AddEventHandler
Unload
UnsetEventHandler
WhichButtonId
Overview
overview
3Static
static
3PhDDNS/@�...��.exe
windows7-x64
3PhDDNS/@�...��.exe
windows10-2004-x64
3$PLUGINSDI...nt.dll
windows7-x64
3$PLUGINSDI...nt.dll
windows10-2004-x64
3$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...SC.dll
windows7-x64
3$PLUGINSDI...SC.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3PhDDNS/PhAlive.dll
windows7-x64
3PhDDNS/PhAlive.dll
windows10-2004-x64
3PhDDNS/PhDDNS.exe
windows7-x64
3PhDDNS/PhDDNS.exe
windows10-2004-x64
3PhDDNS/PhDdnsCore.exe
windows7-x64
3PhDDNS/PhDdnsCore.exe
windows10-2004-x64
3PhDDNS/PhIDNA.dll
windows7-x64
3PhDDNS/PhIDNA.dll
windows10-2004-x64
3PhDDNS/checkver.exe
windows7-x64
3PhDDNS/checkver.exe
windows10-2004-x64
3Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
PhDDNS/@绿化工具.exe
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
PhDDNS/@绿化工具.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/ButtonEvent.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/SimpleSC.dll
Resource
win7-20240729-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/SimpleSC.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral11
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral13
Sample
$PLUGINSDIR/linker.dll
Resource
win7-20240708-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral14
Sample
$PLUGINSDIR/linker.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral15
Sample
PhDDNS/PhAlive.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral16
Sample
PhDDNS/PhAlive.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral17
Sample
PhDDNS/PhDDNS.exe
Resource
win7-20240704-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral18
Sample
PhDDNS/PhDDNS.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral19
Sample
PhDDNS/PhDdnsCore.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral20
Sample
PhDDNS/PhDdnsCore.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral21
Sample
PhDDNS/PhIDNA.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral22
Sample
PhDDNS/PhIDNA.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral23
Sample
PhDDNS/checkver.exe
Resource
win7-20240903-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral24
Sample
PhDDNS/checkver.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
cfcd45173e91fce2c962783755150407_JaffaCakes118
-
Size
1.4MB
-
MD5
cfcd45173e91fce2c962783755150407
-
SHA1
569b7b9a3080a01110c2da5f41bcdf85a35657b4
-
SHA256
4667b7aa80601b1b7b2a049cdcb64ae622d873f2133f968eb19ed5b3353711d0
-
SHA512
1eeabe8089b61b3c8a57b8f167506c08114f3bc4bc42386e159ba27869524531dde2c80702a64bf52b672e50aa21714758f2a8168efdafd5daa8b46b76bd7cc1
-
SSDEEP
24576:etHQ+ew86i2RigLLcq1mRFAkBlpBJ0smxmO/UqjVUUzy8yWr4xNpEsfxPfQIurZ9:etHQ+FTignmwMlpBJ0aEvjKPJPUdttQo
Score
3/10
Malware Config
Signatures
-
Unsigned PE 7 IoCs
Checks for missing Authenticode signature.
resource unpack001/PhDDNS/@绿化工具.exe unpack002/$PLUGINSDIR/ButtonEvent.dll unpack002/$PLUGINSDIR/InstallOptions.dll unpack002/$PLUGINSDIR/KillProcDLL.dll unpack002/$PLUGINSDIR/SimpleSC.dll unpack002/$PLUGINSDIR/System.dll unpack002/$PLUGINSDIR/linker.dll -
NSIS installer 2 IoCs
resource yara_rule static1/unpack001/PhDDNS/@绿化工具.exe nsis_installer_1 static1/unpack001/PhDDNS/@绿化工具.exe nsis_installer_2
Files
-
cfcd45173e91fce2c962783755150407_JaffaCakes118.rar
-
PhDDNS/@绿化工具.exe.exe windows:4 windows x86 arch:x86
1c042238f43557c055fca8642de8a074
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA
user32
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 296KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 360KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ButtonEvent.dll.dll windows:4 windows x86 arch:x86
0ece15e7d9bb35972aec701f46192460
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcmpiA
GlobalAlloc
lstrcpyA
lstrcpynA
GlobalFree
user32
PostMessageA
CallWindowProcA
GetDlgItem
FindWindowExA
SetWindowLongA
wsprintfA
Exports
Exports
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 503B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 128B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 220B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc
user32
MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
MessageBoxA
CallWindowProcA
PostMessageA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect
gdi32
SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA
comdlg32
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
dialog
initDialog
show
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/KillProcDLL.dll.dll windows:4 windows x86 arch:x86
153027ec3b10bcea606b777657dd3402
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetVersionExA
TerminateProcess
OpenProcess
LoadLibraryA
CloseHandle
GetProcAddress
FreeLibrary
GlobalFree
lstrcpyA
DisableThreadLibraryCalls
msvcrt
strcmp
_strupr
toupper
strlen
free
_initterm
malloc
_adjust_fdiv
strcpy
_itoa
Exports
Exports
KillProc
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 172B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/SimpleSC.dll.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
ContinueService
ExistsService
GetErrorMessage
GetServiceBinaryPath
GetServiceDisplayName
GetServiceName
GetServiceStartType
GetServiceStatus
GrantServiceLogonPrivilege
InstallService
PauseService
RemoveService
RemoveServiceLogonPrivilege
RestartService
ServiceIsPaused
ServiceIsRunning
ServiceIsStopped
SetServiceDescription
SetServiceLogon
SetServiceStartType
StartService
StopService
Sections
CODE Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 1024B - Virtual size: 659B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 92B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 446B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/linker.dll.dll windows:4 windows x86 arch:x86
5b9be84907034b8f0152e51177ceafc3
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
GlobalFree
user32
UpdateWindow
InvalidateRect
SetCapture
SetFocus
PtInRect
GetWindowRect
GetDC
ReleaseCapture
EndPaint
BeginPaint
SetCursor
LoadCursorA
CallWindowProcA
DestroyCursor
SetWindowLongA
CreateCursor
IsWindow
ReleaseDC
SetWindowPos
GetWindowLongA
SendMessageA
GetClientRect
FillRect
GetFocus
DrawFocusRect
DrawTextA
ClientToScreen
gdi32
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA
GetStockObject
DeleteObject
SelectObject
shell32
ShellExecuteA
Exports
Exports
Link
Unload
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/www.greendown.cn.ini
-
PhDDNS/PhAlive.dll.dll windows:5 windows x86 arch:x86
22bee203722836ab68f1d6bfd2921abf
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
31:4d:70:ae:2d:9a:54:95:cc:f7:f5:14:70:0e:55:8bCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before23/02/2011, 00:00Not After23/04/2013, 23:59SubjectCN=Shanghai Best Oray Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Best Oray Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetCPInfo
GetOEMCP
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
ExitProcess
HeapSize
HeapReAlloc
FatalAppExitA
SystemTimeToFileTime
GetFileType
GetStartupInfoA
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
GetProcessHeap
FileTimeToSystemTime
GetAtomNameA
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
GlobalFlags
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedIncrement
GetModuleHandleW
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
lstrcmpA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
CloseHandle
GetLastError
SetLastError
GlobalFree
CopyFileA
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
MulDiv
GetTickCount
Sleep
GetModuleFileNameA
CreateDirectoryA
FreeConsole
lstrcatA
lstrlenA
GetConsoleScreenBufferInfo
WriteConsoleOutputAttribute
AllocConsole
lstrcpyA
SetConsoleTitleA
SetHandleCount
GetStdHandle
user32
SetTimer
KillTimer
WindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
IsRectEmpty
GetSystemMenu
SetParent
UnionRect
GetDCEx
LockWindowUpdate
SetCapture
InvalidateRect
SetRectEmpty
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
DestroyMenu
GetMenuItemInfoA
InflateRect
CharUpperA
DestroyIcon
GetDesktopWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
DeleteMenu
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetWindowTextLengthA
SetRect
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
GetMenuBarInfo
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorA
GetWindowTextA
GetDialogBaseUnits
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
PostMessageA
SendMessageA
PostThreadMessageA
wvsprintfA
wsprintfA
GetScrollPos
gdi32
PolylineTo
PolyBezierTo
ExtSelectClipRgn
DeleteDC
CreateDIBPatternBrushPt
CreatePatternBrush
CreateCompatibleDC
GetStockObject
RectVisible
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
PolyDraw
CreateHatchBrush
GetCurrentPositionEx
GetTextExtentPoint32A
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetCharWidthA
CreateFontA
StretchDIBits
CreateCompatibleBitmap
GetTextMetricsA
GetBkColor
CreateSolidBrush
ArcTo
PtVisible
StartDocA
GetPixel
BitBlt
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
CreateFontIndirectA
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
DeleteObject
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateDCA
CopyMetaFileA
TextOutA
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
OpenPrinterA
DocumentPropertiesA
advapi32
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey
RegDeleteValueA
shell32
ExtractIconA
DragFinish
DragQueryFileA
SHGetFileInfoA
shlwapi
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathRemoveFileSpecW
ole32
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
StringFromGUID2
CoDisconnectObject
CoCreateInstance
CLSIDFromString
CoUninitialize
CoInitializeEx
oleaut32
VarBstrFromDate
VarCyFromStr
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
VarDateFromStr
SysReAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SysFreeString
SysAllocStringByteLen
SysStringLen
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
wsock32
gethostname
sendto
send
recvfrom
recv
listen
socket
inet_ntoa
inet_addr
connect
htonl
htons
bind
ioctlsocket
accept
WSAGetLastError
ntohs
WSAStartup
gethostbyname
select
closesocket
Exports
Exports
peanut_beginupdate
peanut_init
peanut_reupdate
peanut_terminate
Sections
.text Size: 575KB - Virtual size: 574KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 1024B - Virtual size: 793B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 33KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
PhDDNS/PhDDNS.exe.exe windows:4 windows x86 arch:x86
48bf31c10929fc37143d69b830cba344
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
31:4d:70:ae:2d:9a:54:95:cc:f7:f5:14:70:0e:55:8bCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before23/02/2011, 00:00Not After23/04/2013, 23:59SubjectCN=Shanghai Best Oray Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Best Oray Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
d:\SkyVense\Code\vc6\Privatework\Projects.current\oray\main\bin\win32\release\phddns\PhDDns.pdb
Imports
rpcrt4
RpcStringFreeW
UuidToStringW
UuidCreate
iphlpapi
GetAdaptersInfo
dnsapi
DnsQuery_A
DnsRecordListFree
winmm
PlaySoundW
kernel32
SetEnvironmentVariableA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreatePipe
CreateProcessW
CreateThread
GetExitCodeProcess
CloseHandle
Sleep
PeekNamedPipe
GetConsoleMode
ReadFile
SizeofResource
LockResource
LoadResource
FindResourceW
lstrlenA
MultiByteToWideChar
FreeLibrary
OutputDebugStringA
LoadLibraryW
GetPrivateProfileStringW
GetProcAddress
CreateEventW
SetEvent
GetModuleFileNameW
CreateMutexA
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
WideCharToMultiByte
lstrlenW
DeleteCriticalSection
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
HeapSize
RaiseException
ExitThread
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetFileTime
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
InterlockedIncrement
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
FindFirstFileW
FindNextFileW
EnterCriticalSection
LeaveCriticalSection
GetLastError
InterlockedExchange
WritePrivateProfileStringW
lstrcatW
WinExec
lstrcpyW
GetCommandLineW
FindClose
GetModuleHandleA
InterlockedDecrement
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
FormatMessageW
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
GetVersionExA
SuspendThread
SetThreadPriority
GlobalFree
GlobalReAlloc
LoadLibraryA
FreeResource
GlobalAlloc
GetFileAttributesW
GlobalUnlock
GlobalLock
GlobalSize
CopyFileW
GetSystemDirectoryW
LocalAlloc
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetUserDefaultLangID
GetVersionExW
lstrcmpiW
MulDiv
LoadLibraryExW
GetWindowsDirectoryW
lstrcmpW
ResumeThread
SetNamedPipeHandleState
WaitNamedPipeW
CreateFileW
GetTickCount
GetModuleHandleW
SetLastError
WriteFile
DisconnectNamedPipe
GetProcessHeap
HeapFree
HeapAlloc
GetCurrentThreadId
CreateMutexW
user32
DestroyMenu
GrayStringW
DrawTextExW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
PostQuitMessage
SetWindowTextW
IsDialogMessageW
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
GetMessageTime
GetScrollPos
GetMenu
MessageBoxW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuCheckMarkDimensions
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
PeekMessageW
ValidateRect
CreateWindowExW
DestroyWindow
GetAsyncKeyState
MonitorFromWindow
CallMsgFilterW
BeginPaint
LockWindowUpdate
GetMessageW
SetWindowPos
UpdateWindow
GetMonitorInfoW
MapWindowPoints
ModifyMenuW
CharUpperW
TrackPopupMenu
SetMenuItemBitmaps
ShowWindow
MoveWindow
GetDlgItem
DrawIconEx
GetClassLongW
LoadCursorFromFileW
GetScrollRange
EnableMenuItem
InsertMenuW
wsprintfW
GetSystemMenu
CheckMenuItem
RegisterWindowMessageW
DrawIcon
IsIconic
TranslateAcceleratorW
LoadAcceleratorsW
SetMenuDefaultItem
RemoveMenu
GetSubMenu
CreateMenu
AppendMenuW
InsertMenuItemW
CreatePopupMenu
LoadIconW
SetWindowRgn
SetRectEmpty
GetMenuState
GetMenuItemID
GetMenuItemCount
IsWindowEnabled
ChildWindowFromPoint
WindowFromPoint
ClientToScreen
IsWindow
LoadCursorW
LoadImageW
DestroyCursor
SetCursor
GetIconInfo
CopyIcon
CreateIconIndirect
ReleaseCapture
SetCapture
IsRectEmpty
IsWindowVisible
SetScrollPos
GetCursorPos
GetDoubleClickTime
SetParent
IntersectRect
LoadBitmapW
PtInRect
SetRect
GetMessagePos
DestroyIcon
DrawStateW
GetDC
EnumChildWindows
GetSysColorBrush
DrawTextW
FrameRect
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
GetFocus
TrackMouseEvent
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetSystemMetrics
GetScrollBarInfo
CallWindowProcW
DrawFocusRect
RegisterClipboardFormatW
DefWindowProcW
InflateRect
CopyRect
EnumThreadWindows
OffsetRect
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
ScreenToClient
SetWindowLongW
RedrawWindow
GetWindowDC
GetSysColor
FillRect
GetWindowRect
GetClientRect
GetParent
InvalidateRect
GetClassInfoW
PostMessageW
FindWindowW
SystemParametersInfoW
KillTimer
EqualRect
SetForegroundWindow
EnableWindow
GetDesktopWindow
SendMessageW
SetTimer
PostThreadMessageW
EndPaint
UnregisterClassA
gdi32
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
Escape
CreateRectRgnIndirect
GetMapMode
GetTextExtentPoint32W
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetMapMode
SetViewportExtEx
RestoreDC
SaveDC
GetClipBox
ExtCreateRegion
SetBrushOrgEx
SetStretchBltMode
SetDIBColorTable
GetDIBColorTable
ExcludeClipRect
GetTextExtentPointW
RoundRect
ExtTextOutW
GetPixel
OffsetRgn
CombineRgn
CreateRectRgn
FillRgn
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
TextOutW
SetTextJustification
GetTextMetricsW
SetBkColor
CreateFontIndirectW
GetDeviceCaps
CreateBitmap
StretchBlt
CreateDIBSection
Rectangle
GetObjectW
LineTo
SetTextColor
DeleteDC
SetPixel
CreatePen
SetBkMode
CreateEllipticRgnIndirect
DeleteObject
BitBlt
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
OffsetViewportOrgEx
SetViewportOrgEx
CreateSolidBrush
ExtCreatePen
Arc
Ellipse
MoveToEx
SelectClipRgn
SelectObject
msimg32
AlphaBlend
TransparentBlt
GradientFill
comdlg32
GetFileTitleW
winspool.drv
DocumentPropertiesW
OpenPrinterW
ClosePrinter
advapi32
RegDeleteKeyW
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
MakeSelfRelativeSD
GetSecurityDescriptorLength
RegEnumKeyW
RegOpenKeyW
QueryServiceConfigW
QueryServiceStatus
StartServiceW
ControlService
ChangeServiceConfigW
CloseServiceHandle
RegCreateKeyExW
RegQueryValueExW
IsValidSid
UnlockServiceDatabase
LockServiceDatabase
OpenServiceW
OpenSCManagerW
RegSetValueExW
RegDeleteValueW
RegEnumValueW
RegCloseKey
RegQueryValueW
RegOpenKeyExW
GetLengthSid
LookupAccountNameW
CopySid
GetAclInformation
AddAce
InitializeSecurityDescriptor
InitializeAcl
MakeAbsoluteSD
GetSecurityDescriptorControl
shell32
Shell_NotifyIconW
ShellExecuteW
comctl32
_TrackMouseEvent
ord17
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIcon
shlwapi
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
oledlg
OleUIBusyW
ole32
StgCreateDocfileOnILockBytes
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
CoCreateInstance
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
OleRun
CoTaskMemFree
CreateStreamOnHGlobal
CoRevokeClassObject
CoGetClassObject
CoInitialize
CoUninitialize
CreateILockBytesOnHGlobal
GetHGlobalFromStream
OleFlushClipboard
OleIsCurrentClipboard
oleaut32
SafeArrayDestroy
VariantCopy
SysAllocString
SysFreeString
SysStringLen
VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
VarDateFromStr
SysAllocStringLen
ws2_32
bind
WSAGetLastError
sendto
send
listen
recv
socket
connect
inet_ntoa
gethostbyname
htons
inet_addr
htonl
accept
closesocket
ntohs
select
WSAStartup
WSACleanup
recvfrom
gdiplus
GdipGetImageEncodersSize
GdipDrawImageI
GdiplusStartup
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageEncoders
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToStream
GdipAlloc
GdipFree
GdipCloneImage
GdiplusShutdown
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Exports
Exports
??0COrayButton@OrayUI@@QAE@ABV01@@Z
??0COrayFrame@OrayUI@@QAE@ABV01@@Z
??0COrayGroupBox@OrayUI@@QAE@ABV01@@Z
??0COrayHeadCtrl@OrayUI@@QAE@ABV01@@Z
??0COrayListCtrl@OrayUI@@QAE@ABV01@@Z
??0COrayPanel@OrayUI@@QAE@ABV01@@Z
??0COrayScrollbar@OrayUI@@QAE@ABV01@@Z
??0COraySkin@OrayUI@@QAE@ABV01@@Z
??0COrayStatic@OrayUI@@QAE@ABV01@@Z
??0COrayUIBase@OrayUI@@QAE@ABV01@@Z
??0COrayWinCtrl@OrayUI@@QAE@ABV01@@Z
??0COrayWnd@OrayUI@@QAE@ABV01@@Z
??0CSubclassMap@OrayUI@@QAE@ABV01@@Z
??0CSubclassMap@OrayUI@@QAE@XZ
??0CUIBitmap@OrayUI@@QAE@ABV01@@Z
??0CUIBitmap@OrayUI@@QAE@XZ
??0CXMLAttribute@OrayUI@@QAE@ABV01@@Z
??1CUIBitmap@OrayUI@@UAE@XZ
??4COrayButton@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayFrame@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayGroupBox@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayHeadCtrl@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayListCtrl@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayPanel@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayScrollbar@OrayUI@@QAEAAV01@ABV01@@Z
??4COraySkin@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayStatic@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayUIBase@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayWinCtrl@OrayUI@@QAEAAV01@ABV01@@Z
??4COrayWnd@OrayUI@@QAEAAV01@ABV01@@Z
??4CSubclassMap@OrayUI@@QAEAAV01@ABV01@@Z
??4CUIBitmap@OrayUI@@QAEAAV01@ABV01@@Z
??4CXMLAttribute@OrayUI@@QAEAAV01@ABV01@@Z
??_7COrayButton@OrayUI@@6B@
??_7COrayFrame@OrayUI@@6B@
??_7COrayGroupBox@OrayUI@@6B@
??_7COrayHeadCtrl@OrayUI@@6B@
??_7COrayListCtrl@OrayUI@@6B@
??_7COrayPanel@OrayUI@@6B@
??_7COrayScrollbar@OrayUI@@6B@
??_7COrayStatic@OrayUI@@6B@
??_7COrayUIBase@OrayUI@@6B@
??_7COrayWinCtrl@OrayUI@@6B@
??_7COrayWnd@OrayUI@@6B@
??_7CUIBitmap@OrayUI@@6B@
??_7CXMLAttribute@OrayUI@@6B@
?GetColumnCount@COrayHeadCtrl@OrayUI@@QAEHXZ
?GetMiniHeight@COrayWnd@OrayUI@@QBEHXZ
?GetMiniWidth@COrayWnd@OrayUI@@QBEHXZ
?GetOrayFrame@COrayWnd@OrayUI@@QAEPAVCOrayFrame@2@XZ
?GetScrollbar@COrayPanel@OrayUI@@QAEPAVCOrayScrollbar@2@_N@Z
?GetState@COrayUIBase@OrayUI@@QBEIXZ
?GetTrackSize@COrayScrollbar@OrayUI@@QAEHXZ
?GetType@COrayUIBase@OrayUI@@QBEIXZ
?GetUserData@COrayUIBase@OrayUI@@QAEKXZ
?GetXmlElement@CXMLAttribute@OrayUI@@QBEPAVTiXmlElement@@XZ
?GetZoom@COrayListCtrl@OrayUI@@QAEMXZ
?IsAutoLength@COrayStatic@OrayUI@@QAE_NXZ
?IsEllipsis@COrayStatic@OrayUI@@QAE_NXZ
?IsVertical@COrayScrollbar@OrayUI@@QAE_NXZ
?NoChildren@CXMLAttribute@OrayUI@@QAE_NXZ
?SetAutoLength@COrayStatic@OrayUI@@QAEX_N@Z
?SetEllipsis@COrayStatic@OrayUI@@QAEX_N@Z
?SetMiniHeight@COrayWnd@OrayUI@@QAEXH@Z
?SetMiniWidth@COrayWnd@OrayUI@@QAEXH@Z
?SetOrayFrame@COrayWnd@OrayUI@@QAEXPAVCOrayFrame@2@@Z
?SetShaped@COrayWnd@OrayUI@@QAEX_N@Z
?SetType@COrayUIBase@OrayUI@@QAEXI@Z
?SetUserData@COrayUIBase@OrayUI@@QAEXK@Z
?SetXmlElement@CXMLAttribute@OrayUI@@QAEXPAVTiXmlElement@@@Z
Sections
.text Size: 832KB - Virtual size: 828KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 184KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 836KB - Virtual size: 833KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
PhDDNS/PhDdnsCore.exe.exe windows:4 windows x86 arch:x86
6cbea0893e26598a7bd94c4fdff3f851
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
31:4d:70:ae:2d:9a:54:95:cc:f7:f5:14:70:0e:55:8bCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before23/02/2011, 00:00Not After23/04/2013, 23:59SubjectCN=Shanghai Best Oray Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Best Oray Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
iphlpapi
GetAdaptersInfo
kernel32
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
HeapFree
HeapAlloc
GetProcessHeap
ExitThread
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FatalAppExitA
GetModuleFileNameA
SetConsoleCtrlHandler
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CreateFileA
ExitProcess
GetConsoleMode
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCommandLineA
QueryPerformanceCounter
GetTickCount
SetEnvironmentVariableA
SetEnvironmentVariableW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetVersionExW
GetCurrentDirectoryW
GetPrivateProfileIntW
GetFileTime
GetFileAttributesW
SetFileAttributesW
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileW
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetStringTypeExW
DeleteFileW
MoveFileW
GetModuleHandleA
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetAtomNameW
GlobalGetAtomNameW
InterlockedIncrement
GetCurrentProcessId
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
SetErrorMode
WaitForMultipleObjects
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
GetVersionExA
GlobalFree
CopyFileW
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
SetLastError
CreateEventW
SetEvent
SetThreadPriority
GetCurrentThreadId
CreateDirectoryW
FreeConsole
lstrcatW
GetConsoleScreenBufferInfo
WriteConsoleOutputAttribute
AllocConsole
lstrcpyW
SetConsoleTitleW
GetStdHandle
CreateNamedPipeW
ConnectNamedPipe
WriteFile
DisconnectNamedPipe
CloseHandle
CreateThread
PeekNamedPipe
ReadFile
lstrcmpW
GetCommandLineW
GetModuleHandleW
WaitForSingleObject
SuspendThread
GetLastError
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
GetProcAddress
Sleep
GetModuleFileNameW
GetPrivateProfileStringW
lstrlenW
GetPrivateProfileStringA
WritePrivateProfileStringW
lstrlenA
WritePrivateProfileSectionW
ResumeThread
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
GetConsoleCP
user32
SetCursor
CharUpperW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
GetDesktopWindow
ClientToScreen
GetDC
ReleaseDC
GetSysColorBrush
GetWindowThreadProcessId
PostQuitMessage
MsgWaitForMultipleObjects
WaitMessage
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnregisterClassA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
ShowOwnedPopups
GetClientRect
GetMenu
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
ScrollWindowEx
SetFocus
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
GetWindowLongW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
SendDlgItemMessageW
GetDlgItemTextW
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
DeleteMenu
UnregisterClassW
DestroyIcon
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetDialogBaseUnits
UpdateWindow
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
wvsprintfW
wsprintfW
PostMessageW
EnableWindow
KillTimer
SetTimer
LoadIconW
LoadCursorW
PostThreadMessageW
SetScrollInfo
DestroyWindow
gdi32
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
GetTextMetricsW
DPtoLP
SetTextCharacterExtra
PatBlt
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SetWorldTransform
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
GetStockObject
GetDeviceCaps
CopyMetaFileW
CreateDCW
CreateBitmap
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectW
DeleteObject
CreateFontIndirectW
CreateCompatibleDC
BitBlt
ExtTextOutW
GetTextExtentPoint32W
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SelectClipPath
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
OpenPrinterW
DocumentPropertiesW
advapi32
CloseServiceHandle
RegCreateKeyW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegSetValueW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumValueW
ReadEventLogW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryInfoKeyW
RegQueryValueExW
RegisterEventSourceW
OpenBackupEventLogW
OpenEventLogW
OpenSCManagerW
CreateServiceW
StartServiceCtrlDispatcherW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegisterServiceCtrlHandlerW
DeregisterEventSource
GetUserNameW
LookupAccountNameW
ReportEventW
NotifyChangeEventLog
GetOldestEventLogRecord
GetNumberOfEventLogRecords
ClearEventLogW
BackupEventLogW
CloseEventLog
UnlockServiceDatabase
LockServiceDatabase
OpenServiceW
EnumServicesStatusW
QueryServiceLockStatusW
EnumDependentServicesW
QueryServiceObjectSecurity
SetServiceObjectSecurity
DeleteService
QueryServiceConfigW
QueryServiceStatus
StartServiceW
ControlService
ChangeServiceConfigW
SetServiceStatus
shell32
ExtractIconW
SHGetFileInfoW
shlwapi
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathRemoveExtensionW
ole32
CoInitialize
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTreatAsClass
OleDuplicateData
OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
oleaut32
LoadTypeLi
VarBstrFromDate
VarDecFromStr
VarBstrFromDec
VarBstrFromCy
SafeArrayGetUBound
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
ws2_32
WSAGetLastError
getsockname
getpeername
WSASetLastError
WSAAsyncSelect
ioctlsocket
select
sendto
WSACleanup
recvfrom
ntohs
recv
listen
socket
gethostbyname
inet_ntoa
connect
htons
send
WSAStartup
bind
inet_addr
accept
closesocket
htonl
Sections
.text Size: 672KB - Virtual size: 669KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 108KB - Virtual size: 105KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 4KB - Virtual size: 793B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
PhDDNS/PhIDNA.dll.dll regsvr32 windows:4 windows x86 arch:x86
a0b912b528ea8cdbd9094b56806e81da
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
31:4d:70:ae:2d:9a:54:95:cc:f7:f5:14:70:0e:55:8bCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before23/02/2011, 00:00Not After23/04/2013, 23:59SubjectCN=Shanghai Best Oray Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Best Oray Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapSize
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
WriteFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleA
SetLastError
WritePrivateProfileStringW
GlobalFlags
GetVersion
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalFree
LocalAlloc
CloseHandle
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
WideCharToMultiByte
lstrcatW
lstrcpyW
LoadLibraryW
GetProcAddress
HeapDestroy
lstrcpynW
lstrcmpiW
LoadLibraryExW
GetLastError
FindResourceW
LoadResource
SizeofResource
lstrlenA
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetShortPathNameW
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
DeleteCriticalSection
VirtualAlloc
InitializeCriticalSection
user32
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
LoadCursorW
GetSysColorBrush
LoadStringW
DestroyMenu
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
DestroyWindow
GetDlgItem
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
wsprintfW
GetWindowTextW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
UnregisterClassW
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
TranslateMessage
CharNextW
PostQuitMessage
PostMessageW
SendMessageW
SetCursor
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
CreateWindowExW
SetPropW
GetWindowLongW
MessageBoxW
EnableWindow
GetMenuItemCount
gdi32
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
GetDeviceCaps
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetObjectW
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
CreateBitmap
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
SetBkColor
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
comctl32
ord17
ole32
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
oleaut32
VarUI4FromStr
SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
PhDDNS/PhMain.ini
-
PhDDNS/bk/0.jpg.jpg
-
PhDDNS/bk/1.jpg.jpg
-
PhDDNS/bk/2.jpg.jpg
-
PhDDNS/bk/3.jpg.jpg
-
PhDDNS/bk/4.jpg.jpg
-
PhDDNS/bk/5.jpg.jpg
-
PhDDNS/bk/6.jpg.jpg
-
PhDDNS/bk/7.jpg.jpg
-
PhDDNS/checkver.exe.exe windows:4 windows x86 arch:x86
03b9e5a62ccda7a70ed37b070c0ce75c
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15/06/2007, 00:00Not After14/06/2012, 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04/12/2003, 00:00Not After03/12/2013, 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
31:4d:70:ae:2d:9a:54:95:cc:f7:f5:14:70:0e:55:8bCertificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before23/02/2011, 00:00Not After23/04/2013, 23:59SubjectCN=Shanghai Best Oray Information Technology Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Shanghai Best Oray Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08/02/2010, 00:00Not After07/02/2020, 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Signer
Actual PE DigestDigest AlgorithmPE Digest MatchesfalseHeaders
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
d:\code\oray\main\bin\win32\release\checkver.pdb
Imports
wininet
InternetReadFile
HttpQueryInfoA
HttpSendRequestW
HttpAddRequestHeadersA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCrackUrlA
InternetCloseHandle
shlwapi
PathFileExistsA
kernel32
HeapFree
SetEndOfFile
CreateFileW
CreateFileA
GetLocaleInfoW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
MoveFileExA
Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetCommandLineW
GlobalFree
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameW
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
ReadFile
SetFilePointer
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetCurrentThreadId
CreateThread
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetProcAddress
GetModuleHandleA
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetConsoleCP
GetConsoleMode
user32
LoadAcceleratorsW
SetWindowTextW
LoadStringW
FindWindowW
SetForegroundWindow
SetTimer
PostQuitMessage
MessageBoxW
KillTimer
SetWindowLongW
GetWindowLongW
ShowWindow
GetMessageW
GetSystemMetrics
ScreenToClient
SetWindowPos
GetWindowRect
SetWindowTextA
LoadIconW
GetDlgItem
SendMessageW
LoadImageA
CreateDialogParamW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
PostMessageW
IsWindow
GetCursorPos
DestroyWindow
shell32
CommandLineToArgvW
ShellExecuteExW
Shell_NotifyIconW
Sections
.text Size: 168KB - Virtual size: 165KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 40KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
PhDDNS/lang/phlang_chs.ini
-
PhDDNS/lang/phlang_cht.ini
-
PhDDNS/lang/phlang_en.ini
-
PhDDNS/update.bmp