dbc9eb425c6810a1e0ad96c20e7edddd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dbc9eb425c6810a1e0ad96c20e7edddd_JaffaCakes118
Size

4.8MB
MD5

dbc9eb425c6810a1e0ad96c20e7edddd
SHA1

dae47c46f65dfaec973a2030eb524c99245d1904
SHA256

075d107edadbc47f68a586b29247db7863b3da80c344df76e9c80b7db049e793
SHA512

5d0b7a70b03ad1d079bee0b6d29cc8f30767a3cffe0ff2a28bfcf96d0e110fa393f0ae28a9e866a79c2d74f1036046194c7be1f1b743f18ef9f10acbb680fab7
SSDEEP

98304:ITD6X2qvzbu3Mw8X2ixNe5nkg25WeO52C/ibCGPRrC9PGAge8:WCJvzbVw8X2iM5MWeO52S99PGp/

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
dbc9eb425c6810a1e0ad96c20e7edddd_JaffaCakes118
unpack001/DynamicEffects.dll
unpack001/mfc100u.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

dbc9eb425c6810a1e0ad96c20e7edddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/checkbox1.bmp
$PLUGINSDIR/checkbox2.bmp
$PLUGINSDIR/close.bmp
$PLUGINSDIR/custom.bmp
$PLUGINSDIR/finish.bmp
$PLUGINSDIR/install.bmp
$PLUGINSDIR/install_step1.bmp
$PLUGINSDIR/install_step2.bmp
$PLUGINSDIR/install_step3.bmp
$PLUGINSDIR/loading1.bmp
$PLUGINSDIR/loading2.bmp
$PLUGINSDIR/return.bmp
1vs1AVModule.xml
.xml
1vs1BAVModule.xml
.xml
1vs1SAVModule.xml
.xml
9158AVCore2.dll
.dll windows:4 windows x86 arch:x86

be9da2191c5d4dda64a50a71ca738e0d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d
Signer

Actual PE Digest

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateThread
FindAtomA
GetAtomNameA
WaitForSingleObject

msvcrt

_strdup
_unlink
__dllonexit
_assert
_errno
_iob
_snprintf
_vsnprintf
abort
ceil
cos
cosh
exit
exp
fclose
fflush
floor
fopen
fprintf
fread
free
frexp
fseek
ftell
fwrite
ldexp
log
malloc
memcpy
memmove
memset
perror
qsort
realloc
rename
sin
sinh
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strpbrk
strstr
strtod
tan
tanh
toupper
vfprintf

Exports

Exports

DCT_common_init
DCtab_chrom
DCtab_lum
MPV_common_end
MPV_common_init
MPV_common_init_mmx
MPV_decode_defaults
MPV_decode_mb
MPV_encode_end
MPV_encode_init
MPV_encode_picture
MPV_frame_end
MPV_frame_start
X264_frame
X264_init
add_pixels_clamped_mmx
align_get_bits
align_put_bits
av_add_i
av_add_q
av_build_filternew
av_cmp_i
av_d2q
av_dbl2int
av_div_i
av_div_q
av_fast_realloc
av_first_parser
av_flt2int
av_free
av_free_static
av_freep
av_get_pict_type_char
av_i2int
av_int2dbl
av_int2flt
av_int2i
av_log
av_log2_i
av_log_get_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_mallocz_static
av_mod_i
av_mul_i
av_mul_q
av_parser_change
av_parser_close
av_parser_init
av_parser_parse
av_realloc
av_realloc_static
av_reduce
av_register_codec_parser
av_rescale
av_rescale_q
av_rescale_rnd
av_shr_i
av_strdup
av_sub_i
av_sub_q
av_vlog
av_xiphlacing
avcodec_align_dimensions
avcodec_alloc_context
avcodec_alloc_frame
avcodec_build
avcodec_check_dimensions
avcodec_close
avcodec_decode_audio
avcodec_decode_subtitle
avcodec_decode_video
avcodec_default_execute
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_frame_defaults
avcodec_get_pix_fmt
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_init
avcodec_open
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
besselnew
cbpc_b_tab
cbpy_tab
check_marker
compute_mb_neighboors
cropTbl
draw_edges
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
fdct_ifast
fdct_ifast248
fdct_r_row_sse2
ff_aic_dc_scale_table
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_block_permute
ff_build_rac_states
ff_clean_h263_qscales
ff_clean_intra_table_entries
ff_clean_mpeg4_qscales
ff_combine_frame
ff_copy_bits
ff_draw_horiz_band
ff_emulated_edge_mc
ff_epzs_motion_search
ff_er_add_slice
ff_er_frame_end
ff_er_frame_start
ff_estimate_b_frame_motion
ff_estimate_p_frame_motion
ff_eval
ff_faandct
ff_faandct248
ff_fdct248_islow
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fft_calc_c
ff_fft_calc_sse
ff_fft_end
ff_fft_init
ff_fft_permute
ff_find_unused_picture
ff_fix_long_mvs
ff_fix_long_p_mvs
ff_flv_encode_picture_header
ff_gcd
ff_get_best_fcode
ff_get_mb_score
ff_golomb_vlc_len
ff_h261_encode_init
ff_h261_encode_mb
ff_h261_encode_picture_header
ff_h261_loop_filter
ff_h261_reorder_mb_index
ff_h263_chroma_qscale_table
ff_h263_decode_end
ff_h263_decode_frame
ff_h263_decode_init
ff_h263_decode_mb
ff_h263_decode_mba
ff_h263_encode_mba
ff_h263_encode_motion
ff_h263_get_gob_height
ff_h263_loop_filter
ff_h263_loop_filter_strength
ff_h263_resync
ff_h263_round_chroma
ff_h263_update_motion_val
ff_h264_idct8_add_c
ff_h264_idct_add_c
ff_h264_idct_add_mmx2
ff_h264_lowres_idct_add_c
ff_h264_lowres_idct_put_c
ff_h264_lps_range
ff_h264_lps_state
ff_h264_mps_state
ff_h264_norm_shift
ff_imdct_calc
ff_init_block_index
ff_init_cabac_decoder
ff_init_cabac_encoder
ff_init_cabac_states
ff_init_me
ff_init_range_decoder
ff_init_range_encoder
ff_init_scantable
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_jpeg_fdct_islow
ff_log2_tab
ff_mba_length
ff_mba_max
ff_mdct_calc
ff_mdct_end
ff_mdct_init
ff_mmx_idct
ff_mmxext_idct
ff_mpeg1_dc_scale_table
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg4_c_dc_scale_table
ff_mpeg4_clean_buffers
ff_mpeg4_decode_mb
ff_mpeg4_decode_partitions
ff_mpeg4_decode_picture_header
ff_mpeg4_default_intra_matrix
ff_mpeg4_default_non_intra_matrix
ff_mpeg4_encode_video_packet_header
ff_mpeg4_find_frame_end
ff_mpeg4_get_video_packet_prefix_length
ff_mpeg4_init_partitions
ff_mpeg4_merge_partitions
ff_mpeg4_resync_prefix
ff_mpeg4_set_direct_mv
ff_mpeg4_stuffing
ff_mpeg4_y_dc_scale_table
ff_mpeg_flush
ff_msmp4_dc_chroma_vlc
ff_msmp4_dc_luma_vlc
ff_msmp4_mb_i_table
ff_msmp4_mb_i_vlc
ff_msmpeg4_decode_init
ff_msmpeg4_encode_init
ff_parse_close
ff_pre_estimate_p_frame_motion
ff_print_debug_info
ff_put_no_rnd_qpel16_mc11_old_c
ff_put_no_rnd_qpel16_mc12_old_c
ff_put_no_rnd_qpel16_mc13_old_c
ff_put_no_rnd_qpel16_mc31_old_c
ff_put_no_rnd_qpel16_mc32_old_c
ff_put_no_rnd_qpel16_mc33_old_c
ff_put_no_rnd_qpel8_mc11_old_c
ff_put_no_rnd_qpel8_mc12_old_c
ff_put_no_rnd_qpel8_mc13_old_c
ff_put_no_rnd_qpel8_mc31_old_c
ff_put_no_rnd_qpel8_mc32_old_c
ff_put_no_rnd_qpel8_mc33_old_c
ff_put_qpel16_mc11_old_c
ff_put_qpel16_mc12_old_c
ff_put_qpel16_mc13_old_c
ff_put_qpel16_mc31_old_c
ff_put_qpel16_mc32_old_c
ff_put_qpel16_mc33_old_c
ff_put_qpel8_mc11_old_c
ff_put_qpel8_mc12_old_c
ff_put_qpel8_mc13_old_c
ff_put_qpel8_mc31_old_c
ff_put_qpel8_mc32_old_c
ff_put_qpel8_mc33_old_c
ff_rac_terminate
ff_rate_control_init
ff_rate_control_uninit
ff_rate_estimate_qscale
ff_reverse
ff_se_golomb_vlc_code
ff_set_cmp
ff_set_mpeg4_time
ff_set_qscale
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put_mmx
ff_sqrt_tab
ff_table0_dc_chroma
ff_table0_dc_lum
ff_table1_dc_chroma
ff_table1_dc_lum
ff_ue_golomb_len
ff_ue_golomb_vlc_code
ff_update_duplicate_context
ff_vbv_update
ff_vp3_dsp_init_mmx
ff_vp3_idct_add_c
ff_vp3_idct_c
ff_vp3_idct_mmx
ff_vp3_idct_put_c
ff_vp3_idct_sse2
ff_write_pass1_stats
ff_write_quant_matrix
ff_yuv420p_list
ff_zigzag248_direct
ff_zigzag_direct
first_avcodec
flv_decoder
flv_encoder
flv_h263_decode_picture_header
free_vlc
get_bits_long
get_ref_mmx
h261_cbp_tab
h261_decode_picture_header
h261_decoder
h261_encoder
h261_mba_bits
h261_mba_code
h261_mtype_bits
h261_mtype_code
h261_mv_tab
h261_parser
h261_tcoeff_level
h261_tcoeff_run
h261_tcoeff_vlc
h263_decode_init_vlc
h263_decode_picture_header
h263_decoder
h263_encode_gob_header
h263_encode_init
h263_encode_mb
h263_encode_picture_header
h263_encoder
h263_get_picture_format
h263_parser
h263_pred_motion
h263i_decoder
h263p_encoder
h264_decoder
h264_parser
img_convert
img_copy
img_get_alpha_info
img_resample
img_resample_close
img_resample_full_init
img_resample_init
init_rl
init_vlc
init_vlc_rl
intel_h263_decode_picture_header
inter_MCBPC_bits
inter_MCBPC_code
inter_level
inter_run
inter_vlc
intra_MCBPC_bits
intra_MCBPC_code
intra_level
intra_level_aic
intra_run
intra_run_aic
intra_vlc
intra_vlc_aic
inv_zigzag_direct16
inverse
j_rev_dct
j_rev_dct1
j_rev_dct2
j_rev_dct4
mc_luma_mmx
mjpeg_encoder
mm_flags
mm_support
mpeg4_decoder
mpeg4_encode_mb
mpeg4_encode_picture_header
mpeg4_encoder
mpeg4_pred_ac
mpeg4video_parser
mpegaudio_parser
mpegvideo_parser
msmpeg4_decode_ext_header
msmpeg4_decode_picture_header
msmpeg4_encode_ext_header
msmpeg4_encode_mb
msmpeg4_encode_picture_header
msmpeg4v1_decoder
msmpeg4v1_encoder
msmpeg4v2_decoder
msmpeg4v2_encoder
msmpeg4v3_decoder
msmpeg4v3_encoder
mvtab
predict_16x16_v_mmx
predict_8x8c_v_mmx
put_pixels_clamped_mmx
put_signed_pixels_clamped_mmx
put_string
register_avcodec
rv10_encoder
rv20_encoder
show_bits_long
simple_idct
simple_idct248_put
simple_idct48_add
simple_idct84_add
simple_idct_add
simple_idct_put
squareTbl
sws_close
sws_enlarge
sws_freeContext
sws_getContext
sws_init
sws_scale
tab_frw_01234567_sse2
to_AVFrame
vlc_dc_chroma_bits
vlc_dc_chroma_code
wmv1_decoder
wmv1_encoder
x264_add16x16_idct_mmxext
x264_add4x4_idct_mmxext
x264_add8x8_idct_mmxext
x264_cabac_context_init
x264_cabac_decode_bypass
x264_cabac_decode_decision
x264_cabac_decode_init
x264_cabac_decode_terminal
x264_cabac_encode_bypass
x264_cabac_encode_decision
x264_cabac_encode_flush
x264_cabac_encode_init
x264_cabac_encode_terminal
x264_cabac_mb_skip
x264_cabac_model_get
x264_cabac_model_init
x264_cabac_model_update
x264_center_filter_mmxext
x264_cpu_cpuid
x264_cpu_cpuid_test
x264_cpu_detect
x264_cpu_restore
x264_cqm_init
x264_cqm_parse_file
x264_cqm_parse_jmlist
x264_csp_init
x264_dct4x4dc_mmxext
x264_dct_init
x264_emms
x264_encoder
x264_encoder_close
x264_encoder_encode
x264_encoder_headers
x264_encoder_open
x264_encoder_reconfig
x264_eval
x264_frame_copy_picture
x264_frame_deblocking_filter
x264_frame_delete
x264_frame_expand_border
x264_frame_expand_border_filtered
x264_frame_expand_border_lowres
x264_frame_filter
x264_frame_init_lowres
x264_frame_new
x264_free
x264_horizontal_filter_mmxext
x264_idct4x4dc_mmxext
x264_log
x264_macroblock_analyse
x264_macroblock_bipred_init
x264_macroblock_cache_end
x264_macroblock_cache_init
x264_macroblock_cache_load
x264_macroblock_cache_save
x264_macroblock_encode
x264_macroblock_encode_pskip
x264_macroblock_luma_write_cavlc
x264_macroblock_probe_skip
x264_macroblock_slice_init
x264_macroblock_write_cabac
x264_macroblock_write_cavlc
x264_malloc
x264_mb_dequant_2x2_dc
x264_mb_dequant_4x4
x264_mb_dequant_4x4_dc
x264_mb_dequant_8x8
x264_mb_encode_i4x4
x264_mb_encode_i8x8
x264_mb_load_mv_direct8x8
x264_mb_mc
x264_mb_predict_intra4x4_mode
x264_mb_predict_mv
x264_mb_predict_mv_16x16
x264_mb_predict_mv_direct16x16
x264_mb_predict_mv_pskip
x264_mb_predict_mv_ref16x16

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 279KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
9158KTVPlayer.exe
.exe windows:4 windows x86 arch:x86

9cafa0c733e0cae9197ea1d3b35bcf76

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01-05-2012 00:00

Not After

31-12-2012 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae
Signer

Actual PE Digest

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord2514
ord800
ord4277
ord2763
ord537
ord1232
ord1168
ord2621
ord1134
ord2725
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord2512
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord1146
ord567
ord540
ord2135
ord818
ord2688
ord6215
ord4299
ord4287
ord6241
ord4160
ord2863
ord5575
ord2379
ord860
ord4033
ord433
ord823
ord1949
ord4034
ord2554
ord4486
ord6375
ord4274
ord4407
ord4673
ord1576

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
atol
_setmbcp
exit

kernel32

GetCommandLineA
CloseHandle
GetModuleHandleA
GetStartupInfoA
CreateMutexA

user32

PostMessageA
SetTimer
SendMessageA
AppendMenuA
GetSystemMenu
IsWindow
KillTimer
EnableWindow
GetClassInfoA
LoadIconA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
9158VCComm.dll
.dll windows:4 windows x86 arch:x86

8bee02b8e1f0aca7d2a819f4fbb924ad

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:bb:d4:69:e4:91:ae:af:3b:5b:eb:de:ef:4f:c2:bc:44:fa:48:94
Signer

Actual PE Digest

d0:bb:d4:69:e4:91:ae:af:3b:5b:eb:de:ef:4f:c2:bc:44:fa:48:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\work\6.6\虚拟视频\soundmodule\bin\release\9158VCComm.pdb

Imports

kernel32

OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetModuleHandleA
OutputDebugStringA
CreateProcessA
GetLastError
Sleep
CreateThread
SetThreadPriority
ResumeThread
GetExitCodeThread
TerminateThread
GetModuleFileNameA
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
WriteFile
GetStdHandle
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RtlUnwind
SetHandleCount
GetFileType
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
SetFilePointer
LoadLibraryA
GetLocaleInfoA
CreateFileA
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
GetStartupInfoA
WaitForSingleObject

user32

DefWindowProcA
FindWindowA
PostMessageA
SetWindowLongA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DestroyWindow
GetWindowLongA

gdi32

GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoTaskMemFree
StringFromCLSID
CoCreateGuid

Exports

Exports

CreateVirtualCameraCommObject

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AVModule176.xml
.xml
AVModule320.xml
.xml
AVModule320_Private.xml
.xml
AVModule640.xml
.xml
AVPhoneModule.xml
.xml
AVPhoneModuleNew.xml
.xml
Banner.xml
.xml
BugReport.exe
.exe windows:4 windows x86 arch:x86

bcb0747c39b5fe50e054c3276e18b072

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:8c:7f:cb:ad:3c:7d:d6:ec:77:e7:76:5f:fe:e8:40:2e:d2:e8:12
Signer

Actual PE Digest

90:8c:7f:cb:ad:3c:7d:d6:ec:77:e7:76:5f:fe:e8:40:2e:d2:e8:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mvuilib

?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
?SetColor@CColorStatic@@QAEXKKK@Z
??0CUIButtonTemplate@@QAE@XZ
??1CColorStatic@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
?SetSkinPath@CAppSysOperation@@SAXVCString@@@Z
?LoadSkin@CSkinConfContext@@QAEHVCString@@@Z
??0CSkinConfContext@@QAE@XZ
??0CColorStatic@@QAE@XZ
??1CSkinConfContext@@UAE@XZ

mfc42

ord540
ord561
ord825
ord2514
ord858
ord4278
ord2764
ord537
ord2621
ord1134
ord924
ord535
ord6877
ord2725
ord5683
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord3610
ord3571
ord860
ord823
ord1146
ord1168
ord567
ord3626
ord3663
ord2414
ord2302
ord939
ord4160
ord2863
ord2379
ord2818
ord3873
ord6215
ord536
ord2642
ord6241
ord3092
ord6199
ord1768
ord2078
ord4299
ord1641
ord6605
ord3619
ord640
ord2405
ord5875
ord2452
ord5785
ord1640
ord323
ord2754
ord2645
ord755
ord2567
ord6880
ord470
ord6283
ord6282
ord665
ord354
ord1979
ord1576
ord3318
ord5186
ord2575
ord3574
ord2574
ord3572
ord4396
ord609
ord556
ord809
ord1793
ord4275
ord2122
ord2859
ord6197
ord3706
ord815
ord800
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord656
ord5442

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
sprintf
atoi
??1type_info@@UAE@XZ
_setmbcp
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
_mbscmp
exit
_acmdln
__getmainargs
_initterm
__CxxFrameHandler

kernel32

GetFileSize
GetModuleFileNameA
CreateFileA
CreateSemaphoreA
GetLastError
CloseHandle
GetCommandLineA
SetEvent
WaitForSingleObject
CreateThread
CreateEventA
GetModuleHandleA
GetStartupInfoA
WinExec
ReadFile
SetFilePointer
GlobalMemoryStatus
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
lstrlenW
lstrlenA
LocalFree
MultiByteToWideChar

user32

EnableWindow
SetCursor
GetWindowDC
InvalidateRect
ReleaseDC
GetWindowRect
SendMessageA
AppendMenuA
GetSystemMenu
PostMessageA
GetClientRect
PtInRect
LoadImageA
LoadIconA
SetWindowRgn

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetPixel
GetObjectA
CreateFontA
BitBlt
StretchBlt
SetBkColor
SetTextColor
DeleteDC
CreateRectRgn
CombineRgn
DeleteObject
CreateBitmap

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

comctl32

_TrackMouseEvent

ole32

CoCreateInstance
OleRun
CoInitialize

oleaut32

GetErrorInfo
SysFreeString
VariantClear
SysAllocString

ws2_32

getsockopt
setsockopt
recv
send
closesocket
socket
htons
connect
gethostname
gethostbyname
WSAGetLastError
inet_addr
WSAStartup
WSACleanup
inet_ntoa

shlwapi

PathFileExistsA
StrFormatByteSizeA
PathIsDirectoryA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ChatRichEdit.dll
.dll windows:5 windows x86 arch:x86

90636339e1426a6f427f6bf2f30da0d8

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

fb:e1:34:33:25:91:65:c0:f4:d8:58:af:b8:33:8a:89:9c:63:4a:3f
Signer

Actual PE Digest

fb:e1:34:33:25:91:65:c0:f4:d8:58:af:b8:33:8a:89:9c:63:4a:3f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\ProjectFile\9158-6.95\client\AV\testRichEdit\Release\testRichEdit.pdb

Imports

mfc100u

ord11081
ord8277
ord14060
ord14059
ord14132
ord14149
ord14145
ord14147
ord14148
ord14146
ord2418
ord7385
ord2884
ord2887
ord12610
ord5558
ord286
ord1310
ord7914
ord322
ord13605
ord4360
ord7973
ord13047
ord11801
ord12783
ord266
ord2852
ord6099
ord1244
ord6870
ord3397
ord2068
ord5152
ord6179
ord4758
ord428
ord3629
ord4568
ord12785
ord12953
ord948
ord11123
ord8178
ord10057
ord10412
ord9525
ord3627
ord2981
ord2980
ord2756
ord5556
ord12606
ord2417
ord11163
ord5303
ord8347
ord5811
ord4356
ord4511
ord1987
ord2119
ord7524
ord6346
ord385
ord4425
ord3446
ord5862
ord5801
ord950
ord6713
ord7006
ord2829
ord6172
ord1312
ord5264
ord2614
ord1313
ord1479
ord12321
ord12951
ord788
ord1212
ord3703
ord8372
ord11164
ord10058
ord8179
ord293
ord3402
ord11683
ord12724
ord3410
ord6869
ord890
ord1292
ord7176
ord1956
ord1957
ord6140
ord9328
ord5118
ord11845
ord11209
ord11240
ord9498
ord7391
ord4086
ord11236
ord11228
ord5261
ord3416
ord13568
ord13571
ord13569
ord13572
ord13567
ord13570
ord7179
ord11469
ord13267
ord10976
ord14162
ord1739
ord7126
ord11864
ord3625
ord3684
ord8530
ord13387
ord7108
ord13381
ord11477
ord11476
ord2164
ord4744
ord13854
ord11784
ord7548
ord7624
ord4396
ord4408
ord4404
ord4400
ord4430
ord4421
ord4392
ord4434
ord4413
ord4379
ord4383
ord4416
ord3999
ord14067
ord3992
ord2665
ord13382
ord7109
ord13388
ord6156
ord10725
ord12557
ord5276
ord2339
ord11116
ord3491
ord2952
ord2951
ord11159
ord4642
ord4923
ord5115
ord8483
ord4901
ord5143
ord4645
ord4794
ord4623
ord6931
ord6932
ord6922
ord4792
ord7393
ord9333
ord8346
ord280
ord902
ord10937
ord13380
ord8112
ord11210
ord6247
ord10045
ord8393
ord4151
ord2853
ord296
ord11246
ord11244
ord1501
ord1508
ord1514
ord1512
ord897
ord1519
ord7211
ord4388
ord1298
ord4290
ord908
ord2091
ord2055
ord2053
ord2080
ord1984
ord2045
ord3413
ord408
ord1953
ord2090
ord2088
ord1945
ord1873
ord1934
ord323
ord1301
ord1300

msvcr100

_CxxThrowException
memset
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
free
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__CxxFrameHandler3
wcsncpy
swprintf_s
_swprintf
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memcpy

kernel32

LocalAlloc
lstrlenW
LocalFree
InterlockedDecrement
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetModuleFileNameW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
FormatMessageW

user32

ShowScrollBar
GetClientRect
RedrawWindow
GetParent
SendMessageW
EnableWindow
InvalidateRect

ole32

OleRun
CoCreateInstance
CoUninitialize
OleSetContainedObject
CoInitializeEx
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
GetErrorInfo
SysAllocString

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

Exports

Exports

CreateModule

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDVCtrlLib.dll
.dll windows:4 windows x86 arch:x86

3f664f110b12b93a79332cf1c0182a6f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:af:0b:18:f4:bb:d7:af:7d:ff:52:ac:f3:aa:c6:d2:e6:9f:0d:c3
Signer

Actual PE Digest

15:af:0b:18:f4:bb:d7:af:7d:ff:52:ac:f3:aa:c6:d2:e6:9f:0d:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6380
ord6215
ord2086
ord2614
ord860
ord2645
ord2642
ord816
ord1768
ord3920
ord562
ord4376
ord4853
ord3619
ord324
ord4234
ord3706
ord6453
ord3874
ord5261
ord2078
ord4710
ord6055
ord1776
ord5290
ord4424
ord3742
ord2753
ord2566
ord2393
ord665
ord1979
ord1567
ord5442
ord268
ord3318
ord5186
ord354
ord818
ord567
ord4275
ord2152
ord1233
ord858
ord924
ord2864
ord5981
ord2754
ord3402
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord3262
ord6358
ord535
ord2859
ord6880
ord941
ord5572
ord2915
ord1200
ord926
ord1146
ord6197
ord5683
ord5873
ord4277
ord2763
ord939
ord940
ord1997
ord5465
ord798
ord5194
ord533
ord925
ord1862
ord4220
ord2584
ord3654
ord2438
ord2450
ord2971
ord4133
ord4297
ord5788
ord472
ord4083
ord2863
ord5787
ord283
ord812
ord5862
ord559
ord5710
ord5651
ord3616
ord3127
ord350
ord6385
ord4396
ord3574
ord2575
ord609
ord4284
ord3573
ord3693
ord2380
ord6199
ord470
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord323
ord1640
ord1641
ord5785
ord6172
ord5875
ord2860
ord5789
ord2818
ord2405
ord640
ord755
ord3571
ord2379
ord2302
ord540
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord4129
ord2985
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord5265
ord2414
ord641
ord3626
ord1182
ord342
ord1253
ord1168
ord800
ord537
ord823
ord825
ord3797
ord3663

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
__CxxFrameHandler
_mbsnbcpy
_CxxThrowException
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
toupper
malloc
free
_stat
fopen
fwrite
fclose
sprintf
strstr
_mbsstr
_mbsinc
_mbclen
_ftol
atoi

kernel32

GetPrivateProfileIntA
GetProcAddress
CreateFileA
WriteFile
CloseHandle
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetLastError
LocalFree
GetLocalTime

user32

IsWindow
InvalidateRect
SetTimer
GetClientRect
SendMessageA
PostMessageA
CopyRect
ScreenToClient
EqualRect
GetWindowLongA
ReleaseDC
KillTimer
ClientToScreen
GetParent
GetSysColor
MessageBeep
SetCapture
SetWindowRgn
LoadIconA
DrawFocusRect
SetRect
FillRect
GetWindowTextA
DrawStateA
GetDC
EnableWindow
MessageBoxExA
DestroyIcon
AppendMenuA
GetMenuItemID
ReleaseCapture
PtInRect
SetCursor
SetWindowLongA
InflateRect
CopyIcon
LoadCursorA
GetWindowRect
GetMenuItemCount
GetMenuItemInfoA
GetSubMenu
OffsetRect
DrawIconEx
DrawEdge
GetSystemMetrics
SystemParametersInfoA
LoadImageA
LoadBitmapA
RedrawWindow

gdi32

GetPixel
CreateRectRgn
GetStockObject
GetTextExtentPoint32A
DeleteObject
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
CreateRectRgnIndirect
GetDIBits
CombineRgn
SelectPalette
CreateDCA
GetDIBColorTable
GetBitmapBits
Rectangle
GetTextColor
CreateFontA
PatBlt
CreateDIBitmap
CreateSolidBrush
CreatePen
RoundRect
StretchBlt
GetDeviceCaps
GetObjectA
CreateFontIndirectA
CreateRoundRectRgn
CreateCompatibleDC
RealizePalette
BitBlt
CreateCompatibleBitmap

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo

ole32

StgCreateDocfileOnILockBytes
CoInitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

olepro32

ord251

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString
GetErrorInfo
VariantClear

winmm

sndPlaySoundA

Exports

Exports

??0CCressXML@@QAE@XZ
??0CDlgMessage@@QAE@PAVCWnd@@@Z
??0CDlgResize@@QAE@IPAVCWnd@@@Z
??0CGifBrowser@@QAE@XZ
??0CGifCore@@QAE@XZ
??0CGifPlayer@@QAE@XZ
??0CGifWnd@@QAE@XZ
??0CHash@@QAE@ABV0@@Z
??0CHash@@QAE@K@Z
??0CHash@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CLibFunc@@QAE@ABV0@@Z
??0CLibFunc@@QAE@XZ
??0CLog@@QAE@ABV0@@Z
??0CLog@@QAE@XZ
??0CMenuXP@@QAE@XZ
??0CPicture2@@QAE@ABV0@@Z
??0CPicture2@@QAE@XZ
??0CResizeBtnEx@@QAE@XZ
??0CResizeButton@@QAE@XZ
??0CXPButton@@QAE@XZ
??0CXPMenu@@QAE@XZ
??1CCressXML@@UAE@XZ
??1CDlgMessage@@UAE@XZ
??1CDlgResize@@UAE@XZ
??1CGifBrowser@@UAE@XZ
??1CGifCore@@UAE@XZ
??1CGifPlayer@@UAE@XZ
??1CGifWnd@@UAE@XZ
??1CHash@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CLibFunc@@UAE@XZ
??1CLog@@QAE@XZ
??1CMenuXP@@UAE@XZ
??1CPicture2@@UAE@XZ
??1CResizeBtnEx@@UAE@XZ
??1CResizeButton@@UAE@XZ
??1CXPButton@@UAE@XZ
??1CXPMenu@@UAE@XZ
??4CHash@@QAEAAV0@ABV0@@Z
??4CLibFunc@@QAEAAV0@ABV0@@Z
??4CLog@@QAEAAV0@ABV0@@Z
??4CPicture2@@QAEAAV0@ABV0@@Z
??_7CCressXML@@6B@
??_7CDlgMessage@@6B@
??_7CDlgResize@@6B@
??_7CGifBrowser@@6B@
??_7CGifCore@@6B@
??_7CGifPlayer@@6B@
??_7CGifWnd@@6B@
??_7CHash@@6B@
??_7CHyperLink@@6B@
??_7CLibFunc@@6B@
??_7CMenuXP@@6B@
??_7CPicture2@@6B@
??_7CResizeBtnEx@@6B@
??_7CResizeButton@@6B@
??_7CXPButton@@6B@
??_7CXPMenu@@6B@
??_FCDlgMessage@@QAEXXZ
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?AddChild@CCressXML@@QAEXPBD0AAVCString@@1@Z
?AddChilds@CCressXML@@QAEXPBD0PAVCString@@1H@Z
?AddSideBar@CMenuXP@@QAEHPAVCMenuXPSideBar@@@Z
?AppendGiftData@CGifPlayer@@QAEPAU_GIFTANIMATEDATA@@XZ
?AppendODMenu@CMenuXP@@QAEHIPAVCMenuXPItem@@PAUtagACCEL@@@Z
?AppendODPopup@CMenuXP@@QAEHIPAVCMenu@@PAVCMenuXPItem@@@Z
?AppendSeparator@CMenuXP@@QAEHXZ
?Break@CMenuXP@@QAEXXZ
?BreakBar@CMenuXP@@QAEXXZ
?CalcWndRect@CDlgMessage@@MAEXXZ
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?Char2Point@CLibFunc@@SAHPAUtagPOINT@@PBD@Z
?Char2Rect@CLibFunc@@SAHPAUtagRECT@@PBD@Z
?Char2Size@CLibFunc@@SAHPAUtagSIZE@@PBD@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
?CharToInt_16@CLibFunc@@SAJPBDH@Z
?Clear@CMenuXP@@IAEXXZ
?CopyRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?Create@CGifPlayer@@QAEHPAVCWnd@@K@Z
?Create@CGifWnd@@QAEHABUtagRECT@@PAVCWnd@@IK@Z
?CreateFontA@CLibFunc@@SAHAAVCFont@@HHPBD@Z
?CreateGradientBMP@CMenuXP@@IAEPAUHBITMAP__@@PAUHDC__@@KKHHHH@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CutString@CLibFunc@@SAHAAVCString@@HHH@Z
?CutString@CLibFunc@@SAHPADHHH@Z
?DefaultFont@CLibFunc@@SAPAVCFont@@XZ
?DeleteAllNode@CCressXML@@QAEXPBD0@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?DeleteNode@CCressXML@@QAEXABVCString@@@Z
?Destroy@CHash@@QAEXXZ
?DestroyWindow@CGifPlayer@@UAEHXZ
?DoDataExchange@CDlgMessage@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CDlgResize@@MAEXPAVCDataExchange@@@Z
?DoGradientFill@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@PBUtagRECT@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@UtagPOINT@@@Z
?DrawBack@CDlgResize@@UAEXPAVCDC@@PBUtagRECT@@@Z
?DrawBackGround@CMenuXP@@MAEXPAVCDC@@VCRect@@HH@Z
?DrawBgClr@CXPMenu@@QAEXPAVCDC@@VCRect@@H@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?DrawBorderSpecial@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HHK@Z
?DrawBtnFace@CResizeBtnEx@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFace@CResizeButton@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFaceEx@CResizeButton@@QAEXPAVCDC@@UtagPOINT@@1I@Z
?DrawButton@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@0UtagPOINT@@1HHUtagSIZE@@H@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@2HHUtagSIZE@@H@Z
?DrawCheckMark@CMenuXP@@MAEXPAVCDC@@VCRect@@H@Z
?DrawColor2GrayScale@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HH@Z
?DrawEmbossed@CMenuXP@@IAEXPAVCDC@@PAUHICON__@@VCRect@@HH@Z
?DrawFrame@CGifCore@@QAEXPAVCDC@@H@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@0PBUtagRECT@@1@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@PBUtagRECT@@2@Z
?DrawIcon@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHICON__@@HHH@Z
?DrawIcon@CXPMenu@@QAEXPAVCDC@@VCRect@@IIH@Z
?DrawIconArea@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawImage@CXPMenu@@QAEXPAVCDC@@AAVCRect@@PAVCImageList@@HH@Z
?DrawInsideBorder@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?DrawItem@CMenuXP@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CResizeButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawMenuText@CMenuXP@@MAEXAAVCDC@@VCRect@@VCString@@K@Z
?DrawNumberEx@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HHHHHHHKH@Z
?DrawSeparator@CXPMenu@@QAEXPAVCDC@@VCRect@@@Z
?DrawSideBar@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHICON__@@VCString@@@Z
?DrawTextA@CLibFunc@@SAHPAVCDC@@PBDHVCRect@@IH@Z
?DrawTextA@CMenuXP@@MAEXPAVCDC@@VCRect@@VCString@@HHH@Z
?DrawTextA@CXPMenu@@QAEXPAVCDC@@VCRect@@VCString@@@Z
?DrawTitle@CDlgResize@@MAEXPAVCDC@@@Z
?DrawTitle@CLibFunc@@SAXPAVCDC@@HHHHPAVCBitmap@@HHH@Z
?EndDialog@CDlgMessage@@IAEXH@Z
?FillRect@CMenuXP@@IAEXPAVCDC@@ABVCRect@@K@Z
?FindFirst@CHash@@QAEXH@Z
?FindGiftData@CGifPlayer@@QBEPAU_GIFTANIMATEDATA@@H@Z
?FindNext@CHash@@QAEPAXPAPAD@Z
?FindNext@CHash@@QAEPAXXZ
?FindSubMenuFromID@CMenuXP@@QAEPAV1@K@Z
?FinishedSence@CGifPlayer@@IAEXXZ
?FirstLetter@CLibFunc@@SAXHAAVCString@@@Z
?FreePictureData@CPicture2@@QAEXXZ
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBkColor@CGifCore@@QBEKXZ
?GetCurGifCore@CGifPlayer@@QBEPAVCGifCore@@XZ
?GetCurRgn@CGifCore@@QBEHAAVCRgn@@@Z
?GetCurTime@CLog@@QAEXAAVCString@@@Z
?GetCurrentPos@CHash@@QAEHXZ
?GetDelay@CGifCore@@QBEHXZ
?GetFirst@CHash@@QAEPAXH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?GetFirstLetter@CLibFunc@@SAXPBDAAVCString@@@Z
?GetFrameCount@CGifCore@@QBEHXZ
?GetFullXMLToString@CCressXML@@QAE?AVCString@@XZ
?GetHashArrayNum@CHash@@QAEKXZ
?GetHashItemNum@CHash@@QAEHXZ
?GetHeight@CResizeButton@@QBEHXZ
?GetHoverColour@CHyperLink@@QBEKXZ
?GetLinkColour@CHyperLink@@QBEKXZ
?GetLinkCursor@CHyperLink@@QBEPAUHICON__@@XZ
?GetLoadError@CCressXML@@QAEHXZ
?GetMessageMap@CDlgMessage@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDlgResize@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifBrowser@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifPlayer@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CHyperLink@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CResizeButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CXPButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMilliseconds@CLibFunc@@SAJABU_SYSTEMTIME@@0@Z
?GetNexNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@V2@@Z
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetNextBlock@CGifCore@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CGifCore@@IBEHXZ
?GetNextGraphicBlock@CGifCore@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetNodeNum@CCressXML@@QAEHPBD@Z
?GetNodeText@CCressXML@@QAE?AVCString@@XZ
?GetRegKey@CHyperLink@@KAJPAUHKEY__@@PBDPAD@Z
?GetRgnFromImage@CLibFunc@@SAXPAVCDC@@AAVCRgn@@PAVCBitmap@@K@Z
?GetRuntimeClass@CMenuXP@@UBEPAUCRuntimeClass@@XZ
?GetSize@CGifCore@@QBE?AUtagSIZE@@XZ
?GetSize@CPicture2@@QBE?AVCSize@@XZ
?GetSize@CResizeButton@@QBE?AUtagSIZE@@XZ
?GetSubBlocksLen@CGifCore@@IBEII@Z
?GetURL@CHyperLink@@QBE?AVCString@@XZ
?GetUnderline@CHyperLink@@QBEHXZ
?GetUpperDirectory@CLibFunc@@SAHPBDAAVCString@@H@Z
?GetValueByIndex@CCressXML@@QAE?AVCString@@H@Z
?GetValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetVisited@CHyperLink@@QBEHXZ
?GetVisitedColour@CHyperLink@@QBEKXZ
?GetWidth@CResizeButton@@QBEHXZ
?GetXMLByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetXMLToString@CCressXML@@QAE?AVCString@@XZ
?GotoURL@CHyperLink@@SAPAUHINSTANCE__@@PBDH@Z
?HashFun@CHash@@IAEKJAAK@Z
?HashFun@CHash@@IAEKPBDAAK@Z
?InitCtrlSkin@CDlgMessage@@MAEXXZ
?InitCtrlSkin@CDlgResize@@MAEXXZ
?InitItem@CDlgMessage@@IAEXXZ
?InitParam@CHash@@QAEHXZ
?InitToolTip@CResizeButton@@IAEXI@Z
?InsertItem@CHash@@QAEHJPAX@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?IsAnimatedGIF@CGifCore@@QBEHXZ
?IsGIF@CGifCore@@QBEHXZ
?IsInQueque@CGifPlayer@@IBEHHJ@Z
?IsLoadPicture@CPicture2@@QBEHXZ
?IsPlaying@CGifCore@@QBEHXZ
?IsPlaying@CGifPlayer@@QBEHXZ
?IsSubtract@CLibFunc@@SAHUtagPOINT@@UtagSIZE@@00@Z
?Load@CGifCore@@QAEHPAXK@Z
?Load@CGifCore@@QAEHPBD0@Z
?Load@CGifCore@@QAEHPBD@Z
?Load@CPicture2@@QAEHIPBD@Z
?Load@CPicture2@@QAEHVCString@@@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?LoadFile@CCressXML@@QAEHPBD@Z
?LoadGif@CGifWnd@@QAEHPBD@Z
?LoadGifEx@CGifBrowser@@QAEHPBDH@Z
?LoadGiftData@CGifPlayer@@QAEHPAU_GIFTANIMATEDATA@@HPBDH@Z
?LoadPictureData@CPicture2@@QAEHPBEH@Z
?LoadStringsFromFile@CLibFunc@@SAXPBDPAVCString@@H@Z
?LoadXML@CCressXML@@QAEHPBD@Z
?MeasureItem@CMenuXP@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CXPMenu@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?OnBtnDlgClose@CDlgResize@@IAEXXZ
?OnBtnDlgMin@CDlgResize@@IAEXXZ
?OnBtnDlgNormal@CDlgResize@@IAEXXZ
?OnCancel@CDlgMessage@@MAEXXZ
?OnClicked@CHyperLink@@IAEXXZ
?OnCloseResize@CDlgMessage@@MAEXH@Z
?OnCloseResize@CDlgResize@@MAEXH@Z
?OnCreate@CGifPlayer@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDestroy@CDlgResize@@IAEXXZ
?OnEraseBkgnd@CDlgResize@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifPlayer@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifWnd@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CResizeButton@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CXPButton@@IAEHPAVCDC@@@Z
?OnInitDialog@CDlgMessage@@MAEHXZ
?OnInitDialog@CDlgResize@@MAEHXZ
?OnLButtonDown@CDlgMessage@@IAEXIVCPoint@@@Z
?OnMenuChar@CMenuXP@@SAJIIPAVCMenu@@@Z
?OnMouseHover@CXPButton@@IAEJIJ@Z
?OnMouseLeave@CResizeButton@@IAEJIJ@Z
?OnMouseLeave@CXPButton@@IAEJIJ@Z
?OnMouseMove@CHyperLink@@IAEXIVCPoint@@@Z
?OnMouseMove@CResizeButton@@IAEXIVCPoint@@@Z
?OnMouseMove@CXPButton@@IAEXIVCPoint@@@Z
?OnNcHitTest@CDlgResize@@IAEIVCPoint@@@Z
?OnNo@CDlgMessage@@MAEXXZ
?OnOK@CDlgMessage@@MAEXXZ
?OnPaint@CDlgMessage@@IAEXXZ
?OnPaint@CDlgResize@@IAEXXZ
?OnPaint@CGifBrowser@@IAEXXZ
?OnPaint@CGifPlayer@@IAEXXZ
?OnPaint@CGifWnd@@IAEXXZ
?OnSetCursor@CHyperLink@@IAEHPAVCWnd@@II@Z
?OnSetFocus@CGifPlayer@@IAEXPAVCWnd@@@Z
?OnSize@CDlgResize@@IAEXIHH@Z
?OnSizing@CDlgResize@@IAEXIPAUtagRECT@@@Z
?OnTimer@CDlgMessage@@IAEXI@Z
?OnTimer@CGifPlayer@@IAEXI@Z
?OnTimer@CGifWnd@@IAEXI@Z
?OnYes@CDlgMessage@@MAEXXZ
?OrientationItem@CDlgMessage@@MAEXHH@Z
?OrientationItem@CDlgResize@@MAEXHH@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?PaintToDC@@YAXPAVCDC@@PBUtagRECT@@PAVCBitmap@@HH@Z
?PositionWindow@CHyperLink@@IAEXXZ
?PreCreateWindow@CDlgResize@@MAEHAAUtagCREATESTRUCTA@@@Z
?PreSubclassWindow@CHyperLink@@MAEXXZ
?PreSubclassWindow@CResizeButton@@MAEXXZ
?PreSubclassWindow@CXPButton@@MAEXXZ
?PreTranslateMessage@CHyperLink@@UAEHPAUtagMSG@@@Z
?PreTranslateMessage@CResizeButton@@MAEHPAUtagMSG@@@Z
?PrepareDC@CGifCore@@IAEHHH@Z
?QueryItem@CHash@@QAEPAXJ@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?RemoveRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?ReplaceBtnFace@CResizeButton@@QAEHPAVCBitmap@@@Z
?ReportError@CHyperLink@@IAEXH@Z
?ResetDataPointer@CGifCore@@IAEXXZ
?ResetIconIndex@CResizeButton@@QAEXH@Z
?ResetSrcOffset@CResizeBtnEx@@QAEXUtagPOINT@@@Z
?SaveAsBitmap@CPicture2@@QAEHVCString@@@Z
?SaveBitmap2File@CLibFunc@@SAHPBDPAUHBITMAP__@@@Z
?SaveCurrentFace@@YAXPAVCDC@@AAPAVCBitmap@@HH@Z
?SaveCurrentFace@@YAXPAVCDC@@AAVCBitmap@@HH@Z
?SaveFile@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@PBD@Z
?SetAttrValue@CCressXML@@QAEXPBD0@Z
?SetAutoSize@CHyperLink@@QAEXH@Z
?SetBackBitmap@CMenuXP@@QAEXPAUHBITMAP__@@@Z
?SetBackColor@CMenuXP@@QAEXK@Z
?SetBackData@CDlgResize@@QAEXPAVCBitmap@@UtagSIZE@@HK@Z
?SetBkColor@CGifBrowser@@QAEXK@Z
?SetBkColor@CGifCore@@QAEXK@Z
?SetBkColor@CGifWnd@@QAEXK@Z
?SetBoldTitle@CDlgResize@@QAEXH@Z
?SetBoldTitle@CResizeButton@@QAEXH@Z
?SetBtnText@CDlgMessage@@QAEXPBD00@Z
?SetButtonRes@CDlgMessage@@QAEXPAVCBitmap@@HHH@Z
?SetCenterPoint@CGifPlayer@@IAEXUtagPOINT@@PAVCGifCore@@@Z
?SetColours@CHyperLink@@QAEXKKK@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?SetCurFaceEx@CResizeBtnEx@@QAEHPAVCBitmap@@UtagPOINT@@HHHHH@Z
?SetCurFont@CDlgResize@@QAEXPAVCFont@@@Z
?SetDefaultCursor@CHyperLink@@IAEXXZ
?SetDisabledTextColor@CMenuXP@@QAEXK@Z
?SetDrawTitle@CResizeButton@@QAEXH@Z
?SetIconAreaColor@CMenuXP@@QAEXK@Z
?SetIconBitmap@CResizeButton@@QAEXPAVCBitmap@@HHHH@Z
?SetIconBmp@CDlgResize@@QAEXPAVCBitmap@@HH@Z
?SetLinkCursor@CHyperLink@@QAEXPAUHICON__@@@Z
?SetLogPath@CLog@@QAEXPBD0@Z
?SetMenuFont@CMenuXP@@QAEHUtagLOGFONTA@@@Z
?SetMenuItemSize@CXPMenu@@QAEXHH@Z
?SetMenuItemSize@CXPMenu@@QAEXUtagSIZE@@@Z
?SetMenuStyle@CMenuXP@@QAEXW4MENUSTYLE@1@@Z
?SetModelType@CDlgMessage@@QAEXHHHH@Z
?SetMsgColor@CDlgMessage@@QAEXK@Z
?SetMsgTextIntervalBorder@CDlgMessage@@QAEXEEEE@Z
?SetPictureData@CMenuXP@@QAEXPAEH@Z
?SetPlayEffect@CGifPlayer@@QAEXH@Z
?SetPlaySound@CGifPlayer@@QAEXH@Z
?SetResPath@CGifPlayer@@QAEXPBD@Z
?SetResize@CDlgResize@@QAEXH@Z
?SetRoundRect@CDlgResize@@QAEXH@Z
?SetSelectedBarColor@CMenuXP@@QAEXK@Z
?SetSelectedTextColor@CMenuXP@@QAEXK@Z
?SetSideBarEndColor@CMenuXP@@QAEXK@Z
?SetSideBarStartColor@CMenuXP@@QAEXK@Z
?SetTextColor@CMenuXP@@QAEXK@Z
?SetTitleColor@CDlgResize@@QAEXK@Z
?SetTitleColor@CResizeButton@@QAEXK@Z
?SetTitlePoint@CDlgResize@@QAEXHH@Z
?SetToolTipText@CResizeButton@@QAEXPBDHI@Z
?SetTransparent@CResizeButton@@QAEXH@Z
?SetTransparentAlpha@CLibFunc@@SAXPAVCWnd@@EK@Z
?SetURL@CHyperLink@@QAEXVCString@@@Z
?SetUnderline@CHyperLink@@QAEXH@Z
?SetVisited@CHyperLink@@QAEXH@Z
?SetWndMinSize@CDlgResize@@QAEXUtagSIZE@@@Z
?SetXMLTitle@CCressXML@@QAEXPBD@Z
?Show@CPicture2@@QAEHPAVCDC@@HHHH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCPoint@@1HH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCRect@@@Z
?ShowBitmapResource@CPicture2@@QAEHPAVCDC@@HVCPoint@@@Z
?ShowMessage@CDlgMessage@@QAEHPBD0HH@Z
?ShowPart@CPicture2@@QAEHPAVCDC@@HHHHHHHH@Z
?Size2Content@CResizeButton@@QAEXXZ
?Size2Gif@CGifPlayer@@QAEXPAVCGifCore@@@Z
?SkipNextBlock@CGifCore@@IAEHXZ
?SkipNextGraphicBlock@CGifCore@@IAEHXZ
?StartPlay1@CGifPlayer@@QAEHUtagPOINT@@0HPBDHH@Z
?StartPlay3@CGifPlayer@@QAEHUtagPOINT@@0HPBDJPBJ@Z
?StartPlayEx@CGifPlayer@@QAEHUtagPOINT@@0HPBDHHHJPBJ@Z
?StepFrame@CGifCore@@QAEHXZ
?Stop@CGifCore@@QAEXXZ
?ToggleSence@CGifPlayer@@IAEXH@Z
?TransInt2Char_Comma@CLibFunc@@SAXJAAVCString@@@Z
?TransVersionA2I@CLibFunc@@SAKPBD@Z
?TransVersionI2A@CLibFunc@@SA?AVCString@@K@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@1HHHHH@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@HHHHHH@Z
?TransparentBlt2@@YAXPAUHDC__@@HHHH0HHHHI@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
?TransparentToDC@@YAXPAVCDC@@HHPAVCBitmap@@K@Z
?TransparentToDC@@YAXPAVCDC@@UtagRECT@@PAVCBitmap@@1K@Z
?UnLoad@CGifCore@@QAEXXZ
?UpdateSizeOnDC@CPicture2@@QAEHPAVCDC@@@Z
?Visite@CHyperLink@@QAEXVCString@@@Z
?_GetBaseClass@CMenuXP@@KGPAUCRuntimeClass@@XZ
?_GetBaseMessageMap@CDlgMessage@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CDlgResize@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifBrowser@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifPlayer@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifWnd@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CHyperLink@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CResizeButton@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CXPButton@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CDlgMessage@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CDlgResize@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifBrowser@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifPlayer@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifWnd@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CHyperLink@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CResizeButton@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CXPButton@@0QBUAFX_MSGMAP_ENTRY@@B
?classCMenuXP@CMenuXP@@2UCRuntimeClass@@B
?g_Log@@3VCLog@@A
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?loadbmpS@@YAXABVCString@@AAVCBitmap@@PAH2@Z
?loadbmpS@@YAXIAAVCBitmap@@PAH1@Z
?messageMap@CDlgMessage@@1UAFX_MSGMAP@@B
?messageMap@CDlgResize@@1UAFX_MSGMAP@@B
?messageMap@CGifBrowser@@1UAFX_MSGMAP@@B
?messageMap@CGifPlayer@@1UAFX_MSGMAP@@B
?messageMap@CGifWnd@@1UAFX_MSGMAP@@B
?messageMap@CHyperLink@@1UAFX_MSGMAP@@B
?messageMap@CResizeButton@@1UAFX_MSGMAP@@B
?messageMap@CXPButton@@1UAFX_MSGMAP@@B

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDVEC.dll
.dll windows:4 windows x86 arch:x86

ca5fb99e980e62a1857a755349a73a5c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e9:63:54:19:91:42:77:c8:5e:a9:eb:9f:1d:65:f1:f3:35:22:ca:86
Signer

Actual PE Digest

e9:63:54:19:91:42:77:c8:5e:a9:eb:9f:1d:65:f1:f3:35:22:ca:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord800
ord860
ord540
ord354
ord823
ord2915
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord6467
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

??0DE_DLL@@QAE@ABV0@@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
??4DE_DLL@@QAEAAV0@ABV0@@Z
??_7DE_DLL@@6B@
?DC_File@DE_DLL@@QAEHPBD0@Z
?EC_File@DE_DLL@@QAEHPBD0@Z

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DownLoad.exe
.exe windows:4 windows x86 arch:x86

050e27cd4d6ca90ab2b893bf70980901

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a2:fb:be:0f:5c:60:44:04:a7:16:8c:41:2d:bb:be:e0:07:5c:e7:f6
Signer

Actual PE Digest

a2:fb:be:0f:5c:60:44:04:a7:16:8c:41:2d:bb:be:e0:07:5c:e7:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4998
ord4710
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord3584
ord3402
ord3711
ord3571
ord783
ord800
ord860
ord4224
ord1146
ord1168
ord543
ord540
ord2135
ord6650
ord6591
ord6807
ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord4589
ord4588
ord4899
ord4370
ord4892
ord6817
ord5076
ord4340
ord4347
ord4720
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord5281
ord3748
ord1725
ord5260
ord6614
ord6691
ord4432
ord6514
ord818
ord2841
ord803
ord2302
ord2614
ord2107
ord535
ord4299
ord6199
ord6215
ord2112
ord2864
ord4277
ord2763
ord537
ord858
ord4129
ord3663
ord5572
ord2919
ord4160
ord2863
ord2915
ord2393
ord941
ord5356
ord5808
ord1075
ord5204
ord6059
ord3229
ord389
ord823
ord755
ord470
ord4853
ord3706
ord924
ord6197
ord2764
ord2566
ord4133
ord4297
ord5788
ord472
ord2753
ord922
ord5148
ord3752
ord3089
ord6128
ord3874
ord939
ord6803
ord2642
ord640
ord2405
ord5789
ord6172
ord5785
ord1640
ord323
ord5450
ord5440
ord6383
ord6394
ord6877
ord6930
ord4278
ord3790
ord5651
ord3616
ord665
ord3127
ord1979
ord6010
ord5186
ord350
ord354
ord6385
ord5645
ord5583
ord6597
ord6800
ord6478
ord6880
ord6453
ord6699
ord6835
ord1228
ord6663
ord809
ord556
ord1088
ord2122
ord3797
ord2859
ord1200
ord926
ord1949
ord4034
ord2820
ord3811
ord3626
ord825
ord567
ord1641
ord795
ord3721
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord4376
ord5265
ord1134
ord2621
ord2514
ord815
ord561
ord3738
ord4622
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord5277
ord2379
ord2385
ord6374
ord5875
ord2860
ord3619
ord4275
ord2818
ord2414
ord5163
ord5241
ord4407
ord1776
ord4078
ord5683
ord6055
ord1576

msvcrt

_XcptFilter
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbsrchr
_mbsstr
strstr
_ltoa
_mbsnbicmp
_vsnprintf
_mbsicmp
fopen
fread
fclose
_purecall
_ftol
sprintf
_mbscmp
atol
atoi
__CxxFrameHandler
_setmbcp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit

kernel32

IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
SetUnhandledExceptionFilter
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
CreateFileA
GetLastError
SetFilePointer
WriteFile
FlushFileBuffers
SetEvent
GetExitCodeThread
TerminateThread
CloseHandle
WaitForSingleObject
Sleep
CreateEventA
CreateThread
LeaveCriticalSection
EnterCriticalSection
CopyFileA
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
GetPrivateProfileStringA
OutputDebugStringA
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
GetStartupInfoA

user32

wvsprintfA
CopyIcon
FindWindowA
ReleaseDC
SetTimer
LoadIconA
LoadCursorA
SendMessageA
InflateRect
SetWindowLongA
AppendMenuA
ReleaseCapture
SetCursor
GetDC
RedrawWindow
SetCapture
MessageBeep
GetSysColor
GetParent
GetWindowRect
LoadImageA
IsWindowVisible
IsWindow
SetRect
PostMessageA
OffsetRect
PtInRect
InvalidateRect
ShowScrollBar
SetWindowRgn
MessageBoxA
KillTimer
SetWindowPos
DestroyIcon
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
EnableWindow

gdi32

GetTextExtentPoint32A
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
CreateRoundRectRgn
CreateFontA
GetObjectA
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

_TrackMouseEvent

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

ws2_32

setsockopt
recv
htons
connect
closesocket
socket
WSAGetLastError
gethostbyname
inet_addr
inet_ntoa
WSACleanup
WSAStartup
send

ddvec

?EC_File@DE_DLL@@QAEHPBD0@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
?DC_File@DE_DLL@@QAEHPBD0@Z

ddvctrllib

??0CCressXML@@QAE@XZ
?LoadFile@CCressXML@@QAEHPBD@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
??1CCressXML@@UAE@XZ
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
??1CResizeButton@@UAE@XZ
??0CResizeButton@@QAE@XZ
?SetLogPath@CLog@@QAEXPBD0@Z
?g_Log@@3VCLog@@A
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z

wininet

InternetGetConnectedState

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DynamicEffects.dll
.dll windows:4 windows x86 arch:x86

37cea95f6dea791978bd896a2fdf7833

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundW

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord825
ord1105
ord800
ord823
ord2818
ord537
ord3402
ord3742
ord818
ord540
ord567
ord858
ord6442
ord1233
ord4275
ord535
ord2379
ord1200
ord860
ord941
ord4299
ord4278
ord3584
ord543
ord803
ord924
ord2614
ord922
ord6215
ord539
ord923
ord2864
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord3830
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord5683
ord2725
ord1187
ord6605
ord798
ord1997
ord6392
ord5194
ord533
ord4129
ord1949
ord1168
ord4277
ord2764
ord6453
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord1116
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord1176
ord5199

msvcrt

malloc
_adjust_fdiv
_initterm
free
_CIpow
time
srand
rand
atoi
_ftol
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_beginthreadex
wcscpy
_onexit
__dllonexit
??1type_info@@UAE@XZ
_EH_prolog
exit
localtime
strftime
puts
_purecall
__CxxFrameHandler
_mbscmp

kernel32

GetLastError
OutputDebugStringA
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
WaitForSingleObject
InitializeCriticalSection
TerminateThread
CloseHandle
MultiByteToWideChar
GetPrivateProfileIntA
WritePrivateProfileStringA
LocalFree
LocalAlloc
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateThread
GetModuleFileNameA
CreateDirectoryA
GetFileAttributesA
GetExitCodeThread
lstrlenA
GetVersionExA

user32

SetWindowPos
DefWindowProcA
GetClassInfoExA
UnregisterClassA
RegisterClassExA
LoadCursorA
SetCursor
GetWindowRect
GetCursorPos
ScreenToClient
PtInRect
GetDesktopWindow
IsWindowVisible
SetRectEmpty
PostMessageA
IsWindow
GetClientRect
IsIconic
KillTimer
GetWindowLongA
SetWindowLongA
EnableWindow
SetTimer
GetDC
ReleaseDC
CopyRect

gdi32

DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt

comctl32

_TrackMouseEvent

ole32

StgIsStorageFile
StgOpenStorage
StringFromGUID2
CoTaskMemFree

gdiplus

GdipGetPropertySize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipImageSelectActiveFrame
GdipAddPathString
GdipSetSolidFillColor
GdipSetPenColor
GdipDrawImageI
GdipLoadImageFromStream
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRectI
GdipScaleWorldTransform
GdipGetPropertyItem
GdipDrawImageRectRect
GdipDrawImageRectI
GdipCloneImage
GdipCloneBrush
GdipDisposeImage
GdipFree
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipCreatePen1
GdipCreateSolidFill
GdipCreatePath
GdipAddPathStringI
GdipDrawPath
GdipFillPath
GdipDeletePath
GdipDeleteBrush
GdipDeletePen
GdipDeleteStringFormat
GdipDeleteFontFamily
GdipCreateFromHDC
GdipDrawImageRect
GdipReleaseDC
GdipDeleteGraphics
GdipAlloc
GdipLoadImageFromFile
GdipSetPenLineJoin

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z

shlwapi

PathFileExistsW

msimg32

AlphaBlend

Exports

Exports

CreateDEManage

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Guide1.xml
.xml
Guide2.xml
.xml
HallClose.ini
HardwareINFO.dll
.dll windows:4 windows x86 arch:x86

570615494ffe12a103b26a890a6a82d0

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

4a:88:11:20:37:4f:a4:92:78:14:fc:3b:4b:a7:b3:81:a8:d4:22:47
Signer

Actual PE Digest

4a:88:11:20:37:4f:a4:92:78:14:fc:3b:4b:a7:b3:81:a8:d4:22:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord5289
ord561
ord815
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1116
ord1255
ord6467
ord1578
ord600
ord826
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord4486
ord2554
ord6375
ord4274
ord3738
ord825
ord269

msvcrt

_beginthreadex
_except_handler3
atoi
sprintf
malloc
free
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
??2@YAPAXI@Z
_EH_prolog
__CxxFrameHandler
_local_unwind2
__dllonexit

kernel32

LocalFree
GetModuleHandleA
GetProcAddress
GetTickCount
Sleep
WaitForSingleObject
GetExitCodeThread
TerminateThread
CloseHandle
GetVersionExA
LocalAlloc

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

HD_End
HD_GetCpuFrq
HD_GetCpuINFO
HD_Start

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMClient.dll
.dll windows:4 windows x86 arch:x86

a0be5123ef50ba3757edf484cfeaedff

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

97:4b:3c:89:e6:0b:60:b0:06:ee:6a:7f:e0:e8:ef:61:1c:71:af:e8
Signer

Actual PE Digest

97:4b:3c:89:e6:0b:60:b0:06:ee:6a:7f:e0:e8:ef:61:1c:71:af:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

??1CUIListCtrlEx@@UAE@XZ
?PreSubclassWindow@CUIListCtrlBaseTemplate@@MAEXXZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?AddGraph@CCarveGraph@@UAEHPAV1@@Z
??0CUIListCtrlEx@@QAE@XZ
?GetCurrentGraph@CCarveGraph@@UAEPAV1@XZ
?SetGraphParameters@CCarveGraph@@UAEHXZ
?InitCarveGraph@CCarveGraph@@UAEHXZ
?CarveGraphGround@CCarveGraph@@UAEHPAVCDC@@@Z
?CarveGraphDrawItem@CCarveGraph@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?IsGraphSupportCurrentControl@CCarveGraph@@UAEHXZ
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
??0CMenuEx@@QAE@XZ
?SetBackColor@CMenuEx@@QAEXK@Z
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
??1CMenuEx@@UAE@XZ
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
??0CUINoRegularButtonTemplate@@QAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
?OnLButtonDown@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?RemoveGraph@CCarveGraph@@UAEHPAV1@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetColor@CColorStatic@@QAEXKKK@Z
?SetBold@CColorStatic@@QAEX_N@Z
??1CColorStatic@@UAE@XZ
??0CColorStatic@@QAE@XZ
??0CUIButtonTemplate@@QAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??1CCarveGraph@@UAE@XZ

mfc42

ord4317
ord6055
ord4078
ord1776
ord4407
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3742
ord825
ord800
ord2763
ord2818
ord540
ord535
ord755
ord2567
ord470
ord4299
ord2379
ord537
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5241
ord3136
ord4425
ord3597
ord641
ord860
ord324
ord2302
ord4234
ord4710
ord858
ord941
ord2820
ord3811
ord926
ord924
ord922
ord4278
ord4129
ord5710
ord939
ord6877
ord6663
ord925
ord2764
ord5280
ord3663
ord823
ord665
ord354
ord6779
ord1979
ord5186
ord6385
ord773
ord501
ord804
ord686
ord609
ord1083
ord1768
ord6215
ord6785
ord2086
ord1168
ord4284
ord5683
ord2566
ord5981
ord4277
ord567
ord818
ord4275
ord2078
ord3693
ord3626
ord2414
ord4133
ord4297
ord5788
ord1641
ord5600
ord6199
ord2642
ord2754
ord6241
ord3402
ord3571
ord2135
ord1601
ord2864
ord2405
ord5785
ord640
ord5875
ord1640
ord323
ord2574
ord3572
ord2575
ord4396
ord3574
ord556
ord809
ord1793
ord1088
ord2122
ord2859
ord6197
ord6172
ord3706
ord3089
ord1253
ord342
ord1182
ord6438
ord5607
ord2862
ord3092
ord3996
ord4287
ord5572
ord2915
ord6270
ord1644
ord998
ord5621
ord6605
ord4204
ord6134
ord6648
ord3763
ord3874
ord613
ord289
ord2803
ord2639
ord3573
ord2753
ord6021
ord5787
ord6880
ord3708
ord781
ord4220
ord2584
ord3654
ord2438
ord1756
ord3719
ord793
ord3619
ord2452
ord2645
ord3283
ord1269
ord6200
ord6136
ord2935
ord2516
ord361
ord3061
ord3767
ord1200
ord3005
ord1233
ord4123
ord861
ord2688
ord3721
ord795
ord5789
ord3797
ord4402
ord3640
ord4243
ord6905
ord3301
ord6762
ord6696
ord283
ord1949
ord4034
ord4538
ord3394
ord2587
ord4406
ord3729
ord384
ord4267
ord3920
ord2860

msvcrt

_CxxThrowException
__CxxFrameHandler
_mbscmp
atoi
sprintf
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv

kernel32

GetLastError
lstrcmpA
OutputDebugStringA
GetVersion
Sleep
FormatMessageA
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
CreateDirectoryA
GetFileAttributesA
lstrlenA
GetModuleFileNameA
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement

user32

GetDesktopWindow
GetWindowRect
SetWindowRgn
ReleaseDC
InvalidateRect
GetWindowDC
GetParent
ScreenToClient
SetCursor
LoadImageA
LoadCursorA
GetDC
SetWindowLongA
PtInRect
GetCursorPos
WindowFromPoint
IsChild
SendMessageA
IsIconic
FlashWindow
SetForegroundWindow
ClientToScreen
CreatePopupMenu
GetClientRect
OffsetRect
InflateRect
EnableWindow
IsWindow
GetWindowLongA
PostMessageA
DrawStateA
GetWindowTextA
CopyRect
EnableMenuItem
AppendMenuA
SetCapture
ReleaseCapture
SetTimer
KillTimer
wsprintfA
RedrawWindow
FillRect
GetFocus
GetWindow
GetClassNameA
IsWindowVisible

gdi32

CreateRectRgn
CreateDIBitmap
GetStockObject
SetPixel
SelectObject
GetTextExtentPoint32A
GetTextMetricsA
StretchBlt
GetMapMode
CreateSolidBrush
DeleteObject
CombineRgn
SetTextColor
SetBkColor
CreateFontA
RoundRect
SetDIBits
GetDIBits
FillPath
EndPath
Ellipse
BeginPath
CreateCompatibleBitmap
CreateBitmap
GetPixel
Rectangle
CreateCompatibleDC
GetObjectA
BitBlt
CreatePen
DeleteDC

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

_TrackMouseEvent
ImageList_Draw

ole32

OleRun
CoCreateInstance
CoInitialize
CreateILockBytesOnHGlobal
CoUninitialize
OleSetContainedObject
CoInitializeEx
StgCreateDocfileOnILockBytes

oleaut32

SafeArrayGetUBound
SysAllocString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantInit
SysFreeString
VariantClear
GetErrorInfo
SafeArrayGetLBound

publictool

?QueryItem@CHash@@QAEPAXJ@Z
??1CxImageEx@@UAE@XZ
?GetBits@CxImageEx@@QAEPAEK@Z
?InsertItem@CHash@@QAEHJPAX@Z
?Load@CxImageEx@@QAE_NPBDK@Z
??0CxImageEx@@QAE@K@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?GetHashItemNum@CHash@@QAEHXZ
??1CHash@@UAE@XZ
??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXXZ
?GetDIB@CxImageEx@@QBEPAXXZ

Exports

Exports

??0CCarveGraph@@QAE@ABV0@@Z
??4CCarveGraph@@QAEAAV0@ABV0@@Z
??_7CCarveGraph@@6B@
?FlagControlHaveSkin@CAppSysOperation@@QAEXH@Z
?GetCheckButtonChecked@CUINoRegularButtonTemplate@@IAEIXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?SetCheckButtonChecked@CUINoRegularButtonTemplate@@IAEXW4MOUSESTATE@@@Z
?SetSelectIndex@CMenuEx@@QAEXI@Z
CreateIMClient

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IdleTrac.dll
.dll windows:4 windows x86 arch:x86

263c12a197d3bb2ac758eba4a39da260

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:eb:ab:18:0b:78:7b:9c:57:e5:52:f0:8b:40:5e:bf:db:3b:2b:95
Signer

Actual PE Digest

44:eb:ab:18:0b:78:7b:9c:57:e5:52:f0:8b:40:5e:bf:db:3b:2b:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetTickCount

user32

SendMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

Exports

Exports

?Hook_DelAppWnd@@YAXPAUHWND__@@@Z
?Hook_GetAppWnd@@YAXPAUHWND__@@@Z
?Hook_IdleTrackerGetLastTickCount@@YAKXZ
?Hook_IdleTrackerInit@@YAHXZ
?Hook_IdleTrackerTerm@@YAXXZ
?Hook_ReSetLastTickCount@@YAXXZ
?Hook_UserOnLeave@@YAXXZ

Sections

.text
Size: 4KB - Virtual size: 563B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 619B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IdleTra
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ImageOle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

44660346896afa7fcf9a9e309322676b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d9:fe:80:25:2f:3f:11:e2:81:97:64:dc:d5:0a:d3:14:00:a4:fd:4b
Signer

Actual PE Digest

d9:fe:80:25:2f:3f:11:e2:81:97:64:dc:d5:0a:d3:14:00:a4:fd:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
DeleteCriticalSection
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrlenW
CreateFileA
SetFilePointer
ReadFile
InterlockedDecrement
GetTickCount
CloseHandle
GlobalUnlock
InterlockedIncrement
GlobalLock
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar

user32

GetWindowLongA
CreateWindowExA
CallWindowProcA
EndPaint
GetFocus
ShowWindow
GetWindowTextA
GetClientRect
CharNextA
DefWindowProcA
IsWindow
GetClassNameA
GetKeyState
PtInRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
IsWindowVisible
KillTimer
WindowFromDC
DestroyWindow
SendMessageA
SetFocus
ReleaseDC
GetDC
GetParent
IsChild
InvalidateRect
EqualRect
IntersectRect
RegisterClassExA
UpdateWindow
SetTimer
SetWindowLongA
BeginPaint
GetClassInfoExA
LoadCursorA
wsprintfA

gdi32

RestoreDC
CreateDCA
DeleteDC
BitBlt
DeleteObject
SelectClipRgn
CreateRectRgn
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

OleRegGetUserType
CoLoadLibrary
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
WriteClassStm
CreateOleAdviseHolder
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleSaveToStream

oleaut32

SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VariantChangeType
VariantClear
OleCreatePropertyFrame
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

gdiplus

GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipCreateFromHDC
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusShutdown
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipDeleteGraphics
GdipFree

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

__CxxFrameHandler
free
malloc
??2@YAPAXI@Z
realloc
strcat
memcpy
memset
memcmp
_purecall
_adjust_fdiv
strcpy
_mbsrchr
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ItemVer.xml
.xml
KillProcess.exe
.exe windows:4 windows x86 arch:x86

a24455875a598b8ba572823d93757c31

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28-05-2012 00:00

Not After

27-08-2015 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:37:76:25:9c:22:86:1c:a9:f9:eb:c5:d4:90:b6:11:bd:4c:07:06
Signer

Actual PE Digest

f1:37:76:25:9c:22:86:1c:a9:f9:eb:c5:d4:90:b6:11:bd:4c:07:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
TerminateProcess
OpenProcess
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLastError
SetConsoleCtrlHandler
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
SetFilePointer
SetStdHandle
FlushFileBuffers

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatGuest.dll
.dll windows:4 windows x86 arch:x86

0426d11b95ae5c6c7785aed7bbc5acd0

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-10-2019 00:00

Not After

17-10-2030 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:de:97:ce:62:08:98:4d:f8:c1:52:26:c1:90:49:05:7c:17:ca:a7:81:a7:4a:eb:06:e7:2f:65:58:4f:cc:a7
Signer

Actual PE Digest

93:de:97:ce:62:08:98:4d:f8:c1:52:26:c1:90:49:05:7c:17:ca:a7:81:a7:4a:eb:06:e7:2f:65:58:4f:cc:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

?AddListIcon@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddArtStar@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?SetItemGifImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@@Z
?SetItemConsumeImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@H@Z
?SetItemColor@CUIOtherdrawListCtrlTemplate@@QAEXHK@Z
?CloseThread@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DeleteItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetToolTipHitMask@CUIOtherdrawListCtrlTemplate@@QAEGG@Z
?SetListCtrlBackTpye@CUIOtherdrawListCtrlTemplate@@QAEX_N@Z
?SetSelectFrameColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetNewBackType@CUIOtherdrawListCtrlTemplate@@QAEXKK@Z
?SetSelectColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?AddLPVOIDInfo@CUIOtherdrawListCtrlTemplate@@QAEXPAXH@Z
?SelectItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetItemHeight@CUIOtherdrawListCtrlTemplate@@QAEXI@Z
?AddItemStamp@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?DelItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DelAllItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?SetBGColor@CBaseEdit@@QAEXK@Z
?AddStatus@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?DelState@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
??_7CPictureExEx@@6B@
??0CUIListCtrlButtonEx@@QAE@XZ
??1CPictureEx@@UAE@XZ
??0CPictureEx@@QAE@XZ
?SetDrawFrame@CUIListCtrlBaseTemplate@@QAEXH@Z
?SetFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?DrawItem@CUIListCtrlBaseTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?PreSubclassWindow@CUIListCtrlBaseTemplate@@MAEXXZ
?GetMessageMap@CUIListCtrlEx@@MBEPBUAFX_MSGMAP@@XZ
??1CUIListCtrlEx@@UAE@XZ
??0CUIListCtrlEx@@QAE@XZ
?messageMap@CUIListCtrlEx@@1UAFX_MSGMAP@@B
?LoadSkin@CUIOtherdrawListCtrlTemplate@@UAEHPAX@Z
?OnToolTipText@CUIOtherdrawListCtrlTemplate@@MAEHIPAUtagNMHDR@@PAJ@Z
?GetItemToolTipText@CUIOtherdrawListCtrlTemplate@@UAE?AVCString@@HH@Z
?SetItemToolTipText@CUIOtherdrawListCtrlTemplate@@UAEHHHPBD@Z
?DeleteAllToolTips@CUIOtherdrawListCtrlTemplate@@UAEXXZ
?DrawItem@CUIOtherdrawListCtrlTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?WindowProc@CUIOtherdrawListCtrlTemplate@@MAEJIIJ@Z
?OnToolHitTest@CUIOtherdrawListCtrlTemplate@@MBEHVCPoint@@PAUtagTOOLINFOA@@@Z
?PreSubclassWindow@CUIOtherdrawListCtrlTemplate@@MAEXXZ
??0CUIOtherdrawListCtrlTemplate@@QAE@XZ
??1CUIOtherdrawListCtrlTemplate@@UAE@XZ
?messageMap@CUIOtherdrawListCtrlTemplate@@1UAFX_MSGMAP@@B
?OnMouseMove@CUIOtherdrawListCtrlTemplate@@IAEXIVCPoint@@@Z
?LoadSkin@CSkinComboBox@@UAEHPAX@Z
?messageMap@CSkinComboBox@@1UAFX_MSGMAP@@B
?AddMobile@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddWeb@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddNewVip@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?SetTransParent@CUIButtonTemplate@@QAEXH@Z
?AttachHeaderCtrl@CUIListCtrlBaseTemplate@@QAEXXZ
?SetSelectColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetSelectFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetSelectTextColor@CUIListCtrlBaseTemplate@@QAEXK@Z
??1CUISortListCtrlEx@@UAE@XZ
??0CUISortListCtrlEx@@QAE@XZ
??1CSkinExComboBox@@UAE@XZ
??0CSkinExComboBox@@QAE@XZ
?SetTextColor@CBaseEdit@@QAEXKK@Z
?SetBold@CColorStatic@@QAEX_N@Z
?GetPictureExEx@CSkinConfContext@@QAEPAXPBDH@Z
?SetFontColor@CColorStatic@@QAEXK@Z
?AddBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?DelBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?SetBadge@CUIOtherdrawListCtrlTemplate@@QAEXVCString@@H@Z
?SetBackColor@CMenuEx@@QAEXK@Z
?LoadToolBar@CMenuEx@@QAEXII@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?RemoveMenuEx@CMenuEx@@QAEHII@Z
??1CUIListCtrlButtonEx@@UAE@XZ
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
??0CUISliderTemplate@@QAE@XZ
??1CUISliderTemplate@@UAE@XZ
?LoadSkinToBitmap@CAppSysOperation@@SA_NAAVCBitmap@@PAXAA_N@Z
?LoadSkin@CCustomDlg@@QAEHXZ
?SetBold@CUIStaticTemplate@@QAEX_N@Z
?messageMap@CCustomDlg@@1UAFX_MSGMAP@@B
??0CCustomDlg@@QAE@IPAVCWnd@@@Z
??1CCustomDlg@@UAE@XZ
?LoadSkin@CAppSysOperation@@UAEHPAX@Z
?GetRuntimeClass@CMenuEx@@UBEPAUCRuntimeClass@@XZ
?DrawItem@CMenuEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?MeasureItem@CMenuEx@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?SetFrameColor@CBaseEdit@@QAEXK@Z
?SetDrawFrame@CBaseEdit@@QAEXH@Z
??0CBaseEdit@@QAE@XZ
??1CBaseEdit@@UAE@XZ
?SetToolTipText@CUINoRegularButtonTemplate@@QAEXPBD@Z
??0CMemDC@@QAE@PAVCDC@@AAVCRect@@@Z
??1CMemDC@@UAE@XZ
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
?OnInitDialog@CUIDlgTemplate@@MAEHXZ
?messageMap@CUIDlgTemplate@@1UAFX_MSGMAP@@B
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??1CUIDlgTemplate@@UAE@XZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CUIDlgTemplate@@MAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
??0CMenuEx@@QAE@XZ
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
??1CMenuEx@@UAE@XZ
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
??0CUIButtonTemplate@@QAE@XZ
??1CUIButtonTemplate@@UAE@XZ
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetColorFrame@CSkinComboBox@@QAEXK@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
??0CSkinComboBox@@QAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
??0CUIStaticTemplate@@QAE@XZ
??1CSkinComboBox@@UAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
??1CUIStaticTemplate@@UAE@XZ
?SetColor@CColorStatic@@QAEXKKK@Z
??0CColorStatic@@QAE@XZ
??1CColorStatic@@UAE@XZ

winmm

waveOutClose
mixerGetID
mixerGetControlDetailsA
mixerSetControlDetails
sndPlaySoundA
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
waveOutOpen
mmioClose
mmioOpenA
mmioOpenW
mmioAscend
mmioRead
mmioDescend
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetDevCapsA
mixerOpen
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInOpen
mixerClose
mixerGetNumDevs

mfc42

ord3394
ord4538
ord433
ord4033
ord3582
ord4398
ord2097
ord4218
ord2023
ord2411
ord1265
ord5863
ord6145
ord568
ord819
ord5632
ord5594
ord913
ord3021
ord4189
ord955
ord700
ord398
ord6379
ord4267
ord3729
ord4406
ord2587
ord6119
ord562
ord816
ord5148
ord2113
ord6111
ord6128
ord3138
ord4287
ord2112
ord783
ord3711
ord4083
ord3289
ord2455
ord2408
ord1862
ord1795
ord861
ord4123
ord1116
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord538
ord3005
ord4809
ord656
ord3610
ord1601
ord3767
ord3061
ord361
ord2516
ord2935
ord781
ord3920
ord4317
ord2578
ord825
ord3571
ord5265
ord4376
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord641
ord540
ord324
ord3626
ord3663
ord2414
ord4234
ord2864
ord858
ord924
ord6199
ord3092
ord2818
ord6241
ord4710
ord4299
ord2379
ord1768
ord1641
ord535
ord2405
ord5785
ord640
ord1640
ord323
ord6215
ord2086
ord823
ord1168
ord941
ord2764
ord4278
ord5683
ord537
ord5280
ord2302
ord2078
ord860
ord3874
ord3584
ord543
ord1187
ord803
ord668
ord3181
ord3178
ord4058
ord2781
ord2770
ord356
ord1175
ord2370
ord6334
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord3619
ord6055
ord1776
ord5290
ord3402
ord4424
ord3721
ord795
ord2820
ord3811
ord567
ord3573
ord3693
ord755
ord6172
ord5789
ord2860
ord470
ord6442
ord1233
ord4284
ord2642
ord5710
ord4129
ord2763
ord5875
ord3089
ord4476
ord5981
ord922
ord6877
ord2915
ord1200
ord926
ord4853
ord326
ord2688
ord2135
ord818
ord3706
ord4133
ord4297
ord2859
ord5788
ord472
ord2754
ord609
ord693
ord6605
ord1099
ord4277
ord6663
ord6880
ord4402
ord3640
ord6905
ord3998
ord2567
ord3996
ord3301
ord4243
ord501
ord5621
ord1083
ord1949
ord4034
ord6134
ord2566
ord556
ord809
ord2452
ord1088
ord2122
ord2116
ord2546
ord1176
ord291
ord6358
ord613
ord289
ord773
ord6901
ord3977
ord6007
ord6907
ord5642
ord998
ord2639
ord2862
ord3286
ord6157
ord3716
ord790
ord4275
ord3797
ord6197
ord3546
ord3742
ord5787
ord283
ord939
ord4396
ord3574
ord3317
ord665
ord1979
ord6385
ord5186
ord354
ord923
ord6453
ord5810
ord5481
ord2031
ord4411
ord4447
ord4335
ord4863
ord5796
ord5478
ord1971
ord966
ord3570
ord605
ord521
ord278
ord6307
ord4167
ord1638
ord2029
ord2077
ord2575
ord940
ord6200
ord5937
ord6136
ord6779
ord6648
ord3763
ord2513
ord293
ord3771
ord2753
ord1574
ord5607
ord2762
ord5442
ord3318
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord801
ord541
ord804
ord686
ord2301
ord2289
ord536
ord4204
ord3283
ord3258
ord1705
ord430
ord1269
ord4694
ord6883
ord539
ord6143
ord925
ord6785
ord6282
ord6283
ord3097
ord3337
ord1980
ord5600
ord3994
ord2776
ord6467
ord2777
ord798
ord1997
ord6392
ord5194
ord533
ord5572
ord2919
ord6778
ord2096
ord384
ord6930
ord1158
ord2614
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord3803
ord1799
ord614
ord2623
ord290
ord4226
ord2486
ord4003
ord6021
ord5440
ord6383
ord5450
ord6394
ord2784
ord2100
ord2580
ord4400
ord3630
ord682
ord2574
ord3572
ord1793
ord4160
ord5873
ord2515
ord355
ord6696
ord2582
ord3370
ord6762
ord6242
ord5861
ord3752
ord3910
ord4202
ord2089
ord4480
ord6569
ord542
ord5651
ord3616
ord3127
ord5608
ord2393
ord3708
ord5808
ord6058
ord1075
ord5204
ord3229
ord6059
ord389
ord690
ord1988
ord5207
ord353
ord3293
ord3719
ord793
ord2645
ord1567
ord268
ord6888
ord6675
ord5807
ord3698
ord765
ord4224
ord2108
ord6734
ord1929
ord5356

msvcrt

_itoa
_adjust_fdiv
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_EH_prolog
strstr
_vsnprintf
printf
fprintf
memmove
towupper
isdigit
_mbsrchr
isspace
isalnum
wcsncpy
_local_unwind2
_except_handler3
exit
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
malloc
_i64toa
srand
sprintf
localtime
strftime
puts
_beginthreadex
atol
wcslen
_atoi64
rand
strncpy
time
_ftol
wcscpy
_mbscmp
atoi
__CxxFrameHandler
fscanf
fgets
getc
fputc
fflush
_purecall
fclose
fopen
fread
fwrite
fseek
ftell

kernel32

lstrcpynA
GetWindowsDirectoryA
IsValidCodePage
GetCPInfo
GetVersion
LocalAlloc
LocalFree
FindFirstFileA
FindClose
GetCurrentThreadId
FindResourceA
GlobalFree
WriteFile
IsBadWritePtr
VirtualQuery
FormatMessageA
GetLocalTime
SetFilePointer
SetUnhandledExceptionFilter
CreateFileA
GetFileSize
ReadFile
GetLastError
GetSystemInfo
CreateDirectoryA
GetFileAttributesA
WideCharToMultiByte
WinExec
WritePrivateProfileStringA
GetPrivateProfileStringA
OutputDebugStringA
FindResourceW
LoadResource
SizeofResource
LockResource
MultiByteToWideChar
lstrlenW
InterlockedIncrement
GetVersionExA
IsDBCSLeadByte
GetModuleFileNameA
GetTickCount
Sleep
WaitForSingleObject
MulDiv
InterlockedDecrement
CreateThread
GetExitCodeThread
TerminateThread
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileIntA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
lstrcmpA
GetSystemDirectoryA
lstrlenA

user32

wvsprintfA
SetCapture
ReleaseCapture
wsprintfA
UnhookWindowsHookEx
CreateMenu
GetMenuStringA
ModifyMenuA
InsertMenuA
SetWindowsHookExA
CallNextHookEx
GetClassNameA
CallWindowProcA
IsRectEmpty
SetParent
GetScrollInfo
GetWindow
DestroyWindow
MessageBeep
CopyIcon
IsZoomed
RegisterClassA
MoveWindow
EnableMenuItem
MessageBoxA
InflateRect
CopyImage
UpdateWindow
GetDlgCtrlID
BeginPaint
EndPaint
DefWindowProcA
SetRect
SetRectEmpty
IsIconic
ScreenToClient
RegisterClassExA
CreateWindowExA
GetMenuItemID
CreatePopupMenu
CopyRect
GetSysColor
LoadBitmapA
GetClassInfoExA
SetWindowRgn
SetWindowPos
InvalidateRect
LoadImageA
ClientToScreen
FillRect
DrawTextA
KillTimer
GetWindowRect
PtInRect
LoadCursorA
SetCursor
SetTimer
IsWindowVisible
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
LoadMenuA
GetSubMenu
GetClientRect
IsWindow
SendMessageA
EnableWindow
GetDC
GetMenuState
SetFocus
ShowScrollBar
ReleaseDC
GetParent
PostMessageA
GetWindowLongA
SetWindowLongA
GetWindowDC
GetMenuItemCount
OffsetRect
RedrawWindow
GetWindowTextA
DrawStateA
WindowFromPoint
IsChild
SetActiveWindow
ShowWindow
GetMenuItemRect
FindWindowA
LoadIconA
SetForegroundWindow
CheckMenuItem
GetSystemMetrics
UnregisterClassA
GetDesktopWindow
GetAsyncKeyState
GetFocus
SystemParametersInfoA
GetSystemMenu
RemoveMenu
FlashWindow
GetMenu

gdi32

BeginPath
CreateRectRgn
DeleteDC
BitBlt
CreateDIBSection
CreateRoundRectRgn
SetPixel
GetPixel
StretchBlt
CreateCompatibleBitmap
TextOutA
SetTextColor
SetBkMode
EndPath
Rectangle
GetTextExtentPoint32A
GetTextMetricsA
GetMapMode
SetBkColor
CreateBitmap
EnumFontFamiliesExA
GetDeviceCaps
SetDIBits
GetDIBits
FillPath
Ellipse
PathToRegion
CombineRgn
CreateFontA
GetStockObject
CreateSolidBrush
CreatePen
SelectObject
RoundRect
CreateFontIndirectA
DeleteObject
CreateCompatibleDC
CreateDIBitmap
SetMapMode
GetObjectA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

comctl32

ImageList_Add
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent

ole32

CoInitialize
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
OleSetContainedObject
ReleaseStgMedium
OleDuplicateData
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
OleRun

olepro32

ord251

oleaut32

CreateErrorInfo
SysAllocStringByteLen
SysAllocString
VariantInit
VariantCopy
VariantChangeType
VariantClear
SysFreeString
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SetErrorInfo
SysStringByteLen

wsock32

sendto
socket
gethostbyname
WSACleanup
WSAGetLastError
select
__WSAFDIsSet
shutdown
closesocket
recvfrom
inet_addr

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

gdiplus

GdipDrawString
GdipGetFontSize
GdipDeleteFontFamily
GdipCreatePen1
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateStringFormat
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipFillRectangleI
GdipCreateSolidFill
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipCloneBrush
GdipCreateFontFamilyFromName
GdipCloneImage
GdipDrawImageRect
GdipLoadImageFromFile
GdipReleaseDC
GdipDeletePath
GdipDrawPath
GdipAddPathStringI
GdipCreatePath
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawRectangleI
GdipDeletePen
GdipDeleteFont
GdipDeleteBrush
GdipDeleteStringFormat
GdipDisposeImage
GdipDeleteGraphics
GdipCreateFont

publictool

?Load@CxImage@@QAE_NPBDK@Z
?InitParam@CHash@@QAEHXZ
??0CHash@@QAE@K@Z
??1CHash@@UAE@XZ
?FindNext@CHash@@QAEPAXXZ
?FindFirst@CHash@@QAEXH@Z
?InsertItem@CHash@@QAEHJPAX@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?SetPos@CBuffer@@QAEXKK@Z
?GetBufferLen@CBuffer@@QAEKXZ
?GetBuffer@CBuffer@@QAEPAEXZ
??0CBuffer@@QAE@K@Z
??1CBuffer@@UAE@XZ
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?GetRealBuffer@CBuffer@@QAEPBEXZ
?GetRealLen@CBuffer@@QAEKXZ
??0CBuffer@@QAE@PAEK@Z
??0CBuffer@@QAE@ABV0@@Z
?base64_encode@CBase64@@SAHPADI0@Z
??_FCxImageEx@@QAEXXZ
?IsValid@CxImage@@QBE_NXZ
?IsValid@CxImageEx@@QBE_NXZ
?SetTransColor@CxImageEx@@QAEXUtagRGBQUAD@@@Z
?SetTransIndex@CxImageEx@@QAEXJ@Z
?GetPixelColor@CxImageEx@@QAE?AUtagRGBQUAD@@JJ_N@Z
?base64_decode@CBase64@@SAHPADI0@Z
?GetHashItemNum@CHash@@QAEHXZ
?InsertItem@CHash@@QAEHPBDPAX@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?UnCompressNetData@CZip@@SA_NPAEPAKPBEK@Z
?GetWidth@CxImageEx@@QBEKXZ
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?GetHeight@CxImageEx@@QBEKXZ
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?Resample@CxImageEx@@QAE_NJJHPAVCxImage@@@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
??1CxImageEx@@UAE@XZ
?QueryItem@CHash@@QAEPAXJ@Z
??0CxImage@@QAE@ABV0@_N11@Z
?IsGrayScale@CxImage@@QAE_NXZ
?IncreaseBpp@CxImage@@QAE_NK@Z
?SetJpegQuality@CxImage@@QAEXE@Z
?Save@CxImage@@QAE_NPBDK@Z
??0CxImageEx@@QAE@K@Z
?Load@CxImageEx@@QAE_NPBDK@Z
?GetDIB@CxImageEx@@QBEPAXXZ
?Draw@CxImageEx@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?GetBits@CxImageEx@@QAEPAEK@Z
??0CxImage@@QAE@K@Z
?DestroyFrames@CxImage@@QAE_NXZ
?Destroy@CxImage@@QAE_NXZ
??1CxMemFile@@UAE@XZ
?Close@CxMemFile@@UAE_NXZ
?Read@CxMemFile@@UAEIPAXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?Seek@CxMemFile@@UAE_NJH@Z
?Tell@CxMemFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Flush@CxMemFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxMemFile@@UAEJXZ
?PutC@CxMemFile@@UAE_NE@Z
?GetC@CxMemFile@@UAEJXZ
?GetS@CxMemFile@@UAEPADPADH@Z
?Scanf@CxMemFile@@UAEJPBDPAX@Z
??0CxMemFile@@QAE@PAEK@Z

shlwapi

PathFileExistsA
PathIsDirectoryA

pdh

PdhGetRawCounterValue
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhRemoveCounter
PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhComputeCounterStatistics

Exports

Exports

??0CFlashTab@@QAE@PAVCWnd@@@Z
??0CPictureExEx@@QAE@XZ
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??0mutecontrol@@QAE@ABV0@@Z
??0mutecontrol@@QAE@XZ
??1CFlashTab@@UAE@XZ
??1CPictureExEx@@UAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1mutecontrol@@UAE@XZ
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4mutecontrol@@QAEAAV0@ABV0@@Z
??_7CFlashTab@@6B@
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_7mutecontrol@@6B@
??_FCFlashTab@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Close@mutecontrol@@QAEXXZ
?Create@mutecontrol@@QAEXPAVCWnd@@KK@Z
?DoDataExchange@CFlashTab@@MAEXPAVCDataExchange@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetAppPath@CFlashTab@@AAEXXZ
?GetC@CxIOFile@@UAEJXZ
?GetFrameCount@CPictureExEx@@QBEHXZ
?GetMessageMap@CFlashTab@@MBEPBUAFX_MSGMAP@@XZ
?GetNextBlock@CPictureExEx@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CPictureExEx@@IBEHXZ
?GetNextGraphicBlock@CPictureExEx@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetPaintRect@CPictureExEx@@QAEHPAUtagRECT@@@Z
?GetS@CxIOFile@@UAEPADPADH@Z
?GetSize@CPictureExEx@@QBE?AUtagSIZE@@XZ
?GetSubBlocksLen@CPictureExEx@@IBEII@Z
?GetValue@mutecontrol@@QAEKXZ
?IsAnimatedGIF@CPictureExEx@@QBEHXZ
?IsGIF@CPictureExEx@@QBEHXZ
?IsPlaying@CPictureExEx@@QBEHXZ
?Load@CPictureExEx@@QAEHPAXK@Z
?Load@CPictureExEx@@QAEHPBD0@Z
?Load@CPictureExEx@@QAEHPBD@Z
?OnButtonClose@CFlashTab@@IAEXXZ
?OnInitDialog@CFlashTab@@MAEHXZ
?OnKillFocus@CFlashTab@@IAEXPAVCWnd@@@Z
?OnNotify@CFlashTab@@MAEHIJPAJ@Z
?OnPaint@CFlashTab@@IAEXXZ
?OnSelect@CFlashTab@@IAEJIJ@Z
?OnSetFocus@CFlashTab@@IAEJIJ@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?ResetDataPointer@CPictureExEx@@IAEXXZ
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?SetPaintRect@CPictureExEx@@QAEHPBUtagRECT@@@Z
?SetValue@mutecontrol@@QAEXK@Z
?Size@CxIOFile@@UAEJXZ
?SkipNextBlock@CPictureExEx@@IAEHXZ
?SkipNextGraphicBlock@CPictureExEx@@IAEHXZ
?Tell@CxIOFile@@UAEJXZ
?UnLoad@CPictureExEx@@QAEXXZ
?Write@CxIOFile@@UAEIPBXII@Z
?_GetBaseMessageMap@CFlashTab@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CFlashTab@@0QBUAFX_MSGMAP_ENTRY@@B
?initCtrl@CFlashTab@@AAEXXZ
?messageMap@CFlashTab@@1UAFX_MSGMAP@@B
CreatePublicDLL

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 588KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV.dll
.dll windows:4 windows x86 arch:x86

e1d038c4fb68c3fb0b8b045def5d3323

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

0b:10:5b:bf:bb:6f:0b:f7:d0:82:c1:e4:ac:f3:f1:87:90:70:81:61
Signer

Actual PE Digest

0b:10:5b:bf:bb:6f:0b:f7:d0:82:c1:e4:ac:f3:f1:87:90:70:81:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord924
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord537
ord1187
ord2915
ord858
ord2584
ord2754
ord686
ord384
ord2438
ord2408
ord2753
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord5572
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord5875
ord323
ord1640
ord1641
ord4220
ord5785
ord600
ord826
ord269
ord2567
ord2566
ord2405
ord640
ord2414
ord3663
ord3626
ord540
ord800
ord3571
ord823
ord3654
ord825
ord1116

msvcrt

__CxxFrameHandler
memmove
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetMenuItemID
AppendMenuA
InsertMenuA
GetMenuStringA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetSubMenu
FillRect
CreatePopupMenu

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV3.dll
.dll windows:4 windows x86 arch:x86

a8b672a59ea92c75fce5e761d2c1ee20

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:83:c2:01:1d:88:f7:5d:5c:b7:94:ef:a5:59:78:92:87:a4:bd:a1:6a:c3:ea:93:b5:4b:89:2f:bd:5e:57:7d
Signer

Actual PE Digest

e2:83:c2:01:1d:88:f7:5d:5c:b7:94:ef:a5:59:78:92:87:a4:bd:a1:6a:c3:ea:93:b5:4b:89:2f:bd:5e:57:7d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord924
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord537
ord1187
ord2915
ord858
ord2584
ord2754
ord686
ord384
ord2438
ord2408
ord2753
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord5572
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord5875
ord323
ord1640
ord1641
ord4220
ord5785
ord600
ord826
ord269
ord2567
ord2566
ord2405
ord640
ord2414
ord3626
ord3663
ord540
ord800
ord3571
ord823
ord3654
ord825
ord1116

msvcrt

__CxxFrameHandler
memmove
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetSystemMetrics
GetMenuItemID
AppendMenuA
InsertMenuA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetSubMenu
CreatePopupMenu
FillRect
GetMenuStringA

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV6.dll
.dll windows:4 windows x86 arch:x86

f947144efc164dfe710de58cbd2133f6

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

4e:9a:7a:04:ec:ac:3a:7d:b2:ed:7b:b1:33:1a:14:a8:73:a6:c4:b7
Signer

Actual PE Digest

4e:9a:7a:04:ec:ac:3a:7d:b2:ed:7b:b1:33:1a:14:a8:73:a6:c4:b7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord537
ord1187
ord2915
ord4220
ord924
ord5785
ord686
ord384
ord2438
ord2408
ord2753
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord5572
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord858
ord5875
ord323
ord1640
ord2584
ord1641
ord600
ord826
ord269
ord2754
ord2567
ord2405
ord640
ord2414
ord3626
ord3663
ord540
ord800
ord3571
ord823
ord3654
ord825
ord1116

msvcrt

__CxxFrameHandler
memmove
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetMenuItemID
AppendMenuA
InsertMenuA
GetMenuStringA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetSubMenu
FillRect
CreatePopupMenu

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV8.dll
.dll windows:4 windows x86 arch:x86

9546a34f59839479812ba988c86eed5c

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:1c:5e:6e:56:7a:27:df:ce:bf:79:c6:a9:2f:a6:c9:40:d1:a5:86:73:88:c3:d0:af:4e:c1:ac:53:a2:bb:8c
Signer

Actual PE Digest

51:1c:5e:6e:56:7a:27:df:ce:bf:79:c6:a9:2f:a6:c9:40:d1:a5:86:73:88:c3:d0:af:4e:c1:ac:53:a2:bb:8c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord323
ord5875
ord924
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord1187
ord2915
ord1640
ord640
ord3654
ord686
ord384
ord2438
ord2408
ord2753
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord5572
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord1641
ord5785
ord2754
ord2567
ord2566
ord4220
ord2405
ord600
ord826
ord269
ord537
ord5683
ord4278
ord858
ord2414
ord3626
ord3663
ord540
ord800
ord3571
ord823
ord2584
ord825
ord1116

msvcrt

__CxxFrameHandler
memmove
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetMenuItemID
AppendMenuA
InsertMenuA
GetMenuStringA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetSubMenu
FillRect
CreatePopupMenu

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiTenRoom.dll
.dll windows:4 windows x86 arch:x86

75b835223c48abfb0e5ea84d00bd9a1d

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-10-2019 00:00

Not After

17-10-2030 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:5d:5f:82:54:27:f1:bd:54:5a:c3:f0:d6:d6:bb:d0:fb:31:f1:9b:bc:bb:34:c4:4d:05:54:64:09:df:d3:35
Signer

Actual PE Digest

dd:5d:5f:82:54:27:f1:bd:54:5a:c3:f0:d6:d6:bb:d0:fb:31:f1:9b:bc:bb:34:c4:4d:05:54:64:09:df:d3:35

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

mixerGetLineControlsA
mixerGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerSetControlDetails
mixerGetControlDetailsA
mixerClose
sndPlaySoundA
mixerGetLineInfoA

mvuilib

?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
?SetSkinConfContext@CUIDlgTemplate@@QAEXPAVCSkinConfContext@@@Z
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
??0CBaseComboBox@@QAE@XZ
??1CBaseComboBox@@UAE@XZ
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?SetSelectColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetSelectFrameColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetListCtrlBackTpye@CUIOtherdrawListCtrlTemplate@@QAEX_N@Z
?GetBitmapWidth@CAppSysOperation@@QAEHXZ
?GetBitmapHeight@CAppSysOperation@@QAEHXZ
??0CUIOtherdrawListCtrlTemplate@@QAE@XZ
??1CUIOtherdrawListCtrlTemplate@@UAE@XZ
?OnInitDialog@CUIDlgTemplate@@MAEHXZ
?SetFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetDrawFrame@CUIListCtrlBaseTemplate@@QAEXH@Z
?messageMap@CUIDlgTemplate@@1UAFX_MSGMAP@@B
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??0CUIListCtrlButtonEx@@QAE@XZ
??1CUIDlgTemplate@@UAE@XZ
??1CUIListCtrlButtonEx@@UAE@XZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?PaintBackGround@CUIDlgTemplate@@MAEHPAVCDC@@@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?OnLButtonDown@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?SetBold@CColorStatic@@QAEX_N@Z
??1CMenuEx@@UAE@XZ
??0CMenuEx@@QAE@XZ
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
?GetRuntimeClass@CMenuEx@@UBEPAUCRuntimeClass@@XZ
?DrawItem@CMenuEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?MeasureItem@CMenuEx@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?DefWindowProcA@CColorStatic@@MAEJIIJ@Z
?WindowProc@CColorStatic@@MAEJIIJ@Z
?PreSubclassWindow@CColorStatic@@UAEXXZ
?OnMouseMove@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?AddLPVOIDInfo@CUIOtherdrawListCtrlTemplate@@QAEXPAXH@Z
?SetToolTipHitMask@CUIOtherdrawListCtrlTemplate@@QAEGG@Z
?SetItemGifImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@@Z
?SetItemColor@CUIOtherdrawListCtrlTemplate@@QAEXHK@Z
?SetItemConsumeImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@H@Z
?RemoveMenuEx@CMenuEx@@QAEHII@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
?SetItemHeight@CUIOtherdrawListCtrlTemplate@@QAEXI@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?SelectItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DeleteItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
??1CUIStaticTemplate@@UAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
??1CColorStatic@@UAE@XZ
??1CSkinComboBox@@UAE@XZ
??0CUIStaticTemplate@@QAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
??0CColorStatic@@QAE@XZ
??0CSkinComboBox@@QAE@XZ
?SetColor@CColorStatic@@QAEXKKK@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?SetColorFrame@CSkinComboBox@@QAEXK@Z
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
??1CBaseEdit@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??0CBaseEdit@@QAE@XZ
??0CUIButtonTemplate@@QAE@XZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
?SetFrameColor@CBaseEdit@@QAEXK@Z
?SetDrawFrame@CBaseEdit@@QAEXH@Z

msimg32

AlphaBlend

mfc42

ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord269
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord826
ord3771
ord356
ord2770
ord1980
ord668
ord5265
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord540
ord825
ord2302
ord860
ord2818
ord858
ord924
ord2078
ord6199
ord6241
ord535
ord537
ord4299
ord3874
ord2370
ord3092
ord6334
ord4376
ord4853
ord6055
ord1776
ord5241
ord5290
ord3402
ord4424
ord641
ord567
ord324
ord2135
ord818
ord4234
ord4710
ord2688
ord823
ord3626
ord3663
ord755
ord2414
ord4133
ord4297
ord5788
ord472
ord2754
ord470
ord3706
ord6215
ord1641
ord2859
ord2379
ord922
ord2915
ord3571
ord809
ord773
ord556
ord501
ord1088
ord2122
ord6901
ord6905
ord3977
ord6007
ord6907
ord5642
ord1083
ord998
ord2764
ord2639
ord2862
ord3286
ord2086
ord1168
ord6605
ord640
ord5785
ord1640
ord1146
ord323
ord2405
ord6157
ord3716
ord790
ord4275
ord3797
ord6197
ord3546
ord3742
ord1233
ord2864
ord3089
ord3619
ord2116
ord4284
ord6172
ord5875
ord5789
ord2567
ord2566
ord283
ord1175
ord939
ord4396
ord3574
ord2438
ord6270
ord941
ord4129
ord1644
ord2763
ord4278
ord5683
ord5621
ord665
ord354
ord6779
ord940
ord1979
ord5442
ord3318
ord5186
ord6385
ord804
ord686
ord609
ord1768
ord6785
ord5981
ord4277
ord3693
ord5600
ord2642
ord3573
ord6663
ord2575
ord2574
ord3572
ord1793
ord4160
ord6358
ord5873
ord3721
ord795
ord6453
ord2860
ord613
ord289
ord6021
ord5787
ord6880
ord926
ord2393
ord5356
ord5808
ord6058
ord1075
ord5204
ord3229
ord6059
ord389
ord690
ord798
ord1988
ord533
ord5207
ord5572
ord6877
ord923
ord3301
ord3996
ord2452
ord4476
ord384
ord2289
ord6696
ord2100
ord2096
ord2298
ord2119
ord353
ord1187
ord4220
ord2584
ord3654
ord2408
ord2753
ord2097
ord807
ord4163
ord6625
ord554
ord2863
ord5440
ord6383
ord5450
ord6394
ord3317
ord2582
ord4402
ord3640
ord3293
ord3910
ord4202
ord3452
ord2515
ord355
ord5710
ord5607
ord1200
ord3708
ord781
ord1756
ord6134
ord3719
ord793
ord326
ord2645
ord3998
ord2380
ord2776
ord1929
ord3005
ord1601
ord538
ord2919
ord4123
ord861
ord539
ord4400
ord3630
ord682
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3754
ord3753
ord3370
ord693
ord4243
ord6242
ord2714
ord3711
ord783
ord2112
ord6442
ord4287
ord3138
ord6128
ord3752
ord398
ord700
ord291
ord4189
ord3021
ord913
ord5594
ord5632
ord6200
ord5937
ord6136
ord6648
ord3763
ord2513
ord293
ord1949
ord4034
ord4538
ord3394
ord2587
ord4406
ord3729
ord4267
ord3920
ord4317
ord5575
ord4033
ord433
ord1799
ord614
ord2623
ord290
ord4622
ord4226
ord2486
ord4003
ord3584
ord543
ord803
ord3283
ord3258
ord1705
ord430
ord1269
ord2935
ord2516
ord361
ord3061
ord3767
ord1158
ord2614
ord2820
ord3811
ord536
ord3337
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord815
ord561
ord3953
ord801
ord541
ord6111
ord6195
ord3870
ord4204
ord6283
ord925
ord4694
ord2065
ord6883
ord6143
ord2546
ord955

msvcrt

rand
_except_handler3
_local_unwind2
wcsncpy
isalnum
isspace
_CxxThrowException
_mbsrchr
sprintf
malloc
strncpy
time
_i64toa
atol
_snprintf
_EH_prolog
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
free
_initterm
_adjust_fdiv
fopen
fprintf
fclose
_ftol
memmove
_purecall
strstr
_mbscmp
atoi
__CxxFrameHandler
towupper
wcslen

kernel32

LoadLibraryA
GetProcAddress
OutputDebugStringA
FreeLibrary
GetModuleHandleA
WinExec
GetModuleFileNameA
InterlockedDecrement
Sleep
InterlockedIncrement
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetLocalTime
CloseHandle
CreateThread
GlobalAlloc
GlobalLock
GlobalUnlock
GetVersionExA
LocalAlloc
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
lstrcmpA
lstrcpynA
GetWindowsDirectoryA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetExitCodeThread
TerminateThread
WriteFile
IsBadWritePtr
VirtualQuery
FormatMessageA
SetFilePointer
SetUnhandledExceptionFilter
GetLastError
lstrlenA
CreateFileA
GetFileSize
ReadFile
GetTickCount

user32

OpenClipboard
MessageBoxA
RedrawWindow
wsprintfA
GetClassNameA
GetMenu
AdjustWindowRectEx
SetPropA
GetPropA
GetClassInfoExA
RegisterClassExA
RegisterClassA
SetFocus
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
SetActiveWindow
GetDesktopWindow
CopyIcon
MessageBeep
EmptyClipboard
CallWindowProcA
GetScrollInfo
SetParent
IsRectEmpty
OffsetRect
UpdateWindow
GrayStringA
DrawTextA
TabbedTextOutA
SetForegroundWindow
IsIconic
GetSystemMetrics
DrawIcon
LoadIconA
ReleaseCapture
SetCapture
EnableMenuItem
GetMessagePos
wvsprintfA
GetWindowLongA
SetWindowLongA
GetMenuItemRect
CreateWindowExA
SetClipboardData
CloseClipboard
GetAsyncKeyState
GetWindow
FlashWindow
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetSubMenu
GetMenuStringA
SendMessageA
GetDlgCtrlID
GetFocus
EnableWindow
GetClientRect
SetTimer
ReleaseDC
SetWindowRgn
GetDC
KillTimer
InsertMenuA
AppendMenuA
GetMenuItemID
RemoveMenu
GetSysColor
ShowWindow
CopyRect
GetWindowTextA
DrawStateA
GetWindowDC
SetWindowPos
WindowFromPoint
IsChild
SendMessageTimeoutA
InflateRect
CreatePopupMenu
GetWindowRect
FillRect
ClientToScreen
LoadImageA
IsWindow
DestroyWindow
MoveWindow
SetRectEmpty
PostMessageA
IsWindowVisible
GetCursorPos
LoadBitmapA
PtInRect
InvalidateRect
SetCursor
LoadCursorA
ScreenToClient
GetParent

gdi32

CreateCompatibleDC
GetObjectA
BitBlt
StretchBlt
GetStockObject
CreateFontA
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
CreateCompatibleBitmap
Rectangle
DeleteObject
ExtTextOutA
CreateDIBitmap
CreateSolidBrush
TextOutA
GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
GetMapMode
PtVisible
RectVisible
Escape
StretchDIBits
SetStretchBltMode
SetDIBits
GetDIBits
FillPath
Ellipse
CreateRoundRectRgn
CreateRectRgn
BeginPath
EndPath
PathToRegion
CreatePen
CombineRgn

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
FlatSB_EnableScrollBar
InitializeFlatSB

ole32

OleSetContainedObject
CoCreateInstance
CoInitialize
CoUninitialize
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoInitializeEx
OleRun

oleaut32

VariantClear
VariantChangeType
VariantCopy
VariantInit
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SetErrorInfo
CreateErrorInfo

publictool

?InitParam@CHash@@QAEHXZ
?InsertItem@CHash@@QAEHJPAX@Z
??0CHash@@QAE@K@Z
?FindNext@CHash@@QAEPAXXZ
??1CHash@@UAE@XZ
?GetHashItemNum@CHash@@QAEHXZ
??0CxImageEx@@QAE@K@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?QueryItem@CHash@@QAEPAXPBD@Z
??1CxImageEx@@UAE@XZ
?GetBits@CxImageEx@@QAEPAEK@Z
?GetDIB@CxImageEx@@QBEPAXXZ
?Load@CxImageEx@@QAE_NPBDK@Z
?FindFirst@CHash@@QAEXH@Z
?base64_decode@CBase64@@SAHPADI0@Z
??1CBuffer@@UAE@XZ
??0CBuffer@@QAE@K@Z
?GetBufferLen@CBuffer@@QAEKXZ
?SetPos@CBuffer@@QAEXKK@Z
?GetBuffer@CBuffer@@QAEPAEXZ
?base64_encode@CBase64@@SAHPADI0@Z
?QueryItem@CHash@@QAEPAXJ@Z
?DeleteItem@CHash@@QAEPAXJ@Z

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?_Xlen@std@@YAXXZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z

Exports

Exports

??0CRoomInfo@@QAE@ABV0@@Z
??0CRoomInfo@@QAE@XZ
??1CRoomInfo@@UAE@XZ
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CRoomInfo@@UAEAAV0@ABV0@@Z
??_7CRoomInfo@@6B@
?ClearAll@CRoomInfo@@QAEXXZ
?DeleteAllUser@CRoomInfo@@QAEXXZ
?GetCurrentNumber@CRoomInfo@@QAEHXZ
?GetCurrentRoomStats@CRoomInfo@@QAEHXZ
?GetEnterRoomType@CRoomInfo@@QAEHXZ
?GetID@CRoomInfo@@QAE?AVCString@@XZ
?GetIntroduce@CRoomInfo@@QAE?AVCString@@XZ
?GetLeader@CRoomInfo@@QAEPAVCUserInfo@@XZ
?GetLevel@CRoomInfo@@QAEHXZ
?GetLimitNumber@CRoomInfo@@QAEHXZ
?GetMasterID@CRoomInfo@@QAE?AVCString@@XZ
?GetName@CRoomInfo@@QAE?AVCString@@XZ
?GetOther@CRoomInfo@@QAE?AVCString@@XZ
?GetPassword@CRoomInfo@@QAE?AVCString@@XZ
?GetPort@CRoomInfo@@QAEHXZ
?GetRoomLevel@CRoomInfo@@QAEHXZ
?GetSort@CRoomInfo@@QAEHXZ
?GetStatus@CRoomInfo@@QAEHXZ
?GetType@CRoomInfo@@QAEHXZ
?GetUser@CRoomInfo@@QAEXHPAVCHash@@@Z
?GetVip@CRoomInfo@@QAE_NXZ
?SetCurrentNumber@CRoomInfo@@QAEXH@Z
?SetCurrentRoomStats@CRoomInfo@@QAEXH@Z
?SetEnterRoomType@CRoomInfo@@QAEXH@Z
?SetID@CRoomInfo@@QAEXPBD@Z
?SetIntroduce@CRoomInfo@@QAEXPBD@Z
?SetLevel@CRoomInfo@@QAEXH@Z
?SetLimitNumber@CRoomInfo@@QAEXH@Z
?SetMasterID@CRoomInfo@@QAEXABVCString@@@Z
?SetName@CRoomInfo@@QAEXPBD@Z
?SetOther@CRoomInfo@@QAEXVCString@@@Z
?SetPassword@CRoomInfo@@QAEXPBD@Z
?SetPort@CRoomInfo@@QAEXH@Z
?SetRoomLevel@CRoomInfo@@QAEXH@Z
?SetSort@CRoomInfo@@QAEXH@Z
?SetStatus@CRoomInfo@@QAEXH@Z
?SetType@CRoomInfo@@QAEXH@Z
?SetVipRoom@CRoomInfo@@QAEX_N@Z
CreateKTV
GetDllIndex

Sections

.text
Size: 596KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SockClient.dll
.dll windows:4 windows x86 arch:x86

cb60030ac34733f9d54bf7fb6ca76574

Code Sign

5d:10:a7:bd:1c:78:2a:f4:68:0b:86:ca:c1:c8:1b:2b
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

26-08-2015 02:19

Not After

26-10-2018 02:19

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

41:64:8d:9e:73:52:e3:4f:ee:50:6c:b0:d6:c8:bc:38:cc:c1:51:46
Signer

Actual PE Digest

41:64:8d:9e:73:52:e3:4f:ee:50:6c:b0:d6:c8:bc:38:cc:c1:51:46

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

send
recv
select
__WSAFDIsSet
getsockopt
htons
inet_addr
connect
socket
closesocket
WSACleanup
ioctlsocket
WSAStartup

mfc42

ord1182
ord540
ord800
ord2818
ord858
ord4278
ord5683
ord2764
ord4202
ord537
ord860
ord342
ord1253
ord1168
ord5607
ord1083
ord5621
ord773
ord803
ord825
ord543
ord501
ord3584
ord823

msvcrt

_adjust_fdiv
malloc
_initterm
free
__dllonexit
_mbsrchr
_purecall
__CxxFrameHandler
_onexit

kernel32

GetModuleHandleA
GetLastError
SetEvent
GetExitCodeThread
TerminateThread
ResetEvent
WaitForSingleObject
Sleep
OutputDebugStringA
CreateThread
CreateEventA
WriteFile
IsBadWritePtr
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetModuleFileNameA
SetUnhandledExceptionFilter
WinExec
CloseHandle
VirtualQuery
SetFilePointer
CreateFileA
GetLocalTime
FormatMessageA
EnterCriticalSection

user32

wvsprintfA

publictool

??0CBuffer@@QAE@ABV0@@Z
??1CBuffer@@UAE@XZ
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?SetPos@CBuffer@@QAEXKK@Z
?GetRealBuffer@CBuffer@@QAEPBEXZ
?GetBufferLen@CBuffer@@QAEKXZ
??0CBuffer@@QAE@K@Z
?GetRealLen@CBuffer@@QAEKXZ

Exports

Exports

CreateClientSock

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
active.ini
allplat.xml
broadcastchat.xml
.xml
car.xml
.xml
car_in.txt
carimage/defaultcar.png
.png
chat.xml
.xml
chatQK.xml
.xml
client.xml
face/0.gif
.gif
file.txt
filnick.xml
.xml
filter.xml
.xml
help.xml
.xml
item/2_6.gif
.gif
item/itemconfig.xml
libfaac_dll.dll
.dll windows:6 windows x86 arch:x86

f78bd506dabc0cbe6420d85541776a6a

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:41:4e:ad:3f:dd:ad:86:fa:7e:ca:5a:38:7f:a4:56:8d:2a:b4:13:2a:04:ba:8d:54:26:ca:ec:ae:66:a0:b4
Signer

Actual PE Digest

d2:41:4e:ad:3f:dd:ad:86:fa:7e:ca:5a:38:7f:a4:56:8d:2a:b4:13:2a:04:ba:8d:54:26:ca:ec:ae:66:a0:b4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr120

fprintf
_libm_sse2_cos_precise
_libm_sse2_sin_precise
memcpy
_libm_sse2_asin_precise
_except1
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
__iob_func
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
exit
sprintf
_libm_sse2_log10_precise
memset
_libm_sse2_sqrt_precise
_libm_sse2_pow_precise
_libm_sse2_log_precise
malloc
_initterm_e
free

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
DisableThreadLibraryCalls

Exports

Exports

faacEncClose
faacEncEncode
faacEncGetCurrentConfiguration
faacEncGetDecoderSpecificInfo
faacEncGetVersion
faacEncOpen
faacEncSetConfiguration

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libfaad2_dll.dll
.dll windows:6 windows x86 arch:x86

813f63d63f087a389b103272be789261

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:c3:0f:99:ec:6f:1b:11:b8:57:c9:38:0b:8c:c6:08
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-10-2018 00:00

Not After

29-10-2021 12:00

Subject

CN=金华就约我吧网络科技有限公司,O=金华就约我吧网络科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04-01-2017 00:00

Not After

18-01-2028 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:a9:a5:58:a8:a1:5a:cc:02:91:2f:0a:01:02:7e:91:d9:51:16:bd:2c:dc:b8:da:e2:3e:77:ea:71:25:2f:43
Signer

Actual PE Digest

e2:a9:a5:58:a8:a1:5a:cc:02:91:2f:0a:01:02:7e:91:d9:51:16:bd:2c:dc:b8:da:e2:3e:77:ea:71:25:2f:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr120

memcpy
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_libm_sse2_log_precise
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
qsort
memmove
_libm_sse2_sqrt_precise
_libm_sse2_pow_precise
memset
malloc
free
_libm_sse2_sin_precise
_initterm
_libm_sse2_cos_precise

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls

Exports

Exports

NeAACDecAudioSpecificConfig
NeAACDecClose
NeAACDecDecode
NeAACDecGetCurrentConfiguration
NeAACDecGetErrorMessage
NeAACDecInit
NeAACDecInit2
NeAACDecOpen
NeAACDecSetConfiguration

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lobby.ini
mfc100u.dll
.dll windows:5 windows x86 arch:x86

bd8b4b626cddac3b44f6c27ca0683f8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc100u.i386.pdb

Imports

kernel32

LoadLibraryA
EncodePointer
DecodePointer
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
GetEnvironmentVariableA
FormatMessageA
GetEnvironmentVariableW
LoadLibraryExW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
VirtualProtect
RaiseException
lstrcpyA
GetVersion
CompareStringW
IsDBCSLeadByte
GetUserDefaultLCID
FindResourceExW
lstrlenA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GlobalAddAtomW
GetCurrentProcessId
SetErrorMode
GlobalDeleteAtom
CompareStringA
lstrcmpA
WideCharToMultiByte
GetCurrentThread
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
SearchPathW
GlobalSize
GetFileAttributesW
GetFileSize
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsFree
TlsAlloc
LocalFree
LocalAlloc
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
SetThreadPriority
GetLocaleInfoW
GetNumberFormatW
lstrcmpiW
GetWindowsDirectoryW
GetTickCount
GlobalFree
lstrcmpW
GetCurrentDirectoryW
Sleep
InterlockedDecrement
InterlockedIncrement
SetFilePointer
CreateFileW
GetTempFileNameW
GetTempPathW
CloseHandle
InterlockedExchange
FreeLibrary
GetVersionExW
MulDiv
lstrlenW
DeleteFileW
InitializeCriticalSection
GetCurrentThreadId
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcpyW
MultiByteToWideChar
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
FindResourceW
LoadResource
LockResource
SizeofResource
IsProcessorFeaturePresent

msvcr100

memmove_s
wcslen
memset
_wcslwr_s
memcpy_s
wcsnlen
wmemcpy_s
wcscspn
wcsspn
abort
toupper
__CxxFrameHandler3
_wcsicmp
wcscmp
vswprintf_s
_vscwprintf
wcschr
iswspace
wcsstr
_purecall
free
malloc
labs
ldiv
_wtoi
_wcsupr_s
calloc
sqrt
atan2
wcspbrk
wcsrchr
clock
memcpy
abs
cos
sin
floor
fabs
ceil
exp
_wsplitpath_s
wcscoll
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
iswalpha
iswalnum
iswprint
towupper
towlower
_wtol
memcmp
swscanf_s
_localtime64_s
_endthread
_beginthread
_wcsdup
strlen
_wmakepath_s
_time64
wcstod
_resetstkoflw
_recalloc
_errno
_snwprintf_s
wcstoul
wcscat_s
__argc
__wargv
_strnicmp
wcsncpy_s
swprintf_s
_itow_s
_ltow_s
_wcsnicmp
strnlen
_mktime64
_mbscmp
_snwscanf_s
_vsnwprintf_s
wcstol
realloc
_wfullpath
_get_osfhandle
_fileno
_open_osfhandle
_fdopen
__doserrno
fread
feof
ferror
clearerr_s
fwrite
fputws
fgetws
fseek
ftell
fflush
fclose
_ultow_s
strcpy_s
_endthreadex
_beginthreadex
_msize
_expand
_mbspbrk
_mbslwr_s
_mbsicmp
memmove
_mbsrev
_mbsicoll
_mbsstr
_ismbcspace
vsprintf_s
_mbschr
_mbsrchr
_mbscoll
_mbsspn
_wcsrev
_mbsupr_s
_mbsinc
_vscprintf
_mbscspn
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_CxxThrowException

user32

GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
SendDlgItemMessageW
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
SetActiveWindow
BeginPaint
EndPaint
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
OemToCharBuffA
CharToOemBuffA
EqualRect
GetSysColorBrush
SetClassLongW
IsWindow
GetParent
DrawIconEx
InflateRect
OffsetRect
SetRect
PtInRect
InvalidateRect
UpdateWindow
SetTimer
ScreenToClient
GetCursorPos
IsWindowVisible
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
CallWindowProcW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SetWindowLongW
MessageBoxW
GetWindowThreadProcessId
ShowOwnedPopups
UnregisterClassW
PostQuitMessage
DrawEdge
CharUpperBuffW
RegisterClipboardFormatW
GetActiveWindow
InsertMenuW
GetTabbedTextExtentW
ShowScrollBar
FrameRect
GetWindowRgn
ReleaseDC
GetDC
GetDoubleClickTime
GetWindowTextW
EnumChildWindows
InvertRect
HideCaret
SetMenuDefaultItem
GetMenuDefaultItem
GetScrollPos
EnableScrollBar
UpdateLayeredWindow
SetFocus
GetMessageW
GetLastActivePopup
SubtractRect
DrawFrameControl
GetMenuItemInfoW
CheckMenuItem
GetMenuState
SetWindowTextW
CharUpperW
MapVirtualKeyW
ToUnicodeEx
GetKeyboardState
CopyAcceleratorTableW
CreateAcceleratorTableW
DestroyCursor
IsClipboardFormatAvailable
GetClassLongW
GetSysColor
EnumDisplayMonitors
DestroyWindow
GetTopWindow
DestroyAcceleratorTable
NotifyWinEvent
SetWindowRgn
DeleteMenu
ModifyMenuW
IsZoomed
IsMenu
GetSystemMenu
GetNextDlgTabItem
EnableMenuItem
SetScrollPos
IntersectRect
CreatePopupMenu
AppendMenuW
EndDeferWindowPos
BeginDeferWindowPos
GetKeyState
LockWindowUpdate
SetWindowPos
UnionRect
GetUpdateRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetLayeredWindowAttributes
ValidateRect
SystemParametersInfoW
MonitorFromPoint
GetMonitorInfoW
DrawIcon
GetForegroundWindow
IsIconic
GetMenuItemID
GetMenuItemCount
GetWindow
DefWindowProcW
GetClassInfoW
PostThreadMessageW
GetSubMenu
LoadMenuW
DestroyMenu
GetSystemMetrics
TranslateAcceleratorW
LoadAcceleratorsW
GetCapture
DeferWindowPos
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
GetWindowTextLengthW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
InvalidateRgn
MoveWindow
IsWindowEnabled
CreateMenu
CopyImage
GetIconInfo
FillRect
LoadImageW
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
RedrawWindow
IsRectEmpty
GetDlgCtrlID
GetWindowDC
PostMessageW
DrawStateW

gdi32

Rectangle
GetStockObject
GetPaletteEntries
CreatePalette
RealizePalette
GetNearestPaletteIndex
GetSystemPaletteEntries
GetPixel
CreatePolygonRgn
PtInRegion
FrameRgn
CreateCompatibleBitmap
SetPixelV
BitBlt
GetRgnBox
CreateRectRgnIndirect
OffsetRgn
CreateDIBSection
SetPixel
Ellipse
GetBkColor
CreateFontIndirectW
GetDeviceCaps
GetTextCharsetInfo
EnumFontFamiliesW
CreatePen
CreatePatternBrush
CreateDIBitmap
SetPaletteEntries
ExtFloodFill
StartPage
EndPage
EndDoc
DeleteDC
GetCurrentObject
PatBlt
CreateRectRgn
CombineRgn
GetBoundsRect
FillRgn
SetRectRgn
CreateRoundRectRgn
EnumFontFamiliesExW
StretchBlt
SetDIBColorTable
CreateBitmap
SetBkColor
SelectPalette
GetDIBits
Polyline
ExtTextOutW
CreateHatchBrush
CreateEllipticRgn
RoundRect
StretchDIBits
CreateFontW
GetCharWidthW
LPtoDP
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
GetViewportOrgEx
PtVisible
RectVisible
TextOutW
Escape
GetClipBox
Polygon
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
GetTextColor
GetObjectType
SelectObject
DeleteObject
CreateCompatibleDC
CreateSolidBrush
GetObjectW
GetTextMetricsW
GetTextExtentPoint32W
GetTextAlign

shlwapi

PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
SHStrDupW
UrlUnescapeW

comctl32

ImageList_GetIcon
ImageList_GetImageCount
ImageList_DrawEx
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIconSize
ImageList_AddMasked

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
seal/1.bmp
seal/itemconfig.xml

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 96KB

.rsrc Size: 282KB - Virtual size: 281KB

be9da2191c5d4dda64a50a71ca738e0d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4cCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6dSigner

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 11KB - Virtual size: 11KB

.rodata Size: 512B - Virtual size: 64B

.bss Size: - Virtual size: 279KB

.edata Size: 17KB - Virtual size: 16KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 35KB - Virtual size: 35KB

9cafa0c733e0cae9197ea1d3b35bcf76

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:edCertificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4cCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:aeSigner

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 96KB

.rsrc
Size: 282KB - Virtual size: 281KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 11KB - Virtual size: 11KB

.rodata
Size: 512B - Virtual size: 64B

.bss
Size: - Virtual size: 279KB

.edata
Size: 17KB - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 35KB - Virtual size: 35KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae
Signer

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 720B

.rsrc
Size: 4KB - Virtual size: 3KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

d0:bb:d4:69:e4:91:ae:af:3b:5b:eb:de:ef:4f:c2:bc:44:fa:48:94
Signer

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 112KB - Virtual size: 110KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 432B

.reloc
Size: 8KB - Virtual size: 7KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

90:8c:7f:cb:ad:3c:7d:d6:ec:77:e7:76:5f:fe:e8:40:2e:d2:e8:12
Signer