

InitCommonControlsEx

common

?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
?GetTickCount@CTXTime@@SA?AV1@XZ
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??M@YA_NABVCTXStringA@@0@Z
??0CTXStringA@@QAE@XZ
?Format@CTXStringA@@QAAXPBDZZ
??0CTXBSTR@@QAE@XZ
?TXAssert@@YAHPB_W0H@Z
??0CTXStringW@@QAE@PB_W@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??BCTXStringW@@QBEPB_WXZ
??1CTXStringW@@QAE@XZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??1CTXStringA@@QAE@XZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@XZ
?IsEmpty@CTXBSTR@@QAEHXZ
??ICTXBSTR@@QAEPAPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXBSTR@@QAE@PB_W@Z

gf

?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z
?FreeData@Metadata@Util@@YAJAAPA_W@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAH@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?DispatchFrameMsg@GF@Util@@YAJPAUIGFFrame@@PAUtagBaseArg@@PAHPAJH@Z
?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
?FramePoint2WindowPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

ximage

?Load@CxImage@@QAE_NPB_WK@Z
??0CxImage@@QAE@K@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?Destroy@CxImage@@QAE_NXZ
?Save@CxImage@@QAE_NPB_WK@Z

tinyxml

??0TiXmlDocument@@QAE@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
??1TiXmlDocument@@UAE@XZ
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?GetText@TiXmlElement@@QBEPBDXZ

kernel32

GetProcAddress
VirtualQuery
LoadLibraryW
GetVersionExW
GetExitCodeProcess
WaitForSingleObject
GetDriveTypeW
FindClose
FindFirstFileW
DeviceIoControl
CreateFileW
SetFileAttributesW
CreateDirectoryW
GetTickCount
MoveFileW
GetDiskFreeSpaceExW
GetLogicalDrives
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
GetFileAttributesW
FreeLibrary
SetThreadLocale
GetThreadLocale
SetLastError
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetVersion
OpenProcess
VirtualAllocEx
ReadProcessMemory
VirtualFreeEx
GetCurrentThreadId
FileTimeToSystemTime
SystemTimeToFileTime
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
lstrcmpiW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocalTime
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
CloseHandle
GetModuleHandleW
FormatMessageW
lstrlenW
HeapAlloc
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetPrivateProfileIntW
LoadLibraryA
InterlockedCompareExchange
GetLocaleInfoA
GetLastError
LocalFree
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
HeapFree
GetProcessHeap

user32

GetParent
GetDesktopWindow
ClientToScreen
UpdateWindow
UnhookWindowsHookEx
SetWindowRgn
GetWindowRgn
SetWindowsHookExW
CallNextHookEx
InvalidateRect
DestroyWindow
OffsetRect
SetRect
SetRectEmpty
SendMessageW
GetWindowThreadProcessId
FindWindowExW
FindWindowW
GetWindowLongW
CreateWindowExW
SetWindowTextW
DefWindowProcW
CallWindowProcW
TrackMouseEvent
IsZoomed
IsIconic
SystemParametersInfoW
MapWindowPoints
GetWindow
IsRectEmpty
GetKeyState
ShowCursor
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
LoadImageW
GetKeyNameTextW
GetClientRect
GetAncestor
WindowFromPoint
SetFocus
BringWindowToTop
IntersectRect
EqualRect
RegisterWindowMessageW
SetTimer
KillTimer
UnregisterClassA
GetClassInfoExW
GetWindowPlacement
GetForegroundWindow
SetForegroundWindow
CharNextW
GetSystemMetrics
GetAsyncKeyState
IsWindowVisible
LoadCursorW
RegisterClassExW
MoveWindow
GetWindowRect
SetWindowLongW
CopyRect
SetCapture
SetWindowPos
IsWindow
SetParent
ShowWindow
GetCursorPos
PtInRect
ReleaseCapture
MapVirtualKeyW

gdi32

RestoreDC
CreateRectRgn
OffsetRgn
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetWindowOrgEx
GetViewportOrgEx
SaveDC
DeleteObject

comdlg32

GetOpenFileNameW

advapi32

CloseServiceHandle
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
StartServiceW
ChangeServiceConfigW
QueryServiceStatusEx
OpenServiceW
QueryServiceConfigW
OpenSCManagerW

shell32

SHGetPathFromIDListW
ShellExecuteW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHBrowseForFolderW
ShellExecuteExW

ole32

StringFromIID
StringFromCLSID
CoTaskMemFree
CoCreateInstance

oleaut32

SysStringLen
SysFreeString
VarBstrCmp
VariantInit
VariantClear
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VarUI4FromStr
SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysAllocString

livelog

?HexStringToBits@@YA_NPBDPAEAAH@Z
?URLDecodeUTF8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?QQ_OpenURLUsingIEW@@YAJPB_W@Z
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z
?GetMMGFWindow@@YAHPAUHWND__@@PAPAUIUnknown@@@Z
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?SetXPMenuState@@YAXH@Z
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?OpenQQLive@@YAHPB_W@Z
?GetFullKeyCode@@YAKIJ@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?FormUrlEncode@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABI@Z
?IsNumber@@YAHPB_W@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?CheckFileExist@@YAHPB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?GetOnLine@@YAHXZ
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?GetUserGuid@@YAXPADAAH@Z
?GetVFormatBandwidth@@YAJJ@Z
?IsDLNABusy@@YAHXZ
?IsDLNAMode@@YAHXZ
?GetXPMenuState@@YAXAAHAAK@Z
?GetDefaultVFormat@@YAJXZ
?GetFavouriteVFormat@@YAJXZ
?GetDefaultFormatsListItem@@YAJJ@Z
?GetDefaultFormatsListCount@@YAJXZ
?GetRandomNum@@YAKKK@Z
?EncodeURIComponent@@YAJPBEJAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?WriteConfigInt@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?WriteConfigDword@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetVFormatSimpleName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?Utf8ToWS@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?CreateTempFile@@YAHAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@@Z
?GetFileNameByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?GetFolderByPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV12@@Z
?GetClientOsVersion@@YAEXZ
?SetIsDLNAMode@@YAXH@Z
?SetDLNABusy@@YAXH@Z
?GetWindowWorkArea@@YA?AUtagRECT@@PAUHWND__@@@Z
?GetQQLiveDaemonWnd@@YAPAUHWND__@@XZ
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?IsPathStringValid@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?CheckDirectoryWriteable@@YAHPB_W@Z
?IsWindowsVista@@YAHXZ
?IsEnableUAC@@YAHXZ
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?NavigateURL@@YAHPB_WH@Z
?CheckUnadvise@@YAXPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?CheckAdvise@@YAXPB_W@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ

atl80

ord44
ord10
ord11
ord30
ord58
ord31
ord32
ord23
ord61
ord42
ord48
ord15
ord18
ord22
ord64
ord43

shlwapi

PathAppendW

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

abs
wcsrchr
wcschr
wcsstr
wcsncpy
swscanf
iswdigit
wcstoul
_wtoi
_wfopen_s
fseek
ftell
fclose
fread
_byteswap_ulong
strlen
_wtol
labs
ldiv
_resetstkoflw
calloc
wcsncpy_s
wcscpy_s
malloc
isalpha
free
_purecall
vswprintf_s
_vscwprintf
wcscmp
memset
_recalloc
??_V@YAXPAX@Z
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
rand
fwrite
wcscat_s
srand
sprintf_s
_time64
fabs
_vsnwprintf_s
atoi
wcstok_s
wcstol
sscanf
strcmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
??3@YAXPAX@Z
memcmp
memcpy_s
_CxxThrowException
_invalid_parameter_noinfo
wcslen
memcpy
swprintf_s

xgraphic32

GetTextureSize
SetTextureMode
GetCanvasHandle

httpmodule

??0CDownloadMgrProxy@@QAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z
??1CDownloadMgrProxy@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaSource.dll
.dll regsvr32 windows:4 windows x86 arch:x86

30b1075e7a316c62a6cda553c86079df

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

36:3c:ab:1c:15:b9:b9:b0:dc:9f:8e:6a:5e:ea:fc:57:d7:39:20:2f
Signer

Actual PE Digest

36:3c:ab:1c:15:b9:b9:b0:dc:9f:8e:6a:5e:ea:fc:57:d7:39:20:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\MediaSource.pdb

Imports

ws2_32

htonl
ntohl

kernel32

GetCurrentProcess
GetTickCount
CreateThread
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
lstrcpynW
DisableThreadLibraryCalls
GetModuleFileNameA
OutputDebugStringW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
FreeResource
SizeofResource
LockResource
GetTempPathW
FreeLibrary
lstrlenW
WideCharToMultiByte
GetModuleFileNameW
LoadLibraryW
GetModuleHandleW
CreateSemaphoreW
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
LoadResource
FindResourceW
GetFileAttributesW
CreateDirectoryA
lstrlenA
CreateMutexW
MultiByteToWideChar
IsBadWritePtr
SetThreadPriority
GetCurrentThreadId
LoadLibraryExW
GetSystemInfo
QueryPerformanceCounter
InterlockedExchange
GetSystemTimeAsFileTime
GetVersionExW
GetLocalTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
WaitForSingleObject
DeleteFileA
GetLastError
ReleaseSemaphore
CloseHandle
ResumeThread
Sleep
CreateEventW
ResetEvent
SetEvent
QueryPerformanceFrequency

user32

PostMessageW
SendMessageW
SetRectEmpty
wsprintfW

gdi32

GetObjectW
SetDIBColorTable
SelectObject
CreateDIBSection
DeleteDC
GetDeviceCaps
CreateDCW
DeleteObject
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC

advapi32

RegDeleteKeyW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoTaskMemAlloc
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

SysAllocStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysStringLen

streamio

GetIOManager

msvcp80

??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXID@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

msvcr80

??0exception@std@@QAE@ABQBD@Z
_vscprintf
_beginthreadex
memset
memcpy_s
wcslen
wcsrchr
_wcsicmp
wcsncat_s
vswprintf_s
wprintf_s
__RTDynamicCast
_stricmp
memmove_s
_aligned_malloc
_aligned_free
memcmp
_wcsnicmp
iswalpha
swprintf_s
strcpy_s
_vscwprintf
wcscpy_s
calloc
_recalloc
free
memmove
sqrt
labs
malloc
_resetstkoflw
sin
_vsnwprintf_s
tan
_CIexp
__CxxFrameHandler3
printf
_CxxThrowException
_CIsqrt
_CIcos
_CIsin
_wtoi
_vsnprintf_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
vsprintf_s
memcpy
strlen
_purecall
rename
??8type_info@@QBE_NABV0@@Z
fopen
??0exception@std@@QAE@XZ
fwrite
fflush
??_V@YAXPAX@Z
fseek
ftell
fclose
??2@YAPAXI@Z
sprintf_s
_snprintf_s
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z

avcodec-ql-54

ord77
ord70
ord100
ord71
ord69
ord74
ord36
ord112
ord96
ord106
ord108
ord18
ord26
ord101

avformat-ql-54

ord40
ord31
ord47
ord56
ord38
ord35
ord3

avutil-ql-52

ord69
ord160
ord65
ord110
ord106

wintrust

WinVerifyTrust

crypt32

CryptQueryObject
CryptMsgGetParam
CertCreateCertificateContext
CertGetNameStringW
CertFreeCertificateContext
CryptMsgClose
CertCloseStore

gdiplus

GdiplusStartup
GdipDrawImageI
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipFree
GdipBitmapLockBits
GdipAlloc
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipBitmapUnlockBits
GdiplusShutdown

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 412KB - Virtual size: 410KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MiniTips.dll
.dll regsvr32 windows:4 windows x86 arch:x86

05bfaf4d8aca3ef7608b602bce64722d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7a:8e:e9:67:55:05:8c:04:71:9a:88:8e:a6:dd:9c:9c:04:8a:50:78
Signer

Actual PE Digest

7a:8e:e9:67:55:05:8c:04:71:9a:88:8e:a6:dd:9c:9c:04:8a:50:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\MiniTips.pdb

Imports

common

??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@XZ
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??M@YA_NABVCTXStringA@@0@Z
??0CTXStringA@@QAE@XZ
?Format@CTXStringA@@QAAXPBDZZ
??BCTXBSTR@@QBEPA_WXZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
??0CTXBSTR@@QAE@PB_W@Z
??1CTXBSTR@@QAE@XZ
??1CTXStringA@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?TXAssert@@YAHPB_W0H@Z

gf

?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

tinyxml

?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?Attribute@TiXmlElement@@QBEPBDPBD@Z
??1TiXmlDocument@@UAE@XZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
??0TiXmlDocument@@QAE@XZ
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z

kernel32

GetModuleFileNameW
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
lstrlenA
WritePrivateProfileStringW
GetPrivateProfileIntW
GetTickCount
RaiseException
WideCharToMultiByte
GetCurrentProcessId
DeleteFileW
HeapFree
GetProcessHeap
GetLastError
lstrcmpiW
FlushInstructionCache
GetCurrentProcess
VirtualQuery
GetProcAddress
GetFileAttributesW
LoadLibraryW
VirtualAlloc
VirtualFree
lstrlenW
LoadLibraryA
InterlockedCompareExchange
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetVersionExA
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
GetModuleHandleW
GetSystemTimeAsFileTime
GetCurrentThreadId
RemoveDirectoryW

user32

IsWindow
SetTimer
PostMessageW
DefWindowProcW
GetWindowLongW
CreateWindowExW
RegisterClassW
SetWindowTextW
MoveWindow
ShowWindow
CharNextW
CallWindowProcW
FindWindowExW
IsZoomed
OffsetRect
IsWindowVisible
IsIconic
SystemParametersInfoW
GetDesktopWindow
GetMonitorInfoW
GetKeyState
SetWindowLongW
GetCursorPos
DestroyWindow
UnregisterClassA
UnregisterClassW
RegisterWindowMessageW
GetForegroundWindow
MonitorFromWindow
GetWindowThreadProcessId
GetWindowRect
CopyRect
SetWindowPos
PtInRect

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW

shell32

SHGetFileInfoW

ole32

StringFromIID
StringFromCLSID
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VariantCopy
SysAllocStringLen
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
DispCallFunc
SysAllocString
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
SysStringLen

livelog

?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?ConvertTime@@YAI_J@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckUnadvise@@YAXPB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?QQ_OpenURLUsingIEW@@YAJPB_W@Z
?URLDecodeUTF8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetLiveServerPort@@YAIPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?CreateAllDirectory@@YAHPB_W@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z

atl80

ord18
ord15
ord31
ord22
ord30
ord32
ord61
ord23
ord64
ord10
ord11
ord42
ord48
ord58

shlwapi

PathAppendW

msvcp80

?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ

msvcr80

__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
wcscmp
?_type_info_dtor_internal_method@type_info@@QAEXXZ
wcsstr
abs
wcschr
wcsncpy_s
wcscpy_s
fopen_s
fwrite
fclose
strtoul
_strtoi64
srand
rand
_time64
vswprintf_s
_vscwprintf
_localtime32_s
asctime_s
_crt_debugger_hook
__clean_type_info_names_internal
memmove_s
??_V@YAXPAX@Z
_purecall
_recalloc
calloc
malloc
_resetstkoflw
memcmp
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_byteswap_ulong
_byteswap_ushort
ldiv
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
memset
wcslen
__CxxFrameHandler3
free
swprintf_s
labs
memcpy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OPWebKitClient.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8cd9a0f3039d66477028cf90e1c2c8df

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5a:5d:e1:de:4a:0b:3d:ed:61:fb:c5:02:a4:5e:8b:b6:81:4b:c4:30
Signer

Actual PE Digest

5a:5d:e1:de:4a:0b:3d:ed:61:fb:c5:02:a4:5e:8b:b6:81:4b:c4:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\qqlive\qqlive_document\HummerSDK\Output\PdbFinal\OPWebKitClient.pdb

Imports

comctl32

InitCommonControlsEx

common

?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?Format@CTXStringA@@QAAXPBDZZ
??1CTXStringA@@QAE@XZ
??0CTXStringA@@QAE@XZ
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??0CTXStringA@@QAE@ABV0@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??M@YA_NABVCTXStringA@@0@Z
??ICTXBSTR@@QAEPAPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@ABV0@@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?MakeLower@CTXStringW@@QAEAAV1@XZ
?ReverseFind@CTXStringW@@QBEH_W@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?GetLength@CTXStringW@@QBEHXZ
?Format@CTXStringW@@QAAXPB_WZZ
??YCTXStringW@@QAEAAV0@PB_W@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??0CTXStringW@@QAE@XZ
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?EncodeHash@Encode@Util@@YA?AVCTXStringW@@ABVCTXBuffer@@@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??9@YA_NPB_WABVCTXBSTR@@@Z
?Right@CTXStringW@@QBE?AV1@H@Z
??ACTXStringW@@QBE_WH@Z
?pfPreBugReport@TXBugReport@@3P6AXXZA
??YCTXStringW@@QAEAAV0@ABV0@@Z
?SetExtInfo@TXBugReport@@YAHKKPB_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@ABV0@@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?Find@CTXStringW@@QBEHPB_WH@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?OnError@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@K@Z
?OnRedirected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?SetUseIEProxy@CTXHttpDownload@@QAEXH@Z
?CancelDownload@CTXHttpDownload@@QAEXXZ
??1CTXHttpDownloadSink@@UAE@XZ
?OnProgress@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?GetDownloadedFilePath@CTXHttpDownload@@QAEHAAVCTXStringW@@@Z
??0CTXHttpDownloadSink@@IAE@XZ
?OnDownloadStart@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?Download@CTXHttpDownload@@QAEHPB_WPAU_SYSTEMTIME@@0HPA_J@Z
?SetUIInterface@CTXHttpDownload@@QAEXPAVCTXHttpDownloadSink@@@Z
?OnConnected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@@Z
??BCTXStringW@@QBEPB_WXZ
?OnConnecting@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
??0CTXHttpDownload@@QAE@XZ
??1CUnZipFile@@QAE@XZ
??0CUnZipFile@@QAE@XZ
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
?GuidToString@Com@Util@@YAJABU_GUID@@PAPA_WH@Z
?DeleteDirectory@FS@@YAHPB_W@Z
?UnZipFile@CUnZipFile@@QAE_NABVCTXStringW@@0@Z
?FindFileWithWildcard@FS@Util@@YAXPB_W0AAV?$vector@VCTXStringW@@V?$allocator@VCTXStringW@@@std@@@std@@H@Z
?IsDirectoryExist@FS@@YAHPB_W@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
?GetString@CTXStringW@@QBEPB_WXZ
??8@YA_NABVCTXStringW@@PB_W@Z
?CreateTXArray@Data@Util@@YAHPAPAUITXArray@@@Z
?CreateDirectoryW@FS@@YAHPB_W@Z
?IsEmpty@CTXStringW@@QBE_NXZ
??4CTXStringW@@QAEAAV0@PB_W@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
?Utf8FromWS@Convert@Util@@YA?AVCTXStringA@@PB_WH@Z
?GetString@CTXStringA@@QBEPBDXZ
?Append@CTXStringW@@QAEXPB_W@Z
?ReleaseBuffer@CTXStringA@@QAEXH@Z
?GetBuffer@CTXStringA@@QAEPADXZ
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
?Empty@CTXStringW@@QAEXXZ
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?Preallocate@CTXStringW@@QAEXH@Z
?GetBuffer@CTXStringW@@QAEPA_WXZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ
?SafeLoadLibrary@Sys@Util@@YAPAUHINSTANCE__@@PB_W@Z
??9@YA_NABVCTXStringW@@0@Z
?Mid@CTXStringA@@QBE?AV1@H@Z
?Mid@CTXStringA@@QBE?AV1@HH@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?Trim@CTXStringA@@QAEAAV1@XZ
?Find@CTXStringA@@QBEHPBDH@Z
?IsEmpty@CTXStringA@@QBE_NXZ
?GetLength@CTXStringA@@QBEHXZ
??4CTXStringA@@QAEAAV0@ABV0@@Z
?MinimzeMemory@Sys@Util@@YAXXZ
??0CTXStringA@@QAE@PBD@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?Copy@CTXBSTR@@QBEPA_WXZ
??8@YA_NABVCTXStringW@@0@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
?Mid@CTXStringW@@QBE?AV1@HH@Z
??BCTXStringA@@QBEPBDXZ
??4CTXBSTR@@QAEAAV0@ABV0@@Z
?OpenUrlWithIE@UrlBase@Util@@YAHABVCTXStringW@@@Z
?OpenUrlWithDefBrowser@UrlBase@Util@@YAXABVCTXStringW@@@Z
ord33
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
??H@YA?AVCTXStringW@@_WABV0@@Z
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?OnUninitCom@Misc@Util@@YAXXZ
??1CTXStringW@@QAE@XZ
?OnExitWinMain@Misc@Util@@YAXXZ
??0CTXStringW@@QAE@PA_W@Z
??1CTXHttpDownload@@UAE@XZ

gf

?FreeData@Metadata@Util@@YAJAAPA_W@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z
?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z

xgraphic32

GetTextureSize
SetTextureFilter
CreateTexture
LockTextureBits
UnlockTextureBits
DrawTexture
DeleteTexture

arkipc

ChannelGetDisconnect
DestroySharePacket
ShareMemoryGetSize
ShareMemoryDisconnect
ShareMemoryCreate
ShareMemoryGetData
ChannelSendRequest
ChannelSendResponse
ChannelSendRequestSync
IPCIsActive
ChannelWaitForEvent
IPCStartup
ChannelDestroy
IPCGetName
ChannelGetRecvPacket
ChannelCreate

kernel32

MultiByteToWideChar
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
GetModuleFileNameW
FindResourceW
InterlockedIncrement
lstrcmpiW
GetCommandLineW
SetThreadLocale
EnterCriticalSection
InitializeCriticalSection
LoadResource
SetEnvironmentVariableW
RaiseException
DeleteCriticalSection
GetLastError
InterlockedDecrement
LeaveCriticalSection
lstrlenW
GetEnvironmentVariableW
GetCurrentThreadId
LockResource
SizeofResource
lstrlenA
GetThreadLocale
GetModuleHandleW
GetTempPathW
QueryPerformanceCounter
GetTickCount
CreateFileW
CloseHandle
ReleaseMutex
CreateMutexA
WaitForSingleObject
ReadFile
GetFileSize
GetFileAttributesW
GetCurrentProcessId
OutputDebugStringW
VirtualProtect
LoadLibraryW
GetProcAddress
IsBadReadPtr
VirtualQuery
GetCurrentProcess
GetModuleHandleA
HeapAlloc
HeapDestroy
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
SetThreadContext
SetLastError
WideCharToMultiByte
FlushInstructionCache
VirtualAlloc
ResumeThread
VirtualFree
FindResourceExW
GetThreadContext

user32

DispatchMessageW
UnregisterClassA
GetMessageW
TranslateMessage
PeekMessageW
RegisterClassExW
SetWindowLongW
PostMessageW
DefWindowProcW
ReleaseCapture
GetCapture
SetCapture
SetFocus
SendMessageW
DestroyWindow
GetDesktopWindow
GetPropW
IsWindow
SendMessageTimeoutW
GetWindow
ClientToScreen
PostQuitMessage
CallNextHookEx
UnionRect
SetCursor
GetKeyState
CharNextW
UnhookWindowsHookEx
CreateWindowExW
SetWindowsHookExW
PostThreadMessageW

comdlg32

GetSaveFileNameW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW

ole32

CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoCreateInstance
StringFromCLSID

oleaut32

SysStringLen
VariantClear
VariantInit
SysStringByteLen
SysAllocString
LoadRegTypeLi
SysFreeString
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

PathRemoveFileSpecW
UrlUnescapeA
PathAppendW

msvcp80

?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Raise_handler@std@@3P6AXABVexception@stdext@@@ZA
?_Throw@std@@YAXABVexception@stdext@@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?deallocate@?$allocator@D@std@@QAEXPADI@Z
?allocate@?$allocator@D@std@@QAEPADI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ

msvcr80

memset
??2@YAPAXI@Z
memmove_s
memcmp
wcsncpy_s
free
wcscat_s
??_V@YAXPAX@Z
wcscpy_s
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
memcpy
_time64
rewind
ftell
fseek
fclose
fwrite
_wfopen_s
fread
strtoul
strlen
_wcsicmp
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
isxdigit
ldiv
_amsg_exit
_initterm_e
_wfopen
_beginthreadex
__CxxFrameHandler3
_stricmp
?terminate@@YAXXZ
_unlock
__dllonexit
_CxxThrowException
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
??3@YAXPAX@Z
_purecall
wcslen
_recalloc
memcpy_s
malloc

wintrust

CryptCATCatalogInfoFromContext
CryptCATAdminReleaseContext
WTHelperGetProvCertFromChain
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminAcquireContext
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData

crypt32

CertGetNameStringW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetClientCefBrowser
IPCServiceMain

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OPWebKitCtrl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

f7d01d2b26718b9b04e88e1b8b79d8e9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

74:97:9f:86:56:6f:8f:ca:83:38:b6:c7:95:56:fb:1e:ad:df:e5:d7
Signer

Actual PE Digest

74:97:9f:86:56:6f:8f:ca:83:38:b6:c7:95:56:fb:1e:ad:df:e5:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\OPWebKitCtrl.pdb

Imports

common

?Detach@CTXBSTR@@QAEPA_WXZ
??M@YA_NABVCTXStringA@@0@Z
?Copy@CTXBSTR@@QBEPA_WXZ
??ICTXBSTR@@QAEPAPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??0CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@ABV0@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??1CTXStringW@@QAE@XZ
?DoFormat@CFmtString@@QAEPB_WPB_W@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CFmtString@@QAE@XZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CFmtString@@QAE@XZ
?PropertyStr@CFmtString@@QAEHPB_W0@Z
??BCTXStringW@@QBEPB_WXZ
??0CTXStringW@@QAE@PB_W@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??8CTXBSTR@@QBE_NPB_W@Z
??0CTXStringA@@QAE@XZ
??1CTXStringA@@QAE@XZ
?IsEmpty@CTXBSTR@@QAEHXZ
?Format@CTXStringA@@QAAXPBDZZ

gf

?Get@Metadata@Util@@YAJPAUITXData@@PA_WPAPA_W@Z
?FreeData@Metadata@Util@@YAJAAPA_W@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?MessageBoxW@GF@Util@@YAJPAUIGFFrame@@PAPAUIGFSysMessageBox@@VCTXStringW@@2H@Z
?ScreenPoint2ClientPoint@GF@Util@@YAXPAUIGFFrame@@AAUtagPOINT@@@Z

xgraphic32

CreateTexture
SetTextureFilter
UnlockTextureBits
DeleteTexture
LockTextureBits
GetTextureSize
DrawTexture

arkipc

ShareMemoryDisconnect
ShareMemoryOpen
ShareMemoryGetSize
ChannelSendResponse
ChannelSendRequestSync
ChannelSendRequest
IPCStartup
ChannelWaitForEvent
ChannelDestroy
ChannelGetRecvPacket
IPCGetName
IPCIsActive
ChannelCreate
ChannelGetDisconnect
DestroySharePacket
ShareMemoryGetData

oleacc

AccessibleObjectFromWindow

kernel32

InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapSize
HeapReAlloc
Sleep
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
InterlockedExchange
InterlockedCompareExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapFree
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetThreadLocale
InitializeCriticalSection
GetLastError
QueryPerformanceCounter
DeleteCriticalSection
lstrlenW
GetThreadLocale
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
lstrcmpiW
FindResourceW
GetModuleHandleW
GetTickCount
LoadResource
SizeofResource
LockResource
LoadLibraryW
GetACP
WideCharToMultiByte
GetProcAddress
MultiByteToWideChar
CloseHandle
GetCurrentProcessId
WaitForSingleObject
CreateProcessW
TerminateProcess
OpenMutexA
ReleaseMutex
lstrlenA
RaiseException
GetCurrentThreadId

user32

TranslateMessage
SetWindowLongW
DispatchMessageW
PostQuitMessage
PeekMessageW
PostMessageW
RegisterClassExW
GetKeyboardLayout
IsWindow
DestroyWindow
CreateWindowExW
CharNextW
DefWindowProcW
GetKeyState
SetWindowPos
SetCursor
SendMessageW
UnionRect
UnregisterClassA

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

shell32

SHGetFileInfoW

ole32

CoCreateInstance
StringFromCLSID
CoTaskMemFree
StringFromGUID2

oleaut32

SysStringByteLen
SysStringLen
LoadRegTypeLi
VariantClear
VariantInit
VarUI4FromStr
SysFreeString
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString

msvcp80

?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1locale@std@@QAE@XZ
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
?str@?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??Bid@locale@std@@QAEIXZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Incref@facet@locale@std@@QAEXXZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?_Register@facet@locale@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?uncaught_exception@std@@YA_NXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z

msvcr80

_purecall
__CxxFrameHandler3
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
strlen
_beginthreadex
memcpy
??2@YAPAXI@Z
_invalid_parameter_noinfo
_recalloc
malloc
memcpy_s
memmove_s
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
wcslen
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
wcscat_s
??_V@YAXPAX@Z
wcsncpy_s
wcscpy_s
memset
??3@YAXPAX@Z
memcmp
free

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OcxHelper.exe
.exe windows:4 windows x86 arch:x86

a350128292bdb48435c70bda68b5bbb2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

40:45:00:83:5d:67:6a:d6:25:92:84:8c:6e:c5:f3:d2:66:51:31:46
Signer

Actual PE Digest

40:45:00:83:5d:67:6a:d6:25:92:84:8c:6e:c5:f3:d2:66:51:31:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\OcxHelper.pdb

Imports

kernel32

LoadResource
WideCharToMultiByte
FindResourceExW
MultiByteToWideChar
WaitForSingleObject
GetExitCodeProcess
GetLastError
SetFileAttributesW
LoadLibraryW
GetProcAddress
FreeLibrary
LocalFree
LockResource
SizeofResource
FindResourceW
GetTickCount
CloseHandle
CreateFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LoadLibraryA
SetFilePointer
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCPInfo
GetOEMCP
IsValidCodePage
Sleep
ExitProcess
WriteFile
GetConsoleCP
GetConsoleMode
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter

advapi32

RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetFileSecurityW
GetLengthSid
ConvertStringSidToSidW
InitializeSecurityDescriptor
RegDeleteValueW
RegQueryValueExW

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetFolderPathW

ole32

CoUninitialize
CoInitialize
StringFromCLSID
CoTaskMemFree

livelog

?IsWindowsVista@@YAHXZ
?CreateAllDirectory@@YAHPB_W@Z

shlwapi

PathFileExistsW

user32

UnregisterClassA

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProcessSession.dll
.dll regsvr32 windows:4 windows x86 arch:x86

37136f5e83d1bb5c893ebfa7e19ef1bb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4c:8d:d8:1a:25:54:b9:7c:d4:5b:aa:81:6e:42:80:1f:d6:05:dd:ec
Signer

Actual PE Digest

4c:8d:d8:1a:25:54:b9:7c:d4:5b:aa:81:6e:42:80:1f:d6:05:dd:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\ProcessSession.pdb

Imports

common

?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??M@YA_NABVCTXStringW@@0@Z
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@ABV0@@Z
??BCTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CTXStringW@@QAE@PB_W@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
??0CTXStringW@@QAE@PA_W@Z
??BCTXBSTR@@QBEPA_WXZ
??0CTXStringW@@QAE@XZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?FlushLog@TXLog@@YAXXZ
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?StopThread@CTXThreadModel@@QAEXK@Z
?WaitThread@CTXThreadModel@@QAEHK@Z
??1CTXThreadModel@@MAE@XZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?StartThread@CTXThreadModel@@QAEHXZ
??0CTXThreadModel@@IAE@XZ
??1CTXBSTR@@QAE@XZ
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?Format@CTXStringW@@QAAXPB_WZZ
??0CTXBSTR@@QAE@PB_W@Z

kernel32

InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
InitializeCriticalSection
CreateProcessW
GetModuleFileNameW
CloseHandle
OpenFileMappingW
UnmapViewOfFile
ReleaseMutex
SetEvent
WaitForSingleObject
WaitForMultipleObjects
GetLastError
OpenProcess
GetCurrentProcessId
MapViewOfFile
CreateFileMappingW
CreateEventW
CreateMutexW
OpenEventW
OpenMutexW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
ResetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

user32

MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
PeekMessageW

ole32

CoCreateGuid
CoCreateInstance

atl80

ord30
ord64
ord15
ord32

msvcp80

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

_adjust_fdiv
_amsg_exit
__CppXcptFilter
_initterm
_encoded_null
_malloc_crt
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_initterm_e
??2@YAPAXI@Z
??3@YAXPAX@Z
_invalid_parameter_noinfo
memset
_CxxThrowException
_time64
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
??_V@YAXPAX@Z
memcpy
memmove
??0exception@std@@QAE@ABV01@@Z
_except_handler4_common
_purecall
wcsncpy
free
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__clean_type_info_names_internal

Exports

Exports

??0CTXOPChannel@@QAE@XZ
??0CTXOPSession@@QAE@XZ
??1CTXOPChannel@@UAE@XZ
??1CTXOPSession@@UAE@XZ
??_7CTXOPChannel@@6B@
??_7CTXOPSession@@6B@
?AddSink@CTXOPChannel@@QAEXPAUITXOPChanelSysSink@@@Z
?AddSink@CTXOPSession@@QAEXPAUITXOPSessionSysSink@@@Z
?Attach@CTXOPSession@@QAEHPAVCTXOPChannel@@KK@Z
?CloseConnect@CTXOPChannel@@QAEHK@Z
?CloseSession@CTXOPSession@@QAEXXZ
?Connect@CTXOPChannel@@QAEKPB_W@Z
?CreateSession@CTXOPSession@@QAEHPB_WW4CONTRAINER_TYPE@@0HPBEI@Z
?DestroyContext@CTXOPChannel@@AAEXAAUCONTEXT@1@@Z
?GetChannel@CTXOPSession@@AAEPAVCTXOPChannel@@XZ
?GetConnectCount@CTXOPChannel@@QAEIXZ
?InitNewContext@CTXOPChannel@@AAEHPB_WAAUCONTEXT@1@@Z
?InternalSend@CTXOPChannel@@AAEHAAUCONTEXT@1@PBEII@Z
?InternalSend@CTXOPChannel@@AAEHKPBXIHK@Z
?Listen@CTXOPChannel@@QAEHXZ
?OnAsyncCall@CTXOPChannel@@AAEJI@Z
?OnConnectClose@CTXOPSession@@AAEJKW4CLOSE_REASON@@@Z
?OnPush@CTXOPSession@@AAEJKPBEI@Z
?OnQuery@CTXOPSession@@AAEJKKPBEI@Z
?OnReply@CTXOPSession@@AAEJPBEIPAUITXDataRead@@@Z
?OnTimeOut@CTXOPSession@@AAEJPAUITXDataRead@@@Z
?OnTimer@CTXOPChannel@@AAEJI@Z
?OpenContext@CTXOPChannel@@AAEHPB_WAAUCONTEXT@1@@Z
?PushData@CTXOPChannel@@QAEHKPBEI@Z
?PushData@CTXOPSession@@QAEHPBEI@Z
?RemoveSink@CTXOPChannel@@QAEHPAUITXOPChanelSysSink@@@Z
?RemoveSink@CTXOPSession@@QAEHPAUITXOPSessionSysSink@@@Z
?Run@CTXOPChannel@@EAEIXZ
?SendQuery@CTXOPChannel@@QAEHKPBEIPAUITXOPChanelReplySink@@PAUITXDataRead@@K@Z
?SendQuery@CTXOPSession@@QAEHPBEIPAUITXOPSessionReplySink@@PAUITXDataRead@@K@Z
?SendQueryWaitReply@CTXOPChannel@@QAEHKPBEIAAVCTXBuffer@@I@Z
?SendQueryWaitReply@CTXOPSession@@QAEHPBEIAAVCTXBuffer@@I@Z
?SendReply@CTXOPChannel@@QAEHKKPBEI@Z
?SendReply@CTXOPSession@@QAEHKPBEI@Z
?Start@CTXOPChannel@@QAEHPB_W@Z
?Stop@CTXOPChannel@@QAEXXZ
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5fba6c89e33c2af5b65ef28dce6aa0ed

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:83:8f:21:98:5c:cf:dd:8e:73:c6:77:0c:6d:8e:90:81:09:7a:d2
Signer

Actual PE Digest

65:83:8f:21:98:5c:cf:dd:8e:73:c6:77:0c:6d:8e:90:81:09:7a:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\Release\symbol\P2PStream.pdb

Imports

ws2_32

setsockopt
htonl
sendto
closesocket
ntohs
ntohl
htons
ioctlsocket
accept
listen
connect
recv
getsockopt
getsockname
getpeername
inet_ntoa
send
gethostname
gethostbyname
inet_addr
WSAGetLastError
WSACleanup
WSAStartup
select
__WSAFDIsSet
socket
bind
recvfrom

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetACP
CreateThread
TerminateProcess
ReleaseMutex
GetLocaleInfoA
GetThreadLocale
HeapDestroy
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
GetLastError
lstrlenA
CloseHandle
GetTickCount
DeleteFileA
GetPrivateProfileIntW
CreateMutexA
GetLocalTime
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
HeapAlloc
Sleep
WaitForSingleObject
CreateSemaphoreA
SetEvent
CreateEventA
WritePrivateProfileStringW
GetPrivateProfileStringA
TerminateThread
DisableThreadLibraryCalls
RaiseException
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetVersionExA
GetExitCodeProcess
GetFileAttributesW
GetModuleFileNameW
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
GetModuleHandleA
GetCurrentThreadId
OutputDebugStringA
FreeLibrary
GlobalFree
LoadLibraryA
GlobalAlloc
CreateFileA
FindFirstFileA
FindClose
ReadFile
WriteFile
ResetEvent
WritePrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetProcAddress
GetSystemTimeAsFileTime

user32

IsWindow
SetTimer
KillTimer
PostMessageA
CreateWindowExA
SetWindowLongA
GetMessageA
DestroyWindow
GetWindowLongA
UnregisterClassA
MsgWaitForMultipleObjectsEx
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SendMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathA
ShellExecuteExA
SHGetFolderPathW

ole32

CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance
CoLoadLibrary
CLSIDFromString
CoFreeLibrary

oleaut32

SysAllocString
VariantChangeType
VariantCopy
VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VarBstrCat
SysFreeString
SysStringLen

atl80

ord18
ord22
ord64
ord49
ord23
ord61
ord15
ord32

msvcr80

memcpy_s
fclose
calloc
_resetstkoflw
ftell
fseek
fflush
fwrite
fopen
_localtime64_s
strrchr
rename
sprintf_s
strcpy_s
vsprintf_s
srand
rand
_purecall
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_splitpath_s
strcat_s
_wassert
_beginthreadex
_itow
strchr
strncpy_s
_wcsicmp
_snprintf
strncpy
atoi
isdigit
strtol
clock
_beginthread
_mbsrchr
_wsplitpath_s
wcsncpy_s
wcscat_s
swprintf_s
_strlwr_s
isalpha
printf
_vsnprintf_s
strstr
strlen
_itoa
memmove
fputc
__iob_func
fgetc
exit
perror
fprintf
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
malloc
_time64
memmove_s
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
__CxxFrameHandler3
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
memset
memcpy
??3@YAXPAX@Z
free

msvcp80

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseCommLib

Sections

.text
Size: 580KB - Virtual size: 578KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLive.exe
.exe windows:4 windows x86 arch:x86

f79aa588dce8331601bb3f78d13cdcd2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dc:fe:f4:bc:4c:af:76:c0:f0:47:5b:12:8b:58:53:2a:68:ef:8d:90
Signer

Actual PE Digest

dc:fe:f4:bc:4c:af:76:c0:f0:47:5b:12:8b:58:53:2a:68:ef:8d:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLive.pdb

Imports

kernel32

GetVersionExW
GetModuleHandleW
HeapCreate
CreateEventW
CreateFileW
GetPrivateProfileIntW
HeapDestroy
CloseHandle
LoadLibraryW
GetProcAddress
TerminateProcess
SetLastError
GetFileSize
CreateFileMappingW
HeapFree
UnmapViewOfFile
CreateFileA
ResetEvent
ReadFileEx
WaitForSingleObjectEx
VirtualLock
VirtualUnlock
GetCurrentProcess
SetCurrentDirectoryA
GetModuleFileNameW
LoadLibraryExA
SetProcessWorkingSetSize
FreeLibrary
DeviceIoControl
HeapAlloc
GetLastError
MapViewOfFile
SetEvent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
QueryPerformanceCounter
Sleep
InterlockedExchange
GetProcessHeap
HeapSize
HeapReAlloc

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFolderPathW

shlwapi

PathCombineA
PathCombineW

msvcr80

wcsrchr
wcscpy_s
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_vsnwprintf_s
_vsnprintf_s
memset
memmove_s
??2@YAPAXI@Z
memcpy_s
wcslen
wcscmp
??3@YAXPAX@Z
_CxxThrowException
swprintf_s
__CxxFrameHandler3

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLive.tpc
QQLiveBrowser.exe
.exe windows:4 windows x86 arch:x86

daaf6d7aecbd89c84bd060a9f46d2486

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

79:ed:11:ec:8e:03:42:a9:32:73:ad:45:eb:d7:8c:77:1c:85:ce:a5
Signer

Actual PE Digest

79:ed:11:ec:8e:03:42:a9:32:73:ad:45:eb:d7:8c:77:1c:85:ce:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qqlive\qqlive_document\HummerSDK\Output\PdbFinal\QQLiveBrowser.pdb

Imports

common

?MinimzeMemory@Sys@Util@@YAXXZ
??4CTXStringW@@QAEAAV0@PA_W@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
?SetMainAndLogicMsgLoop@Misc@Util@@YAXPAVMessageLoopForUI@@PAVMessageLoop@@@Z
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
??BCTXStringW@@QBEPB_WXZ
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@PA_W@Z
?IsFileExist@FS@@YAHPB_W@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ
?SafeLoadLibrary@Sys@Util@@YAPAUHINSTANCE__@@PB_W@Z
?ClearDeadQueue@Misc@Util@@YAXXZ
??0CTXStringW@@QAE@XZ
??8@YA_NABVCTXStringW@@PB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??0CTXStringW@@QAE@ABV0@@Z
?GetLength@CTXStringW@@QBEHXZ
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
??ACTXStringW@@QBE_WH@Z
??0CTXStringW@@QAE@PB_W@Z
?Append@CTXStringW@@QAEXPB_W@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?Format@CTXStringW@@QAAXPB_WZZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?Left@CTXStringW@@QBE?AV1@H@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?OnExitWinMain@Misc@Util@@YAXXZ
??4CTXStringW@@QAEAAV0@ABV0@@Z

processsession

?GetConnectCount@CTXOPChannel@@QAEIXZ
??0CTXOPChannel@@QAE@XZ
?AddSink@CTXOPChannel@@QAEXPAUITXOPChanelSysSink@@@Z
?SendReply@CTXOPChannel@@QAEHKKPBEI@Z
?Start@CTXOPChannel@@QAEHPB_W@Z
?Run@CTXOPChannel@@EAEIXZ
?Listen@CTXOPChannel@@QAEHXZ
??1CTXOPChannel@@UAE@XZ

wininet

InternetErrorDlg

kernel32

SetEvent
LeaveCriticalSection
UnhandledExceptionFilter
GetProcAddress
SetUnhandledExceptionFilter
OpenMutexW
GetCurrentProcessId
CloseHandle
QueryPerformanceCounter
CreateMutexW
GetTickCount
OutputDebugStringW
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
GetModuleHandleW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
lstrlenW
FreeLibrary
Sleep
CreateThread
GetStartupInfoW
InterlockedCompareExchange
LoadLibraryA
InitializeCriticalSection
GetVersionExA
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualProtect
SetLastError
FlushInstructionCache
InterlockedExchange
GetSystemTimeAsFileTime
GetVersionExW
EnterCriticalSection
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsGetValue
RaiseException
VirtualFree
TlsFree
TerminateThread
TlsSetValue
WaitForSingleObject
TlsAlloc
IsDebuggerPresent
VirtualAlloc

user32

RegisterClassExW
IsWindow
LoadCursorW
GetDesktopWindow
CreateWindowExW
CallWindowProcW
PeekMessageW
DefWindowProcW
SetWindowLongW
GetWindowLongW
WaitMessage
GetQueueStatus
DispatchMessageW
TranslateMessage
UnregisterClassW
DestroyWindow
PostMessageW
UnregisterClassA
GetClassInfoExW
PostQuitMessage
KillTimer
SetTimer
CallMsgFilterW
MsgWaitForMultipleObjectsEx

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW

ole32

CoInitialize
CoCreateInstance
CLSIDFromProgID
CoUninitialize
OleUninitialize
OleInitialize

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

msvcr80

free
memcpy
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove_s
ceil
swprintf_s
_recalloc
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_purecall
memset
wcsrchr
??2@YAPAXI@Z
_time64
__wargv
??3@YAXPAX@Z
__CxxFrameHandler3
__argc
_CxxThrowException

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLiveCommu.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6c42d26a75a7f448d132d0c86909e78e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c4:85:57:95:73:f1:71:e3:69:af:40:c4:f1:45:2f:44:4d:47:67:a3
Signer

Actual PE Digest

c4:85:57:95:73:f1:71:e3:69:af:40:c4:f1:45:2f:44:4d:47:67:a3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveCommu.pdb

Imports

kernel32

SetThreadLocale
GetThreadLocale
MultiByteToWideChar
WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
lstrlenA
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
Sleep
WaitForSingleObject
CloseHandle
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetTickCount
DeleteCriticalSection
QueryPerformanceCounter
InitializeCriticalSection

user32

DestroyWindow
UnregisterClassW
SetTimer
KillTimer
PostMessageW
DefWindowProcW
GetWindowLongW
CreateWindowExW
RegisterClassW
RegisterWindowMessageW
IsWindow
SetWindowLongW
UnregisterClassA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysStringByteLen
SysAllocStringByteLen
SysAllocString
LoadTypeLi
LoadRegTypeLi
SysStringLen
DispCallFunc
VariantInit
SysFreeString
VariantClear

livelog

?CheckAdvise@@YAXPB_W@Z
?SetOnLine@@YAXH@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?CheckUnadvise@@YAXPB_W@Z

atl80

ord23
ord32
ord58
ord30
ord31
ord10
ord11
ord15
ord18
ord22
ord64
ord61

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
__clean_type_info_names_internal
??3@YAXPAX@Z
memcmp
memset
_invalid_parameter_noinfo
__CxxFrameHandler3
free
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
_purecall
malloc
_recalloc
calloc
_resetstkoflw
_beginthreadex
memcpy
memcpy_s
_vscwprintf
vswprintf_s
wcslen
memmove_s
swprintf_s
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm

ws2_32

connect
gethostbyname
recv
WSAStartup
__WSAFDIsSet
WSAGetLastError
inet_ntoa
inet_addr
select
WSACleanup
htonl
htons
sendto
recvfrom
closesocket
socket
ioctlsocket
ntohs
ntohl
send

iphlpapi

GetIpForwardTable

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveDownload.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3c77a30accadba3976cf3bcc025961d6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

94:ee:69:77:23:aa:b1:62:30:3e:16:a0:1e:59:21:9c:b4:a1:69:e2
Signer

Actual PE Digest

94:ee:69:77:23:aa:b1:62:30:3e:16:a0:1e:59:21:9c:b4:a1:69:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveDownload.pdb

Imports

wininet

InternetCrackUrlA

tinyxml

?GetText@TiXmlElement@@QBEPBDXZ
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
??0TiXmlDocument@@QAE@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
??1TiXmlDocument@@UAE@XZ
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
??0TiXmlElement@@QAE@PBD@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
??1TiXmlElement@@UAE@XZ
?SaveFile@TiXmlDocument@@QBE_NPB_W@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z

kernel32

HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleFileNameW
MoveFileW
SetThreadLocale
GetThreadLocale
HeapSize
VirtualQuery
GetProcAddress
LoadLibraryW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
RaiseException
DeleteFileW
GetVolumeInformationW
GetDiskFreeSpaceExW
CloseHandle
ReadFile
GetFileInformationByHandle
CreateFileW
GetVersionExA
GetProcessHeap
HeapFree
HeapAlloc
InterlockedExchange
GetACP
GetLastError
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
HeapDestroy

user32

UnregisterClassA

ole32

CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringLen
SysFreeString
VarBstrCmp
VariantInit
VariantClear
SysAllocStringLen
SysAllocString
DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysStringByteLen

livelog

?GetVFormatBandwidth@@YAJJ@Z
?GetVFormatBitrateName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?QQ_GetDownloadPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?CheckUnadvise@@YAXPB_W@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?WriteConfigDword@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?CreateAllDirectory@@YAHPB_W@Z
?CheckFileExist@@YAHPB_W@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetProtocolVersion@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z

atl80

ord64
ord22
ord18
ord15
ord31
ord58
ord30
ord32
ord61
ord23
ord11
ord10

msvcp80

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

httpmodule

??1CDownloadMgrProxy@@UAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
??0CDownloadMgrProxy@@QAE@XZ

msvcr80

_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
vswprintf_s
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_lock
__CxxFrameHandler3
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
memmove_s
memcpy_s
_wcsicmp
wcsstr
_wcslwr_s
_vscwprintf
??0exception@std@@QAE@XZ
free
??_V@YAXPAX@Z
_purecall
_recalloc
calloc
memset
malloc
_resetstkoflw
strtoul
wcstok_s
strrchr
strncpy_s
wcstoul
_vsnprintf
memcpy
isalpha
sprintf_s
_wcsupr_s
rand
wcscat_s
_wsplitpath_s
strtol
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveDxDll.dll
.dll windows:4 windows x86 arch:x86

f392fdce2b8758ea06b631f12a06f5e2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:c3:51:c0:17:0e:b7:94:16:6f:fe:27:f5:10:95:8e:02:f7:81:e8
Signer

Actual PE Digest

27:c3:51:c0:17:0e:b7:94:16:6f:fe:27:f5:10:95:8e:02:f7:81:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\QQLiveDxDll.pdb

Imports

d3d9

Direct3DCreate9

kernel32

GetTickCount
IsDebuggerPresent
CreateDirectoryA
DeleteFileA
WideCharToMultiByte
EnterCriticalSection
GetLastError
LeaveCriticalSection
lstrlenW
WaitForSingleObject
GetSystemDirectoryW
CloseHandle
GetLocalTime
GetModuleHandleW
CreateFileW
WriteFile
WritePrivateProfileStringW
LoadLibraryExW
GetProcAddress
GetModuleFileNameW
GetFileAttributesW
SetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSection
DeleteCriticalSection
CreateMutexW
CreateEventW
InterlockedIncrement
GetCurrentProcessId
InterlockedExchange
MultiByteToWideChar
GetCurrentThreadId
lstrlenA
GetVersionExW
FreeLibrary
InterlockedDecrement
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetThreadPriority
HeapFree

user32

GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CreateWindowExW
GetWindowLongW
SetWindowLongW
GetWindowDC
GetClientRect
ReleaseDC
MonitorFromWindow
KillTimer
SetTimer
PostMessageW
IsWindow

shell32

SHGetFolderPathW

ole32

CoUninitialize
CoLoadLibrary
CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString

streamio

GetIOManager

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

_vsnprintf_s
??8type_info@@QBE_NABV0@@Z
memcmp
_vscwprintf
__dllonexit
_encode_pointer
_lock
_onexit
_CxxThrowException
_decode_pointer
?terminate@@YAXXZ
__CxxFrameHandler3
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_unlock
??3@YAXPAX@Z
__RTDynamicCast
memcpy
rename
??_V@YAXPAX@Z
memcpy_s
calloc
log10
vsprintf_s
_vscprintf
_purecall
swprintf_s
free
sprintf_s
wcsstr
memmove_s
strlen
??2@YAPAXI@Z
fclose
wcslen
ftell
_recalloc
fseek
fflush
fwrite
wcsrchr
fopen
memset
wcscpy_s
_beginthreadex
strcpy_s
vswprintf_s

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CreateDx

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

6370dc027de37d6cfa5697e52228c199

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ff:a0:2e:cb:69:e1:64:b4:99:6b:a0:56:4e:6c:ca:b5:65:21:c0:6c
Signer

Actual PE Digest

ff:a0:2e:cb:69:e1:64:b4:99:6b:a0:56:4e:6c:ca:b5:65:21:c0:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\Release\symbol\QQLiveEx.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
RaiseException
WritePrivateProfileStringA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
lstrlenA
GetProcAddress
MultiByteToWideChar
CreateDirectoryA
GetLastError
GetModuleFileNameA
Sleep
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime

user32

UnregisterClassA

shell32

SHGetSpecialFolderPathA

ole32

CoLoadLibrary
CoFreeLibrary
CoCreateInstance

atl80

ord61
ord23
ord32
ord49
ord64
ord22
ord18
ord15

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z

msvcr80

??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
atoi
_itoa
malloc
free
_resetstkoflw
_purecall
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_invalid_parameter_noinfo
sprintf_s
memset
__CxxFrameHandler3
??3@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ReleaseCommLib

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveExternal.exe
.exe windows:4 windows x86 arch:x86

33bde54685a41d06d97f8420b2bc3401

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:cc:76:d6:56:a3:c1:1b:73:04:fc:0e:28:e2:26:84:a2:27:e6:1f
Signer

Actual PE Digest

4f:cc:76:d6:56:a3:c1:1b:73:04:fc:0e:28:e2:26:84:a2:27:e6:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveExternal.pdb

Imports

comctl32

InitCommonControlsEx

common

??0CTXStringW@@QAE@PB_W@Z
??1CTXStringW@@QAE@XZ
?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?OnExitWinMain@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?ClearDeadQueue@Misc@Util@@YAXXZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
?TrimRight@CTXStringW@@QAEAAV1@PB_W@Z
?RemoveFileSystem@FS@@YAHPB_W@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?InitPlatformFileSystem@Boot@Util@@YAHXZ
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
?TXAssert@@YAHPB_W0H@Z
??BCTXStringW@@QBEPB_WXZ
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ

gf

?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z
?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z

tinyxml

?Attribute@TiXmlElement@@QBEPBDPBD@Z
?GetText@TiXmlElement@@QBEPBDXZ
??0TiXmlDocument@@QAE@XZ
??1TiXmlDocument@@UAE@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z

kernel32

VirtualAlloc
GlobalUnlock
lstrlenW
CreateMutexW
FlushInstructionCache
GetModuleFileNameW
MapViewOfFile
SetEvent
OpenFileMappingW
GlobalLock
CloseHandle
UnmapViewOfFile
GlobalAlloc
AllocConsole
lstrcmpW
FreeConsole
VirtualFree
EnterCriticalSection
LeaveCriticalSection
RaiseException
LocalFree
SetLastError
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
WritePrivateProfileStringW
InterlockedDecrement
GetPrivateProfileIntW
SetEnvironmentVariableW
GetEnvironmentVariableW
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
ReleaseMutex
DuplicateHandle
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
CreateProcessW
GetProcAddress
IsBadReadPtr
VirtualProtect
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
OpenEventW
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
Sleep
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
HeapSize
HeapReAlloc
HeapDestroy
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCommandLineW
MulDiv
GetLastError
GetCurrentThreadId
WaitForSingleObject
lstrcpynW
GetCurrentProcess
GetModuleHandleW

user32

CallWindowProcW
DestroyWindow
ReleaseDC
InvalidateRect
ScreenToClient
GetDC
ClientToScreen
SendMessageW
PostMessageW
MoveWindow
DefWindowProcW
LoadCursorW
UnregisterClassA
GetDlgItem
EndPaint
SetWindowLongW
MessageBoxW
GetWindowLongW
RedrawWindow
PeekMessageW
PostThreadMessageW
RemovePropW
TrackMouseEvent
FindWindowExW
ShowWindow
ReplyMessage
GetPropW
InSendMessage
SetParent
SetPropW
KillTimer
GetKeyState
RegisterWindowMessageW
SetWindowPos
GetClassInfoExW
IsWindow
RegisterClassExW
CreateWindowExW
GetWindowTextLengthW
GetClassNameW
SetCapture
ReleaseCapture
GetParent
GetSysColor
BeginPaint
GetWindowTextW
IsChild
SetWindowTextW
GetClientRect
GetFocus
CharNextW
SetFocus
DestroyAcceleratorTable
GetWindow
InvalidateRgn
DispatchMessageW
CreateAcceleratorTableW
FillRect
SetTimer
TranslateMessage
GetMessageW
GetDesktopWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
CreateSolidBrush
GetObjectW
BitBlt
SelectObject
DeleteDC
DeleteObject
GetDeviceCaps

advapi32

RegQueryValueW
RegCloseKey
RegOpenKeyExW

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFileW
DragFinish

ole32

StringFromGUID2
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemAlloc
CoGetClassObject
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
CLSIDFromProgID
CLSIDFromString
OleLockRunning

oleaut32

DispCallFunc
SysFreeString
SysAllocString
SysStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
GetErrorInfo
SysAllocStringLen
SysStringByteLen

livelog

?LogToFile@@YAXPB_WZZ
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?IsDoLog@@YAHXZ

msvcp80

?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

msvcr80

wcslen
??0exception@std@@QAE@ABQBD@Z
_invalid_parameter_noinfo
_stricmp
_wctime64_s
_time64
memcpy
wcschr
memmove_s
_wtoi64
wcscmp
vswprintf_s
swprintf_s
_vsnwprintf_s
_recalloc
strlen
calloc
wcsstr
fclose
malloc
setlocale
?what@exception@std@@UBEPBDXZ
__iob_func
freopen
??0exception@std@@QAE@ABV01@@Z
wcsrchr
??_V@YAXPAX@Z
_purecall
??0exception@std@@QAE@XZ
memcpy_s
ldiv
memset
memcmp
??2@YAPAXI@Z
__CxxFrameHandler3
free
_vscwprintf
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
_set_invalid_parameter_handler
_wcsicmp
wcstoul
_wcstoui64
_CxxThrowException
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_cexit

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQLiveMainModule.dll
.dll windows:4 windows x86 arch:x86

46c34cf068ea4997825e8788ad6f2871

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

23:79:21:e2:c2:57:9a:49:6a:36:fe:7d:3f:33:31:ab:0d:f6:f1:35
Signer

Actual PE Digest

23:79:21:e2:c2:57:9a:49:6a:36:fe:7d:3f:33:31:ab:0d:f6:f1:35

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveMainModule.pdb

Imports

comctl32

PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW
InitCommonControlsEx

common

?SetMainAndLogicThreadId@Misc@Util@@YAXKK@Z
??1CTXStringA@@QAE@XZ
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??0CTXStringW@@QAE@XZ
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
?Format@CTXStringW@@QAAXPB_WZZ
?Format@CTXStringA@@QAAXPBDZZ
??0CTXStringA@@QAE@XZ
??M@YA_NABVCTXStringA@@0@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?TrimRight@CTXStringW@@QAEAAV1@PB_W@Z
??1CTXBSTR@@QAE@XZ
??0CTXBSTR@@QAE@PB_W@Z
??BCTXBSTR@@QBEPA_WXZ
?Format@CTXTime@@QBE?AVCTXStringW@@PB_W@Z
?ConvertToPureFile@FS@@YA?AVCTXStringW@@PB_W@Z
??ICTXBSTR@@QAEPAPA_WXZ
?IsEmpty@CTXBSTR@@QAEHXZ
??0CTXBSTR@@QAE@XZ
??4CTXTime@@QAEAAV0@V0@@Z
??0CTXTime@@QAE@HHHHHHH@Z
??0CTXTime@@QAE@XZ
?GetTotalSeconds@CTXTimeSpan@@QBE_JXZ
??1CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
?RemoveFileSystem@FS@@YAHPB_W@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?InitPlatformGFConfig@Boot@Util@@YAHXZ
?InitPlatformFileSystem@Boot@Util@@YAHXZ
?GetExeDir@Sys@Util@@YA?AVCTXStringW@@XZ
?InitPlatform@CoreCenter@Util@@YAHPA_W@Z
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??BCTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?ClearDeadQueue@Misc@Util@@YAXXZ
?CreateObjectFromDllFile@Com@Util@@YGJPB_WABU_GUID@@1PAPAXPAUIUnknown@@@Z
?InitPlatformCoreConfig@Boot@Util@@YAHXZ
?InitPlatformI18NConfig@Boot@Util@@YAHXZ
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?TXAssert@@YAHPB_W0H@Z
?GetTickCount@CTXTime@@SA?AV1@XZ
?GetTime@CTXTime@@QBE_JXZ
??0CTXTime@@QAE@_J@Z
??0CTXTime@@QAE@ABV0@@Z
??OCTXTime@@QBE_NV0@@Z
??0CTXTimeSpan@@QAE@JHHH@Z
??GCTXTime@@QBE?AVCTXTimeSpan@@V0@@Z
??OCTXTimeSpan@@QBE_NV0@@Z

gf

?SetCustomObjectFactory@GF@Util@@YAXP6AHABU_GUID@@0PAPAX@Z@Z
?ClosePopupWindows@GF@Util@@YAXXZ
?FindDomodalChildren@GF@Util@@YAXPAUHWND__@@AAV?$vector@PAUHWND__@@V?$allocator@PAUHWND__@@@std@@@std@@@Z
?UnadviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@K@Z
?DispatchFrameMsg@GF@Util@@YAJPAUIGFFrame@@PAUtagBaseArg@@PAHPAJH@Z
?AdviseWebBrowser@IEEvent@Util@@YAHPAUIWebBrowser2@@PAUITXWebBrowserEvents@@PAPAUIUnknown@@AAK@Z
?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0H@Z
?StopSlideFrame@GF@Util@@YAJPAUIGFFrame@@@Z
?SlideFrame@GF@Util@@YAJPAUIGFFrame@@VCRect@@1KDKHKKPAUIGFAnimationEvent@@@Z
?TopFrameFromPoint@GF@Util@@YAJPAUIGFFrame@@PBUtagPOINT@@PAPAU3@@Z
?LightInLightOut@GF@Util@@YAJPAUIGFFrame@@EEKDKHKKPAUIGFAnimationEvent@@@Z
?StopLightInLightOut@GF@Util@@YAJPAUIGFFrame@@@Z
?CreateObject@GF@Util@@YAJABU_GUID@@0PAPAX@Z

winmm

mixerClose
mixerGetID
waveOutGetNumDevs
waveOutGetDevCapsW
mixerOpen

ximage

??0CxImage@@QAE@K@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?GetWidth@CxImage@@QBEKXZ
?Load@CxImage@@QAE_NPB_WK@Z
?GetHeight@CxImage@@QBEKXZ
?Destroy@CxImage@@QAE_NXZ

tinyxml

?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
??0TiXmlDocument@@QAE@XZ
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
??1TiXmlDocument@@UAE@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?GetText@TiXmlElement@@QBEPBDXZ
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
??1TiXmlElement@@UAE@XZ
?SaveFile@TiXmlDocument@@QBE_NPB_W@Z
??0TiXmlElement@@QAE@PBD@Z

xgraphic32

FillSolidRect

kernel32

SetFileAttributesW
CreateDirectoryW
DeleteFileW
GetTickCount
RemoveDirectoryW
MoveFileW
GetDiskFreeSpaceExW
GetLogicalDrives
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersion
ReleaseMutex
CreateMutexW
WriteFile
GetLastError
SetFilePointer
FindNextFileW
GetPrivateProfileStringW
FileTimeToSystemTime
GetSystemTime
TerminateThread
GetExitCodeThread
GetModuleFileNameW
ReadFile
GetFileInformationByHandle
GlobalDeleteAtom
GlobalAddAtomW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
SystemTimeToFileTime
GetProcessTimes
GetCurrentProcess
GetProcAddress
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
Sleep
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCurrentThreadId
InterlockedDecrement
LocalFree
VirtualProtect
IsBadReadPtr
CreateProcessW
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
DuplicateHandle
FlushInstructionCache
FindResourceW
LoadLibraryW
SetLastError
SetEvent
ResetEvent
CreateEventW
GetCommandLineW
GetModuleHandleExW
InterlockedExchange
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
OpenFileMappingW
lstrcpynW
WaitForMultipleObjects
ResumeThread
GetPrivateProfileIntW
lstrlenA
VirtualFree
VirtualQuery
GetSystemInfo
GlobalFindAtomW
HeapFree
GetProcessHeap
HeapAlloc
FormatMessageW
GetLocalTime
FileTimeToLocalFileTime
WritePrivateProfileStringW
CopyFileW
GetCurrentThread
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringW
FormatMessageA
MultiByteToWideChar
lstrlenW
CreateFileW
DeviceIoControl
InterlockedIncrement
WideCharToMultiByte
OpenMutexW
FindResourceExW
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetThreadContext
SetThreadContext
FindFirstFileW
FindClose
LoadResource
LockResource
SizeofResource
GetFileAttributesW
LeaveCriticalSection
GetDriveTypeW
EnterCriticalSection
WaitForSingleObject
GetExitCodeProcess
CloseHandle
FreeLibrary
GetVersionExW
GetModuleHandleW
VirtualAlloc

user32

SetCursor
UnregisterClassA
SendMessageW
EndDialog
GetAncestor
TrackMouseEvent
SetRect
GetDoubleClickTime
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
WindowFromPoint
GetWindowPlacement
IsZoomed
SetWinEventHook
SetWindowPlacement
ShowOwnedPopups
UnhookWinEvent
GetForegroundWindow
SetRectEmpty
GetSystemMetrics
GetFocus
SetFocus
SetForegroundWindow
SetPropW
LoadIconW
GetCursorPos
PtInRect
BringWindowToTop
GetClassInfoExW
LoadCursorW
RegisterClassExW
MessageBeep
IsWindowVisible
UpdateWindow
ReplyMessage
ReleaseDC
GetDC
RegisterWindowMessageW
UnregisterHotKey
IsWindow
DefWindowProcW
SetWindowLongW
GetWindowLongW
CallWindowProcW
RegisterHotKey
CharNextW
MoveWindow
GetWindowRect
FindWindowW
FindWindowExW
OffsetRect
ClientToScreen
GetWindowThreadProcessId
DestroyWindow
SetTimer
KillTimer
CreateWindowExW
MessageBoxW
ShowWindow
CopyRect
EqualRect
DialogBoxParamW
PostQuitMessage
GetMessageW
DispatchMessageW
TranslateMessage
RemovePropW
SetParent
ScreenToClient
GetMonitorInfoW
MonitorFromRect
PostThreadMessageW
SendMessageTimeoutW
GetActiveWindow
GetPropW
GetWindow
GetDesktopWindow
PeekMessageW
MonitorFromWindow
IsIconic
SetWindowPos
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
InvalidateRect
EnableWindow
GetDlgItem
MapWindowPoints
GetClientRect
SystemParametersInfoW
GetParent
GetDlgCtrlID
InSendMessage
PostMessageW

gdi32

GetTextExtentPoint32W
CreateDIBSection
SetDIBColorTable
CreateFontIndirectW
SetTextColor
SetBkMode
GetStockObject
CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
GetObjectW
CreateCompatibleBitmap
GetDIBits

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueW
RegOpenKeyW
RegDeleteValueW
RegSetValueExW

shell32

SHOpenFolderAndSelectItems
Shell_NotifyIconW
DragQueryFileW
ord190
SHCreateDirectoryExW
SHGetSpecialFolderPathW
ord155
DragFinish
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW

ole32

OleUninitialize
CoCreateInstance
StringFromCLSID
StringFromIID
CoUninitialize
CoInitialize
OleInitialize
CoTaskMemFree
CoFreeLibrary

oleaut32

SysStringLen
VarBstrCat
SysAllocStringLen
VariantCopy
VarBstrCmp
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringByteLen
VariantClear
VariantInit
SysAllocStringByteLen
SysAllocString
SysFreeString

atl80

ord30
ord32
ord58
ord11
ord10
ord43
ord44
ord64
ord42
ord48
ord31

shlwapi

PathAppendW
PathFileExistsW

msvcp80

?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?length@?$char_traits@D@std@@SAIPBD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI_W@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z

livelog

?GetDllVersion@@YAHPB_WAAH111@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?WriteConfigInt@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?SetStatSvrTime@@YAXJ@Z
?GetRealStatInst@@YAJPAPAUIRealGuidStat@@_K@Z
?GetDXVAStatus@@YAHXZ
?GetInstructionLevel@@YAHXZ
?CopyLiveUpFiles@@YAHXZ
?GetChannelInfo@@YA?BV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetChannelMgrInst@@YAJPAPAUIChannelSMgr@@_K@Z
?IsWindowsVista@@YAHXZ
?GetFullScreen@@YA?AUtagRECT@@PAUHWND__@@@Z
?QQ_GetUserAgentString@@YAPADXZ
?GetExeFolder2@@YA?AVCComBSTR@ATL@@XZ
?CreateObjectFromFile@@YAJAAPAUHINSTANCE__@@PB_WPAUIUnknown@@ABU_GUID@@3PAPAX@Z
?Utf8ToWS@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBDH@Z
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?GetNoRealStatInst@@YAJPAPAUINoRealStat@@_K@Z
?IsFlashEmbeded@@YAHXZ
?GetExeFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetQQLiveDlgHwnd@@YAPAUHWND__@@XZ
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?RegistLocalInfo@@YAHXZ
?FreeAllComModule@@YAXXZ
?ClearComInst@@YAX_K@Z
?CheckAllAdviseValue@@YAXXZ
?CloseLogEvent@@YAXXZ
?GetFlashIeProcess@@YAAAVCQQLiveExternalWrapper@@XZ
?NavigateURL@@YAHPB_WH@Z
?PreTranslateMessage@CQMMouseWheelWithoutFocus@@SAHPAUtagMSG@@@Z
?ClearP2PCache@@YAXXZ
?ClearSSOConfig@@YAXXZ
?ChangeCacheACL@@YAXXZ
?UnRegisterQQLiveProtocal@@YAXXZ
?RegisterQQLiveProtocal@@YAXXZ
?Shutdown@@YAXH@Z
?UnRegVideoFile@@YAXXZ
?RegVideoFile@@YAXXZ
?RepairRegister@@YAHPB_W@Z
?GetModuleFolder@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PAUHINSTANCE__@@@Z
?GetModulePath2@@YA?AVCComBSTR@ATL@@PAUHINSTANCE__@@@Z
?GetComModuleHandle@@YAPAUHINSTANCE__@@PB_W@Z
?BitsToHexString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PBEH@Z
?FindQQLiveLogWnd@@YAPAUHWND__@@XZ
?IsNumber@@YAHPB_W@Z
?Utf8ToWS@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@@Z
?OpenQQLive@@YAHPB_W@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?CheckUnadvise@@YAXPB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetFileSize@@YAHPB_WAA_K@Z
?CheckFileExist@@YAHPB_W@Z
?IsDoLog@@YAHXZ
?TestDNSConnection@@YAXXZ
?IsLiveOcxExist@@YA_NXZ
?GetStatSvrTime@@YAJXZ
?UnregisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?RegisterWindow@CQMMouseWheelWithoutFocus@@SAHPAUHWND__@@@Z
?GetWindowWorkArea@@YA?AUtagRECT@@PAUHWND__@@@Z
?LimitRect@@YA?AUtagRECT@@U1@0HH@Z
?ResizeRect@@YA?AUtagRECT@@U1@UtagSIZE@@@Z
?SetForegroundApplication@@YAXH@Z
?GetClientOsVersion@@YAEXZ
?GetSysPreFetchValue@@YAKXZ
?SetQQliveDlgHwnd@@YAXPAUHWND__@@@Z
?GetFullKeyCode@@YAKIJ@Z
?IsDLNAMode@@YAHXZ
?FocusToTop@@YAXPAUHWND__@@@Z
?GetEmbededFlashOcxName@@YAXAAV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@@Z
?ResetLiveServerUpdateStatus@@YAXXZ
?URLDecodeUTF8@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@ABV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@2@@Z
?GetOnLine@@YAHXZ
?SetDoLog@@YAXH@Z
?IsWinXPOrLater@@YAHXZ
?QQ_OpenURLUsingIEW@@YAJPB_W@Z
?CheckDirectoryWriteable@@YAHPB_W@Z
?QQ_GetDownloadPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?QQ_GetUsableFolder@@YGHPB_W@Z
?SetXPMenuState@@YAXH@Z
?LogToFile@@YAXPB_WZZ
?GetQQLiveDaemonWnd@@YAPAUHWND__@@XZ
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?GetUserGuid@@YAXPADAAH@Z
?BitsToHexString2@@YA?AVCComBSTR@ATL@@PBEH@Z
?DeleteDirectory@@YAHPB_W@Z
?WriteConfigString@@YAXV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetConfigString@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@V12@00W4tagQQLIVE_CONFIG_TYPE@@@Z
?HexStringToBits@@YA_NPBDPAEAAH@Z
?AddEveryoneAccessToFile@@YAHPB_W@Z
?PushChar2Hex@@YAXEAAV?$vector@EV?$allocator@E@std@@@std@@@Z
?Utf8ToWS@@YAXPBDAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@H@Z
?GetVFormatBitrateName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?GetVFormatBandwidth@@YAJJ@Z
?GetVFormatName@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@J@Z
?Utf8FromWS@@YA?AV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@PB_WH@Z
?RemoveMMGFWindow@@YAXPAUHWND__@@@Z
?AddMMGFWindow@@YAXPAUHWND__@@PAUIUnknown@@@Z
?GetMMGFWindow@@YAHPAUHWND__@@PAPAUIUnknown@@@Z
?CloseLogMutex@@YAXXZ

psapi

EnumProcessModules
GetModuleBaseNameW
GetProcessMemoryInfo

gdiplus

GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette

ws2_32

WSAGetLastError
getsockname
htons
inet_ntoa
inet_addr
ioctlsocket
socket
gethostbyname
select
WSAStartup
recv
closesocket
setsockopt
send
connect

msvcr80

abs
_byteswap_ulong
rand
memcpy_s
memset
fclose
fwrite
wcslen
_wfopen_s
_CxxThrowException
memmove_s
swprintf_s
wcscat_s
_invalid_parameter_noinfo
strlen
vswprintf_s
free
calloc
_recalloc
wcscmp
wcsstr
_vscwprintf
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
__CxxFrameHandler3
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??2@YAPAXI@Z
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
memcpy
wcsncpy_s
srand
_wcsicmp
fread
fseek
ftell
_mbschr
_mbsinc
_wcslwr_s
fputs
feof
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_except_handler4_common
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_strnicmp
_snprintf_s
wcstok
_itow_s
strpbrk
modf
sscanf
_wfopen
strtoul
strtol
iswdigit
wcsncpy
swscanf
??3@YAXPAX@Z
_wcsupr_s
wcsncmp
_time64
iswspace
atoi
atol
_resetstkoflw
labs
_vsnwprintf_s
_set_invalid_parameter_handler
_wtol
ldiv
vsprintf_s
_vscprintf
sprintf_s
wcstol
_purecall
wcschr
wcscpy_s
strncpy_s
strcmp
swscanf_s
_wtoi
memcmp
wcstoul
_wcstoi64
_beginthreadex
malloc
wcsrchr
tmpfile_s
_rmtmp
fgets

httpmodule

??1CDownloadMgrProxy@@UAE@XZ
??0CDownloadMgrProxy@@QAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z
?AddHttpHeader@CDownloadMgrProxy@@QAEHHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0@Z
?AddPostData@CDownloadMgrProxy@@QAEHHPAEK@Z
?SetHttpMethod@CDownloadMgrProxy@@QAEXHW4E_HTTP_VERB@@@Z

wininet

InternetSetCookieW
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
InternetOpenUrlW
InternetOpenW

urlmon

UrlMkSetSessionOption

iphlpapi

GetAdaptersInfo
GetIfEntry
GetPerAdapterInfo
IcmpCreateFile
IcmpSendEcho
IcmpCloseHandle

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
QQLiveWinMain

Sections

.text
Size: 960KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveRenderer.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5e88de906219351441368e790d21b469

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:ae:bb:0d:ba:38:95:d0:74:87:b4:14:fa:b6:44:99:fe:f2:53:b4
Signer

Actual PE Digest

2e:ae:bb:0d:ba:38:95:d0:74:87:b4:14:fa:b6:44:99:fe:f2:53:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\QQLiveRenderer.pdb

Imports

winmm

timeSetEvent
timeGetTime
timeBeginPeriod
timeEndPeriod
timeKillEvent

msvcr80

??3@YAXPAX@Z
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
memcpy
_vsnwprintf
__RTDynamicCast
memset
??_U@YAPAXI@Z
_CxxThrowException
??8type_info@@QBE_NABV0@@Z
memcpy_s
_purecall
??_V@YAXPAX@Z
__CxxFrameHandler3
??2@YAPAXI@Z
_except_handler4_common

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceFrequency
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
lstrlenW
MultiByteToWideChar
lstrlenA
GetLastError
GetModuleFileNameA
GetVersionExW
DisableThreadLibraryCalls
SetEvent
InitializeCriticalSection
CloseHandle
CreateFileMappingW
lstrcmpiA
GetCurrentThreadId
lstrcpynW
InterlockedIncrement
InterlockedDecrement
CreateEventW
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
ReleaseSemaphore
lstrcmpW
GetCurrentProcess
CreateSemaphoreW
Sleep
lstrcpyW
MulDiv
FreeLibrary
LoadLibraryW
GetProcAddress
InterlockedExchange
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
InterlockedCompareExchange
UnhandledExceptionFilter

user32

PeekMessageW
CreateDialogParamW
MoveWindow
MsgWaitForMultipleObjects
DispatchMessageW
LoadStringW
GetDesktopWindow
GetQueueStatus
PostThreadMessageW
DestroyWindow
RegisterWindowMessageW
SetRectEmpty
InvalidateRect
SetWindowLongW
DefWindowProcW
GetWindowRect
GetWindowLongW
ShowWindow
wsprintfW
SendDlgItemMessageW
GetDC
GetClientRect
ReleaseDC

gdi32

SetDIBitsToDevice
StretchBlt
BitBlt
SetStretchBltMode
CreateCompatibleDC
CreateCompatibleBitmap
GdiFlush
GetObjectW
CreateDIBSection
CreateDCA
GetDIBits
StretchDIBits
DeleteObject
SelectObject
DeleteDC

advapi32

RegSetValueExW
RegEnumKeyExW
RegCloseKey
RegCreateKeyW
RegSetValueW
RegDeleteKeyW
RegOpenKeyExW

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQLiveUninstaller.exe.nsis
QQLiveUp.exe
.exe windows:4 windows x86 arch:x86

6851d05ebf0afc2baaf94897680f5bd5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:25:83:f8:81:fb:67:32:25:4f:bb:7f:57:12:ff:e0:17:3c:c7:6f
Signer

Actual PE Digest

25:25:83:f8:81:fb:67:32:25:4f:bb:7f:57:12:ff:e0:17:3c:c7:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\QQLiveUp.pdb

Imports

httpmodule

?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
??1CDownloadMgrProxy@@UAE@XZ
?StartTask@CDownloadMgrProxy@@QAEHH@Z
??0CDownloadMgrProxy@@QAE@XZ

kernel32

CloseHandle
GetTickCount
LocalFree
DeleteFileW
LockResource
FindResourceExW
GetPrivateProfileStringW
GetPrivateProfileIntW
WritePrivateProfileStringW
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
CreateProcessW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteCriticalSection
EnterCriticalSection
CreateMutexW
LeaveCriticalSection
GetModuleFileNameW
LoadResource
InterlockedIncrement
GetCommandLineW
SizeofResource
GetCurrentProcess
SetLastError
GetModuleHandleW
LoadLibraryExW
InterlockedDecrement
FreeLibrary
GetCurrentThreadId
RaiseException
FindResourceW
FlushInstructionCache
lstrcmpiW
lstrlenW
InitializeCriticalSection
MultiByteToWideChar
FormatMessageW
GetLastError
WideCharToMultiByte
GetACP

user32

MessageBoxW
CharNextW
DialogBoxParamW
SetWindowLongW
UnregisterClassA
CallWindowProcW
SetTimer
GetDlgItem
GetActiveWindow
ShowWindow
LoadIconW
GetWindowLongW
LoadStringW
EndDialog
SetWindowTextW
InvalidateRect
ShowOwnedPopups
ShowScrollBar
SetForegroundWindow
ReleaseDC
GetWindowTextLengthW
GetDlgCtrlID
GetWindowTextW
GetDC
KillTimer
LoadCursorW
GetClientRect
SetCursor
GetWindow
SystemParametersInfoW
GetWindowRect
GetParent
MapWindowPoints
SetWindowPos
FindWindowW
EnableWindow
SendMessageW
PostMessageW
DefWindowProcW

gdi32

GetTextMetricsW
CreateSolidBrush
GetObjectW
CreateFontIndirectW
SelectObject
SetTextColor
SetBkMode
GetStockObject
SetBkColor

advapi32

RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey

shell32

CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitialize

oleaut32

VarUI4FromStr
VariantInit
SysAllocString
DispCallFunc
VariantClear
SysFreeString

livelog

?CopyLiveUpFiles@@YAHXZ
?CreateStandardFont@@YAXAAPAUHFONT__@@@Z
?IsWinXPOrLater@@YAHXZ
?CheckUnadvise@@YAXPB_W@Z
?CheckAdvise@@YAXPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?LogToFile@@YAXPB_WZZ
?IsDoLog@@YAHXZ
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

msvcp80

?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

msvcr80

_amsg_exit
__CxxFrameHandler3
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_CxxThrowException
??2@YAPAXI@Z
fseek
memmove
memcpy
ftell
memset
wcschr
_wfopen
wcsncmp
fclose
wcstol
wcslen
??_V@YAXPAX@Z
fwrite
??3@YAXPAX@Z
fread
_vswprintf
_recalloc
memcpy_s
free
malloc
wcsncpy_s
_vscwprintf
vswprintf_s
memcmp
wcscmp
_wtol
memmove_s
wprintf_s
_wcsicmp
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer

shlwapi

StrCmpW

wintrust

WinVerifyTrust

crypt32

CryptQueryObject
CertGetNameStringW
CertFreeCertificateContext
CryptMsgClose
CertCloseStore
CertCreateCertificateContext
CryptMsgGetParam

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resource.rdb
SetupShell.dll
.dll regsvr32 windows:4 windows x86 arch:x86

541291d6e11c1aa75409fed7cf0da08f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6b:d0:ac:58:dc:c0:21:73:7a:37:40:05:a7:c2:8d:90:d8:0e:fb:38
Signer

Actual PE Digest

6b:d0:ac:58:dc:c0:21:73:7a:37:40:05:a7:c2:8d:90:d8:0e:fb:38

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\SetupShell.pdb

Imports

kernel32

lstrlenW
MultiByteToWideChar
lstrlenA
InterlockedDecrement
DeleteFileW
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
GetPrivateProfileStringW
WritePrivateProfileStringW
SetThreadLocale
GetThreadLocale
RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedIncrement
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetLastError

user32

RegisterWindowMessageW
IsWindow
SendMessageW
KillTimer
UnregisterClassA
SetTimer

ole32

CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysStringLen
VariantInit
VariantClear
SysAllocStringLen
LoadRegTypeLi
LoadTypeLi

livelog

?GetQQLiveDaemonWnd@@YAPAUHWND__@@XZ
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?CheckFileExist@@YAHPB_W@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ

atl80

ord18
ord64
ord23
ord61
ord32
ord30
ord58
ord31
ord15
ord22

msvcp80

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

_ltow_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
memmove_s
wcscmp
_vscwprintf
vswprintf_s
wcslen
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
??2@YAPAXI@Z
??_V@YAXPAX@Z
memset
fclose
fwrite
_wfopen_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
free
calloc
_recalloc
_wcsicmp
_wcslwr_s
_purecall
fread
ftell
fseek
_wtol
wcstoul
_malloc_crt
_ultow_s
malloc
_resetstkoflw
memcmp
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Statistic.dll
.dll regsvr32 windows:4 windows x86 arch:x86

5bf38d897b3379bc9e698a1914d60dd1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:4d:f7:1b:c3:fa:a2:6e:8b:85:4f:92:d6:90:94:a9:40:52:06:f2
Signer

Actual PE Digest

54:4d:f7:1b:c3:fa:a2:6e:8b:85:4f:92:d6:90:94:a9:40:52:06:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Statistic.pdb

Imports

kernel32

WideCharToMultiByte
DeleteFileW
GetLastError
SetThreadLocale
GetThreadLocale
RaiseException
HeapFree
GetProcessHeap
GetTempPathW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetTickCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSection

user32

CreateWindowExW
DestroyWindow
IsWindow
UnregisterClassA

ole32

StringFromIID
CoTaskMemFree
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysFreeString
SysStringByteLen
DispCallFunc
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantCopy
SysAllocStringByteLen
SysAllocString

livelog

?GetLiveServerPort@@YAIPB_W@Z
?GetLiveServerHost@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?LogToFile@@YAXPB_WZZ
?IsDoLog@@YAHXZ
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ
?CheckFileExist@@YAHPB_W@Z
?IsDLNAMode@@YAHXZ
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?CreateAllDirectory@@YAHPB_W@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetCommuInst@@YAJPAPAUIQQLiveCommand@@_K@Z
?CheckAdvise@@YAXPB_W@Z
?IsQQLiveClient@@YAHXZ
?GetConfigDword@@YAKV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0KW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?CheckUnadvise@@YAXPB_W@Z
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetUserGuid@@YAXPADAAH@Z

atl80

ord11
ord30
ord23
ord61
ord32
ord58
ord31
ord15
ord18
ord22
ord64
ord42
ord48
ord10

msvcp80

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

ws2_32

htonl
htons

msvcr80

_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memcpy_s
_CxxThrowException
memset
wcslen
memcmp
_time32
memcpy
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
memmove_s
free
calloc
_recalloc
??2@YAPAXI@Z
??_V@YAXPAX@Z
_purecall
_fstat32
fclose
fwrite
fopen_s
fread
_fileno
_wrename
_vscwprintf
vswprintf_s
_ultow_s
_malloc_crt
_wfopen_s
malloc
_resetstkoflw
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__clean_type_info_names_internal

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Statistics.exe
.exe windows:4 windows x86 arch:x86

c2ca8c749efd139a74ece1566852cf56

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d5:bb:01:2b:db:0e:e3:de:97:c0:89:58:20:2c:e0:cd:00:c0:24:49
Signer

Actual PE Digest

d5:bb:01:2b:db:0e:e3:de:97:c0:89:58:20:2c:e0:cd:00:c0:24:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\QQLive_proj\trunk\Setup\Statistics.pdb

Imports

kernel32

WideCharToMultiByte
GetLastError
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
OutputDebugStringW
MultiByteToWideChar
lstrlenA
CloseHandle
WriteFile
CreateFileW
lstrlenW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
Sleep

shell32

CommandLineToArgvW

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

wininet

HttpAddRequestHeadersW
InternetReadFile
HttpOpenRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetConnectW
InternetOpenW
InternetCloseHandle

msvcr80

_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_exit
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_wtoi
_recalloc
calloc
free
memmove_s
__CxxFrameHandler3
wcslen
vswprintf_s
_vscwprintf
_CxxThrowException
memcpy_s
??3@YAXPAX@Z
_cexit
memset
_decode_pointer
_amsg_exit
__getmainargs

user32

UnregisterClassA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
StreamIO.dll
.dll windows:4 windows x86 arch:x86

f3dd7ee4c296b605174b6cb4f4fbaa0e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:42:47:5d:86:e3:bf:11:b1:48:db:5f:cb:7a:7b:fc:47:04:ae:28
Signer

Actual PE Digest

29:42:47:5d:86:e3:bf:11:b1:48:db:5f:cb:7a:7b:fc:47:04:ae:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\StreamIO.pdb

Imports

kernel32

DeleteFileA
WaitForSingleObject
GetLocalTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
ReadFile
SetEvent
SetFilePointer
MapViewOfFile
CreateMutexA
CreateEventW
OpenFileMappingA
CreateMutexW
UnmapViewOfFile
WideCharToMultiByte
GetFileAttributesW
GetTickCount
GetCurrentThreadId
CloseHandle
CreateDirectoryA
lstrlenA
CreateEventA
InterlockedExchange
MultiByteToWideChar
PulseEvent
lstrlenW
CreateFileW
GetModuleHandleW
GetFileSize
GetLastError
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedCompareExchange

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString
SysAllocString

msvcp80

?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB

msvcr80

fseek
fflush
_purecall
fwrite
strlen
fopen
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??8type_info@@QBE_NABV0@@Z
??_V@YAXPAX@Z
vswprintf_s
_vscwprintf
memcmp
ftell
strrchr
strcpy_s
memset
calloc
free
memcpy_s
_recalloc
fabs
memmove_s
wcslen
_vsnprintf
_vsnprintf_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
fclose
sprintf_s
memcpy
??2@YAPAXI@Z
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
vsprintf_s
rename
__RTDynamicCast
??3@YAXPAX@Z
_CxxThrowException
swprintf_s
__CxxFrameHandler3

Exports

Exports

GetIOManager

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SysData/DLNAConnect.swf
SysData/HomePage4.swf
SysData/MediaPlugin.swf
SysData/Recommend3.swf
SysData/img/icon_warning.png
.png
SysData/img/sprite.png
.png
SysData/paypage_err.html
SysData/pip_channel_err.html
.js
SysData/portal_err.html
SysData/programinfo_err.html
.js
SysData/tips.swf
SysData/zoomin.cur
SysData/zoomout.cur
SysData/腾讯视频.url
.url
TNProxy.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3e1312f81e1880a7089194f148e0d58e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:55:f9:95:e6:cd:a7:e4:0d:b8:62:9e:5a:f1:5e:48
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

26/02/2007, 00:00

Not After

26/02/2008, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Shenzhen R&D Center,O=Tencent Technology(Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:40:e0:b2:03:2a:9d:8a:a2:ea:27:80:4e:77:3c:8f:ab:8c:9a:ef
Signer

Actual PE Digest

5a:40:e0:b2:03:2a:9d:8a:a2:ea:27:80:4e:77:3c:8f:ab:8c:9a:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryA
InterlockedIncrement
GetProcAddress
FreeLibrary
GetTickCount
CloseHandle
Sleep
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue

ws2_32

htonl
sendto
connect
htons
ntohs
ntohl
gethostbyname
WSAStartup
WSACleanup
select
closesocket
ioctlsocket
setsockopt
socket
bind
recvfrom
recv
send
getpeername
listen
accept
inet_ntoa
__WSAFDIsSet
WSAGetLastError
gethostname
inet_addr

msvcrt

_adjust_fdiv
_onexit
malloc
_initterm
__dllonexit
_CxxThrowException
??1type_info@@UAE@XZ
strcmp
memmove
isdigit
fgetc
_ftol
atoi
strncpy
strstr
free
calloc
memset
rand
srand
strcpy
memcpy
_beginthreadex
strlen
time
_iob
fputc
sprintf
printf
_purecall
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z

msvcp60

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??1?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??1_Winit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetGetConnectedState

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 300KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TSSafeEdit.dat
.dll windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/01/2010, 00:00

Not After

25/01/2013, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

11:67:9c:88:6c:01:f1:9e:ae:43:92:19:b9:33:42:9b:d4:19:67:85
Signer

Actual PE Digest

11:67:9c:88:6c:01:f1:9e:ae:43:92:19:b9:33:42:9b:d4:19:67:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

TSEGetModule

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TXSSO/I18N/2052/PGFStringBundle.xml
.xml
TXSSO/I18N/2052/SSOStringBundle.xml
.xml
TXSSO/I18N/SSOConfig.xml
.xml
TXSSO/bin/SSOCommon.dll
.dll regsvr32 windows:4 windows x86 arch:x86

b6892bca8dfd702a8fe0a08ad32b5090

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:a1:a4:02:b0:b9:c5:a1:1a:29:f7:20:a5:3d:b3:29:3c:2e:b2:da
Signer

Actual PE Digest

bd:a1:a4:02:b0:b9:c5:a1:1a:29:f7:20:a5:3d:b3:29:3c:2e:b2:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ssosmp_pr\trunk\SmpSSOProj\SSOPlatform\TXSSO\Output\Bin\SSOCommon.pdb

Imports

ws2_32

WSASetLastError
select
__WSAFDIsSet
getservbyport
WSAStartup
WSACleanup
gethostname
gethostbyaddr
inet_addr
getservbyname
inet_ntoa
gethostbyname
WSAGetLastError
closesocket
WSAAsyncGetHostByName
WSACancelAsyncRequest
accept
socket
bind
sendto
recvfrom
connect
listen
getsockopt
setsockopt
getsockname
getpeername
WSAAsyncSelect
send
ioctlsocket
recv

wininet

InternetSetCookieW
HttpQueryInfoW
InternetSetOptionW
HttpSendRequestW
InternetGetCookieW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetQueryOptionW
InternetCanonicalizeUrlW
HttpOpenRequestW
InternetErrorDlg
InternetCrackUrlW

winmm

timeGetTime

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW

iphlpapi

GetIpForwardTable
GetIpAddrTable

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetVersionExA
IsDebuggerPresent
RtlUnwind
GetLocaleInfoA
InterlockedExchange
HeapReAlloc
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
CreateDirectoryW
GetFileAttributesW
GetFileType
RemoveDirectoryW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
GetTempPathW
CloseHandle
SetFilePointer
ReadFile
CreateFileW
WriteFile
GetFileSize
GetCommandLineW
GetDiskFreeSpaceW
GetProcAddress
GetFullPathNameW
lstrcmpW
SetEndOfFile
GetFileSizeEx
CopyFileW
MoveFileExW
WideCharToMultiByte
IsBadReadPtr
GetACP
GetCPInfoExW
GetVersion
GetCurrentProcess
GetCurrentProcessId
HeapSize
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
LoadLibraryW
GetWindowsDirectoryW
GetSystemDirectoryW
GetVersionExW
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
lstrcpynW
SetProcessWorkingSetSize
MoveFileW
Sleep
GetSystemTimeAsFileTime
GetProcessTimes
GetModuleHandleA
GetPrivateProfileStringA
GetFileAttributesA
VirtualQuery
QueryPerformanceFrequency
SetProcessAffinityMask
GetProcessAffinityMask
GetLocaleInfoW
GetUserDefaultLCID
GetSystemDefaultLCID
IsValidLocale
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDefaultLangID
GetUserDefaultLangID
SetLocaleInfoW
GetDateFormatW
GetTimeFormatW
GetCalendarInfoW
GetCurrencyFormatW
GetNumberFormatW
GetTimeZoneInformation
FileTimeToSystemTime
HeapCompact
OpenMutexW
CreateMutexW
WaitForSingleObject
ReleaseMutex
DeviceIoControl
GetVolumeInformationW
GetDriveTypeW
CreateProcessW
CreatePipe
DuplicateHandle
GetStdHandle
LockResource
lstrcmpiA
FindResourceExW
FormatMessageW
GlobalFree
SetLastError
LocalFree
SetEvent
SetThreadPriority
ResetEvent
TerminateThread
WaitForMultipleObjects
CreateEventW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
ExitThread
ResumeThread
CreateThread
ExitProcess
GetCommandLineA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetOEMCP
IsValidCodePage
EnumSystemLocalesA
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LoadLibraryA
FileTimeToLocalFileTime

user32

SendMessageW
KillTimer
SetTimer
CharNextA
CharUpperA
CharLowerA
PostMessageW
CharLowerW
ReleaseDC
GetDC
DestroyWindow
GetDesktopWindow
DrawTextW
RegisterClassExW
CharUpperW
SetWindowLongW
CreateWindowExW
ShowWindow
DefWindowProcW
OpenInputDesktop
GetUserObjectInformationW
GetThreadDesktop
CloseDesktop
GetSystemMetrics
IsWindow
IsWindowVisible
UnregisterClassA
GetGUIThreadInfo
GetWindowLongW
GetParent
GetWindowRect
GetWindowTextW
SystemParametersInfoW
FindWindowW
GetWindowThreadProcessId
CharNextW
GetIconInfo
GetClassInfoExW
GetClassNameW

gdi32

CreateDIBSection
DeleteDC
CreateRectRgn
GetStockObject
ExtCreateRegion
GetDIBits
RealizePalette
SelectObject
GetObjectW
StretchBlt
BitBlt
SetBkColor
CreateBitmap
CreateCompatibleBitmap
RectVisible
StretchDIBits
SetStretchBltMode
SetBkMode
SetTextColor
CreateFontIndirectW
ExtTextOutW
SetDIBitsToDevice
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
CreateDIBitmap
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
DuplicateTokenEx
RegQueryValueExW

shell32

ShellExecuteExW
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoCreateGuid
CoFreeLibrary
CLSIDFromString
CoLoadLibrary
CoGetMalloc

oleaut32

VariantChangeType
SysReAllocStringLen
SysStringLen
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VarDateFromStr
VarBstrCmp
VectorFromBstr
BstrFromVector
SysStringByteLen
SysAllocStringByteLen
VariantInit
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
LoadRegTypeLi

shlwapi

StrCmpW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
WTHelperGetProvSignerFromChain
CryptCATAdminReleaseCatalogContext
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminCalcHashFromFileHandle
WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

netapi32

Netbios

rasapi32

RasGetProjectionInfoW
RasEnumConnectionsW

Exports

Exports

??0CCmdCodecBase@@QAE@XZ
??0CExpatDataCompat@@QAE@XZ
??0CExpatFileReader@@QAE@XZ
??0CExpatMemReader@@QAE@XZ
??0CFmtString@@QAE@XZ
??0CMACReader@@QAE@XZ
??0CScopeToggler@@QAE@PA_N_N@Z
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??0CTXBSTR@@QAE@ABV0@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
??0CTXBSTR@@QAE@H@Z
??0CTXBSTR@@QAE@HPB_W@Z
??0CTXBSTR@@QAE@PB_W@Z
??0CTXBSTR@@QAE@XZ
??0CTXCommPack@@QAE@ABV0@@Z
??0CTXCommPack@@QAE@XZ
??0CTXCriticalSection@@QAE@ABV0@@Z
??0CTXCriticalSection@@QAE@XZ
??0CTXHttpDownload@@QAE@XZ
??0CTXHttpDownloadSink@@IAE@XZ
??0CTXHttpDownloadSink@@QAE@ABV0@@Z
??0CTXHttpUpload@@QAE@XZ
??0CTXHttpUploadBuffer@@QAE@XZ
??0CTXHttpUploadStandard@@QAE@XZ
??0CTXStringA@@QAE@ABV0@@Z
??0CTXStringA@@QAE@DH@Z
??0CTXStringA@@QAE@PBD@Z
??0CTXStringA@@QAE@PBDH@Z
??0CTXStringA@@QAE@UtagEN@@PB_WH@Z
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??0CTXStringA@@QAE@XZ
??0CTXStringW@@QAE@ABU_GUID@@@Z
??0CTXStringW@@QAE@ABUtagVARIANT@@@Z
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXStringW@@QAE@H@Z
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@PB_W@Z
??0CTXStringW@@QAE@PB_WH@Z
??0CTXStringW@@QAE@UtagEN@@PBDH@Z
??0CTXStringW@@QAE@UtagGBK@@PBDH@Z
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@_WH@Z
??0CTXTCPDataSender@@QAE@XZ
??0CTXTLVCodecBase@@QAE@XZ
??0CTXThreadModel@@IAE@XZ
??0CTXUDPDataSender@@QAE@XZ
??0CTXVariant@@QAE@ABVCTXBuffer@@@Z
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@PB_WK@Z
??0CxFile@@QAE@XZ
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PB_WK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@KPAE@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@PBD@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@IAE@PBD@Z
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??0VTXTCPDataSenderTimeOutCallback@@QAE@ABV0@@Z
??0VTXTCPDataSenderTimeOutCallback@@QAE@XZ
??0VTXUDPDataSenderTimeOutCallback@@QAE@ABV0@@Z
??0VTXUDPDataSenderTimeOutCallback@@QAE@XZ
??1CCmdCodecBase@@UAE@XZ
??1CExpatDataCompat@@QAE@XZ
??1CExpatFileReader@@UAE@XZ
??1CExpatMemReader@@UAE@XZ
??1CFmtString@@QAE@XZ
??1CMACReader@@QAE@XZ
??1CScopeToggler@@QAE@XZ
??1CTXBSTR@@QAE@XZ
??1CTXCommPack@@UAE@XZ
??1CTXCriticalSection@@UAE@XZ
??1CTXHttpDownload@@UAE@XZ
??1CTXHttpDownloadSink@@UAE@XZ
??1CTXHttpUpload@@UAE@XZ
??1CTXHttpUploadBuffer@@UAE@XZ
??1CTXHttpUploadStandard@@UAE@XZ
??1CTXStringA@@QAE@XZ
??1CTXStringW@@QAE@XZ
??1CTXTCPDataSender@@UAE@XZ
??1CTXTLVCodecBase@@UAE@XZ
??1CTXThreadModel@@MAE@XZ
??1CTXUDPDataSender@@UAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4CScopeToggler@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXCriticalSection@@QAEAAV0@ABV0@@Z
??4CTXHttpDownloadSink@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@ABV0@@Z
??4CTXStringA@@QAEAAV0@D@Z
??4CTXStringA@@QAEAAV0@PBD@Z
??4CTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@_W@Z
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??4VTXTCPDataSenderTimeOutCallback@@QAEAAV0@ABV0@@Z
??4VTXUDPDataSenderTimeOutCallback@@QAEAAV0@ABV0@@Z
??7CTXStringA@@QBE_NXZ
??7CTXStringW@@QBE_NXZ
??8@YA_NABVCTXStringA@@0@Z
??8@YA_NABVCTXStringA@@D@Z
??8@YA_NABVCTXStringA@@PBD@Z
??8@YA_NABVCTXStringW@@0@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??8@YA_NABVCTXStringW@@_W@Z
??8@YA_NDABVCTXStringA@@@Z
??8@YA_NPA_WABVCTXBSTR@@@Z
??8@YA_NPA_WABVCTXStringW@@@Z
??8@YA_NPBDABVCTXStringA@@@Z
??8@YA_NPB_WABVCTXBSTR@@@Z
??8@YA_NPB_WABVCTXStringW@@@Z
??8@YA_N_WABVCTXStringW@@@Z
??8CTXBSTR@@QBE_NABV0@@Z
??8CTXBSTR@@QBE_NPA_W@Z
??8CTXBSTR@@QBE_NPB_W@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??9@YA_NABVCTXStringA@@0@Z
??9@YA_NABVCTXStringA@@D@Z
??9@YA_NABVCTXStringA@@PBD@Z
??9@YA_NABVCTXStringW@@0@Z
??9@YA_NABVCTXStringW@@PB_W@Z
??9@YA_NABVCTXStringW@@_W@Z
??9@YA_NDABVCTXStringA@@@Z
??9@YA_NPA_WABVCTXBSTR@@@Z
??9@YA_NPBDABVCTXStringA@@@Z
??9@YA_NPB_WABVCTXBSTR@@@Z
??9@YA_NPB_WABVCTXStringW@@@Z
??9@YA_N_WABVCTXStringW@@@Z
??9CTXBSTR@@QBE_NABV0@@Z
??9CTXBSTR@@QBE_NPA_W@Z
??9CTXBSTR@@QBE_NPB_W@Z
??ACTXStringA@@QBEDH@Z
??ACTXStringW@@QBE_WH@Z
??BCTXBSTR@@QBEPA_WXZ
??BCTXCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
??BCTXStringA@@QBEPBDXZ
??BCTXStringW@@QBEPB_WXZ
??H@YA?AVCTXStringA@@ABV0@0@Z
??H@YA?AVCTXStringA@@ABV0@D@Z
??H@YA?AVCTXStringA@@ABV0@PBD@Z
??H@YA?AVCTXStringA@@DABV0@@Z
??H@YA?AVCTXStringA@@PBDABV0@@Z
??H@YA?AVCTXStringW@@ABV0@0@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??H@YA?AVCTXStringW@@ABV0@_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@_WABV0@@Z
??ICTXBSTR@@QAEPAPA_WXZ
??M@YA_NABVCTXStringA@@0@Z
??M@YA_NABVCTXStringA@@PBD@Z
??M@YA_NABVCTXStringW@@0@Z
??M@YA_NABVCTXStringW@@PB_W@Z
??M@YA_NPBDABVCTXStringA@@@Z
??M@YA_NPB_WABVCTXStringW@@@Z
??MCTXBSTR@@QBE_NABV0@@Z
??MCTXBSTR@@QBE_NPA_W@Z
??MCTXBSTR@@QBE_NPB_W@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??N@YA_NABVCTXStringA@@0@Z
??N@YA_NABVCTXStringA@@PBD@Z
??N@YA_NABVCTXStringW@@0@Z
??N@YA_NABVCTXStringW@@PB_W@Z
??N@YA_NPBDABVCTXStringA@@@Z
??N@YA_NPB_WABVCTXStringW@@@Z
??O@YA_NABVCTXStringA@@0@Z
??O@YA_NABVCTXStringA@@PBD@Z
??O@YA_NABVCTXStringW@@0@Z
??O@YA_NABVCTXStringW@@PB_W@Z
??O@YA_NPBDABVCTXStringA@@@Z
??O@YA_NPB_WABVCTXStringW@@@Z
??OCTXBSTR@@QBE_NABV0@@Z
??OCTXBSTR@@QBE_NPA_W@Z
??OCTXBSTR@@QBE_NPB_W@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??P@YA_NABVCTXStringA@@0@Z
??P@YA_NABVCTXStringA@@PBD@Z
??P@YA_NABVCTXStringW@@0@Z
??P@YA_NABVCTXStringW@@PB_W@Z
??P@YA_NPBDABVCTXStringA@@@Z
??P@YA_NPB_WABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@ABV0@@Z
??YCTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
??YCTXBSTR@@QAEAAV0@PB_W@Z
??YCTXStringA@@QAEAAV0@ABV0@@Z
??YCTXStringA@@QAEAAV0@D@Z
??YCTXStringA@@QAEAAV0@PBD@Z
??YCTXStringW@@QAEAAV0@ABUtagVARIANT@@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
??YCTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??YCTXStringW@@QAEAAV0@_W@Z
??_7CTXCommPack@@6B@
??_7CTXCriticalSection@@6B@
??_7CTXHttpDownload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpDownload@@6BCTXThreadModel@@@
??_7CTXHttpDownloadSink@@6B@
??_7CTXHttpUpload@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUpload@@6BCTXThreadModel@@@
??_7CTXHttpUploadBuffer@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadBuffer@@6BCTXThreadModel@@@
??_7CTXHttpUploadStandard@@6BCHttpTCPConnectorSink@@@
??_7CTXHttpUploadStandard@@6BCTXThreadModel@@@
??_7CTXTCPDataSender@@6B@
??_7CTXUDPDataSender@@6B@
??_7CxFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_7TiXmlAttribute@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
??_7VTXTCPDataSenderTimeOutCallback@@6B@
??_7VTXUDPDataSenderTimeOutCallback@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBuf@CTXCommPack@@QAEHPBEI@Z
?AddBufLenByte@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?AddBufLenDWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddBundleFile@TXStringBundle@@YAXPB_W0@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddConfigData@ModuleConfig@@YAJPB_W0@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?AddErrorSink@FS@@YAHPAUITXFileSystemErrorSink@@@Z
?AddEvent@CTXThreadModel@@IAEXPAX@Z
?AddFileSystem@FS@@YAJW4FILESYSTEM_TYPE@@PB_W1HHH@Z
?AddFmtString@TXStringBundle@@YAXABVCFmtString@@@Z
?AddFormData@CTXHttpDownload@@QAEXABVCTXStringW@@0@Z
?AddIdleCallback@Window@Util@@YAJPAVVTXMsgLoopIdleCallback@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@0@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@K@Z
?AddInfo@CTXHttpDownload@@QAEHABVCTXStringW@@PBEK@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
?AddPlugin@CoreCenter@Util@@YAHPA_WPAUITXData@@@Z
?AddRef@CCmdCodecBase@@MAGKXZ
?AddRelativeFileSystem@FS@@YAJPB_W00HH@Z
?AddStrA@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrAEndChar@CTXCommPack@@QAEHABVCTXStringA@@E@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
?AddStrALenDWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
?AddStrW@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWEndChar@CTXCommPack@@QAEHABVCTXStringW@@E@Z
?AddStrWLenByte@CTXCommPack@@QAEHABVCTXStringW@@@Z
?AddStrWLenDWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddStrWLenWord@CTXCommPack@@QAEHABVCTXStringW@@H@Z
?AddTLV@CTXCommPack@@QAEHEABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHGABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddTLV@CTXCommPack@@QAEHKABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddToDeadQueue@Misc@Util@@YAXHP6AXXZ@Z
?AddUInt64@CTXCommPack@@QAEH_KH@Z
?AddVBuf@CTXCommPack@@IAEHABVCTXBuffer@@W4TXCommPackDataType@@@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?Alloc@CxMemFile@@IAEXK@Z
?AllocSysString@CTXStringW@@QBEPA_WXZ
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?AnalyseResponseData@CTXHttpDownload@@AAEHAAH@Z
?AnalyseResponseHead@CTXHttpDownload@@AAEHXZ
?AnsiToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?Append@CTXBSTR@@QAEJABV1@@Z
?Append@CTXBSTR@@QAEJD@Z
?Append@CTXBSTR@@QAEJPB_W@Z
?Append@CTXBSTR@@QAEJPB_WH@Z
?Append@CTXBSTR@@QAEJ_W@Z
?Append@CTXStringA@@QAEXABV1@@Z
?Append@CTXStringA@@QAEXPBD@Z
?Append@CTXStringA@@QAEXPBDH@Z
?Append@CTXStringW@@QAEXABV1@@Z
?Append@CTXStringW@@QAEXPB_W@Z
?Append@CTXStringW@@QAEXPB_WH@Z
?AppendBSTR@CTXBSTR@@QAEJPA_W@Z
?AppendBSTR@CTXStringW@@QAEXPA_W@Z
?AppendBytes@CTXBSTR@@QAEJPBDH@Z
?AppendChar@CTXStringA@@QAEXD@Z
?AppendChar@CTXStringW@@QAEX_W@Z
?AppendFormat@CTXStringW@@QAAXPB_WZZ
?ApplyProxyInfoToHttp@Network@Util@@YAXXZ
?ApplySettings@CTXTCPDataSender@@IAEXPAUITXData@@PAUtagTXTCPPacket@@@Z
?ApplySettings@CTXUDPDataSender@@IAEXPAUITXData@@PAUtagTXUDPPacket@@@Z
?ApproachMem@TXLog@@YAXK@Z
?ArrayToBSTR@CTXBSTR@@QAEJPBUtagSAFEARRAY@@@Z
?AssignBSTR@CTXBSTR@@QAEJQA_W@Z
?Attach@CTXBSTR@@QAEXPA_W@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?BIG5ToUnicode@Convert@Util@@YA_NAAVCTXStringW@@PBDH@Z
?BSTRToArray@CTXBSTR@@QAEJPAPAUtagSAFEARRAY@@@Z
?Base64Encode@Encode@Util@@YA?AVCTXStringW@@ABVCTXBuffer@@H@Z
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?Blank@TiXmlText@@IBE_NXZ
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?BrokenCodec@CCmdCodecBase@@IAEXPB_W@Z
?BuildRqHead@CTXHttpDownload@@AAEHAAVCTXStringA@@@Z
?ByteLength@CTXBSTR@@QBEIXZ
?CDATA@TiXmlText@@QBE_NXZ
?CPConvert@Encoding@XmlText@@YAHHPBD@Z
?CRC32@Encode@Util@@YAKKPBEH@Z
?CancelDownload@CTXHttpDownload@@QAEXXZ
?CancelResolve@HostResolve@Util@@YAJK@Z
?CancelUpload@CTXHttpUpload@@QAEXXZ
?CancelUpload@CTXHttpUploadBuffer@@QAEXXZ
?CancelUpload@CTXHttpUploadStandard@@QAEXXZ
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?ChangeConfig@CCmdCodecBase@@IAEXHH@Z
?ChangeConfig@CTXTLVCodecBase@@IAEX_N@Z
?CheckBufEndChar@CTXCommPack@@QAEHE@Z
?CheckBuffer@CTXCommPack@@IAEHI@Z
?CheckModuleChange@TXLog@@YAXXZ
?CheckOutOverflow@CTXCommPack@@IAEHI@Z
?CheckRunMode@CTXCommPack@@IAEHW4RunMode@1@@Z
?CheckUinValid@Extend@Util@@YAHPA_W@Z
?CheckVistaAndStartSelfMediumLevel@Sys@Util@@YAHXZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Clear@CxImageGIF@@IAEXEAAUtag_image@1@@Z
?Clear@TiXmlNode@@QAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearRequestHeader@CTXHttpDownload@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Close@CxMemFile@@UAE_NXZ
?CloseReuseTCP@CTXHttpDownload@@QAEXXZ
?ClrBit@BitManip@Util@@YAXKAAKH@Z
?ClrBit@BitManip@Util@@YAXKAAVCTXBuffer@@H@Z
?ClrBit@BitManip@Util@@YAXKAA_JH@Z
?CodeAddBuffer@CTXTLVCodecBase@@IAEXEPAUITXBuffer@@@Z
?CodeArrayBuffer@CCmdCodecBase@@IAEXXZ
?CodeArrayBufferLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@H@Z
?CodeArrayNumber@CCmdCodecBase@@IAEXW4TX_DATA_TYPE@@@Z
?CodeArrayString@CCmdCodecBase@@IAEXI@Z
?CodeArrayStringEndChar@CCmdCodecBase@@IAEXD@Z
?CodeArrayStringLenHead@CCmdCodecBase@@IAEXW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeArrayTXDataBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayTXDataNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeArrayTXDataString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeArrayTXDataStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeArrayTXDataStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeArrayToEnd@CCmdCodecBase@@IAEXPB_WH@Z
?CodeBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeBuffer@CTXTLVCodecBase@@IAEXEPB_WK@Z
?CodeBufferEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeByte@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeByteEx@CTXTLVCodecBase@@IAEXEPB_WE_N1@Z
?CodeChar@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeCharEx@CTXTLVCodecBase@@IAEXEPB_WD_N1@Z
?CodeDWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeDWordEx@CTXTLVCodecBase@@IAEXEPB_WK_N1@Z
?CodeEndArray@CCmdCodecBase@@IAEXXZ
?CodeInt@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeIntEx@CTXTLVCodecBase@@IAEXEPB_WH_N1@Z
?CodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?CodeShort@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeShortEx@CTXTLVCodecBase@@IAEXEPB_WF_N1@Z
?CodeString@CCmdCodecBase@@IAEXPB_WI@Z
?CodeStringEndChar@CCmdCodecBase@@IAEXPB_WD@Z
?CodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeTXData@CCmdCodecBase@@UAGJPAUITXData@@PAPAUITXBuffer@@@Z
?CodeWord@CTXTLVCodecBase@@IAEXEPB_W@Z
?CodeWordEx@CTXTLVCodecBase@@IAEXEPB_WG_N1@Z
?CodecTLV@CTXTLVCodecBase@@UAGJKPAUITXData@@PAPAUITXBuffer@@@Z
?Collate@CTXStringW@@QBEHPB_W@Z
?CollateNoCase@CTXStringW@@QBEHPB_W@Z
?Colorize@CxImage@@QAE_NEEM@Z
?Colorize@CxImage@@QAE_NNNN@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CombinePath@FS@Util@@YA?AVCTXStringW@@ABV3@0@Z
?CombineQNC@FS@@YA?AVCTXStringW@@PB_W0@Z
?CommitChange@FS@@YAHPB_W@Z
?Compare@CTXStringA@@QBEHPBD@Z
?Compare@CTXStringW@@QBEHPB_W@Z
?CompareColors@CxImage@@KAHPBX0@Z
?CompareNoCase@CTXStringA@@QBEHPBD@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
?ConnectToServer@CTXHttpDownload@@AAEHXZ
?Contour@CxImage@@QAE_NXZ
?ConventAnsiBufferToBSTR@SSOConvert@Util@@YAHAAVCTXBuffer@@AAVCTXBSTR@@H@Z
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?ConvertTXArraySpecialLabel@Convert@Util@@YAHPAUITXArray@@PA_W@Z
?ConvertTXArrayStringBundle@Convert@Util@@YAHPAUITXArray@@@Z
?ConvertTXBufferToTXSSOBuffer@SSOConvert@Util@@YAJPAUITXBuffer@@PAPAUITXSSOBuffer@@@Z
?ConvertTXDataSpecialLabel@Convert@Util@@YAHPAUITXData@@PA_W@Z

Sections

.text
Size: 948KB - Virtual size: 947KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TXSSO/bin/SSOLUIControl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

0e880a85ae4dad9b2b74a3dfa55a3dfb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:60:92:ad:99:b1:b8:b8:40:12:3b:bb:95:02:3e:62:9d:2b:de:e6
Signer

Actual PE Digest

f1:60:92:ad:99:b1:b8:b8:40:12:3b:bb:95:02:3e:62:9d:2b:de:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ssosmp_pr\trunk\SmpSSOProj\SSOPlatform\TXSSO\Output\bin\SSOLUIControl.pdb

Imports

ssocommon

?Mid@CTXStringW@@QBE?AV1@H@Z
?StringToIntW@Convert@Util@@YA_NPB_WAAH@Z
?Mid@CTXStringW@@QBE?AV1@HH@Z
?Empty@CTXStringW@@QAEXXZ
?OpenUrlWithDefault@UrlBase@Util@@YAXABVCTXStringW@@@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
?Delete@CTXStringW@@QAEHHH@Z
?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
?AddBufLenByte@CTXCommPack@@QAEHABVCTXBuffer@@@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?SBCToDBC@Convert@Util@@YA_NAAVCTXStringW@@@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
?AddStrALenByte@CTXCommPack@@QAEHABVCTXStringA@@@Z
??1CTXStringA@@QAE@XZ
?GetBufferOut@CTXCommPack@@QAEHAAVCTXBuffer@@@Z
?Find@CTXStringW@@QBEH_WH@Z
??8@YA_NABVCTXStringW@@PB_W@Z
??8CTXBSTR@@QBE_NPB_W@Z
?Length@CTXBSTR@@QBEIXZ
?Right@CTXStringW@@QBE?AV1@H@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?GetBuffer@CTXStringW@@QAEPA_WH@Z
?ReleaseBuffer@CTXStringW@@QAEXH@Z
?GetLCID@TXI18N@@YAKXZ
??0CTXStringW@@QAE@PA_W@Z
??0CTXStringW@@QAE@ABV0@@Z
?Find@CTXStringW@@QBEHPB_WH@Z
??ACTXStringW@@QBE_WH@Z
?Left@CTXStringW@@QBE?AV1@H@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
??0CTXBSTR@@QAE@ABV0@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?GetBSTRPtr@CTXStringW@@QAEPAPA_WXZ
?SetBufferIn@CTXCommPack@@QAEXPBEIH@Z
?ConvertTXSSOBufferToTXBuffer@SSOConvert@Util@@YAJPAUITXSSOBuffer@@PAPAUITXBuffer@@@Z
?ConvertTXSSODataToTXData@SSOConvert@Util@@YAJPAUITXSSOData@@PAPAUITXData@@@Z
?StringToDWordW@Convert@Util@@YA_NPB_WAAK@Z
??0CTXBSTR@@QAE@XZ
?IsEmpty@CTXBSTR@@QAEHXZ
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
??ICTXBSTR@@QAEPAPA_WXZ
?GetBuf@CTXCommPack@@QAEHPAEHH@Z
?GetWord@CTXCommPack@@QAEHAAGHH@Z
??0CTXStringW@@QAE@XZ
?GetString@CTXCommPack@@QAEHAAVCTXStringW@@HHH@Z
?GetDWord@CTXCommPack@@QAEHAAKHH@Z
?GetByte@CTXCommPack@@QAEHAAEH@Z
??1CTXBSTR@@QAE@XZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
??0CTXBSTR@@QAE@PB_W@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
??BCTXBSTR@@QBEPA_WXZ
??1CTXCommPack@@UAE@XZ
??0CTXCommPack@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??1CTXStringW@@QAE@XZ
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??0CxImage@@QAE@K@Z
??1CxImage@@UAE@XZ
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@PAK_N@Z
??0CxMemFile@@QAE@KPAE@Z
?LoadGif@CxImageHelper@@YAPAVCxImage@@PAVCxFile@@AAH@Z
?GetWidth@CxImage@@QBEKXZ
?Load@CxImage@@QAE_NPAVCxFile@@K@Z
?GetHeight@CxImage@@QBEKXZ
??1CxMemFile@@UAE@XZ
??M@YA_NABVCTXStringW@@0@Z
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
?GetLocalePath@TXI18N@@YA?AVCTXStringW@@PB_W@Z
?GetAt@CTXStringW@@QBE_WH@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
?MakeUpper@CTXStringW@@QAEAAV1@XZ
?Trim@CTXStringW@@QAEAAV1@XZ
?GetLength@CTXStringW@@QBEHXZ

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetStringTypeW
GetStringTypeA
WriteConsoleA
WriteConsoleW
GetConsoleOutputCP
GetVersionExA
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
GetSystemTimeAsFileTime
VirtualProtect
GetModuleHandleA
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
CloseHandle
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FlushFileBuffers
TlsGetValue
TlsAlloc
LockResource
LoadResource
SizeofResource
FindResourceW
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
GetModuleHandleW
SetThreadLocale
GetThreadLocale
GetWindowsDirectoryW
GetSystemDirectoryW
GetProcAddress
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
FlushInstructionCache
GetCurrentProcess
lstrlenA
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
SetLastError
lstrcpynW
SetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetTimeZoneInformation
Sleep
GetModuleFileNameA
ExitProcess
HeapCreate
TlsFree
TlsSetValue

user32

EnableWindow
IsDialogMessageW
GetDesktopWindow
DialogBoxParamW
DrawTextW
GetWindow
MapWindowPoints
EndDialog
GetSystemMetrics
GetCapture
ReleaseCapture
SystemParametersInfoW
SetCursor
GetSysColor
InflateRect
SetScrollInfo
GetScrollInfo
ShowScrollBar
GetScrollPos
SetCapture
IsWindowVisible
PostMessageW
ScreenToClient
SendMessageW
GetWindowRect
MoveWindow
CreateDialogParamW
FillRect
GetSysColorBrush
GetDlgItem
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
CreateWindowExW
RegisterClassExW
IsWindow
GetParent
GetFocus
IsChild
SetFocus
GetDC
ReleaseDC
LoadCursorW
GetClassInfoExW
ShowWindow
UnionRect
PtInRect
GetClientRect
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
DestroyWindow
CharNextW
CallWindowProcW
GetWindowLongW
SetWindowLongW
DefWindowProcW
KillTimer
SetTimer
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
GetKeyState
UnregisterClassA

gdi32

CloseMetaFile
RestoreDC
SetWindowExtEx
DeleteMetaFile
SaveDC
CreateMetaFileW
CreateDCW
GetDeviceCaps
GetClipRgn
CreateRectRgn
SelectClipRgn
Rectangle
SetTextAlign
TextOutW
SetWindowOrgEx
DPtoLP
GetTextExtentExPointW
GetObjectW
CreateRectRgnIndirect
CreateFontIndirectW
CreateSolidBrush
SetBkColor
GetStockObject
SetTextColor
SetBkMode
SelectObject
DeleteObject
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW

ole32

ReadClassStm
OleSaveToStream
WriteClassStm
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
CoLoadLibrary
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
OleRegEnumVerbs

oleaut32

VariantClear
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VariantInit
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
OleCreatePropertyFrame
LoadRegTypeLi

wininet

InternetCrackUrlA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TXSSO/bin/SSOPlatform.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3d5873c57ad46da14bf50b351ba42c45

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:f1:2a:da:3c:ae:4b:9d:89:18:d6:5a:a4:bd:b8:f6:46:03:da:6d
Signer

Actual PE Digest

5c:f1:2a:da:3c:ae:4b:9d:89:18:d6:5a:a4:bd:b8:f6:46:03:da:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ssosmp_pr\trunk\SmpSSOProj\SSOPlatform\TXSSO\Output\Bin\SSOPlatform.pdb

Imports

ws2_32

inet_addr

ssocommon

?Utf8ToWS@Convert@Util@@YA?AVCTXStringW@@PBDH@Z
?GetIEProxyUserName@Network@Util@@YAHAAVCTXStringW@@0@Z
?TrimLeft@CTXStringW@@QAEAAV1@XZ
?TrimRight@CTXStringW@@QAEAAV1@XZ
??ACTXStringW@@QBE_WH@Z
?GetIEProxySetting@Network@Util@@YAHPAUITXData@@AAE@Z
?Encode16@Encode@Util@@YA?AVCTXStringW@@ABVCTXBuffer@@@Z
?Tokenize@CTXStringW@@QBE?AV1@PB_WAAH@Z
?LoadXmlByContent@FS@Util@@YAHPA_WPAPAUIXMLDOMDocument@@@Z
??8@YA_NABVCTXStringW@@PB_W@Z
?CompareNoCase@CTXStringW@@QBEHPB_W@Z
??8@YA_NPA_WABVCTXBSTR@@@Z
??BCTXBSTR@@QBEPA_WXZ
??0CTXBSTR@@QAE@ABU_GUID@@@Z
??1CTXBSTR@@QAE@XZ
?Right@CTXStringW@@QBE?AV1@H@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?CreateChannel@Connection@Util@@YAJHPAPAUITXChannel@@@Z
?Encode16@Encode@Util@@YA?AVCTXStringW@@PBXI@Z
??YCTXStringW@@QAEAAV0@_W@Z
?GetAt@CTXStringW@@QBE_WH@Z
?Detach@CTXBSTR@@QAEPA_WXZ
?Attach@CTXBSTR@@QAEXPA_W@Z
?IsFileExist@FS@@YAHPB_W@Z
?GetBinDir@Dir@Util@@YA?AVCTXStringW@@XZ
?GetParentDir@FS@Util@@YA?AVCTXStringW@@V3@@Z
?CancelResolve@HostResolve@Util@@YAJK@Z
?Resolve@HostResolve@Util@@YAJPA_WPAUITXHostResolverSink@@PAK@Z
?GetHostByName@HostResolve@Util@@YAJPA_WPAPA_W@Z
??0CTXStringW@@QAE@PB_WH@Z
?CancelDownload@CTXHttpDownload@@QAEXXZ
??1CTXHttpDownloadSink@@UAE@XZ
??0CTXHttpDownloadSink@@IAE@XZ
?Run@CTXHttpDownload@@EAEIXZ
?OnConnecting@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?Decode16@Encode@Util@@YAHABVCTXStringW@@AAVCTXBuffer@@@Z
?OnConnected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@@Z
?OnDownloadStart@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?QueryInfo@CTXHttpDownload@@QAEHABVCTXStringW@@AAV2@H@Z
?OnProgress@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@KK@Z
?GetDownloadedBuffer@CTXHttpDownload@@QAEHPAPAEPAK@Z
?OnRedirected@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@PB_W@Z
?OnError@CTXHttpDownloadSink@@UAEXPAVCTXHttpDownload@@K@Z
??1CTXHttpDownload@@UAE@XZ
?DownloadToBuffer@CTXHttpDownload@@QAEHPB_WPAU_SYSTEMTIME@@@Z
?SetUIInterface@CTXHttpDownload@@QAEXPAVCTXHttpDownloadSink@@@Z
??0CTXHttpDownload@@QAE@XZ
?GetBSTRPtr@CTXStringW@@QAEPAPA_WXZ
?GetTXDataBuf@Data@Util@@YAHPAUITXDataRead@@PB_WAAVCTXBuffer@@@Z
?EraseAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
?CreateFileW@FS@@YAHPB_WKPAPAUITXFile@@@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
?Replace@CTXStringW@@QAEHPB_W0@Z
??YCTXStringW@@QAEAAV0@ABV0@@Z
wcslcat
?GetLCID@TXI18N@@YAKXZ
?IsCSSubSendData@Misc@Util@@YAHPAUITXData@@@Z
?Mid@CTXStringW@@QBE?AV1@H@Z
?Left@CTXStringW@@QBE?AV1@H@Z
?Find@CTXStringW@@QBEH_WH@Z
??BCTXStringA@@QBEPBDXZ
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
??0CTXStringA@@QAE@PBDH@Z
?GetDecodeNumberSigned@CCmdCodecBase@@IAEHPB_W@Z
??4CTXStringW@@QAEAAV0@PB_W@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?GetBufferOut@CTXCommPack@@QAEHAAVCTXBuffer@@@Z
?AddBufLenWord@CTXCommPack@@QAEHABVCTXBuffer@@H@Z
?AddWord@CTXCommPack@@QAEHGH@Z
?AddStrALenWord@CTXCommPack@@QAEHABVCTXStringA@@H@Z
??1CTXCommPack@@UAE@XZ
??1CCmdCodecBase@@UAE@XZ
?GetBuf@CTXCommPack@@QAEHPAPBEHH@Z
??0CTXStringA@@QAE@UtagUTF8@@PB_WH@Z
??0CTXCommPack@@QAE@XZ
??0CCmdCodecBase@@QAE@XZ
?CRC32@Encode@Util@@YAKKPBEH@Z
?AddBuf@CTXCommPack@@QAEHABVCTXBuffer@@@Z
?GenerateEx@CComputerIDGenerator@@QAEHPAE@Z
?AddPack@CTXCommPack@@QAEHABV1@@Z
??4CTXStringW@@QAEAAV0@PA_W@Z
??0CTXStringW@@QAE@XZ
??1CTXStringW@@QAE@XZ
?Find@CTXStringW@@QBEHPB_WH@Z
?GetLength@CTXStringW@@QBEHXZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
?CreateTXData@SSOData@Util@@YAHPAPAUITXSSOData@@@Z
??0CTXBSTR@@QAE@PB_W@Z
?CreateTXBuffer@SSOData@Util@@YAHPAPAUITXSSOBuffer@@@Z
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?CopyTXDataField@SSOData@Util@@YAHPAUITXSSODataRead@@PAUITXSSOData@@PB_W2@Z
?CreateTXArray@SSOData@Util@@YAHPAPAUITXSSOArray@@@Z
??8CTXBSTR@@QBE_NPA_W@Z
?Format@CTXStringW@@QAAXPB_WZZ
??ICTXBSTR@@QAEPAPA_WXZ
?Generate@CComputerIDGenerator@@QAEKPAE@Z
?AddBuf@CTXCommPack@@QAEHPBEI@Z
?GetByte@CTXCommPack@@QAEHAAEH@Z
?DecodeBuffer@CCmdCodecBase@@UAGJPAUITXBuffer@@PAPAUITXData@@PAU3@@Z
?CodeTXData@CCmdCodecBase@@UAGJPAUITXData@@PAPAUITXBuffer@@@Z
?GetTimeOffsetUTC@NLS@@YAJXZ
?Release@CCmdCodecBase@@MAGKXZ
?GetLCID@NLS@@YAKXZ
?StringToIP@Network@Util@@YAKPB_W@Z
?AddUInt64@CTXCommPack@@QAEH_KH@Z
?AddRef@CCmdCodecBase@@MAGKXZ
??1CTXStringA@@QAE@XZ
?GetDWord@CTXCommPack@@QAEHAAKHH@Z
?QueryInterface@CCmdCodecBase@@MAGJABU_GUID@@PAPAX@Z
?IPToString@Network@Util@@YA?AVCTXStringW@@K@Z
?AddByte@CTXCommPack@@QAEHE@Z
?AddDWord@CTXCommPack@@QAEHKH@Z
?GenerateG1@CComputerIDGenerator@@QAEKPAE@Z
?StringToDWordW@Convert@Util@@YA_NPB_WAAK@Z
??0CTXBSTR@@QAE@XZ
?GetString@CTXStringW@@QBEPB_WXZ
?Length@CTXBSTR@@QBEIXZ
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??BCTXStringW@@QBEPB_WXZ
?SetLCID@NLS@@YAHK@Z
?GetClientType@ClientType@ProductConfig@Util@@YAJPAK@Z
?GetUInt64@CTXCommPack@@QAEHAA_KHH@Z
?GetBuffer@CTXStringA@@QAEPADH@Z
?GetString@CTXStringA@@QBEPBDXZ
?GetLength@CTXStringA@@QBEHXZ
??0CTXStringA@@QAE@UtagGBK@@PB_WH@Z
?Preallocate@CTXStringW@@QAEXH@Z
??0CTXBSTR@@QAE@HPB_W@Z
?CreateTXArray@Data@Util@@YAHPAPAUITXArray@@@Z
?GetBSTR@CTXStringW@@QBEPA_WXZ
?LoadXmlByName@FS@Util@@YAHPB_WPAPAUIXMLDOMDocument@@@Z
?GetUserDefaultLCID@NLS@@YAKXZ
?NotifyIdle@TXTimer@@YAXXZ
?SetUserLCID@TXI18N@@YAXK@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
?GetRootDir@Dir@Util@@YA?AVCTXStringW@@XZ
??4CTXStringW@@QAEAAV0@ABVCTXBSTR@@@Z
?SetConfigFile@TXI18N@@YAHPB_W0@Z
??0CTXStringW@@QAE@ABV0@@Z
?OnExitCoreCenter@Misc@Util@@YAXXZ
?OnUninitCom@Misc@Util@@YAXXZ
?JumpBuf@CTXCommPack@@QAEHH@Z
?Random@Sys@Util@@YAHXZ
?GetWord@CTXCommPack@@QAEHAAGHH@Z
?GetBufferByteLeft@CTXCommPack@@QBEHXZ
?CodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?BrokenCodec@CCmdCodecBase@@IAEXPB_W@Z
?DecodeString@CCmdCodecBase@@IAEXPB_WI@Z
?SetBufferIn@CTXCommPack@@QAEXAAVCTXBuffer@@H@Z
?GetDecodeNumberUnsigned@CCmdCodecBase@@IAEKPB_W@Z
?DecodeStringLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?DecodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?DecodeBuffer@CCmdCodecBase@@IAEXPB_WI@Z
?DecodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?EnableUnicodeString@CCmdCodecBase@@IAEXH@Z
?CodeBufferLenHead@CCmdCodecBase@@IAEXPB_WW4CMDFIELDTYPE@@@Z
?CodeBuffer@CCmdCodecBase@@IAEXPB_W@Z
?CodeNumber@CCmdCodecBase@@IAEXPB_WW4TX_DATA_TYPE@@@Z
?ConvertTXSSOBufferToTXBuffer@SSOConvert@Util@@YAJPAUITXSSOBuffer@@PAPAUITXBuffer@@@Z
?DoFormat@CFmtString@@QAEPB_WPB_W@Z
?CopyTXDataField@Data@Util@@YAHPAUITXDataRead@@PAUITXData@@PB_W2@Z
?Empty@CTXStringW@@QAEXXZ
?PropertyStr@CFmtString@@QAEHPB_W0@Z
?ConvertTXSSODataToTXData@SSOConvert@Util@@YAJPAUITXSSOData@@PAPAUITXData@@@Z
??1CFmtString@@QAE@XZ
??0CFmtString@@QAE@XZ
??0CTXBSTR@@QAE@ABV0@@Z
?SetAsyncCallback@TXTimer@@YAHPAUITXAsyncCallback@@I@Z
??4CTXBSTR@@QAEAAV0@ABVCTXStringW@@@Z
?Trim@CTXStringW@@QAEAAV1@XZ
??0CTXStringW@@QAE@PA_W@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
??4CTXBSTR@@QAEAAV0@ABV0@@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?ConvertTXDataToTXSSOData@SSOConvert@Util@@YAJPAUITXData@@PAPAUITXSSOData@@@Z
??4CTXBSTR@@QAEAAV0@PB_W@Z
??M@YA_NABVCTXStringW@@0@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
??8CTXBSTR@@QBE_NABV0@@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
?GetProcessName@SystemHelp@Util@@YA?AVCTXStringW@@K@Z
?Empty@CTXBSTR@@QAEXXZ
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?IsEmpty@CTXStringW@@QBE_NXZ
?InitNetwork@Network@Util@@YAHXZ
?IsEmpty@CTXBSTR@@QAEHXZ
?InitDownloadTempDirectory@CTXHttpDownload@@SAXPB_W@Z
?GetSSOTempDir@Dir@Util@@YA?AVCTXStringW@@XZ
??H@YA?AVCTXStringW@@ABV0@0@Z
??0CTXStringW@@QAE@PB_W@Z
?FlushLog@TXLog@@YAXXZ
?OnExitWinMain@Misc@Util@@YAXXZ

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

iphlpapi

GetIpAddrTable
GetIpForwardTable

kernel32

SetFilePointer
GetLocaleInfoW
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetConsoleCP
GetCPInfo
GetStdHandle
WriteFile
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
ExitProcess
HeapSize
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
RtlUnwind
GetProcessHeap
GetCommandLineA
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
HeapAlloc
HeapReAlloc
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
ReadConsoleInputA
SetConsoleMode
GetModuleHandleW
LocalAlloc
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
ReadFile
CreateThread
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
CreateDirectoryW
GetCurrentProcess
GetCommandLineW
TerminateThread
GlobalFree
GlobalAlloc
GetFileAttributesW
MapViewOfFile
CreateFileMappingW
ReleaseMutex
WaitForSingleObject
OpenMutexW
GetVersionExW
CreateMutexW
GetSystemInfo
VirtualProtect
LocalFree
VirtualQuery
UnmapViewOfFile
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
QueryPerformanceCounter
CloseHandle
CreateFileW
InterlockedDecrement
LeaveCriticalSection
InterlockedIncrement
LoadLibraryExW
FindResourceW
RaiseException
OutputDebugStringA
LoadResource
SizeofResource
DeleteCriticalSection
SetThreadLocale
GetThreadLocale
SetEndOfFile
MultiByteToWideChar
GetModuleFileNameW
GetLastError
InitializeCriticalSection
lstrlenW
FreeLibrary
EnterCriticalSection
lstrcmpiW

user32

GetProcessWindowStation
SendMessageW
GetDesktopWindow
SendMessageTimeoutW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
ShowWindow
DefWindowProcW
GetWindowLongW
MessageBoxA
GetUserObjectInformationW
UnregisterClassA
SetWindowLongW
DestroyWindow
CharNextW
IsWindow
GetWindowThreadProcessId
PostMessageW

gdi32

GetStockObject

advapi32

SetSecurityDescriptorSacl
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegQueryValueExW
RegOpenKeyExW
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc
CoCreateGuid
CoTaskMemAlloc
CoCreateInstance

oleaut32

VariantInit
LoadRegTypeLi
SysStringLen
SysFreeString
RegisterTypeLi
VarUI4FromStr
LoadTypeLi
SysAllocString
UnRegisterTypeLi
VariantClear

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 924KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TXSSO/bin/npSSOAxCtrlForPTLogin.dll
.dll regsvr32 windows:4 windows x86 arch:x86

160288086033c30eda798088b486a70e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d6:5c:d8:99:4b:22:2e:e6:57:8f:93:f6:64:80:f9:35:36:cf:2f:ef
Signer

Actual PE Digest

d6:5c:d8:99:4b:22:2e:e6:57:8f:93:f6:64:80:f9:35:36:cf:2f:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ssosmp_pr\trunk\SmpSSOProj\SSOPlatform\TXSSO\Output\bin\npSSOAxCtrlForPTLogin.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleHandleExA
GetLastError
MultiByteToWideChar
lstrlenA
lstrcmpiA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
SetThreadLocale
GetThreadLocale
SetEnvironmentVariableA
CompareStringW
GetProcAddress
GetModuleFileNameW
GetSystemDirectoryW
GetWindowsDirectoryW
lstrlenW
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrcmpiW
WideCharToMultiByte
CompareStringA
FlushFileBuffers
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
GetStdHandle
WriteFile
IsValidCodePage
GetOEMCP
GetCPInfo
LCMapStringA
VirtualFree
HeapCreate
ExitProcess
Sleep
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualAlloc
VirtualProtect
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
RtlUnwind
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA

user32

UnregisterClassA
CharNextW

advapi32

RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExA
RegCloseKey
RegEnumKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoLoadLibrary
CoUninitialize
CoInitialize
CoCreateInstance
StringFromGUID2

oleaut32

SysFreeString
SysStringLen
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SetErrorInfo
CreateErrorInfo
LoadRegTypeLi
SysAllocString

shlwapi

SHDeleteKeyW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

InternetCrackUrlA

ssocommon

??0CTXBSTR@@QAE@PB_W@Z
?IsEmpty@CTXStringW@@QBE_NXZ
??0CTXStringW@@QAE@ABVCTXBSTR@@@Z
??0CTXBSTR@@QAE@XZ
??ICTXBSTR@@QAEPAPA_WXZ
??1CTXBSTR@@QAE@XZ
??BCTXBSTR@@QBEPA_WXZ
??0CTXStringW@@QAE@XZ
??0CTXStringW@@QAE@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
??0CTXStringW@@QAE@UtagUTF8@@PBDH@Z
?GetString@CTXStringW@@QBEPB_WXZ
?Utf8FromWS@Convert@Util@@YA?AVCTXStringA@@PB_WH@Z
?GetString@CTXStringA@@QBEPBDXZ
??1CTXStringA@@QAE@XZ
?FlushLog@TXLog@@YAXXZ
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
??4CTXStringW@@QAEAAV0@ABV0@@Z
?ReverseFind@CTXStringW@@QBEH_W@Z
?Left@CTXStringW@@QBE?AV1@H@Z
??ACTXStringW@@QBE_WH@Z
?GetLength@CTXStringW@@QBEHXZ
??0CTXStringW@@QAE@ABV0@@Z
??0CTXStringW@@QAE@PA_W@Z
??YCTXStringW@@QAEAAV0@PB_W@Z
??0CTXBSTR@@QAE@ABVCTXStringW@@@Z
?Format@CTXStringW@@QAAXPB_WZZ
??1CTXStringW@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ToolBox.dll
.dll regsvr32 windows:4 windows x86 arch:x86

990d18a15700f5c34b0e26bff02f0979

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:82:19:06:69:d9:22:c1:fa:fb:f0:43:a4:47:d9:9f:20:ab:85:37
Signer

Actual PE Digest

43:82:19:06:69:d9:22:c1:fa:fb:f0:43:a4:47:d9:9f:20:ab:85:37

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\ToolBox.pdb

Imports

kernel32

LockResource
LoadResource
FindResourceW
FindResourceExW
FlushInstructionCache
GetCurrentProcess
SetLastError
GetModuleFileNameW
ResetEvent
GetProcAddress
LoadLibraryW
DeleteCriticalSection
DeleteFileW
FreeLibrary
lstrlenW
InitializeCriticalSection
SetFilePointerEx
ReadFile
GetFileInformationByHandle
CreateFileW
GetLastError
VirtualQuery
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
SizeofResource
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
WaitForSingleObject
TerminateThread
Sleep
CloseHandle
SetEvent
CreateEventW
LeaveCriticalSection
RaiseException
EnterCriticalSection

user32

GetWindowLongW
GetClassInfoExW
PostMessageW
CallWindowProcW
UnregisterClassA
DefWindowProcW
CreateWindowExW
DestroyWindow
IsWindow
SetWindowLongW
RegisterClassExW
LoadCursorW

ole32

CoCreateInstance

oleaut32

SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString

msvcp80

?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

atl80

ord15
ord44
ord32
ord30
ord58
ord31
ord64
ord43

msvcr80

_decode_pointer
_crt_debugger_hook
??3@YAXPAX@Z
_CxxThrowException
swprintf_s
_purecall
_recalloc
wcsrchr
memcpy_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memcpy
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
memmove_s
??2@YAPAXI@Z
free
wcslen
_beginthreadex
??_V@YAXPAX@Z
memset
calloc
malloc
_resetstkoflw
memcmp
_byteswap_uint64
_byteswap_ulong
?terminate@@YAXXZ
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Upgrade.dll
.dll regsvr32 windows:4 windows x86 arch:x86

42721650e6c0860f712343e89576dfcd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:f9:9b:1c:25:7b:7d:bd:2c:e9:b9:1a:68:37:75:fb:67:db:32:a0
Signer

Actual PE Digest

dd:f9:9b:1c:25:7b:7d:bd:2c:e9:b9:1a:68:37:75:fb:67:db:32:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Upgrade.pdb

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
FormatMessageW
MultiByteToWideChar
GetLocalTime
OpenProcess
Process32NextW
GetVersion
Process32FirstW
CreateToolhelp32Snapshot
TerminateProcess
RaiseException
SetThreadLocale
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
DeleteFileW
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
CreateEventW
WideCharToMultiByte
CloseHandle
LoadLibraryW
GetCurrentThreadId
SetEvent
FreeLibrary
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetModuleFileNameW
FindResourceExW
VirtualQuery
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetTickCount
lstrlenW

user32

LoadCursorW
DestroyWindow
IsWindow
KillTimer
CreateWindowExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
RegisterClassExW
SetTimer
UnregisterClassA

shell32

ShellExecuteW

ole32

CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
LoadTypeLi
VariantInit
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString

livelog

?CheckDirectoryExist@@YAHPB_W@Z
?CreateAllDirectory@@YAHPB_W@Z
?KillOtherQQLivePlayerApp@@YAHPB_W@Z
?GetAppDataPath@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@XZ
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?CheckFileExist@@YAHPB_W@Z
?IsDoLog@@YAHXZ
?LogToFile@@YAXPB_WZZ

atl80

ord61
ord32
ord58
ord30
ord31
ord15
ord18
ord22
ord64
ord23

shlwapi

StrCmpW

msvcp80

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z

httpmodule

??0CDownloadMgrProxy@@QAE@XZ
??1CDownloadMgrProxy@@UAE@XZ
?AddTask@CDownloadMgrProxy@@QAEHPAUIHttpEventWndCallback@@PB_W1IIK@Z
?RemoveTask@CDownloadMgrProxy@@QAEHH@Z
?StartTask@CDownloadMgrProxy@@QAEHH@Z

msvcr80

_vscwprintf
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
??3@YAXPAX@Z
memset
wcsrchr
_vswprintf_c_l
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
memcpy_s
_purecall
_CxxThrowException
free
wcslen
wcscat_s
wcscmp
wcsncpy_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
memmove_s
calloc
_recalloc
??2@YAPAXI@Z
??_V@YAXPAX@Z
strncpy_s
malloc
_resetstkoflw
memcmp
_vswprintf
wcschr
wcsncmp
memcpy
wcsstr
wcstol
memmove
fread
fwrite
fclose
ftell
fseek
_wfopen
_wcsicmp
_initterm
vswprintf_s
wprintf_s
wcstoul
_except_handler4_common
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null

wintrust

WinVerifyTrust

crypt32

CryptMsgClose
CryptQueryObject
CryptMsgGetParam
CertGetNameStringW
CertCreateCertificateContext
CertCloseStore
CertFreeCertificateContext

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UserData.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9b49b7fb32978958d4e75998be6121b7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:35:f6:0d:82:e3:4e:ec:7f:8d:bc:a9:5a:e0:6b:51:be:bb:1d:04
Signer

Actual PE Digest

7c:35:f6:0d:82:e3:4e:ec:7f:8d:bc:a9:5a:e0:6b:51:be:bb:1d:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\UserData.pdb

Imports

kernel32

lstrlenW
MultiByteToWideChar
lstrlenA
GetTickCount
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
RaiseException
SetThreadLocale
GetThreadLocale
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
WideCharToMultiByte
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetVersionExA
WaitForSingleObject
CloseHandle
GetProcessHeap
HeapFree
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls
GetLastError

user32

SetTimer
CreateWindowExW
DestroyWindow
IsWindow
PeekMessageW
GetMessageW
KillTimer
PostQuitMessage
TranslateMessage
DispatchMessageW
UnregisterClassA
PostThreadMessageW

ole32

CoCreateInstance
StringFromIID
CoTaskMemFree

oleaut32

SysStringLen
SysFreeString
VarBstrCmp
VariantInit
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
DispCallFunc
LoadRegTypeLi
LoadTypeLi

livelog

?IsQQLiveClient@@YAHXZ
?FileCoCreateInstance@@YAJPB_WABU_GUID@@PAUIUnknown@@K1PAPAXPAUHINSTANCE__@@@Z
?GetConfigInt@@YAJV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0JW4tagQQLIVE_CONFIG_TYPE@@@Z
?GetKeyValue@@YAHABV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@0AAV12@_W@Z
?GetLiveServerUrl@@YA?AV?$CStringT@_WV?$StrTraitATL@_WV?$ChTraitsCRT@_W@ATL@@@ATL@@@ATL@@PB_W@Z
?GetOnLine@@YAHXZ
?GetDNSStatus@@YA?AW4DNS_STATUS@@XZ

atl80

ord11
ord42
ord23
ord61
ord58
ord32
ord30
ord48
ord31
ord15
ord18
ord22
ord64
ord10

msvcp80

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?length@?$char_traits@D@std@@SAIPBD@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ

msvcr80

_resetstkoflw
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
memset
sprintf_s
__CxxFrameHandler3
free
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
_invalid_parameter_noinfo
_wcslwr_s
_vscwprintf
vswprintf_s
wcslen
??0exception@std@@QAE@ABV01@@Z
calloc
_recalloc
??2@YAPAXI@Z
memmove_s
??_V@YAXPAX@Z
memcmp
_purecall
rand
srand
wcscpy_s
memcpy
_itoa
wcstoul
_ltow_s
_ultow_s
_beginthreadex
malloc
__dllonexit
strlen
strcmp
modf
strpbrk
_except_handler4_common
?terminate@@YAXXZ
_unlock

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DLLShare
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VProcess.dll
.dll windows:4 windows x86 arch:x86

8a4a3d528fce241b0468d7195a83edf9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:eb:99:28:a1:2c:4e:0a:3f:8b:a1:67:0b:6a:5a:65:ad:aa:9f:42
Signer

Actual PE Digest

7b:eb:99:28:a1:2c:4e:0a:3f:8b:a1:67:0b:6a:5a:65:ad:aa:9f:42

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\VProcess.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_initterm
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
log10
_purecall
memset
??_V@YAXPAX@Z
??2@YAPAXI@Z
??3@YAXPAX@Z
memcpy
?terminate@@YAXXZ
__CxxFrameHandler3

Exports

Exports

CreateAProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VideoMergeTool.dll
.dll windows:4 windows x86 arch:x86

f8b466b65b53959cf552e32b3c607ba1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:21:ec:03:a2:c9:10:e0:b5:63:05:3d:4f:d4:76:17:64:19:2a:d9
Signer

Actual PE Digest

05:21:ec:03:a2:c9:10:e0:b5:63:05:3d:4f:d4:76:17:64:19:2a:d9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\Playersrc\sym\VideoMergeTool.pdb

Imports

kernel32

WaitForSingleObject
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
DeleteFileA
SetEvent
GetLastError
CreateEventW
CreateMutexW
WideCharToMultiByte
InitializeCriticalSection
CloseHandle
DeleteCriticalSection
MultiByteToWideChar
CreateDirectoryA
lstrlenA
lstrlenW
GetModuleHandleW
GetFileAttributesW
FlushFileBuffers
CreateFileW
SetFilePointer
SetFileValidData
SetEndOfFile
GetFileInformationByHandle
ReadFile
WriteFile
SetFilePointerEx
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
TerminateProcess

shell32

SHGetFolderPathW

oleaut32

SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysFreeString

msvcp80

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr80

fwrite
_invalid_parameter_noinfo
fopen
rename
strlen
??0exception@std@@QAE@ABQBD@Z
_purecall
??_V@YAXPAX@Z
memmove_s
free
memcpy_s
malloc
swprintf_s
memset
strcpy_s
calloc
_recalloc
fflush
__CxxFrameHandler3
_snprintf_s
printf
_vsnprintf_s
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
fseek
ftell
__RTDynamicCast
fclose
qsort
??0exception@std@@QAE@XZ
sprintf_s
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
memcpy
??0exception@std@@QAE@ABV01@@Z
??3@YAXPAX@Z
wcslen
?what@exception@std@@UBEPBDXZ
_CxxThrowException

Exports

Exports

VMT_CreateObject_EncryptedVideo
VMT_DestroyObject_EncryptedVideo

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win7Feature.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7ff925d996e137195be0d4c93f71e563

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:cc:b6:b5:6a:67:55:0a:04:e5:a6:53:54:7d:3e:55:01:a8:41:c8
Signer

Actual PE Digest

6e:cc:b6:b5:6a:67:55:0a:04:e5:a6:53:54:7d:3e:55:01:a8:41:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\Win7Feature.pdb

Imports

shlwapi

SHStrDupW

kernel32

FindResourceExW
GetModuleHandleW
lstrlenW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetLocaleInfoA
GetACP
GetProcessHeap
HeapSize
HeapReAlloc
FindResourceW
HeapAlloc
HeapDestroy
GetVersionExA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedExchange
LoadResource
LockResource
SizeofResource
GetThreadLocale
SetThreadLocale
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
RaiseException
GetCurrentProcessId
HeapFree
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep

user32

CallWindowProcW
LoadIconW
RegisterWindowMessageW
UnregisterClassA
SetWindowLongW

ole32

PropVariantClear
CoCreateInstance

oleaut32

LoadTypeLi
LoadRegTypeLi
DispCallFunc
VariantClear
VariantInit
SysStringLen
SysFreeString

livelog

?CheckAdvise@@YAXPB_W@Z
?CheckUnadvise@@YAXPB_W@Z

msvcr80

calloc
??_U@YAPAXI@Z
wcslen
malloc
_resetstkoflw
swprintf_s
?terminate@@YAXXZ
_except_handler4_common
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_recalloc
_amsg_exit
_adjust_fdiv
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_CxxThrowException
memcpy_s
??0exception@std@@QAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
memset
??_V@YAXPAX@Z
free
__CxxFrameHandler3
??3@YAXPAX@Z
_purecall
wcscpy_s
??2@YAPAXI@Z
memmove_s
??0exception@std@@QAE@ABV01@@Z
_initterm_e
_invalid_parameter_noinfo
memcmp
wcscmp

atl80

ord15
ord22
ord64
ord23
ord61
ord10
ord11
ord31
ord30
ord32
ord58
ord18

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X64Helper.exe
.exe windows:4 windows x64 arch:x64

c5d42453941b01bf0269de33bb925bde

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

45:41:ad:98:0e:a4:a9:fd:d7:ec:d3:08:cd:64:93:16:82:e5:99:ab
Signer

Actual PE Digest

45:41:ad:98:0e:a4:a9:fd:d7:ec:d3:08:cd:64:93:16:82:e5:99:ab

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

f:\QQLive_Dailybuild\src\symbol\X64Helper.pdb

Imports

kernel32

AllocConsole
GetCurrentThreadId
FreeConsole
InitializeCriticalSection
RaiseException
LoadLibraryW
FreeLibrary
GetProcAddress
CreateProcessW
LocalFree
SetEvent
GetCommandLineW
GetModuleFileNameW
DeleteCriticalSection
GetModuleHandleW
CloseHandle
OpenProcess
VirtualAllocEx
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

PostMessageW
FindWindowW
FindWindowExW
OffsetRect
ClientToScreen
SendMessageW
GetWindowThreadProcessId
RegisterWindowMessageW
PostThreadMessageW
IsWindow
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
SetTimer

shell32

CommandLineToArgvW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

msvcp80

??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PEB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@PEBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@AEBV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@PEB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAA@XZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBA?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEBA?AV?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAAEAV12@PEB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@AEBV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QEAAAEAV01@PEB_W@Z

msvcr80

?terminate@@YAXXZ
_CxxThrowException
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__set_app_type
_fmode
_commode
??3@YAXPEAX@Z
_vscwprintf
memcpy_s
freopen
memmove_s
__iob_func
vswprintf_s
memset
setlocale
??0exception@std@@QEAA@AEBQEBD@Z
fclose
??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@XZ
_purecall
ldiv
?what@exception@std@@UEBAPEBDXZ
_invalid_parameter_noinfo
wcsrchr
??0exception@std@@QEAA@AEBV01@@Z
_wtoi64
_wtoi
??2@YAPEAX_K@Z
__C_specific_handler
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_XcptFilter
_exit
_cexit
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
arkGraphic.dll
.dll windows:4 windows x86 arch:x86

0e9e6bdbc777b921334b4e454e902a1b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e2:20:89:36:74:55:b3:b9:d4:30:da:5c:91:3e:69:65:bb:2e:da:da
Signer

Actual PE Digest

e2:20:89:36:74:55:b3:b9:d4:30:da:5c:91:3e:69:65:bb:2e:da:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\arkGraphic.pdb

Imports

usp10

ScriptFreeCache
ScriptItemize
ScriptShape

kernel32

MultiByteToWideChar
OutputDebugStringA
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentThreadId
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

gdi32

SelectObject
CreateFontIndirectW
SetTextAlign
SetGraphicsMode
GetFontData
ExtTextOutW
GetOutlineTextMetricsW
CreateDIBSection
GetGlyphOutlineW
DeleteDC
CreateCompatibleDC
SetTextColor
DeleteObject
SetWorldTransform
SetBkMode
GdiFlush
GetGlyphIndicesW

msvcr80

printf
memmove
wcsncpy
??2@YAPAXI@Z
??_V@YAXPAX@Z
_CxxThrowException
qsort
malloc
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
_vsnprintf
?terminate@@YAXXZ
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
free
abort
realloc
_purecall
__CxxFrameHandler3
_invalid_parameter_noinfo
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
strlen
memmove_s
memset
memcpy
_vsnprintf_s
??_U@YAPAXI@Z

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

arkBitmapCreate
arkBitmapCreateFromData
arkBitmapDestroy
arkBitmapGetSize
arkBitmapLockBits
arkBitmapPreMultiply
arkBitmapUnlockBits
arkCanvasCalcTextSize
arkCanvasClear
arkCanvasClipPath
arkCanvasClipRect
arkCanvasCreate
arkCanvasCreateFromBitmap
arkCanvasDestroy
arkCanvasDrawBitmap
arkCanvasDrawCircle
arkCanvasDrawColor
arkCanvasDrawEllipse
arkCanvasDrawLine
arkCanvasDrawPath
arkCanvasDrawRectangle
arkCanvasDrawText
arkCanvasDrawTextRect
arkCanvasGetBlendMode
arkCanvasGetBlendValue
arkCanvasGetMapRect
arkCanvasGetStrokeWidth
arkCanvasGetTextSize
arkCanvasLockBits
arkCanvasRestore
arkCanvasRotate
arkCanvasSave
arkCanvasSaveClip
arkCanvasSaveMatrix
arkCanvasScale
arkCanvasSetBitmap
arkCanvasSetBlendMode
arkCanvasSetBlendValue
arkCanvasSetColor
arkCanvasSetDrawStyle
arkCanvasSetFontFaceName
arkCanvasSetFontStyle
arkCanvasSetGradient
arkCanvasSetMapPolygon
arkCanvasSetSmooth
arkCanvasSetStrokeCap
arkCanvasSetStrokeJoin
arkCanvasSetStrokeWidth
arkCanvasSetTextSize
arkCanvasTranslate
arkCanvasUnlockBits
arkGradientAddColorStop
arkGradientCreateLinear
arkGradientCreateRadial
arkGradientDestroy
arkPathAddArc
arkPathAddCircle
arkPathAddEllipse
arkPathAddRectangle
arkPathArcTo
arkPathBegin
arkPathBezierCurveTo
arkPathClose
arkPathCreate
arkPathDestroy
arkPathGetBounds
arkPathLineTo
arkPathMoveTo
arkPathQuadraticCurveTo

Sections

.text
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arkIOStub.dll
.dll windows:4 windows x86 arch:x86

035865c038a769ffb5ad044b5b4c7efa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

43:c3:91:a5:d9:c4:6f:de:6a:18:aa:21:d6:61:70:a3:c6:4c:3e:8f
Signer

Actual PE Digest

43:c3:91:a5:d9:c4:6f:de:6a:18:aa:21:d6:61:70:a3:c6:4c:3e:8f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\arkIOStub.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_malloc_crt
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_encode_pointer
memset
_wfopen
strlen
feof
??2@YAPAXI@Z
fclose
fseek
ftell
fwrite
??3@YAXPAX@Z
fread
__CppXcptFilter

Exports

Exports

arkCreateStub
arkDeleteStub
arkRegisterFS

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arkIPC.dll
.dll windows:4 windows x86 arch:x86

7ea34d0a31bd91b22cc3daac273eb9b2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

49:94:4e:8d:e0:a7:b1:27:ea:10:02:33:58:36:1b:d5:f1:1c:f0:6c
Signer

Actual PE Digest

49:94:4e:8d:e0:a7:b1:27:ea:10:02:33:58:36:1b:d5:f1:1c:f0:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\arkIPC.pdb

Imports

kernel32

DeleteCriticalSection
ReleaseSemaphore
CloseHandle
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
CreateSemaphoreA
WaitForMultipleObjects
EnterCriticalSection
GetTickCount
OpenMutexA
ResumeThread
CreateMutexA
MapViewOfFile
UnmapViewOfFile
GetLastError
OpenFileMappingA
CreateFileMappingA
OpenSemaphoreA
ReleaseMutex
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

msvcr80

memset
??_V@YAXPAX@Z
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
free
_beginthreadex
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_purecall
??0exception@std@@QAE@ABV01@@Z
strnlen
memcpy
??1exception@std@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
_invalid_parameter_noinfo
_encoded_null
strncpy
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_CxxThrowException

Exports

Exports

ChannelClose
ChannelCreate
ChannelDestroy
ChannelGetDisconnect
ChannelGetRecvPacket
ChannelSend
ChannelSendRequest
ChannelSendRequestSync
ChannelSendResponse
ChannelWaitForEvent
CreateSharePacket
DestroySharePacket
IPCCheckActive
IPCCleanup
IPCGetName
IPCIsActive
IPCStartup
IPCTryCleanup
ShareMemoryConnect
ShareMemoryCreate
ShareMemoryDestroy
ShareMemoryDisconnect
ShareMemoryGetData
ShareMemoryGetName
ShareMemoryGetSize
ShareMemoryIsValid
ShareMemoryOpen

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arkImage.dll
.dll windows:4 windows x86 arch:x86

ba767f4fb94e24b9d11bdb8e62d2d34a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

85:ae:a3:26:8a:c3:7c:17:c0:89:ce:0a:9d:02:cc:e6:a3:1b:37:90
Signer

Actual PE Digest

85:ae:a3:26:8a:c3:7c:17:c0:89:ce:0a:9d:02:cc:e6:a3:1b:37:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\arkImage.pdb

Imports

libpng

png_set_write_fn
png_write_end
png_create_write_struct
png_set_compression_strategy
png_set_compression_level
png_destroy_write_struct
png_write_row
png_write_info
png_set_IHDR
png_get_valid
png_set_gray_to_rgb
png_get_color_type
png_read_frame_head
png_destroy_read_struct
png_set_longjmp_fn
png_read_end
png_set_sig_bytes
png_read_update_info
png_set_tRNS_to_alpha
png_set_read_fn
png_set_expand
png_create_info_struct
png_get_io_ptr
png_get_acTL
png_set_interlace_handling
png_error
png_create_read_struct
png_get_image_height
png_get_next_frame_fcTL
png_sig_cmp
png_get_bit_depth
png_set_strip_16
png_set_bgr
png_set_filler
png_read_info
png_read_row
png_get_image_width

libjpegturbo

ord91
ord52
ord103
ord46
ord30
ord86
ord94
ord82
ord53
ord88
ord80
ord83
ord47
ord31
ord92
ord39

msvcr80

_close
_open
_fdopen
_setmode
memcpy
memset
__CxxFrameHandler3
_setjmp3
_invalid_parameter_noinfo
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
fprintf
__iob_func
calloc
fclose
realloc
fread
malloc
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
memcpy_s
??0exception@std@@QAE@ABV01@@Z
longjmp
_CxxThrowException
??2@YAPAXI@Z
??_V@YAXPAX@Z
_purecall
??_U@YAPAXI@Z
memmove_s
strncmp
free

msvcp80

?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ

kernel32

QueryPerformanceCounter
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
InterlockedExchange
Sleep
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess

Exports

Exports

arkCreateDecoder
arkCreateEncoder
arkDestroyDecoder
arkDestroyEncoder
arkGetImageType
arkReadImageFrame
arkReadImageInfo
arkSetActiveFrame
arkWriteImageFrame

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec-ql-54.dll
.dll windows:4 windows x86 arch:x86

d9960794c4ff895f6bfa0a602bf9a764

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

22:29:a9:6e:6b:db:ef:2c:c3:7a:36:1b:98:13:a1:df:b1:43:c9:45
Signer

Actual PE Digest

22:29:a9:6e:6b:db:ef:2c:c3:7a:36:1b:98:13:a1:df:b1:43:c9:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
_assert
_errno
_iob
_isctype
_pctype
abort
atan
atoi
calloc
ceil
cos
exp
fflush
floor
fputc
free
frexp
fwrite
getenv
ldexp
localeconv
malloc
memcmp
memmove
pow
qsort
setlocale
sin
sqrt
sscanf
strchr
strcmp
strncmp
tan
toupper
vfprintf
wcslen

pthreadgc2

pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_join
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

avutil-ql-52

av_crc
av_crc_get_table
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_div_q
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_write
av_fifo_realloc2
av_fifo_size
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_picture_type_char
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_pointers
av_lfg_init
av_log
av_log_get_level
av_malloc
av_mallocz
av_memcpy_backptr
av_mul_q
av_opt_free
av_opt_set
av_opt_set_defaults
av_opt_set_dict
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_realloc
av_reduce
av_rescale_q
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_strdup
av_strlcat
av_vlog
avpriv_float_dsp_init
avpriv_set_systematic_pal2

Exports

Exports

audio_resample
audio_resample_close
av_audio_convert
av_audio_convert_alloc
av_audio_convert_free
av_audio_resample_init
av_bitstream_filter_close
av_bitstream_filter_filter
av_bitstream_filter_init
av_bitstream_filter_next
av_codec_is_decoder
av_codec_is_encoder
av_codec_next
av_dct_calc
av_dct_end
av_dct_init
av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_padded_malloc
av_fast_realloc
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_get_exact_bits_per_sample
av_get_profile_name
av_grow_packet
av_hwaccel_next
av_imdct_calc
av_imdct_half
av_init_packet
av_lockmgr_register
av_log_ask_for_sample
av_log_missing_feature
av_mdct_calc
av_mdct_end
av_mdct_init
av_new_packet
av_packet_get_side_data
av_packet_new_side_data
av_packet_shrink_side_data
av_parser_change
av_parser_close
av_parser_init
av_parser_next
av_parser_parse2
av_picture_copy
av_picture_crop
av_picture_pad
av_rdft_calc
av_rdft_end
av_rdft_init
av_register_bitstream_filter
av_register_codec_parser
av_register_hwaccel
av_resample
av_resample_close
av_resample_compensate
av_resample_init
av_shrink_packet
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_configuration
avcodec_copy_context
avcodec_decode_audio3
avcodec_decode_audio4
avcodec_decode_subtitle2
avcodec_decode_video2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_audio
avcodec_encode_audio2
avcodec_encode_subtitle
avcodec_encode_video
avcodec_encode_video2
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt
avcodec_find_best_pix_fmt2
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_frame
avcodec_get_chroma_sub_sample
avcodec_get_class
avcodec_get_context_defaults3
avcodec_get_edge_width
avcodec_get_frame_defaults
avcodec_get_pix_fmt_loss
avcodec_get_sps_from_h264_context
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_pix_fmt_to_codec_tag
avcodec_register
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
avpriv_aac_parse_header
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_align_put_bits
avpriv_copy_bits
avpriv_copy_pce_data
avpriv_dirac_parse_sequence_header
avpriv_flac_is_extradata_valid
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_lock_avformat
avpriv_mjpeg_bits_ac_chrominance
avpriv_mjpeg_bits_ac_luminance
avpriv_mjpeg_bits_dc_chrominance
avpriv_mjpeg_bits_dc_luminance
avpriv_mjpeg_val_ac_chrominance
avpriv_mjpeg_val_ac_luminance
avpriv_mjpeg_val_dc
avpriv_mpa_bitrate_tab
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_mpv_find_start_code
avpriv_put_string
avpriv_split_xiph_headers
avpriv_toupper4
avpriv_unlock_avformat
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset
avsubtitle_free

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat-ql-54.dll
.dll windows:4 windows x86 arch:x86

8455d305da783fc42c696adaa5b86d90

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3b:f2:ea:d1:a3:17:49:70:81:e0:48:3c:14:95:2d:b0:ae:11:66:27
Signer

Actual PE Digest

3b:f2:ea:d1:a3:17:49:70:81:e0:48:3c:14:95:2d:b0:ae:11:66:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_open
_read
_write
__dllonexit
__mb_cur_max
_assert
_errno
_fstati64
_iob
_isctype
_lseeki64
_pctype
_stati64
_wopen
abort
atoi
bsearch
calloc
fflush
fputc
free
fwrite
getenv
gmtime
localeconv
malloc
memchr
memcmp
memmove
setlocale
sscanf
strchr
strcmp
strcpy
strftime
strncmp
strrchr
strspn
strstr
strtol
toupper
vfprintf
wcslen

avcodec-ql-54

av_destruct_packet
av_dup_packet
av_fast_malloc
av_fast_realloc
av_free_packet
av_get_audio_frame_duration
av_get_bits_per_sample
av_get_codec_tag_string
av_grow_packet
av_init_packet
av_log_ask_for_sample
av_log_missing_feature
av_new_packet
av_packet_new_side_data
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_xiphlacing
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_audio4
avcodec_decode_video2
avcodec_descriptor_get
avcodec_find_decoder
avcodec_free_frame
avcodec_get_frame_defaults
avcodec_is_open
avcodec_open2
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avpriv_ac3_channel_layout_tab
avpriv_ac3_parse_header
avpriv_dirac_parse_sequence_header
avpriv_flac_parse_block_header
avpriv_flac_parse_streaminfo
avpriv_mpa_decode_header
avpriv_mpa_freq_tab
avpriv_mpeg4audio_get_config
avpriv_mpeg4audio_sample_rates
avpriv_mpegaudio_decode_header
avpriv_toupper4
avpriv_vorbis_parse_extradata
avpriv_vorbis_parse_frame
avpriv_vorbis_parse_reset

avutil-ql-52

av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_d2q
av_default_item_name
av_des_crypt
av_des_init
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_div_q
av_free
av_freep
av_gcd
av_get_channel_layout_nb_channels
av_gettime
av_log
av_lzo1x_decode
av_malloc
av_mallocz
av_opt_free
av_opt_set_defaults
av_opt_set_dict
av_parse_video_rate
av_rc4_crypt
av_rc4_init
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_strcasecmp
av_strdup
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_usleep

Exports

Exports

av_add_index_entry
av_append_packet
av_close_input_file
av_codec_get_id
av_codec_get_tag
av_convert_lang_to
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_get_frame_filename
av_get_packet
av_gettime@LIBAVFORMAT_54
av_guess_codec
av_guess_format
av_hex_dump
av_hex_dump_log
av_iformat_next
av_index_search_timestamp
av_interleave_packet_per_dts
av_interleaved_write_frame
av_match_ext
av_new_program
av_oformat_next
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_format
av_probe_input_format2
av_read_frame
av_read_packet
av_read_pause
av_read_play
av_register_all
av_register_input_format
av_register_output_format
av_register_protocol
av_sdp_create
av_seek_frame
av_url_split
av_write_frame
av_write_trailer
avformat_alloc_context
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_free_context
avformat_get_class
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_license
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_seek_file
avformat_version
avformat_write_header
avio_alloc_context
avio_check
avio_close
avio_close_dyn_buf
avio_closep
avio_enum_protocols
avio_flush
avio_get_str
avio_get_str16be
avio_get_str16le
avio_open
avio_open2
avio_open_dyn_buf
avio_pause
avio_printf
avio_put_str
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avpriv_new_chapter
avpriv_set_pts_info

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avresample-ql-1.dll
.dll windows:4 windows x86 arch:x86

03524759bdf0648b2b443018896281dd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

64:da:a8:cb:f7:7d:6a:3d:40:1f:ed:67:b7:ea:68:e9:68:39:7f:79
Signer

Actual PE Digest

64:da:a8:cb:f7:7d:6a:3d:40:1f:ed:67:b7:ea:68:e9:68:39:7f:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__mb_cur_max
_errno
_iob
abort
atoi
calloc
ceil
cos
fflush
fputc
free
fwrite
getenv
localeconv
malloc
memmove
setlocale
sin
sqrt
strchr
vfprintf
wcslen

avutil-ql-52

av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_size
av_audio_fifo_write
av_default_item_name
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_packed_sample_fmt
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_lfg_init
av_log
av_malloc
av_mallocz
av_opt_free
av_opt_set_defaults
av_reduce
av_sample_fmt_is_planar
av_samples_alloc
av_samples_fill_arrays
av_samples_get_buffer_size

Exports

Exports

avresample_alloc_context
avresample_available
avresample_build_matrix
avresample_close
avresample_configuration
avresample_convert
avresample_free
avresample_get_class
avresample_get_delay
avresample_get_matrix
avresample_license
avresample_open
avresample_read
avresample_set_compensation
avresample_set_matrix
avresample_version

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 551B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-ql-52.dll
.dll windows:4 windows x86 arch:x86

819c8b24cd8c0b6cbff37d713a2a96a0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:7a:8c:34:f8:db:1e:7f:a9:66:6e:b9:f6:37:c6:a3:60:0f:f5:e9
Signer

Actual PE Digest

7c:7a:8c:34:f8:db:1e:7f:a9:66:6e:b9:f6:37:c6:a3:60:0f:f5:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
GetConsoleScreenBufferInfo
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MapViewOfFile
MultiByteToWideChar
SetConsoleTextAttribute
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_fstat
_isatty
_open
_read
__dllonexit
__mb_cur_max
_assert
_errno
_get_osfhandle
_iob
_isctype
_pctype
abort
acos
asin
atan
atoi
bsearch
calloc
ceil
clock
cos
cosh
exp
fflush
floor
fputc
fputs
free
frexp
fwrite
getenv
gmtime
ldexp
localeconv
localtime
log
malloc
memcmp
mktime
pow
realloc
setlocale
sin
sinh
sqrt
strchr
strcmp
strncmp
strrchr
strspn
strtod
strtol
strtoul
tan
tanh
time
toupper
vfprintf
wcslen

Exports

Exports

av_add_q
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_init
av_aes_size
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_channel_layout_extract_channel
av_compare_mod
av_compare_ts
av_crc
av_crc_get_table
av_crc_init
av_ctz
av_d2q
av_d2str
av_dbl2ext
av_dbl2int
av_default_item_name
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_set
av_dirname
av_div_q
av_evaluate_lls
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_ext2dbl
av_fifo_alloc
av_fifo_drain
av_fifo_free
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_find_info_tag
av_find_nearest_q_idx
av_flt2int
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_packed_sample_fmt
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_token
av_gettime
av_image_alloc
av_image_check_size
av_image_copy
av_image_copy_plane
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_pointers
av_image_get_linesize
av_init_lls
av_int2dbl
av_int2flt
av_lfg_init
av_log
av_log2
av_log2_16bit
av_log_default_callback
av_log_get_level
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_mallocz
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_mul_q
av_nearer_q
av_opt_child_class_next
av_opt_child_next
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_get
av_opt_get_double
av_opt_get_int
av_opt_get_q
av_opt_next
av_opt_set
av_opt_set_bin
av_opt_set_defaults
av_opt_set_dict
av_opt_set_double
av_opt_set_int
av_opt_set_q
av_opt_show2
av_parse_color
av_parse_cpu_flags
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_descriptors
av_pix_fmt_get_chroma_sub_sample
av_rc4_crypt
av_rc4_init
av_read_image_line
av_realloc
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_reverse
av_sample_fmt_is_planar
av_samples_alloc
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_cpu_flags_mask
av_set_options_string
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_solve_lls
av_strcasecmp
av_strdup
av_strerror
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strstart
av_strtod
av_sub_q
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_tree_node_size
av_update_lls
av_usleep
av_vlog
av_write_image_line
av_xtea_crypt
av_xtea_init
avpriv_float_dsp_init
avpriv_set_systematic_pal2
avutil_configuration
avutil_license
avutil_version

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cabarc.exe
.exe windows:5 windows x86 arch:x86

286c4a73c9ae31fbedb2b4e12f8feb6c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d1:f3:87:c6:f9:55:24:c6:22:99:be:bd:07:39:57:fb:81:86:b3:55
Signer

Actual PE Digest

d1:f3:87:c6:f9:55:24:c6:22:99:be:bd:07:39:57:fb:81:86:b3:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
FileTimeToLocalFileTime
CloseHandle
GetFileInformationByHandle
GetLastError
CreateFileA
CreateDirectoryA
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
LocalAlloc
LocalFree
ReadFile
WriteFile
SetFilePointer
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

msvcrt

printf
toupper
_strnicmp
_stricmp
isdigit
atoi
exit
_vsnprintf
strrchr
free
_tempnam
strchr
rand
srand
time
strncpy
memmove
_getch
isspace
fclose
fgets
fopen
malloc
_c_exit
_exit
_XcptFilter
_cexit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jgIOStub.dll
.dll windows:4 windows x86 arch:x86

035865c038a769ffb5ad044b5b4c7efa

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:46:db:66:9f:08:99:c3:d8:c6:bd:c9:52:24:cd:45:21:66:65:c7
Signer

Actual PE Digest

02:46:db:66:9f:08:99:c3:d8:c6:bd:c9:52:24:cd:45:21:66:65:c7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\HummerSDK_Music\Output\PdbFinal\jgIOStub.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_malloc_crt
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_encode_pointer
memset
_wfopen
strlen
feof
??2@YAPAXI@Z
fclose
fseek
ftell
fwrite
??3@YAXPAX@Z
fread
__CppXcptFilter

Exports

Exports

jgCreateStub
jgDeleteStub
jgRegisterFS

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jgImage.dll
.dll windows:4 windows x86 arch:x86

1248a4640f38674a23b216c2377bd3d6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:f3:bb:24:36:03:ac:4b:f2:4e:b3:3c:9a:6b:2a:0c:59:25:de:67
Signer

Actual PE Digest

ee:f3:bb:24:36:03:ac:4b:f2:4e:b3:3c:9a:6b:2a:0c:59:25:de:67

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\HummerSDK_Music\Output\PdbFinal\jgImage.pdb

Imports

libpng

png_set_compression_level
png_set_compression_strategy
png_write_row
png_destroy_write_struct
png_write_info
png_set_IHDR
png_set_write_fn
png_write_end
png_create_write_struct
png_destroy_read_struct
png_set_expand
png_set_tRNS_to_alpha
png_set_interlace_handling
png_error
png_set_bgr
png_set_filler
png_read_row
png_get_valid
png_set_gray_to_rgb
png_set_longjmp_fn
png_read_end
png_read_update_info
png_set_read_fn
png_create_info_struct
png_create_read_struct
png_set_strip_16
png_read_info

libjpegturbo

ord86
ord49
ord98
ord84
ord43
ord30
ord81
ord89
ord77
ord50
ord75
ord78
ord44
ord31
ord87

msvcr80

_open
_fdopen
_setmode
_setjmp3
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_close
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
??2@YAPAXI@Z
??3@YAXPAX@Z
??_U@YAPAXI@Z
memset
??_V@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
memcpy
??1exception@std@@UAE@XZ
abs
strlen
??0exception@std@@QAE@XZ
_purecall
??0exception@std@@QAE@ABQBD@Z
memmove_s
_CxxThrowException
_invalid_parameter_noinfo
strncmp
longjmp
free
malloc
fread
realloc
fclose
calloc
__iob_func
fprintf
_encode_pointer
_malloc_crt

msvcp80

?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

kernel32

IsDebuggerPresent
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep

Exports

Exports

GetAnimCurrFrame
SetAnimCurrFrame
jgCreateAnim
jgCreateDecoder
jgCreateEncoder
jgDestroyDecoder
jgDestroyEncoder
jgGetAnimFrameCount
jgGetAnimKeyFrameTime
jgGetAnimLength
jgGetAnimSize
jgReadImageFrame
jgReadImageInfo
jgReleaseAnim
jgSetAnimLoop
jgUpdateAnim
jgWriteImageFrame

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libHevc.dll
.dll windows:4 windows x86 arch:x86

915cdc74386b8abd1ae7b522ec24ce2b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

95:a5:41:59:b6:3f:f0:cb:8e:8c:58:31:65:fe:9d:af:ff:f4:61:6f
Signer

Actual PE Digest

95:a5:41:59:b6:3f:f0:cb:8e:8c:58:31:65:fe:9d:af:ff:f4:61:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
InterlockedCompareExchange
LeaveCriticalSection
LoadLibraryW
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_close
_isatty
_open
_read
__dllonexit
__setusermatherr
_amsg_exit
_beginthreadex
_errno
_initterm
_iob
_lock
_onexit
_unlock
_vsnprintf
abort
acos
asin
atan
bsearch
calloc
ceil
clock
cosh
floor
fprintf
fputs
free
fwrite
getenv
gmtime
islower
isspace
isupper
localeconv
localtime
malloc
memcmp
memcpy
memset
mktime
realloc
sinh
strchr
strcmp
strlen
strncmp
strrchr
strspn
strtol
strtoul
tan
tanh
time
toupper
vfprintf

Exports

Exports

av_free
av_free_packet
av_init_packet
av_malloc
av_parser_init
avcodec_alloc_context3
avcodec_alloc_frame
avcodec_close
avcodec_decode_video2
avcodec_find_decoder
avcodec_flush_buffers
avcodec_free_frame
avcodec_get_frame_defaults
avcodec_open2
avcodec_register_all

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 471B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcef.dll
.dll windows:5 windows x86 arch:x86

85a27f4cd6b68cce9e4a21cf2b1eeff5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ec:2d:6e:52:93:5d:bd:34:f9:e0:9d:66:1b:81:ca:f2:48:fe:9c:e3
Signer

Actual PE Digest

ec:2d:6e:52:93:5d:bd:34:f9:e0:9d:66:1b:81:ca:f2:48:fe:9c:e3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\cef_proj\trunk\src\cef\Release\libcef.pdb

Imports

kernel32

GetProcAddress
lstrcmpiW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetFileAttributesW
GetCurrentProcessId
GetLocaleInfoW
WideCharToMultiByte
GetACP
GlobalSize
Sleep
GetPrivateProfileStringW
TlsAlloc
TlsGetValue
TlsSetValue
GetVersionExW
CreateMutexW
CloseHandle
WaitForSingleObject
ReleaseMutex
DuplicateHandle
GetCurrentThread
GetCurrentProcess
LoadLibraryA
GetSystemDirectoryA
GetModuleHandleW
GetModuleHandleA
LocalFree
FormatMessageW
CancelIo
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
ReadFile
WriteFile
SetEndOfFile
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
RemoveDirectoryW
MoveFileExW
CreateFileW
SetFilePointer
SetThreadPriority
CreateEventW
SetEvent
WaitForMultipleObjects
RegisterWaitForSingleObject
ResetEvent
UnregisterWaitEx
QueryPerformanceFrequency
QueryPerformanceCounter
ExpandEnvironmentStringsW
LoadLibraryW
GetTickCount
SetLastError
CreateProcessW
OutputDebugStringA
FormatMessageA
SetUnhandledExceptionFilter
LockResource
FileTimeToSystemTime
FileTimeToLocalFileTime
ReplaceFileW
CopyFileW
GetFileAttributesExW
SetCurrentDirectoryW
CreateDirectoryW
GetCurrentDirectoryW
GetLongPathNameW
GetFileSize
GetLogicalDriveStringsW
GetEnvironmentVariableW
VirtualFree
VirtualAlloc
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
GetCommandLineW
CreateThread
IsDebuggerPresent
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GetSystemTimeAsFileTime
SystemTimeToFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetNativeSystemInfo
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
SetFileTime
GetFileInformationByHandle
QueueUserWorkItem
GetStdHandle
GetLastError
GetSystemInfo
TerminateProcess
ResumeThread
AssignProcessToJobObject
TlsFree
GetSystemDirectoryW
GetWindowsDirectoryW
RtlCaptureStackBackTrace
UnhandledExceptionFilter
HeapFree
GetCommandLineA
HeapAlloc
HeapReAlloc
RtlUnwind
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
ExitThread
ExitProcess
GetConsoleCP
GetConsoleMode
GetFullPathNameW
GetProcessHeap
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
HeapDestroy
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSize
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetDateFormatW
GetTimeFormatW
GetNumberFormatW
GetCurrencyFormatW
GetThreadLocale
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
InterlockedExchangeAdd
GetModuleFileNameW
RaiseException
lstrlenW
InterlockedExchange
InterlockedCompareExchange
GetTempPathW
GetTempFileNameW
OutputDebugStringW
GlobalAlloc
VirtualQuery
GlobalAddAtomW
GlobalDeleteAtom
VirtualProtect
lstrcmpiA
GetTempFileNameA
GetTempPathA
GetModuleHandleExW
ReleaseSemaphore
CreateSemaphoreW
OpenThread
GetThreadTimes
DeleteFileA
IsBadWritePtr
CreateSemaphoreA
GetThreadContext
SuspendThread
AreFileApisANSI
UnlockFile
LockFile
LockFileEx
UnlockFileEx
GetFileAttributesA
GetSystemTime
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetVolumeInformationA
GetComputerNameA
GetLogicalDrives
GlobalMemoryStatus
CreateFileMappingA
MoveFileA
CreateDirectoryA
GetEnvironmentVariableA
GetUserDefaultLangID
LocalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetFileAttributesA
InterlockedDecrement
GetModuleFileNameA
InterlockedIncrement

winhttp

WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpOpen
WinHttpSetTimeouts
WinHttpGetIEProxyConfigForCurrentUser

urlmon

CoInternetCreateSecurityManager

iphlpapi

NotifyAddrChange
GetAdaptersAddresses
CancelIPChangeNotify

secur32

InitializeSecurityContextW
DecryptMessage
EncryptMessage
QueryContextAttributesW
FreeContextBuffer
DeleteSecurityContext
FreeCredentialsHandle
QuerySecurityPackageInfoW
AcquireCredentialsHandleW

crypt32

CertRDNValueToStrW
CertOpenSystemStoreW
CertFindChainInStore
CertGetIntendedKeyUsage
CertVerifyTimeValidity
CertCreateCertificateChainEngine
CryptAcquireCertificatePrivateKey
CertAddEncodedCertificateToStore
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertFreeCertificateChain
CertOpenStore
CertDuplicateCertificateContext
CryptDecodeObjectEx
CertFindExtension
CertAddCertificateContextToStore
CertCloseStore
CertGetCertificateContextProperty
CertSerializeCertificateStoreElement
CertGetPublicKeyLength
CryptFindOIDInfo
CryptHashCertificate
CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertAddSerializedElementToStore
CertSetCertificateContextProperty

setupapi

SetupDiGetDeviceInstallParamsW
SetupDiEnumDeviceInterfaces
SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoW
SetupDiDestroyDriverInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiSetDeviceInstallParamsW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

msimg32

AlphaBlend

ws2_32

closesocket
WSASetLastError
ntohs
getservbyport
gethostbyaddr
htons
select
WSAEnumNetworkEvents
WSAResetEvent
WSAGetOverlappedResult
recvfrom
connect
accept
send
recv
getsockopt
WSASend
__WSAFDIsSet
sendto
ioctlsocket
socket
WSAStartup
listen
bind
getsockname
getnameinfo
freeaddrinfo
ntohl
getaddrinfo
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
WSACloseEvent
WSACreateEvent
WSARecvFrom
WSASendTo
getpeername
WSALookupServiceEnd
WSALookupServiceNextW
WSALookupServiceBeginW
shutdown
setsockopt
WSAIoctl
WSASocketW
WSAEventSelect
WSARecv

usp10

ScriptXtoCP
ScriptGetFontProperties
ScriptPlace
ScriptItemize
ScriptFreeCache
ScriptJustify
ScriptCPtoX
ScriptShape

psapi

GetProcessMemoryInfo

winmm

waveInGetDevCapsW
waveInReset
waveInStart
waveInOpen
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader
waveOutClose
waveOutReset
waveOutPause
waveOutRestart
waveOutOpen
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveInMessage
waveInGetNumDevs
waveOutGetNumDevs
timeEndPeriod
timeBeginPeriod
timeGetTime
waveInClose

shlwapi

UrlCreateFromPathW
PathIsUNCW
PathFileExistsW
PathFindFileNameW
PathRemoveExtensionW
PathFindExtensionW
PathIsUNCA
UrlCreateFromPathA
PathFileExistsA
PathGetCharTypeW

comctl32

InitCommonControlsEx

imm32

ImmGetContext
ImmGetProperty
ImmGetCompositionStringA
ImmSetOpenStatus
ImmIsIME
ImmSetCandidateWindow
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContextEx

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

CallNextHookEx
ScreenToClient
ClientToScreen
PeekMessageW
TranslateMessage
DispatchMessageW
KillTimer
MessageBoxW
MapWindowPoints
CreatePopupMenu
TrackPopupMenu
DestroyMenu
SetWindowRgn
SetParent
SetWindowLongW
IsWindowEnabled
GetWindowLongW
ShowWindow
InsertMenuItemW
DrawTextW
SetFocus
wsprintfW
SetWindowPos
MoveWindow
IsWindowVisible
GetAncestor
EnableWindow
GetWindowRect
PtInRect
BeginPaint
EndPaint
UpdateWindow
SetCapture
GetFocus
PostThreadMessageW
GetCapture
ReleaseCapture
ScrollDC
TrackMouseEvent
InvalidateRect
SetCursor
LoadCursorW
RegisterClassExW
DefWindowProcW
NotifyWinEvent
GetKeyState
IsWindow
CreateWindowExW
GetClientRect
PostMessageW
EnumChildWindows
SendMessageW
DestroyWindow
MonitorFromWindow
GetClassNameW
UnhookWindowsHookEx
GetMonitorInfoW
AttachThreadInput
SetWindowsHookExW
CharNextW
GetKeyboardLayout
DestroyCaret
UnregisterClassW
PostQuitMessage
CallMsgFilterW
MsgWaitForMultipleObjectsEx
GetQueueStatus
WaitMessage
SetTimer
GetCursorPos
LoadIconW
GetWindowThreadProcessId
GetParent
CharUpperW
GetAsyncKeyState
SystemParametersInfoW
GetSystemMetrics
GetDoubleClickTime
GetMessageTime
EnumDisplaySettingsW
GetSysColor
FillRect
GetClipboardData
IsClipboardFormatAvailable
InvertRect
DrawEdge
GetSysColorBrush
FrameRect
InflateRect
DrawFocusRect
DrawFrameControl
IntersectRect
MessageBeep
GetCaretBlinkTime
RegisterClassW
SetCaretPos
EnumThreadWindows
RealGetWindowClassW
RegisterWindowMessageW
RedrawWindow
RemovePropW
CallWindowProcW
SendInput
SetPropW
DefWindowProcA
SetWindowLongA
GetPropW
GetClipboardSequenceNumber
GetDC
ReleaseDC
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
RegisterClipboardFormatW
GetCursor
CreateIconIndirect
DestroyIcon
CreateCaret
SetClassLongW

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
SetDIBitsToDevice
CreateDIBSection
GetObjectW
GetTextMetricsW
CreateFontW
GetTextFaceW
IntersectClipRect
GetStockObject
GdiAlphaBlend
SetDCPenColor
SetDCBrushColor
SetBkColor
SetArcDirection
SetBrushOrgEx
SetStretchBltMode
SetWorldTransform
EndPath
AbortPath
PolyBezier
BeginPath
SetPolyFillMode
PathToRegion
CreateRectRgnIndirect
GetTextColor
ExtTextOutW
CreateSolidBrush
SetMiterLimit
SetRectRgn
CombineRgn
SetGraphicsMode
SaveDC
RestoreDC
CreateFontIndirectW
SelectObject
SetTextColor
SetBkMode
SetAbortProc
StartDocW
CreateDCW
EndDoc
EndPage
StartPage
CreateBitmap
SetDIBits
SetPixelFormat
ChoosePixelFormat
SwapBuffers
RemoveFontMemResourceEx
EnumFontFamiliesW
EnumFontFamiliesExW
DeleteDC
CreateRectRgn
GetClipRgn
OffsetRgn
SelectClipRgn
SetViewportOrgEx
GetCharWidthI
GetWorldTransform
GetObjectType
StretchBlt
SetROP2
GetDeviceCaps
AddFontMemResourceEx
ExtCreatePen
CreatePen
GetCurrentObject
StretchDIBits
GetStretchBltMode
Rectangle
StrokePath
StrokeAndFillPath
BitBlt
GdiFlush
GetFontUnicodeRanges
SetTextAlign
GetGlyphOutlineW
GetFontData
GetGlyphIndicesW
GetOutlineTextMetricsW
DeleteObject

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterW
ord203

comdlg32

GetOpenFileNameW
PrintDlgExW
GetSaveFileNameW

advapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
CryptHashData
CryptImportKey
CryptGenKey
CryptExportKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
CryptAcquireContextW
CryptGetUserKey
RegEnumKeyExW
CryptContextAddRef
RegQueryValueExW
CryptGetKeyParam
RegNotifyChangeKeyValue
ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
CreateProcessAsUserW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
CryptCreateHash
CryptReleaseContext
CryptDestroyKey
CryptDestroyHash
CryptSignHashW
CryptSetHashParam
CryptGetHashParam

ole32

CoInitialize
CoUninitialize
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
RegisterDragDrop
OleDuplicateData
CoCreateGuid
ReleaseStgMedium
CoInitializeEx
PropVariantClear
OleInitialize
OleUninitialize

oleaut32

LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
SysFreeString
VarUI4FromStr

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

cef_add_cross_origin_whitelist_entry
cef_browser_create
cef_browser_create_sync
cef_build_revision
cef_cache_doom_all
cef_call_v8gc
cef_clear_cross_origin_whitelist
cef_clear_scheme_handler_factories
cef_command_line_create
cef_cookie_manager_create_manager
cef_cookie_manager_get_global_manager
cef_create_url
cef_currently_on
cef_delete_storage
cef_disk_cache_manager_get_global_manager
cef_do_message_loop_work
cef_do_message_loop_work_with_dispatcher
cef_end_inner_message_pump
cef_get_max_sockets_per_group
cef_get_user_agent
cef_get_web_plugin_count
cef_get_web_plugin_info
cef_get_web_plugin_info_byname
cef_initialize
cef_is_missing_plugin_text_empty
cef_parse_url
cef_post_data_create
cef_post_data_element_create
cef_post_delayed_task
cef_post_task
cef_quit_message_loop
cef_refresh_plugins
cef_register_client_scheme
cef_register_custom_scheme
cef_register_extension
cef_register_plugin
cef_register_scheme_handler_factory
cef_remove_cross_origin_whitelist_entry
cef_request_create
cef_run_message_loop
cef_set_dns_item
cef_set_gif_frame_limit
cef_set_max_sockets_per_group
cef_set_storage
cef_set_storage_path
cef_set_user_agent
cef_shutdown
cef_start_inner_message_pump
cef_stream_reader_create_for_data
cef_stream_reader_create_for_file
cef_stream_reader_create_for_handler
cef_stream_writer_create_for_file
cef_stream_writer_create_for_handler
cef_string_ascii_to_utf16
cef_string_ascii_to_wide
cef_string_list_alloc
cef_string_list_append
cef_string_list_clear
cef_string_list_copy
cef_string_list_free
cef_string_list_size
cef_string_list_value
cef_string_map_alloc
cef_string_map_append
cef_string_map_clear
cef_string_map_find
cef_string_map_free
cef_string_map_key
cef_string_map_size
cef_string_map_value
cef_string_multimap_alloc
cef_string_multimap_append
cef_string_multimap_clear
cef_string_multimap_enumerate
cef_string_multimap_find_count
cef_string_multimap_free
cef_string_multimap_key
cef_string_multimap_size
cef_string_multimap_value
cef_string_userfree_utf16_alloc
cef_string_userfree_utf16_free
cef_string_userfree_utf8_alloc
cef_string_userfree_utf8_free
cef_string_userfree_wide_alloc
cef_string_userfree_wide_free
cef_string_utf16_clear
cef_string_utf16_cmp
cef_string_utf16_set
cef_string_utf16_to_utf8
cef_string_utf16_to_wide
cef_string_utf8_clear
cef_string_utf8_cmp
cef_string_utf8_set
cef_string_utf8_to_utf16
cef_string_utf8_to_wide
cef_string_wide_clear
cef_string_wide_cmp
cef_string_wide_set
cef_string_wide_to_utf16
cef_string_wide_to_utf8
cef_time_from_doublet
cef_time_from_timet
cef_time_to_doublet
cef_time_to_timet
cef_v8context_get_current_context
cef_v8context_get_entered_context
cef_v8context_in_context
cef_v8value_create_array
cef_v8value_create_bool
cef_v8value_create_date
cef_v8value_create_double
cef_v8value_create_function
cef_v8value_create_int
cef_v8value_create_null
cef_v8value_create_object_with_accessor
cef_v8value_create_string
cef_v8value_create_undefined
cef_visit_storage
cef_web_urlrequest_create
cef_xml_reader_create
cef_zip_reader_create

Sections

.text
Size: 15.6MB - Virtual size: 15.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 408KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 765KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libexpatw.dll
.dll windows:4 windows x86 arch:x86

000e7416bde1d6f083e2d66405b37109

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

35:1a:33:4a:01:e3:13:3e:62:c1:b7:7e:01:5e:a5:c6:2e:40:81:b4
Signer

Actual PE Digest

35:1a:33:4a:01:e3:13:3e:62:c1:b7:7e:01:5e:a5:c6:2e:40:81:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ThirdParty\pdb\release\libexpatw.pdb

Imports

msvcr80

__clean_type_info_names_internal
_unlock
_crt_debugger_hook
_lock
_onexit
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
free
memmove
realloc
__dllonexit
malloc
memcpy
memset

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

XML_DefaultCurrent
XML_ErrorString
XML_ExpatVersion
XML_ExpatVersionInfo
XML_ExternalEntityParserCreate
XML_FreeContentModel
XML_GetBase
XML_GetBuffer
XML_GetCurrentByteCount
XML_GetCurrentByteIndex
XML_GetCurrentColumnNumber
XML_GetCurrentLineNumber
XML_GetErrorCode
XML_GetFeatureList
XML_GetIdAttributeIndex
XML_GetInputContext
XML_GetParsingStatus
XML_GetSpecifiedAttributeCount
XML_MemFree
XML_MemMalloc
XML_MemRealloc
XML_Parse
XML_ParseBuffer
XML_ParserCreate
XML_ParserCreateNS
XML_ParserCreate_MM
XML_ParserFree
XML_ParserReset
XML_ResumeParser
XML_SetAttlistDeclHandler
XML_SetBase
XML_SetCdataSectionHandler
XML_SetCharacterDataHandler
XML_SetCommentHandler
XML_SetDefaultHandler
XML_SetDefaultHandlerExpand
XML_SetDoctypeDeclHandler
XML_SetElementDeclHandler
XML_SetElementHandler
XML_SetEncoding
XML_SetEndCdataSectionHandler
XML_SetEndDoctypeDeclHandler
XML_SetEndElementHandler
XML_SetEndNamespaceDeclHandler
XML_SetEntityDeclHandler
XML_SetExternalEntityRefHandler
XML_SetExternalEntityRefHandlerArg
XML_SetNamespaceDeclHandler
XML_SetNotStandaloneHandler
XML_SetNotationDeclHandler
XML_SetParamEntityParsing
XML_SetProcessingInstructionHandler
XML_SetReturnNSTriplet
XML_SetSkippedEntityHandler
XML_SetStartCdataSectionHandler
XML_SetStartDoctypeDeclHandler
XML_SetStartElementHandler
XML_SetStartNamespaceDeclHandler
XML_SetUnknownEncodingHandler
XML_SetUnparsedEntityDeclHandler
XML_SetUserData
XML_SetXmlDeclHandler
XML_StopParser
XML_UseForeignDTD
XML_UseParserAsHandlerArg

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libjpegturbo.dll
.dll windows:4 windows x86 arch:x86

0faae8b3db4acc6d43ba0d41656ffa73

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:7b:2d:49:21:07:f0:52:3e:5a:e5:bf:b3:f9:de:a1:93:16:5f:1d
Signer

Actual PE Digest

65:7b:2d:49:21:07:f0:52:3e:5a:e5:bf:b3:f9:de:a1:93:16:5f:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ThirdParty\pdb\release\libjpegturbo.pdb

Imports

msvcr80

_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_encoded_null
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_malloc_crt
_encode_pointer
sscanf
__iob_func
sprintf
exit
fprintf
fread
fwrite
ferror
fflush
malloc
free
_crt_debugger_hook
getenv
memset
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

jcopy_block_row
jcopy_sample_rows
jdiv_round_up
jinit_1pass_quantizer
jinit_2pass_quantizer
jinit_c_coef_controller
jinit_c_main_controller
jinit_c_master_control
jinit_c_prep_controller
jinit_color_converter
jinit_color_deconverter
jinit_compress_master
jinit_d_coef_controller
jinit_d_main_controller
jinit_d_post_controller
jinit_downsampler
jinit_forward_dct
jinit_huff_decoder
jinit_huff_encoder
jinit_input_controller
jinit_inverse_dct
jinit_marker_reader
jinit_marker_writer
jinit_master_decompress
jinit_memory_mgr
jinit_merged_upsampler
jinit_phuff_decoder
jinit_phuff_encoder
jinit_upsampler
jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_abort
jpeg_abort_compress
jpeg_abort_decompress
jpeg_add_quant_table
jpeg_alloc_huff_table
jpeg_alloc_quant_table
jpeg_calc_jpeg_dimensions
jpeg_calc_output_dimensions
jpeg_consume_input
jpeg_copy_critical_parameters
jpeg_core_output_dimensions
jpeg_default_colorspace
jpeg_default_qtables
jpeg_destroy
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_fdct_float
jpeg_fdct_ifast
jpeg_fdct_islow
jpeg_fill_bit_buffer
jpeg_finish_compress
jpeg_finish_decompress
jpeg_finish_output
jpeg_free_large
jpeg_free_small
jpeg_gen_optimal_table
jpeg_get_large
jpeg_get_small
jpeg_has_multiple_scans
jpeg_huff_decode
jpeg_idct_1x1
jpeg_idct_2x2
jpeg_idct_4x4
jpeg_idct_float
jpeg_idct_ifast
jpeg_idct_islow
jpeg_input_complete
jpeg_make_c_derived_tbl
jpeg_make_d_derived_tbl
jpeg_mem_available
jpeg_mem_dest
jpeg_mem_init
jpeg_mem_src
jpeg_mem_term
jpeg_new_colormap
jpeg_open_backing_store
jpeg_quality_scaling
jpeg_read_coefficients
jpeg_read_header
jpeg_read_raw_data
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_save_markers
jpeg_set_colorspace
jpeg_set_defaults
jpeg_set_linear_quality
jpeg_set_marker_processor
jpeg_set_quality
jpeg_simple_progression
jpeg_start_compress
jpeg_start_decompress
jpeg_start_output
jpeg_std_error
jpeg_stdio_dest
jpeg_stdio_src
jpeg_suppress_tables
jpeg_write_coefficients
jpeg_write_m_byte
jpeg_write_m_header
jpeg_write_marker
jpeg_write_raw_data
jpeg_write_scanlines
jpeg_write_tables
jround_up
jzero_far

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libpng.dll
.dll windows:4 windows x86 arch:x86

11956b0c2bd4d57cf1fa6a23d5da7d02

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

da:50:ff:db:a8:e0:43:a0:4d:65:ec:6b:a4:4e:73:d1:9c:3a:89:fa
Signer

Actual PE Digest

da:50:ff:db:a8:e0:43:a0:4d:65:ec:6b:a4:4e:73:d1:9c:3a:89:fa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ThirdParty\pdb\release\libpng.pdb

Imports

zlib

deflateInit2_
deflateReset
deflateEnd
deflate
inflateInit_
inflateEnd
inflate
crc32
inflateReset

msvcr80

fread
strtod
fflush
fwrite
_gmtime64
_encode_pointer
_malloc_crt
longjmp
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
_setjmp3
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
malloc
free
abort
_snprintf
memcpy
memset
_CIpow
_encoded_null
__CppXcptFilter

kernel32

DisableThreadLibraryCalls
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

png_access_version_number
png_build_grayscale_palette
png_calloc
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_acTL
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_first_frame_is_hidden
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_interlace_type
png_get_io_chunk_name
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_next_frame_blend_op
png_get_next_frame_delay_den
png_get_next_frame_delay_num
png_get_next_frame_dispose_op
png_get_next_frame_fcTL
png_get_next_frame_height
png_get_next_frame_width
png_get_next_frame_x_offset
png_get_next_frame_y_offset
png_get_num_frames
png_get_num_plays
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pixel_aspect_ratio
png_get_pixels_per_meter
png_get_progressive_ptr
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_31
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_meter
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_process_data
png_progressive_combine_row
png_read_end
png_read_frame_head
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_acTL
png_set_add_alpha
png_set_bKGD
png_set_background
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_first_frame_is_hidden
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_next_frame_fcTL
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_progressive_frame_fn
png_set_progressive_read_fn
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_frame_head
png_write_frame_tail
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
locales/zh-CN.pak
lua.dll
.dll windows:4 windows x86 arch:x86

d720963504b3c30acda465fb8d8e4284

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d8:13:f0:9b:25:aa:5d:89:76:33:74:99:98:6f:df:46:dc:f2:16:63
Signer

Actual PE Digest

d8:13:f0:9b:25:aa:5d:89:76:33:74:99:98:6f:df:46:dc:f2:16:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ThirdParty\pdb\release\lua.pdb

Imports

kernel32

GetModuleFileNameA
FormatMessageA
GetLastError
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

free
fprintf
strstr
fputs
isspace
strtoul
_CIpow
floor
fgets
__CxxFrameHandler3
exit
_CxxThrowException
_pclose
_popen
tmpfile
fscanf
clearerr
fwrite
ftell
fseek
setvbuf
fflush
iscntrl
localeconv
isalnum
isdigit
isalpha
_CIsin
_CIsinh
_CIcos
_CIcosh
_CItan
_CItanh
_CIasin
_CIacos
_CIatan
_CIatan2
ceil
_CIfmod
modf
_CIsqrt
_CIlog
_CIlog10
_CIexp
frexp
realloc
rand
srand
_HUGE
strrchr
getenv
strtod
sprintf
strncat
strcspn
strncpy
_difftime64
_gmtime64
_localtime64
_mktime64
_time64
system
remove
rename
tmpnam
clock
strftime
setlocale
tolower
toupper
isxdigit
isupper
ispunct
islower
memchr
strpbrk
strcoll
??3@YAXPAX@Z
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
__iob_func
getc
freopen
fopen
ungetc
ferror
fclose
_errno
strerror
feof
fread
memcpy
strchr
ldexp

Exports

Exports

?luaL_addlstring@@YAXPAUluaL_Buffer@@PBDI@Z
?luaL_addstring@@YAXPAUluaL_Buffer@@PBD@Z
?luaL_addvalue@@YAXPAUluaL_Buffer@@@Z
?luaL_argerror@@YAHPAUlua_State@@HPBD@Z
?luaL_buffinit@@YAXPAUlua_State@@PAUluaL_Buffer@@@Z
?luaL_callmeta@@YAHPAUlua_State@@HPBD@Z
?luaL_checkany@@YAXPAUlua_State@@H@Z
?luaL_checkinteger@@YAHPAUlua_State@@H@Z
?luaL_checklstring@@YAPBDPAUlua_State@@HPAI@Z
?luaL_checknumber@@YANPAUlua_State@@H@Z
?luaL_checkoption@@YAHPAUlua_State@@HPBDQBQBD@Z
?luaL_checkstack@@YAXPAUlua_State@@HPBD@Z
?luaL_checktype@@YAXPAUlua_State@@HH@Z
?luaL_checkudata@@YAPAXPAUlua_State@@HPBD@Z
?luaL_error@@YAHPAUlua_State@@PBDZZ
?luaL_findtable@@YAPBDPAUlua_State@@HPBDH@Z
?luaL_getmetafield@@YAHPAUlua_State@@HPBD@Z
?luaL_gsub@@YAPBDPAUlua_State@@PBD11@Z
?luaL_loadbuffer@@YAHPAUlua_State@@PBDI1@Z
?luaL_loadfile@@YAHPAUlua_State@@PBD@Z
?luaL_loadstring@@YAHPAUlua_State@@PBD@Z
?luaL_newmetatable@@YAHPAUlua_State@@PBD@Z
?luaL_newstate@@YAPAUlua_State@@XZ
?luaL_openlib@@YAXPAUlua_State@@PBDPBUluaL_Reg@@H@Z
?luaL_openlibs@@YAXPAUlua_State@@@Z
?luaL_optinteger@@YAHPAUlua_State@@HH@Z
?luaL_optlstring@@YAPBDPAUlua_State@@HPBDPAI@Z
?luaL_optnumber@@YANPAUlua_State@@HN@Z
?luaL_prepbuffer@@YAPADPAUluaL_Buffer@@@Z
?luaL_pushresult@@YAXPAUluaL_Buffer@@@Z
?luaL_ref@@YAHPAUlua_State@@H@Z
?luaL_register@@YAXPAUlua_State@@PBDPBUluaL_Reg@@@Z
?luaL_typerror@@YAHPAUlua_State@@HPBD@Z
?luaL_unref@@YAXPAUlua_State@@HH@Z
?luaL_where@@YAXPAUlua_State@@H@Z
?lua_atpanic@@YAP6AHPAUlua_State@@@Z0P6AH0@Z@Z
?lua_call@@YAXPAUlua_State@@HH@Z
?lua_checkstack@@YAHPAUlua_State@@H@Z
?lua_close@@YAXPAUlua_State@@@Z
?lua_concat@@YAXPAUlua_State@@H@Z
?lua_cpcall@@YAHPAUlua_State@@P6AH0@ZPAX@Z
?lua_createtable@@YAXPAUlua_State@@HH@Z
?lua_dump@@YAHPAUlua_State@@P6AH0PBXIPAX@Z2@Z
?lua_equal@@YAHPAUlua_State@@HH@Z
?lua_error@@YAHPAUlua_State@@@Z
?lua_gc@@YAHPAUlua_State@@HH@Z
?lua_getallocf@@YAP6APAXPAX0II@ZPAUlua_State@@PAPAX@Z
?lua_getfenv@@YAXPAUlua_State@@H@Z
?lua_getfield@@YAXPAUlua_State@@HPBD@Z
?lua_gethook@@YAP6AXPAUlua_State@@PAUlua_Debug@@@Z0@Z
?lua_gethookcount@@YAHPAUlua_State@@@Z
?lua_gethookmask@@YAHPAUlua_State@@@Z
?lua_getinfo@@YAHPAUlua_State@@PBDPAUlua_Debug@@@Z
?lua_getlocal@@YAPBDPAUlua_State@@PBUlua_Debug@@H@Z
?lua_getmetatable@@YAHPAUlua_State@@H@Z
?lua_getstack@@YAHPAUlua_State@@HPAUlua_Debug@@@Z
?lua_gettable@@YAXPAUlua_State@@H@Z
?lua_gettop@@YAHPAUlua_State@@@Z
?lua_getupvalue@@YAPBDPAUlua_State@@HH@Z
?lua_insert@@YAXPAUlua_State@@H@Z
?lua_iscfunction@@YAHPAUlua_State@@H@Z
?lua_isnumber@@YAHPAUlua_State@@H@Z
?lua_isstring@@YAHPAUlua_State@@H@Z
?lua_isuserdata@@YAHPAUlua_State@@H@Z
?lua_lessthan@@YAHPAUlua_State@@HH@Z
?lua_load@@YAHPAUlua_State@@P6APBD0PAXPAI@Z1PBD@Z
?lua_newstate@@YAPAUlua_State@@P6APAXPAX0II@Z0@Z
?lua_newthread@@YAPAUlua_State@@PAU1@@Z
?lua_newuserdata@@YAPAXPAUlua_State@@I@Z
?lua_next@@YAHPAUlua_State@@H@Z
?lua_objlen@@YAIPAUlua_State@@H@Z
?lua_pcall@@YAHPAUlua_State@@HHH@Z
?lua_pushboolean@@YAXPAUlua_State@@H@Z
?lua_pushcclosure@@YAXPAUlua_State@@P6AH0@ZH@Z
?lua_pushfstring@@YAPBDPAUlua_State@@PBDZZ
?lua_pushinteger@@YAXPAUlua_State@@H@Z
?lua_pushlightuserdata@@YAXPAUlua_State@@PAX@Z
?lua_pushlstring@@YAXPAUlua_State@@PBDI@Z
?lua_pushnil@@YAXPAUlua_State@@@Z
?lua_pushnumber@@YAXPAUlua_State@@N@Z
?lua_pushstring@@YAXPAUlua_State@@PBD@Z
?lua_pushthread@@YAHPAUlua_State@@@Z
?lua_pushvalue@@YAXPAUlua_State@@H@Z
?lua_pushvfstring@@YAPBDPAUlua_State@@PBDPAD@Z
?lua_rawequal@@YAHPAUlua_State@@HH@Z
?lua_rawget@@YAXPAUlua_State@@H@Z
?lua_rawgeti@@YAXPAUlua_State@@HH@Z
?lua_rawset@@YAXPAUlua_State@@H@Z
?lua_rawseti@@YAXPAUlua_State@@HH@Z
?lua_remove@@YAXPAUlua_State@@H@Z
?lua_replace@@YAXPAUlua_State@@H@Z
?lua_resume@@YAHPAUlua_State@@H@Z
?lua_setallocf@@YAXPAUlua_State@@P6APAXPAX1II@Z1@Z
?lua_setfenv@@YAHPAUlua_State@@H@Z
?lua_setfield@@YAXPAUlua_State@@HPBD@Z
?lua_sethook@@YAHPAUlua_State@@P6AX0PAUlua_Debug@@@ZHH@Z
?lua_setlevel@@YAXPAUlua_State@@0@Z
?lua_setlocal@@YAPBDPAUlua_State@@PBUlua_Debug@@H@Z
?lua_setmetatable@@YAHPAUlua_State@@H@Z
?lua_settable@@YAXPAUlua_State@@H@Z
?lua_settop@@YAXPAUlua_State@@H@Z
?lua_setupvalue@@YAPBDPAUlua_State@@HH@Z
?lua_status@@YAHPAUlua_State@@@Z
?lua_toboolean@@YAHPAUlua_State@@H@Z
?lua_tocfunction@@YAP6AHPAUlua_State@@@Z0H@Z
?lua_tointeger@@YAHPAUlua_State@@H@Z
?lua_tolstring@@YAPBDPAUlua_State@@HPAI@Z
?lua_tonumber@@YANPAUlua_State@@H@Z
?lua_topointer@@YAPBXPAUlua_State@@H@Z
?lua_tothread@@YAPAUlua_State@@PAU1@H@Z
?lua_touserdata@@YAPAXPAUlua_State@@H@Z
?lua_type@@YAHPAUlua_State@@H@Z
?lua_typename@@YAPBDPAUlua_State@@H@Z
?lua_xmove@@YAXPAUlua_State@@0H@Z
?lua_yield@@YAHPAUlua_State@@H@Z
?luaopen_base@@YAHPAUlua_State@@@Z
?luaopen_debug@@YAHPAUlua_State@@@Z
?luaopen_io@@YAHPAUlua_State@@@Z
?luaopen_math@@YAHPAUlua_State@@@Z
?luaopen_os@@YAHPAUlua_State@@@Z
?luaopen_package@@YAHPAUlua_State@@@Z
?luaopen_string@@YAHPAUlua_State@@@Z
?luaopen_table@@YAHPAUlua_State@@@Z

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
npQQLive.dll
.dll regsvr32 windows:4 windows x86 arch:x86

9c7a51a5c1ed045a78a9de23e6a3a8e5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2a:0b:b1:dc:33:4d:fd:9f:c9:59:90:68:36:71:fd:8d:f5:7d:70:6a
Signer

Actual PE Digest

2a:0b:b1:dc:33:4d:fd:9f:c9:59:90:68:36:71:fd:8d:f5:7d:70:6a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\QQLive_Dailybuild\src\symbol\npQQLive.pdb

Imports

kernel32

MulDiv
GetCurrentThreadId
InterlockedDecrement
GetCurrentProcess
lstrlenA
VirtualQuery
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetVersionExA
GetFileAttributesW
DeleteCriticalSection
EnterCriticalSection
RaiseException
GetModuleHandleW
FlushInstructionCache
InterlockedIncrement
MultiByteToWideChar
GetProcAddress
lstrcmpW
InitializeCriticalSection
GetLastError
lstrlenW
IsDebuggerPresent
WideCharToMultiByte

user32

CallWindowProcW
GetWindow
UnregisterClassA
SendMessageW
InvalidateRgn
SetWindowLongW
ClientToScreen
EndPaint
GetWindowTextW
SetFocus
GetClassInfoExW
GetFocus
LoadCursorW
CreateWindowExW
GetDesktopWindow
FillRect
GetParent
GetWindowLongW
GetSysColor
GetWindowTextLengthW
SetCapture
RegisterWindowMessageW
SetWindowPos
InvalidateRect
CharNextW
RegisterClassExW
IsWindow
SetWindowTextW
GetClassNameW
DefWindowProcW
DestroyWindow
ReleaseDC
ReleaseCapture
MoveWindow
RedrawWindow
IsChild
GetClientRect
GetDC
FindWindowExW
BeginPaint
ScreenToClient
GetDlgItem
CreateAcceleratorTableW
DestroyAcceleratorTable

gdi32

CreateCompatibleBitmap
SelectObject
BitBlt
CreateCompatibleDC
DeleteObject
CreateSolidBrush
DeleteDC
GetStockObject
GetObjectW
GetDeviceCaps

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegCloseKey

ole32

OleInitialize
CoTaskMemAlloc
CLSIDFromString
CoLoadLibrary
OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
CLSIDFromProgID
CoGetClassObject
OleUninitialize
StringFromGUID2

oleaut32

SysAllocString
SysAllocStringLen
SysStringByteLen
OleCreateFontIndirect
LoadRegTypeLi
VariantInit
SysStringLen
LoadTypeLi
DispCallFunc
SysFreeString
VariantClear

msvcp80

?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z

msvcr80

??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
malloc
memset
swprintf_s
memcmp
memcpy_s
wcslen
strcmp
memcpy
??2@YAPAXI@Z
_CxxThrowException
strlen
strncpy_s
_recalloc
??_V@YAXPAX@Z
calloc
free
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
?terminate@@YAXXZ
_unlock
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
__CxxFrameHandler3
__dllonexit

Exports

Exports

DllRegisterServer
DllUnregisterServer
NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2papi.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a43db36ba47070377a9f1d2243b682d9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ce:28:41:d9:1b:30:11:d3:65:c1:8f:d7:f7:c1:c9:33:6e:65:ce:bc
Signer

Actual PE Digest

ce:28:41:d9:1b:30:11:d3:65:c1:8f:d7:f7:c1:c9:33:6e:65:ce:bc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2papi.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ws2_32

setsockopt
htons
htonl
closesocket
sendto
ntohl
inet_addr
inet_ntoa
socket
ntohs
WSAStartup
WSAGetLastError
recv
bind
WSACleanup
recvfrom
shutdown
gethostbyname
connect
send

kernel32

EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
CreateFileA
GetModuleFileNameA
GetVersionExA
GetFileAttributesA
GetExitCodeProcess
WaitForSingleObject
SetFileAttributesA
GetLastError
CreateDirectoryA
DeleteFileA
Sleep
GetTickCount
InterlockedExchange
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
FreeLibrary
GetProcAddress
GetModuleHandleA
GetPrivateProfileStringA
UnmapViewOfFile
LoadLibraryExA
lstrcmpiA
lstrlenW
lstrlenA
IsValidLocale
WritePrivateProfileStringA
GlobalFree
GlobalAlloc
LoadLibraryA
GetCurrentThreadId
GetLocalTime
GetTempPathA
CreateEventA
GetCurrentProcess
LocalFree
FormatMessageA
SetEvent
RaiseException
DisableThreadLibraryCalls
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
ResetEvent
CreateThread
FindNextFileA
FindClose
FindFirstFileA
RemoveDirectoryA
SystemTimeToFileTime
GetSystemTime
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
OpenEventA
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
WriteFile
ReadFile
GetCPInfo
LCMapStringW
LCMapStringA
GetProcessHeap
GetCommandLineA
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapReAlloc
GetSystemTimeAsFileTime
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
SetStdHandle
CreateFileW
SetEndOfFile
HeapAlloc
RtlUnwind
IsDebuggerPresent
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
GetStdHandle
HeapCreate
HeapDestroy
VirtualFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetOEMCP
IsValidCodePage
ExitProcess

user32

UnregisterClassA
CharNextA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

shell32

SHGetFolderPathA
ShellExecuteExA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoCreateGuid
CoInitialize
CLSIDFromString
CoUninitialize

oleaut32

SystemTimeToVariantTime
VariantCopy
VariantChangeType
SysAllocString
VariantClear
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysFreeString
VariantTimeToSystemTime
LoadTypeLi
SysStringLen

shlwapi

PathFileExistsA
PathFindExtensionA

iphlpapi

GetIfTable
GetNetworkParams

psapi

EnumProcessModules
GetModuleFileNameExA

wininet

InternetGetCookieA
CommitUrlCacheEntryA
CreateUrlCacheEntryA
GetUrlCacheEntryInfoA
SetUrlCacheEntryInfoA

netapi32

Netbios

Exports

Exports

??0IP2PApp@@QAE@ABV0@@Z
??0IP2PApp@@QAE@XZ
??1IP2PApp@@UAE@XZ
??4IP2PApp@@QAEAAV0@ABV0@@Z
??_7IP2PApp@@6B@
DeleteP2PCore
DeleteP2PDownload
DeleteP2PDownloadEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetP2PDownload
GetP2PDownload2
GetP2PDownloadEx
GetP2PDownloadWithAppTypeByNew

Sections

.text
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2papp.dll
.dll regsvr32 windows:4 windows x86 arch:x86

75b7c4a02066063c296406790863702a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a1:03:bc:15:49:5b:bd:15:4a:20:2d:43:38:58:b9:cb:e5:8f:c6:d0
Signer

Actual PE Digest

a1:03:bc:15:49:5b:bd:15:4a:20:2d:43:38:58:b9:cb:e5:8f:c6:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\Release\p2papp.pdb

Imports

ws2_32

htonl
socket
inet_addr
inet_ntoa
closesocket
WSAGetLastError
connect
setsockopt
send
htons
recv
ntohs
ntohl
gethostbyname

kernel32

GetStringTypeW
GetStringTypeA
lstrlenW
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
lstrcmpiA
InterlockedExchange
FreeLibrary
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
IsDBCSLeadByte
DeleteCriticalSection
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
SizeofResource
LoadResource
GetModuleFileNameA
FindResourceA
GetModuleHandleA
GetLocalTime
LoadLibraryExA
RaiseException
GetProcAddress
LoadLibraryA
CreateEventA
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
GetExitCodeThread
OutputDebugStringA
CreateThread
GetFileAttributesA
CreateDirectoryA
GetPrivateProfileStringA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetCurrentProcessId
OpenFileMappingA
FindFirstFileA
FindClose
VirtualQuery
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
GlobalAlloc
GlobalFree
CreateMutexA
WaitForMultipleObjects
OpenEventA
ReleaseMutex
GetTickCount
SetLastError
TlsFree
TlsSetValue
SetFilePointer
TlsAlloc
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileA
CreateFileW
SetEndOfFile
WritePrivateProfileStringA
FlushFileBuffers
GetStartupInfoA
GetFileType
TlsGetValue
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
HeapSize
GetStdHandle
SetHandleCount
GetConsoleMode
GetConsoleCP
WriteFile
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
RtlUnwind
HeapCreate
HeapDestroy
VirtualFree
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
Sleep
VirtualProtect
VirtualAlloc
GetSystemInfo
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetSystemTimeAsFileTime
ExitThread
GetCommandLineA
GetProcessHeap
ReadFile

user32

CharNextA
UnregisterClassA

advapi32

RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoLoadLibrary
StringFromGUID2

oleaut32

RegisterTypeLi
SysFreeString
SysAllocString
LoadTypeLi
VarUI4FromStr
LoadRegTypeLi
SysStringLen
UnRegisterTypeLi

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Exports

Exports

DeleteP2PCore
DeleteP2PDownload
DeleteP2PDownloadEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetP2PDownload
GetP2PDownload2
GetP2PDownloadEx
GetP2PDownloadWithAppTypeByNew

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2pcore.dll
.dll windows:4 windows x86 arch:x86

dc328ad394799bebf445cee7a91c6f30

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:9c:65:fd:05:f2:d9:3e:00:21:f8:9f:94:66:7e:58:af:44:7a:65
Signer

Actual PE Digest

37:9c:65:fd:05:f2:d9:3e:00:21:f8:9f:94:66:7e:58:af:44:7a:65

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\Release\p2pcore.pdb

Imports

ws2_32

send
socket
recv
sendto
htons
setsockopt
ntohs
bind
inet_addr
ntohl
select
gethostbyname
inet_ntoa
gethostname
WSACleanup
closesocket
ioctlsocket
WSAStartup
WSAGetLastError
recvfrom
connect
__WSAFDIsSet
htonl

kernel32

GetLocaleInfoW
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
CompareStringW
GetModuleHandleA
MultiByteToWideChar
CompareStringA
GetLastError
lstrlenA
GetModuleFileNameA
WideCharToMultiByte
GetProcAddress
WriteConsoleA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
ResetEvent
CreateEventA
WaitForSingleObject
SetEvent
GetTickCount
FreeLibrary
LoadLibraryExA
GetCurrentThreadId
GetLocalTime
Sleep
WaitForMultipleObjects
GlobalAlloc
GetFileAttributesA
WritePrivateProfileStringA
GlobalFree
GetPrivateProfileStringA
LoadLibraryA
CreateDirectoryA
TryEnterCriticalSection
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetCurrentProcessId
CreateMutexA
OpenEventA
ReleaseMutex
GetStartupInfoA
GetFileType
SetHandleCount
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
DeleteCriticalSection
HeapSize
ExitProcess
VirtualFree
HeapCreate
HeapDestroy
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
WriteFile
LCMapStringW
LCMapStringA
GetCPInfo
RtlUnwind
RaiseException
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
VirtualAlloc
ExitThread
CreateThread
ResumeThread
GetCommandLineA
GetProcessHeap

user32

GetLastInputInfo

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegSetValueExA

shell32

SHGetFolderPathA

ole32

CoFreeLibrary
CoInitialize
CoCreateGuid
CoUninitialize
CoLoadLibrary

Exports

Exports

??0IP2PCore@@QAE@ABV0@@Z
??0IP2PCore@@QAE@XZ
??1IP2PCore@@UAE@XZ
??4IP2PCore@@QAEAAV0@ABV0@@Z
??_7IP2PCore@@6B@
CreateP2PCore
DeleteCore

Sections

.text
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2pdata.dll
.dll windows:4 windows x86 arch:x86

55619d846abfa5c2c79e773c34f6cd3d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2d:0c:f6:9a:19:5c:6c:9e:c1:ef:50:72:f5:56:7f:a7:66:c3:13:06
Signer

Actual PE Digest

2d:0c:f6:9a:19:5c:6c:9e:c1:ef:50:72:f5:56:7f:a7:66:c3:13:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2pdata.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
CompareStringA
CompareStringW
GetTickCount
WaitForSingleObject
CloseHandle
SetEvent
ResetEvent
CreateThread
CreateEventA
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleFileNameA
GetCurrentThreadId
GetLocalTime
CopyFileA
FindClose
FindNextFileA
GetLastError
Sleep
GetDiskFreeSpaceExA
GetFileAttributesA
CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
ReleaseSemaphore
CreateSemaphoreA
GetFileSize
CreateFileA
WriteFile
SetFilePointerEx
ReadFile
CreateFileW
SetEndOfFile
DeleteFileA
RemoveDirectoryA
OutputDebugStringA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
UnmapViewOfFile
GetVersionExA
MoveFileA
LoadLibraryA
SetEnvironmentVariableA
GetTimeZoneInformation
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileA
InterlockedExchange
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
GetThreadLocale
HeapAlloc
HeapFree
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetModuleHandleA
RtlUnwind
GetSystemTimeAsFileTime
ExitThread
ResumeThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
MoveFileW
GetCommandLineA
GetProcessHeap
LCMapStringA
LCMapStringW
GetCPInfo
ExitProcess
HeapDestroy
HeapCreate
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetFullPathNameA
GetCurrentDirectoryA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW

user32

PostMessageA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetFolderPathA

oleaut32

VariantClear

Exports

Exports

??0IP2PApp@@QAE@ABV0@@Z
??0IP2PApp@@QAE@XZ
??0IP2PData@@QAE@ABV0@@Z
??0IP2PData@@QAE@XZ
??0IP2PDbg@@QAE@ABV0@@Z
??0IP2PDbg@@QAE@XZ
??1IP2PApp@@UAE@XZ
??1IP2PData@@UAE@XZ
??1IP2PDbg@@UAE@XZ
??4IP2PApp@@QAEAAV0@ABV0@@Z
??4IP2PData@@QAEAAV0@ABV0@@Z
??4IP2PDbg@@QAEAAV0@ABV0@@Z
??_7IP2PApp@@6B@
??_7IP2PData@@6B@
??_7IP2PDbg@@6B@
CreateP2PDataMgr
CreateP2PDbgMgr
DeleteP2PDataMgr
DeleteP2PDbgMgr

Sections

.text
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2phttp.dll
.dll windows:4 windows x86 arch:x86

9a4b5974957e490df0b50dbb1d9ffc57

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ea:72:d7:7d:a6:9d:38:61:7e:03:ee:0a:fb:91:ca:bf:df:1a:e8:23
Signer

Actual PE Digest

ea:72:d7:7d:a6:9d:38:61:7e:03:ee:0a:fb:91:ca:bf:df:1a:e8:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\release\p2phttp.pdb

Imports

wininet

InternetGetCookieA

ws2_32

send
inet_ntoa
htons
htonl
sendto
ntohl
ntohs
WSAStartup
select
__WSAFDIsSet
gethostbyname
recv
inet_addr
ioctlsocket
connect
setsockopt
socket
closesocket

kernel32

FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FreeLibrary
GetTickCount
GetProcAddress
LoadLibraryExA
GetModuleFileNameA
GetCurrentThreadId
GetLocalTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetFileAttributesA
OutputDebugStringA
CreateDirectoryA
GetPrivateProfileStringA
CloseHandle
WriteFile
CreateFileA
ExpandEnvironmentStringsA
GetLastError
GetStdHandle
SetEvent
WaitForSingleObject
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
TerminateThread
ReadFile
GetFileSize
CreateEventA
Sleep
ResetEvent
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetCurrentProcessId
UnmapViewOfFile
InterlockedExchange
CreateMutexA
OpenEventA
ReleaseMutex
FindFirstFileA
FindClose
SetLastError
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetEnvironmentStrings
WaitForMultipleObjects
FreeEnvironmentStringsW
VirtualFree
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetEnvironmentStringsW
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
ResumeThread
VirtualAlloc
GetModuleHandleA
GetCommandLineA
GetProcessHeap
ExitProcess

user32

SendMessageTimeoutA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetFolderPathA

ole32

OleRun
CoCreateInstance

oleaut32

SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SysFreeString
VariantCopy
VariantClear
SysAllocString
VariantInit
GetErrorInfo

iphlpapi

GetNetworkParams

urlmon

URLDownloadToCacheFileA

Exports

Exports

??0IHttpFile@@QAE@ABV0@@Z
??0IHttpFile@@QAE@XZ
??1IHttpFile@@UAE@XZ
??4IHttpFile@@QAEAAV0@ABV0@@Z
??_7IHttpFile@@6B@
CreateHttpClient
DeleteHttpClient

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p2plog.dll
.dll windows:4 windows x86 arch:x86

cac50c32003ff2bbc8214e3d97355e96

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

49:2b:4a:ad:44:26:45:be:d7:b0:c6:62:82:b1:ed:5e:20:89:7e:5f
Signer

Actual PE Digest

49:2b:4a:ad:44:26:45:be:d7:b0:c6:62:82:b1:ed:5e:20:89:7e:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\temp\p2papp\Release\p2plog.pdb

Imports

ws2_32

connect
htons
socket
WSAGetLastError
ntohl
send
inet_addr
htonl
closesocket
setsockopt
recv
inet_ntoa
gethostbyname

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
WaitForSingleObject
ResetEvent
CloseHandle
Sleep
CreateEventA
GetLastError
ReleaseMutex
GetTickCount
CreateMutexA
GetCurrentProcessId
OpenEventA
WaitForMultipleObjects
CreateFileA
CompareStringA
DeleteCriticalSection
GetFileAttributesA
GetFileSize
InitializeCriticalSection
GetPrivateProfileStringA
OutputDebugStringA
GetModuleFileNameA
OpenFileMappingA
CreateDirectoryA
GetModuleHandleA
CreateFileMappingA
GetVersionExA
MapViewOfFile
EnterCriticalSection
UnmapViewOfFile
WritePrivateProfileStringA
SetFilePointer
GetCurrentDirectoryA
ReadFile
SystemTimeToFileTime
WriteFile
GetFileInformationByHandle
FileTimeToSystemTime
GetLocalTime
GetConsoleMode
GetConsoleCP
CompareStringW
SetEnvironmentVariableA
LeaveCriticalSection
GetCurrentProcess
GetLocaleInfoA
LoadLibraryA
InterlockedExchange
ExitThread
GetCurrentThreadId
CreateThread
DeleteFileA
MoveFileA
TerminateProcess
GetThreadLocale
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
FindClose
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
HeapAlloc
HeapFree
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetStdHandle
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetFullPathNameA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
LCMapStringA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter

user32

GetDesktopWindow

shell32

SHGetFolderPathA

Exports

Exports

DoLog
IsDoLog
IsLogType
ReportLog

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pthreadGC2.dll
.dll windows:4 windows x86 arch:x86

4ed4b97c004af0f3c95aeb69c247d60b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

84:e9:16:c5:76:5b:5a:24:7f:75:33:d1:48:15:8e:58:7a:4b:c4:22
Signer

Actual PE Digest

84:e9:16:c5:76:5b:5a:24:7f:75:33:d1:48:15:8e:58:7a:4b:c4:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindAtomA
FreeLibrary
GetAtomNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
LeaveCriticalSection
LoadLibraryA
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_beginthreadex
_endthreadex
_errno
_ftime
_setjmp
abort
calloc
exit
fflush
free
longjmp
malloc

wsock32

WSAGetLastError
WSASetLastError

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getw32threadhandle_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
qqlive.ini
tinyxml.dll
.dll windows:4 windows x86 arch:x86

2524407d3051eac98e4560fe35989f1a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

23:43:7a:d9:9a:ac:3a:df:ef:d0:cb:46:23:f4:cc:64:8c:2c:f1:97
Signer

Actual PE Digest

23:43:7a:d9:9a:ac:3a:df:ef:d0:cb:46:23:f4:cc:64:8c:2c:f1:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\tinyxml.pdb

Imports

kernel32

MultiByteToWideChar
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcr80

isalnum
strncmp
strchr
memset
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
free
_encoded_null
_decode_pointer
__iob_func
isalpha
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fclose
fseek
ftell
fread
_vsnprintf_s
atof
atoi
sscanf_s
fprintf
fputc
ferror
fopen
_initterm_e
_wfopen
tolower
isspace
_purecall
strcmp
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_wassert
strlen
memmove
__CxxFrameHandler3
memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
_initterm

msvcp80

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ

Exports

Exports

??0TiXmlAttribute@@QAE@PBD0@Z
??0TiXmlAttribute@@QAE@XZ
??0TiXmlAttributeSet@@QAE@XZ
??0TiXmlBase@@QAE@XZ
??0TiXmlComment@@QAE@ABV0@@Z
??0TiXmlComment@@QAE@PBD@Z
??0TiXmlComment@@QAE@XZ
??0TiXmlDeclaration@@QAE@ABV0@@Z
??0TiXmlDeclaration@@QAE@PBD00@Z
??0TiXmlDeclaration@@QAE@XZ
??0TiXmlDocument@@IAE@PBD@Z
??0TiXmlDocument@@QAE@ABV0@@Z
??0TiXmlDocument@@QAE@XZ
??0TiXmlElement@@QAE@ABV0@@Z
??0TiXmlElement@@QAE@PBD@Z
??0TiXmlNode@@IAE@W4NodeType@0@@Z
??0TiXmlPrinter@@QAE@ABV0@@Z
??0TiXmlPrinter@@QAE@XZ
??0TiXmlText@@QAE@ABV0@@Z
??0TiXmlText@@QAE@PBD@Z
??0TiXmlUnknown@@QAE@ABV0@@Z
??0TiXmlUnknown@@QAE@XZ
??1TiXmlAttribute@@UAE@XZ
??1TiXmlAttributeSet@@QAE@XZ
??1TiXmlBase@@UAE@XZ
??1TiXmlComment@@UAE@XZ
??1TiXmlDeclaration@@UAE@XZ
??1TiXmlDocument@@UAE@XZ
??1TiXmlElement@@UAE@XZ
??1TiXmlNode@@UAE@XZ
??1TiXmlPrinter@@UAE@XZ
??1TiXmlText@@UAE@XZ
??1TiXmlUnknown@@UAE@XZ
??4TiXmlComment@@QAEXABV0@@Z
??4TiXmlDeclaration@@QAEXABV0@@Z
??4TiXmlDocument@@QAEXABV0@@Z
??4TiXmlElement@@QAEXABV0@@Z
??4TiXmlPrinter@@QAEAAV0@ABV0@@Z
??4TiXmlText@@QAEXABV0@@Z
??4TiXmlUnknown@@QAEXABV0@@Z
??8TiXmlAttribute@@QBE_NABV0@@Z
??MTiXmlAttribute@@QBE_NABV0@@Z
??OTiXmlAttribute@@QBE_NABV0@@Z
??_7TiXmlAttribute@@6B@
??_7TiXmlBase@@6B@
??_7TiXmlComment@@6B@
??_7TiXmlDeclaration@@6B@
??_7TiXmlDocument@@6B@
??_7TiXmlElement@@6B@
??_7TiXmlNode@@6B@
??_7TiXmlPrinter@@6B@
??_7TiXmlText@@6B@
??_7TiXmlUnknown@@6B@
?Accept@TiXmlComment@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDeclaration@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlDocument@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlElement@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlText@@UBE_NPAVTiXmlVisitor@@@Z
?Accept@TiXmlUnknown@@UBE_NPAVTiXmlVisitor@@@Z
?Add@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?Attribute@TiXmlElement@@QBEPBDPBD@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAH@Z
?Attribute@TiXmlElement@@QBEPBDPBDPAN@Z
?Blank@TiXmlText@@IBE_NXZ
?CDATA@TiXmlText@@QBE_NXZ
?CStr@TiXmlPrinter@@QAEPBDXZ
?Clear@TiXmlNode@@QAEXXZ
?ClearError@TiXmlDocument@@QAEXXZ
?ClearThis@TiXmlElement@@IAEXXZ
?Clone@TiXmlComment@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDeclaration@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlDocument@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlElement@@UBEPAVTiXmlNode@@XZ
?Clone@TiXmlText@@MBEPAVTiXmlNode@@XZ
?Clone@TiXmlUnknown@@UBEPAVTiXmlNode@@XZ
?Column@TiXmlBase@@QBEHXZ
?ConvertUTF32ToUTF8@TiXmlBase@@KAXKPADPAH@Z
?CopyTo@TiXmlComment@@IBEXPAV1@@Z
?CopyTo@TiXmlDeclaration@@IBEXPAV1@@Z
?CopyTo@TiXmlDocument@@ABEXPAV1@@Z
?CopyTo@TiXmlElement@@IBEXPAV1@@Z
?CopyTo@TiXmlNode@@IBEXPAV1@@Z
?CopyTo@TiXmlText@@IBEXPAV1@@Z
?CopyTo@TiXmlUnknown@@IBEXPAV1@@Z
?DoIndent@TiXmlPrinter@@AAEXXZ
?DoLineBreak@TiXmlPrinter@@AAEXXZ
?DoubleValue@TiXmlAttribute@@QBENXZ
?EncodeString@TiXmlBase@@SAXABVTiXmlString@@PAV2@@Z
?Encoding@TiXmlDeclaration@@QBEPBDXZ
?Error@TiXmlDocument@@QBE_NXZ
?ErrorCol@TiXmlDocument@@QBEHXZ
?ErrorDesc@TiXmlDocument@@QBEPBDXZ
?ErrorId@TiXmlDocument@@QBEHXZ
?ErrorRow@TiXmlDocument@@QBEHXZ
?Find@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@PBD@Z
?Find@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@PBD@Z
?First@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?First@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?FirstAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?FirstChild@TiXmlNode@@QAEPAV1@PBD@Z
?FirstChild@TiXmlNode@@QAEPAV1@XZ
?FirstChild@TiXmlNode@@QBEPBV1@PBD@Z
?FirstChild@TiXmlNode@@QBEPBV1@XZ
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?FirstChildElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?GetChar@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetDocument@TiXmlNode@@QAEPAVTiXmlDocument@@XZ
?GetDocument@TiXmlNode@@QBEPBVTiXmlDocument@@XZ
?GetEntity@TiXmlBase@@KAPBDPBDPADPAHW4TiXmlEncoding@@@Z
?GetText@TiXmlElement@@QBEPBDXZ
?GetUserData@TiXmlBase@@QAEPAXXZ
?GetUserData@TiXmlBase@@QBEPBXXZ
?Identify@TiXmlNode@@IAEPAV1@PBDW4TiXmlEncoding@@@Z
?Indent@TiXmlPrinter@@QAEPBDXZ
?InsertAfterChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertBeforeChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?InsertEndChild@TiXmlNode@@QAEPAV1@ABV1@@Z
?IntValue@TiXmlAttribute@@QBEHXZ
?IsAlpha@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsAlphaNum@TiXmlBase@@KAHEW4TiXmlEncoding@@@Z
?IsWhiteSpace@TiXmlBase@@KA_ND@Z
?IsWhiteSpace@TiXmlBase@@KA_NH@Z
?IsWhiteSpaceCondensed@TiXmlBase@@SA_NXZ
?IterateChildren@TiXmlNode@@QAEPAV1@PBDPBV1@@Z
?IterateChildren@TiXmlNode@@QAEPAV1@PBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBDPBV1@@Z
?IterateChildren@TiXmlNode@@QBEPBV1@PBV1@@Z
?Last@TiXmlAttributeSet@@QAEPAVTiXmlAttribute@@XZ
?Last@TiXmlAttributeSet@@QBEPBVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QAEPAVTiXmlAttribute@@XZ
?LastAttribute@TiXmlElement@@QBEPBVTiXmlAttribute@@XZ
?LastChild@TiXmlNode@@QAEPAV1@PBD@Z
?LastChild@TiXmlNode@@QAEPAV1@XZ
?LastChild@TiXmlNode@@QBEPBV1@PBD@Z
?LastChild@TiXmlNode@@QBEPBV1@XZ
?LineBreak@TiXmlPrinter@@QAEPBDXZ
?LinkEndChild@TiXmlNode@@QAEPAV1@PAV1@@Z
?LoadFile@TiXmlDocument@@QAE_NPAU_iobuf@@W4TiXmlEncoding@@@Z
?LoadFile@TiXmlDocument@@QAE_NPB_WW4TiXmlEncoding@@@Z
?LoadXML@TiXmlDocument@@QAE_NPADHW4TiXmlEncoding@@@Z
?Name@TiXmlAttribute@@QBEPBDXZ
?NameTStr@TiXmlAttribute@@QBEABVTiXmlString@@XZ
?Next@TiXmlAttribute@@QAEPAV1@XZ
?Next@TiXmlAttribute@@QBEPBV1@XZ
?NextSibling@TiXmlNode@@QAEPAV1@PBD@Z
?NextSibling@TiXmlNode@@QAEPAV1@XZ
?NextSibling@TiXmlNode@@QBEPBV1@PBD@Z
?NextSibling@TiXmlNode@@QBEPBV1@XZ
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QAEPAVTiXmlElement@@XZ
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@PBD@Z
?NextSiblingElement@TiXmlNode@@QBEPBVTiXmlElement@@XZ
?NoChildren@TiXmlNode@@QBE_NXZ
?Parent@TiXmlNode@@QAEPAV1@XZ
?Parent@TiXmlNode@@QBEPBV1@XZ
?Parse@TiXmlAttribute@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlComment@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDeclaration@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlDocument@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlElement@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlText@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Parse@TiXmlUnknown@@UAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Previous@TiXmlAttribute@@QAEPAV1@XZ
?Previous@TiXmlAttribute@@QBEPBV1@XZ
?PreviousSibling@TiXmlNode@@QAEPAV1@PBD@Z
?PreviousSibling@TiXmlNode@@QAEPAV1@XZ
?PreviousSibling@TiXmlNode@@QBEPBV1@PBD@Z
?PreviousSibling@TiXmlNode@@QBEPBV1@XZ
?Print@TiXmlAttribute@@QBEXPAU_iobuf@@HPAVTiXmlString@@@Z
?Print@TiXmlAttribute@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlComment@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDeclaration@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlDeclaration@@UBEXPAU_iobuf@@HPAVTiXmlString@@@Z
?Print@TiXmlDocument@@QBEXXZ
?Print@TiXmlDocument@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlElement@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlText@@UBEXPAU_iobuf@@H@Z
?Print@TiXmlUnknown@@UBEXPAU_iobuf@@H@Z
?QueryDoubleAttribute@TiXmlElement@@QBEHPBDPAN@Z
?QueryDoubleValue@TiXmlAttribute@@QBEHPAN@Z
?QueryFloatAttribute@TiXmlElement@@QBEHPBDPAM@Z
?QueryIntAttribute@TiXmlElement@@QBEHPBDPAH@Z
?QueryIntValue@TiXmlAttribute@@QBEHPAH@Z
?ReadName@TiXmlBase@@KAPBDPBDPAVTiXmlString@@W4TiXmlEncoding@@@Z
?ReadText@TiXmlBase@@KAPBDPBDPAVTiXmlString@@_N02W4TiXmlEncoding@@@Z
?ReadValue@TiXmlElement@@IAEPBDPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?Remove@TiXmlAttributeSet@@QAEXPAVTiXmlAttribute@@@Z
?RemoveAttribute@TiXmlElement@@QAEXPBD@Z
?RemoveChild@TiXmlNode@@QAE_NPAV1@@Z
?ReplaceChild@TiXmlNode@@QAEPAV1@PAV1@ABV1@@Z
?RootElement@TiXmlDocument@@QAEPAVTiXmlElement@@XZ
?RootElement@TiXmlDocument@@QBEPBVTiXmlElement@@XZ
?Row@TiXmlBase@@QBEHXZ
?SaveFile@TiXmlDocument@@QBE_NPAU_iobuf@@@Z
?SaveFile@TiXmlDocument@@QBE_NPB_W@Z
?SetAttribute@TiXmlElement@@QAEXPBD0@Z
?SetAttribute@TiXmlElement@@QAEXPBDH@Z
?SetCDATA@TiXmlText@@QAEX_N@Z
?SetCondenseWhiteSpace@TiXmlBase@@SAX_N@Z
?SetDocument@TiXmlAttribute@@QAEXPAVTiXmlDocument@@@Z
?SetDoubleAttribute@TiXmlElement@@QAEXPBDN@Z
?SetDoubleValue@TiXmlAttribute@@QAEXN@Z
?SetError@TiXmlDocument@@QAEXHPBDPAVTiXmlParsingData@@W4TiXmlEncoding@@@Z
?SetIndent@TiXmlPrinter@@QAEXPBD@Z
?SetIntValue@TiXmlAttribute@@QAEXH@Z
?SetLineBreak@TiXmlPrinter@@QAEXPBD@Z
?SetName@TiXmlAttribute@@QAEXPBD@Z
?SetStreamPrinting@TiXmlPrinter@@QAEXXZ
?SetTabSize@TiXmlDocument@@QAEXH@Z
?SetUserData@TiXmlBase@@QAEXPAX@Z
?SetValue@TiXmlAttribute@@QAEXPBD@Z
?SetValue@TiXmlNode@@QAEXPBD@Z
?Size@TiXmlPrinter@@QAEIXZ
?SkipWhiteSpace@TiXmlBase@@KAPBDPBDW4TiXmlEncoding@@@Z
?Standalone@TiXmlDeclaration@@QBEPBDXZ
?StringEqual@TiXmlBase@@KA_NPBD0_NW4TiXmlEncoding@@@Z
?TabSize@TiXmlDocument@@QBEHXZ
?ToComment@TiXmlComment@@UAEPAV1@XZ
?ToComment@TiXmlComment@@UBEPBV1@XZ
?ToComment@TiXmlNode@@UAEPAVTiXmlComment@@XZ
?ToComment@TiXmlNode@@UBEPBVTiXmlComment@@XZ
?ToDeclaration@TiXmlDeclaration@@UAEPAV1@XZ
?ToDeclaration@TiXmlDeclaration@@UBEPBV1@XZ
?ToDeclaration@TiXmlNode@@UAEPAVTiXmlDeclaration@@XZ
?ToDeclaration@TiXmlNode@@UBEPBVTiXmlDeclaration@@XZ
?ToDocument@TiXmlDocument@@UAEPAV1@XZ
?ToDocument@TiXmlDocument@@UBEPBV1@XZ
?ToDocument@TiXmlNode@@UAEPAVTiXmlDocument@@XZ
?ToDocument@TiXmlNode@@UBEPBVTiXmlDocument@@XZ
?ToElement@TiXmlElement@@UAEPAV1@XZ
?ToElement@TiXmlElement@@UBEPBV1@XZ
?ToElement@TiXmlNode@@UAEPAVTiXmlElement@@XZ
?ToElement@TiXmlNode@@UBEPBVTiXmlElement@@XZ
?ToLower@TiXmlBase@@KAHHW4TiXmlEncoding@@@Z
?ToText@TiXmlNode@@UAEPAVTiXmlText@@XZ
?ToText@TiXmlNode@@UBEPBVTiXmlText@@XZ
?ToText@TiXmlText@@UAEPAV1@XZ
?ToText@TiXmlText@@UBEPBV1@XZ
?ToUnknown@TiXmlNode@@UAEPAVTiXmlUnknown@@XZ
?ToUnknown@TiXmlNode@@UBEPBVTiXmlUnknown@@XZ
?ToUnknown@TiXmlUnknown@@UAEPAV1@XZ
?ToUnknown@TiXmlUnknown@@UBEPBV1@XZ
?Type@TiXmlNode@@QBEHXZ
?Value@TiXmlAttribute@@QBEPBDXZ
?Value@TiXmlNode@@QBEPBDXZ
?ValueTStr@TiXmlNode@@QBEABVTiXmlString@@XZ
?Version@TiXmlDeclaration@@QBEPBDXZ
?Visit@TiXmlPrinter@@UAE_NABVTiXmlComment@@@Z
?Visit@TiXmlPrinter@@UAE_NABVTiXmlDeclaration@@@Z
?Visit@TiXmlPrinter@@UAE_NABVTiXmlText@@@Z
?Visit@TiXmlPrinter@@UAE_NABVTiXmlUnknown@@@Z
?VisitEnter@TiXmlPrinter@@UAE_NABVTiXmlDocument@@@Z
?VisitEnter@TiXmlPrinter@@UAE_NABVTiXmlElement@@PBVTiXmlAttribute@@@Z
?VisitExit@TiXmlPrinter@@UAE_NABVTiXmlDocument@@@Z
?VisitExit@TiXmlPrinter@@UAE_NABVTiXmlElement@@@Z
?condenseWhiteSpace@TiXmlBase@@0_NA
?entity@TiXmlBase@@0PAUEntity@1@A
?errorString@TiXmlBase@@1PAPBDA
?utf8ByteTable@TiXmlBase@@2QBHB

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
whatsnew.txt
xGraphic32.dll
.dll windows:4 windows x86 arch:x86

bee90c287829a3a0ac7728ae2f73d20a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

21:36:a0:3f:88:8a:ec:6b:f2:23:d0:3b:83:6b:d2:54:e5:ec:be:6c
Signer

Actual PE Digest

21:36:a0:3f:88:8a:ec:6b:f2:23:d0:3b:83:6b:d2:54:e5:ec:be:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\xGraphic32.pdb

Imports

kernel32

InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
EnterCriticalSection
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GlobalReAlloc
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
InterlockedExchange

user32

IntersectRect
IsRectEmpty
ReleaseDC
WindowFromDC
GetDC
OffsetRect
CopyRect
EqualRect
PtInRect
InflateRect
SetRect

gdi32

GetWindowOrgEx
CreateRectRgn
StretchBlt
RoundRect
GetStockObject
Rectangle
ExtCreatePen
ExtCreateRegion
CombineRgn
CreateDIBSection
DeleteObject
GetCurrentObject
GetClipBox
BitBlt
SetDIBitsToDevice
GetObjectW
SetWindowOrgEx
GetViewportOrgEx
SetViewportOrgEx
DeleteDC
SelectObject
CreateCompatibleDC

msimg32

AlphaBlend

msvcp80

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??2@YAPAXI@Z
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
memmove
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
??_V@YAXPAX@Z
__CxxFrameHandler3
memset
memcpy
_CIsqrt
_CxxThrowException

Exports

Exports

?DrawTexture9Grid@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@11KHE@Z
?DrawTextureCenter@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@1KE@Z
?DrawTextureTile@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@1KE@Z
?DrawTextureTopTile@@YAHTHGCANVAS@@PBUtagRECT@@THGTEXTURE@@11KE@Z
AHSLColorize
AHSLtoARGB
ARGBColorize
ARGBtoAHSL
BlendCanvas
BlurTexture
CanvasScroll
CanvasToTexture
ColorizeTexture
CopyTexture
CreateCanvas
CreateCanvasFromDC
CreateTexture
CreateTextureRgn
DeleteCanvas
DeleteTexture
DrawModulation
DrawQuadrangle3D
DrawTexture
DrawTextureEx
FillGradualRect
FillSolidRect
FillSolidRectEx
FlipTexture
GdiTransCanvas
GeoRectFocusEx
GeoRectangle
GeoRectangleEx
GeoRoundRect
GeoRoundRectEx
GetCanvasBkColor
GetCanvasFilter
GetCanvasHandle
GetCanvasSize
GetCanvasWindow
GetStretchKernelMode
GetTexture
GetTextureCurSlice
GetTextureFilter
GetTextureHandle
GetTextureMode
GetTextureSize
GetTextureSliceCount
GetViewportOrg
GetWindowOrg
GrayTexture
InvertTexture
LightTexture
LockTextureBits
MixCanvas
MixCanvasWithColor
NormalizeTexture
ReleaseTexture
ResizeTexture
RotateTexture
SetCanvasBkColor
SetCanvasFilter
SetCanvasWindow
SetStretchKernelMode
SetTextureCurSlice
SetTextureFilter
SetTextureMode
SetTextureSlice
SetViewportOrg
SetWindowOrg
ShuffleTexture
ShuffleTextureEx
TranslateTexture
UnlockTextureBits

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xImage.dll
.dll windows:4 windows x86 arch:x86

674b21bc2989c82fb9cf8afb994f3265

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5e:33:b2:62:3f:dc:76:d2:71:bc:e3:cc:1c:5d:40:62:97:95:c4:39
Signer

Actual PE Digest

5e:33:b2:62:3f:dc:76:d2:71:bc:e3:cc:1c:5d:40:62:97:95:c4:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\QQLive_proj\document\HummerSDK\Output\PdbFinal\xImage.pdb

Imports

libpng

png_error
png_set_pHYs
png_set_strip_16
png_read_info
png_set_bgr
png_set_filler
png_set_write_fn
png_read_row
png_create_write_struct
png_write_row
png_set_gray_to_rgb
png_destroy_read_struct
png_set_expand
png_read_end
png_set_background
png_set_bKGD
png_set_read_fn
png_get_bKGD
png_destroy_write_struct
png_set_error_fn
png_create_info_struct
png_write_end
png_write_info
png_create_read_struct
png_set_interlace_handling
png_set_IHDR

libjpegturbo

ord80
ord39
ord46
ord83
ord30
ord47
ord94
ord82
ord89
ord86
ord31
ord91
ord53
ord52
ord92
ord103
ord85
ord90

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
GlobalLock
GlobalSize
GlobalAlloc
GlobalUnlock
LoadResource
LockResource
SizeofResource

user32

GetIconInfo
DrawTextW
GetDC
ReleaseDC

gdi32

SetDIBitsToDevice
CreateRectRgnIndirect
GetClipBox
RectVisible
CreateCompatibleBitmap
ExtSelectClipRgn
CreateDIBitmap
GetStockObject
SetTextColor
RealizePalette
StretchDIBits
CreateFontIndirectW
StretchBlt
GetDIBits
GetObjectW
SetBkColor
CreateBitmap
SetStretchBltMode
SetBkMode
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
CreateCompatibleDC
BitBlt

msvcr80

longjmp
strcmp
atan2
?_type_info_dtor_internal_method@type_info@@QAEXXZ
acos
wcsncpy
fmod
calloc
strlen
strncmp
memset
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
wcslen
_swprintf
realloc
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__CxxFrameHandler3
_CxxThrowException
_setjmp3
div
fopen
strncpy
fseek
__CxxLongjmpUnwind
memcpy
fclose
fflush
getc
ferror
labs
fputc
fwrite
feof
free
fread
malloc
_purecall
??3@YAXPAX@Z
ftell
floor
qsort
??2@YAPAXI@Z
pow
log
rand
_cabs
atan
exp
sqrt
abs
cos
memcmp
ceil
fabs
sin
strcpy
_wfopen
isprint
printf

Exports

Exports

??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PB_WK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxMemFile@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?Alloc@CxMemFile@@IAEXK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCreate@CxImage@@QAEXXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaStrip@CxImage@@QAEXXZ
?Bitfield2RGB@CxImage@@IAEXPAEGGGE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?CircleTransform@CxImage@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Clear@CxImageGIF@@IAEXEAAUtag_image@1@@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?Colorize@CxImage@@QAE_NEEM@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?CompareColors@CxImage@@KAHPBX0@Z
?Contour@CxImage@@QAE_NXZ
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?Crop@CxImage@@QAE_NABUtagRECT@@PAV1@@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?CropRotatedRectangle@CxImage@@QAE_NJJJJMPAV1@@Z
?CrossSection@CxRect2@@QBE?AV1@ABV1@@Z
?DFT@CxImage@@IAE_NHJPAN000@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@_N@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@H@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Destroy@CxImage@@QAE_NXZ
?Dilate@CxImage@@QAE_NJ@Z
?DiscardAllButExif@CxExifInfo@CxImageJPG@@QAEXXZ
?Distance@CxPoint2@@QAEMMM@Z
?Distance@CxPoint2@@QAEMV1@@Z
?Dither@CxImage@@QAE_NJ@Z
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPB_WUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Edge@CxImage@@QAE_NJ@Z
?Enable@CxImage@@QAEX_N@Z
?Encode2RGBA@CxImage@@QAE_NAAPAEAAJ@Z
?Encode2RGBA@CxImage@@QAE_NPAVCxFile@@@Z
?Encode@CxImage@@QAE_NAAPAEAAJK@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@PAPAV1@HK@Z
?Encode@CxImage@@QAE_NPAVCxFile@@K@Z
?Encode@CxImage@@QAE_NPAVCxFile@@PAPAV1@HK@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H_N@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N@Z
?Encode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeBody@CxImageGIF@@IAEXPAVCxFile@@_N@Z
?EncodeComment@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeHeader@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeLoopExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeRGB@CxImageGIF@@IAE_NPAVCxFile@@@Z
?EncodeSafeCheck@CxImage@@IAE_NPAVCxFile@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Erode@CxImage@@QAE_NJ@Z
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Expand@CxImage@@QAE_NJJJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?FFT2@CxImage@@QAE_NPAV1@000J_N1@Z
?FFT@CxImage@@IAE_NHHPAN0@Z
?Filter@CxImage@@QAE_NPAJJJJ@Z
?FindFormat@CxImageHelper@@YAKPAVCxFile@@PAH@Z
?FindSection@CxExifInfo@CxImageJPG@@IAEPAXH@Z
?Flip@CxImage@@QAE_NXZ
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?Gamma@CxImage@@QAE_NM@Z
?Get16m@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get16u@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get32s@CxExifInfo@CxImageJPG@@IAEJPAX@Z
?Get32u@CxExifInfo@CxImageJPG@@IAEKPAX@Z
?GetAreaColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetDIB@CxImage@@QBEPAXXZ
?GetDisposalMethod@CxImageGIF@@QAEJXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetFlags@CxImage@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrameDelay@CxImage@@QBEKXZ
?GetHeight@CxImage@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImage@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@QAU2@@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetSize@CxImage@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetType@CxImage@@QBEKXZ
?GetVersion@CxImage@@QAEPB_WXZ
?GetVersionNumber@CxImage@@QAE?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?Ghost@CxImage@@IAEXPAV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Height@CxRect2@@QBEMXZ
?Histogram@CxImage@@QAEJPAJ000J@Z
?HistogramEqualize@CxImage@@QAE_NXZ
?HistogramLog@CxImage@@QAE_NXZ
?HistogramNormalize@CxImage@@QAE_NXZ
?HistogramRoot@CxImage@@QAE_NXZ
?HistogramStretch@CxImage@@QAE_NJ@Z
?HuePalette@CxImage@@QAEXM@Z
?HueToRGB@CxImage@@KAMMMM@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsPowerof2@CxImage@@IAE_NJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Jitter@CxImage@@QAE_NJ@Z
?KernelBSpline@CxImage@@SAMM@Z
?KernelBessel@CxImage@@SAMM@Z
?KernelBessel_J1@CxImage@@SAMM@Z
?KernelBessel_Order1@CxImage@@SAMM@Z
?KernelBessel_P1@CxImage@@SAMM@Z
?KernelBessel_Q1@CxImage@@SAMM@Z
?KernelBlackman@CxImage@@SAMM@Z
?KernelBox@CxImage@@SAMM@Z
?KernelCatrom@CxImage@@SAMM@Z
?KernelCubic@CxImage@@SAMM@Z
?KernelGaussian@CxImage@@SAMM@Z
?KernelGeneralizedCubic@CxImage@@SAMMM@Z
?KernelHamming@CxImage@@SAMM@Z
?KernelHermite@CxImage@@SAMM@Z
?KernelLanczosSinc@CxImage@@SAMMM@Z
?KernelLinear@CxImage@@SAMM@Z
?KernelMitchell@CxImage@@SAMM@Z
?KernelQuadratic@CxImage@@SAMM@Z
?KernelSinc@CxImage@@SAMM@Z
?Light@CxImage@@QAE_NJJ@Z
?Load@CxImage@@QAE_NPB_WK@Z
?LoadGif2@CxImageHelper@@YAPAVCxImage@@PAVCxFile@@AAH@Z
?LoadGif@CxImageHelper@@YAPAVCxImage@@PAVCxFile@@AAH@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?Lut@CxImage@@QAE_NPAE000@Z
?Lut@CxImage@@QAE_NPAE@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Mean@CxImage@@QAEMXZ
?Median@CxImage@@QAE_NJ@Z
?Mirror@CxImage@@QAE_NXZ
?Mix@CxImage@@QAEXAAV1@W4ImageOpType@1@JJ_N@Z
?MixFrom@CxImage@@QAEXAAV1@JJ@Z
?Negative@CxImage@@QAE_NXZ
?Noise@CxImage@@QAE_NJ@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?Open@CxMemFile@@QAE_NXZ
?OverflowCoordinates@CxImage@@QAEXAAJ0W4OverflowMethod@1@@Z
?OverflowCoordinates@CxImage@@QAEXAAM0W4OverflowMethod@1@@Z
?ProcessExifDir@CxExifInfo@CxImageJPG@@IAE_NPAE0IQAUtag_ExifInfo@2@QAPAE@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?PutC@CxMemFile@@UAE_NE@Z
?Putword@CxImageGIF@@IAEXHPAVCxFile@@@Z
?QIShrink@CxImage@@QAE_NJJQAV1@@Z
?RGBQUADtoRGB@CxImage@@SAKUtagRGBQUAD@@@Z
?RGBtoBGR@CxImage@@IAEXPAEH@Z
?RGBtoHSL@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoRGBQUAD@CxImage@@SA?AUtagRGBQUAD@@K@Z
?RGBtoXYZ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYIQ@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?RGBtoYUV@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Read@CxMemFile@@UAEIPAXII@Z
?RedEyeRemove@CxImage@@QAE_NXZ
?Repair@CxImage@@QAE_NMJJ@Z
?RepairChannel@CxImage@@IAE_NPAV1@M@Z
?Resample2@CxImage@@QAE_NJJW4InterpolationMethod@1@W4OverflowMethod@1@QAV1@_N@Z
?Resample@CxImage@@QAE_NJJHPAV1@@Z
?Rotate180@CxImage@@QAE_NPAV1@@Z
?Rotate2@CxImage@@QAE_NMPAV1@W4InterpolationMethod@1@W4OverflowMethod@1@PAUtagRGBQUAD@@_N4@Z
?Rotate@CxImage@@QAE_NMPAV1@@Z
?RotateLeft@CxImage@@QAE_NPAV1@@Z
?RotateRight@CxImage@@QAE_NPAV1@@Z
?Save@CxImage@@QAE_NPB_WK@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Seek@CxMemFile@@UAE_NJH@Z
?SetClrImportant@CxImage@@QAEXK@Z
?SetCodecOption@CxImage@@QAE_NKK@Z
?SetComment@CxImageGIF@@QAEXPBD@Z
?SetDisposalMethod@CxImageGIF@@QAEXH@Z
?SetEscape@CxImage@@QAEXJ@Z
?SetFlags@CxImage@@QAEXK_N@Z
?SetFrame@CxImage@@QAEXJ@Z
?SetFrameDelay@CxImage@@QAEXK@Z
?SetGrayPalette@CxImage@@QAEXXZ
?SetJpegQuality@CxImage@@QAEXE@Z
?SetJpegScale@CxImage@@QAEXE@Z
?SetLoops@CxImageGIF@@QAEXH@Z
?SetOffset@CxImage@@QAEXJJ@Z
?SetPalette@CxImage@@QAEXKPAE00@Z
?SetPalette@CxImage@@QAEXPAUrgb_color@1@K@Z
?SetPalette@CxImage@@QAEXPAUtagRGBQUAD@@K@Z
?SetPaletteColor@CxImage@@QAEXEEEEE@Z
?SetPaletteColor@CxImage@@QAEXEK@Z
?SetPaletteColor@CxImage@@QAEXEUtagRGBQUAD@@@Z
?SetPixelColor@CxImage@@QAEXJJK@Z
?SetPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@_N@Z
?SetPixelIndex@CxImage@@QAEXJJE@Z
?SetProgress@CxImage@@QAEXJ@Z
?SetStdPalette@CxImage@@QAEXXZ
?SetTransColor@CxImage@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImage@@QAEXJ@Z
?SetXDPI@CxImage@@QAEXJ@Z
?SetYDPI@CxImage@@QAEXJ@Z
?ShiftRGB@CxImage@@QAE_NJJJ@Z
?Size@CxIOFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Skew@CxImage@@QAE_NMMJJ_N@Z
?SplitCMYK@CxImage@@QAE_NPAV1@000@Z
?SplitHSL@CxImage@@QAE_NPAV1@00@Z
?SplitRGB@CxImage@@QAE_NPAV1@00@Z
?SplitXYZ@CxImage@@QAE_NPAV1@00@Z
?SplitYIQ@CxImage@@QAE_NPAV1@00@Z
?SplitYUV@CxImage@@QAE_NPAV1@00@Z
?Startup@CxImage@@IAEXK@Z
?Stretch@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@K@Z
?Stretch@CxImage@@QAEJPAUHDC__@@JJJJK@Z
?Surface@CxRect2@@QBEMXZ
?SwapIndex@CxImage@@QAEXEE@Z
?Tell@CxIOFile@@UAEJXZ
?Tell@CxMemFile@@UAEJXZ
?Threshold@CxImage@@QAE_NE@Z
?Thumbnail@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?Tile@CxImage@@QAEJPAUHDC__@@PAUtagRECT@@@Z
?Transfer@CxImage@@QAE_NAAV1@@Z
?UnsharpMask@CxImage@@QAE_NMMH@Z
?Width@CxRect2@@QBEMXZ
?Write@CxIOFile@@UAEIPBXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?XYZtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YIQtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?YUVtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?blur_line@CxImage@@IAEXPAM0HPAE1HJ@Z
?char_out@CxImageGIF@@IAEXH@Z
?cl_hash@CxImageGIF@@IAEXJ@Z
?compressLZW@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressNONE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?compressRLE@CxImageGIF@@IAEXHPAVCxFile@@@Z
?decoder@CxImageGIF@@IAEFPAVCxFile@@PAVCImageIterator@@FAAH@Z
?flush_char@CxImageGIF@@IAEXXZ
?gen_convolve_matrix@CxImage@@IAEHMPAPAM@Z
?gen_lookup_table@CxImage@@IAEPAMPAMH@Z
?get_byte@CxImageGIF@@IAEHPAVCxFile@@@Z
?get_next_code@CxImageGIF@@IAEFPAVCxFile@@@Z
?get_num_frames@CxImageGIF@@IAEHPAVCxFile@@PAUtag_TabCol@1@PAUtag_dscgif@1@@Z
?init_exp@CxImageGIF@@IAEFF@Z
?out_line@CxImageGIF@@IAEHPAVCImageIterator@@PAEH@Z
?output@CxImageGIF@@IAEXF@Z
?process_COM@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?process_EXIF@CxExifInfo@CxImageJPG@@IAE_NPAEI@Z
?process_SOFn@CxExifInfo@CxImageJPG@@IAEXPBEH@Z
?rle_block_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_block_out@CxImageGIF@@IAEXEPAUtag_RLE@1@@Z
?rle_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_compute_triangle_count@CxImageGIF@@IAEIII@Z
?rle_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_flush_clearorrep@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_fromclear@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_flush_withtable@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_isqrt@CxImageGIF@@IAEII@Z
?rle_output@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_output_flush@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_output_plain@CxImageGIF@@IAEXHPAUtag_RLE@1@@Z
?rle_reset_out_clear@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?rle_write_block@CxImageGIF@@IAEXPAUtag_RLE@1@@Z
?seek_next_image@CxImageGIF@@IAEJPAVCxFile@@J@Z

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib.dll
.dll windows:4 windows x86 arch:x86

962a4aa4b13b8b9e119492191014e772

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3f:b3:4c:03:0b:66:29:40:6e:b3:ad:ff:e2:5a:78:d8:8c:b2:28:c2
Signer

Actual PE Digest

3f:b3:4c:03:0b:66:29:40:6e:b3:ad:ff:e2:5a:78:d8:8c:b2:28:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\Code\ThirdParty\pdb\release\zlib.pdb

Imports

msvcr80

__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_adjust_fdiv
__dllonexit
_lock
_onexit
_except_handler4_common
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_vsnprintf
strerror
_errno
memchr
malloc
free
_unlock
sprintf
_open
_lseek
_read
_close
_write
memcpy
memset

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzoffset
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5efd74892a893f15c566623cc8a8cc76

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0eCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

cf:49:8a:a7:1d:67:93:31:e0:6d:e2:ad:ee:9b:3a:89:25:5b:e2:f5Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 441KB

.ndata Size: - Virtual size: 1.4MB

.rsrc Size: 22KB - Virtual size: 22KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

fc48f1867996469168a737dda79223c9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0eCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

d1:a8:af:55:25:37:c2:bc:cf:0f:2c:da:36:65:a0:14:63:f7:8c:54Signer

Headers

File Characteristics

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

cf:49:8a:a7:1d:67:93:31:e0:6d:e2:ad:ee:9b:3a:89:25:5b:e2:f5
Signer

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 441KB

.ndata
Size: - Virtual size: 1.4MB

.rsrc
Size: 22KB - Virtual size: 22KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

d1:a8:af:55:25:37:c2:bc:cf:0f:2c:da:36:65:a0:14:63:f7:8c:54
Signer

.text
Size: 648KB - Virtual size: 646KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 32KB - Virtual size: 31KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

d5:bb:01:2b:db:0e:e3:de:97:c0:89:58:20:2c:e0:cd:00:c0:24:49
Signer

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 432B