C:\Users\circleci\project\_builds\vs-16-2019\xvclient\Release\libxvclient.pdb
Behavioral task
behavioral1
Sample
msimg32.dll
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
msimg32.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
rename_me.pdf
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral4
Sample
rename_me.pdf
Resource
win10v2004-20240802-en
windows10-2004-x64
7 signatures
150 seconds
Behavioral task
behavioral5
Sample
侵犯版權的照片和視頻證據 - 台灣電視公司 TTV.exe
Resource
win7-20240704-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral6
Sample
侵犯版權的照片和視頻證據 - 台灣電視公司 TTV.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
7 signatures
150 seconds
General
-
Target
3e38cf5ec0c70a163d1f49fc14a0d74debde7067f852ede160e8090feec529e8
-
Size
102.9MB
-
MD5
81f0252be7dd7ae43adffbc0319bcad2
-
SHA1
570dc7f1a417f56e1cf0d2d6cd1ae5a41f02c9a7
-
SHA256
3e38cf5ec0c70a163d1f49fc14a0d74debde7067f852ede160e8090feec529e8
-
SHA512
e105c4b1d6b33bf3131598743909ab7e1170d6cc805af1372da365c6691518ddd605345f4a44a9affd828fc043a4647f1746e315e149c18c128b7b62ab759463
-
SSDEEP
3145728:/9WmBuj5V9/97h+8ZYqk/t5YVuxflmaKameBjn9NghzrvuTaUV:ebmtzm8/BhqrvuTf
Malware Config
Signatures
Files
-
3e38cf5ec0c70a163d1f49fc14a0d74debde7067f852ede160e8090feec529e8.zip
-
msimg32.dll.dll windows:6 windows x86 arch:x86
a33923273a1fe81068d450fb4ecc633f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
WSAGetLastError
WSACleanup
shutdown
WSARecv
WSASetLastError
gethostname
ntohs
send
recv
WSASocketW
WSASend
WSAIoctl
WSAStartup
setsockopt
select
listen
getsockopt
getsockname
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
freeaddrinfo
getaddrinfo
ntohl
htons
htonl
WSAStringToAddressW
advapi32
RegCloseKey
RegisterEventSourceW
ReportEventW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
DeregisterEventSource
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
kernel32
IsValidCodePage
SetStdHandle
GetFileSizeEx
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetACP
GetDateFormatW
HeapAlloc
HeapFree
GetModuleFileNameW
ExitProcess
ReadFile
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapReAlloc
GetTimeZoneInformation
FindFirstFileExW
GetCommandLineA
GetCommandLineW
GetProcessHeap
HeapSize
WriteConsoleW
GetTimeFormatW
LocalFree
FormatMessageA
FormatMessageW
WideCharToMultiByte
GetLastError
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsGetValue
TlsFree
VerSetConditionMask
CloseHandle
SetLastError
CreateIoCompletionPort
GetQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
WaitForSingleObject
SleepEx
CreateEventW
SetWaitableTimer
WaitForMultipleObjects
QueueUserAPC
TerminateThread
TlsSetValue
VerifyVersionInfoA
MultiByteToWideChar
CreateWaitableTimerA
GetSystemTimeAsFileTime
Sleep
GetModuleHandleA
GetProcAddress
GetSystemTime
SystemTimeToFileTime
GetCurrentThreadId
SwitchToFiber
DeleteFiber
CreateFiber
FindClose
FindFirstFileW
FindNextFileW
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
ConvertFiberToThread
ConvertThreadToFiber
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetCurrentDirectoryW
CreateFileW
DeleteFileW
FlushFileBuffers
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
DeviceIoControl
MoveFileExW
AreFileApisANSI
FreeLibrary
LoadLibraryW
GetVersionExA
GetTickCount
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
SetConsoleCtrlHandler
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
InitOnceBeginInitialize
InitOnceComplete
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
QueryPerformanceFrequency
EncodePointer
DecodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
GetLocaleInfoEx
GetStringTypeW
InitializeSListHead
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
user32
GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation
Exports
Exports
AlphaBlend
??0IAresDnsDelegate@xc@@QAE@XZ
??0ICallbackHandler@xc@@QAE@XZ
??0IEventDelegate@xvca@xc@@QAE@XZ
??0IEvents@Analytics@xc@@QAE@XZ
??0IReceiver@Log@xc@@QAE@XZ
??0ISocketDelegate@xc@@QAE@XZ
??1CallbackHandler@xc@@UAE@XZ
??1IAresDnsDelegate@xc@@UAE@XZ
??1ICallbackHandler@xc@@UAE@XZ
??1IEventDelegate@xvca@xc@@UAE@XZ
??1IEvents@Analytics@xc@@UAE@XZ
??1IReceiver@Log@xc@@UAE@XZ
??1ISocketDelegate@xc@@UAE@XZ
??_7CallbackHandler@xc@@6BIEventDelegate@xvca@1@@
??_7CallbackHandler@xc@@6BIEvents@Analytics@1@@
??_7CallbackHandler@xc@@6BIReceiver@Log@1@@
??_7CallbackHandler@xc@@6BISocketDelegate@1@@
??_7IAresDnsDelegate@xc@@6B@
??_7ICallbackHandler@xc@@6BIEventDelegate@xvca@1@@
??_7ICallbackHandler@xc@@6BIEvents@Analytics@1@@
??_7ICallbackHandler@xc@@6BIReceiver@Log@1@@
??_7ICallbackHandler@xc@@6BISocketDelegate@1@@
??_7IEventDelegate@xvca@xc@@6B@
??_7IEvents@Analytics@xc@@6B@
??_7IReceiver@Log@xc@@6B@
??_7ISocketDelegate@xc@@6B@
?ActivationStateChanged@CallbackHandler@xc@@UBEXW4xc_activation_state@@W4xc_client_reason@@@Z
?AddAPIEvent@CallbackHandler@xc@@UAEXABW4APIRequestType@Analytics@2@ABW4xc_client_reason@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?AddAnalyticsEvent@CallbackHandler@xc@@UAEXABV?$FiniteString@$0BK@@Analytics@2@ABW4xc_client_reason@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?AddFilesystemEvent@CallbackHandler@xc@@UAEXABW4FilesystemEventType@Analytics@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
?AddXvcaAnalyticsEvent@CallbackHandler@xc@@UAEXABW4XvcaEventType@Analytics@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?AutoUpdateChanged@CallbackHandler@xc@@UBEXXZ
?ConnStatusChanged@CallbackHandler@xc@@UBEXXZ
?IconsChanged@CallbackHandler@xc@@UBEXXZ
?InAppMessagesChanged@CallbackHandler@xc@@UBEXXZ
?LatestAppChanged@CallbackHandler@xc@@UBEXXZ
?Log@CallbackHandler@xc@@UBEXW4xc_log_level@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?PostSocketCreate@CallbackHandler@xc@@UAE_NIW4xc_socket_type@@@Z
?PreSocketClose@CallbackHandler@xc@@UAE_NI@Z
?RefreshDone@CallbackHandler@xc@@UBEXXZ
?S_NullAnalyticsEvent@CallbackHandler@xc@@CAXPAXPBDW4xc_client_reason@@1@Z
?S_NullLog@CallbackHandler@xc@@CAXPAXW4xc_log_level@@PBD@Z
?S_NullPostSocketCreate@CallbackHandler@xc@@CA_NPAXIW4xc_socket_type@@@Z
?S_NullPreSocketClose@CallbackHandler@xc@@CA_NPAXI@Z
?S_NullXvcaEvent@CallbackHandler@xc@@CAXPAXPBD@Z
?SmartLocationChanged@CallbackHandler@xc@@UBEXXZ
?SubscriptionChanged@CallbackHandler@xc@@UBEXXZ
?VpnConnectionRecommendationsChanged@CallbackHandler@xc@@UBEXXZ
?VpnRootChanged@CallbackHandler@xc@@UBEXXZ
?XvcaEvent@CallbackHandler@xc@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?current_completion@custom_tracking@@SAPAPAUcompletion@1@XZ
xc_activation_request_delete
xc_activation_request_device_information_delete
xc_activation_request_device_information_new
xc_activation_request_device_information_set_bios_id
xc_activation_request_device_information_set_manufacturer
xc_activation_request_device_information_set_oem
xc_activation_request_device_information_set_platform
xc_activation_request_set_device_information
xc_activation_request_set_google_iap_purchase_token
xc_activation_request_set_iap_aware
xc_activation_request_set_idfa
xc_activation_request_set_installation_id_signature
xc_activation_request_set_receipt
xc_activation_request_set_referrer
xc_activation_request_set_search_ads_json
xc_activation_request_set_utm_campaign
xc_auto_update_delete
xc_auto_update_get_installer_size
xc_auto_update_get_installer_url
xc_auto_update_get_version
xc_client_activate
xc_client_cancel_activation
xc_client_cancel_support_ticket
xc_client_check_if_token_belongs_to_different_account
xc_client_copy_auto_update
xc_client_copy_credentials
xc_client_copy_diagnostics
xc_client_copy_favourites_list
xc_client_copy_in_app_message_list
xc_client_copy_info
xc_client_copy_last_known_non_vpn_conn_status
xc_client_copy_latest_app
xc_client_copy_recent_places_list
xc_client_copy_smart_location
xc_client_copy_subscription
xc_client_copy_vpn_root
xc_client_copy_vpn_root_full
xc_client_copy_xvca_info_json
xc_client_copy_xvca_mgr
xc_client_create_activation_request_code
xc_client_create_activation_request_free_trial
xc_client_create_activation_request_google_iap
xc_client_create_activation_request_magic_installer
xc_client_create_activation_request_magic_link
xc_client_create_activation_request_receipt
xc_client_create_activation_request_user_pass
xc_client_create_in_app_purchase_request
xc_client_create_tracking_event
xc_client_create_vpn_session
xc_client_create_web_sign_in_request
xc_client_delete
xc_client_fetch_conn_status
xc_client_fetch_credentials
xc_client_generate_speed_test_endpoints_for_all
xc_client_generate_speed_test_endpoints_for_continent
xc_client_generate_speed_test_endpoints_for_recommended
xc_client_generate_vpn_endpoints
xc_client_get_activation_state
xc_client_get_selected_vpn_protocol
xc_client_http_get_request
xc_client_in_app_purchase
xc_client_info_delete
xc_client_info_get_instances_last_refresh_time
xc_client_info_get_smart_location_algorithm_id
xc_client_info_get_smart_location_algorithm_version
xc_client_info_subscription_get_license_status
xc_client_info_subscription_get_status
xc_client_is_hacked
xc_client_iterate_places
xc_client_maybe_refresh
xc_client_network_changed
xc_client_new
xc_client_request_auto_update
xc_client_request_google_iap_obfuscated_account_id
xc_client_request_mfa_code
xc_client_reset_user_settings
xc_client_run
xc_client_send_set_password_email
xc_client_send_setup_devices_email
xc_client_send_tracking_event
xc_client_send_web_sign_in_request
xc_client_send_xvca_events
xc_client_set_email_address
xc_client_set_selected_vpn_protocol
xc_client_sign_in_with_web_token
xc_client_sign_out
xc_client_stop
xc_client_submit_speed_test_result
xc_client_submit_support_ticket
xc_client_update_google_iap_purchase_token
xc_client_update_in_app_purchase_receipt
xc_client_validate_mfa_code
xc_conn_status_delete
xc_conn_status_dup
xc_conn_status_get_asn
xc_conn_status_get_city
xc_conn_status_get_connection_type
xc_conn_status_get_country_code
xc_conn_status_get_ip
xc_conn_status_get_is_connected_to_vpn
xc_conn_status_get_isp
xc_conn_status_get_location_name
xc_conn_status_get_region
xc_continent_copy_country_list
xc_continent_delete
xc_continent_get_id
xc_continent_get_name
xc_continent_list_copy_item_at_index
xc_continent_list_delete
xc_continent_list_get_count
xc_country_copy_location_list
xc_country_delete
xc_country_dup
xc_country_get_code
xc_country_get_icon_path
xc_country_get_id
xc_country_get_name
xc_country_get_place_id
xc_country_list_copy_item_at_index
xc_country_list_delete
xc_country_list_get_count
xc_credentials_delete
xc_credentials_dup
xc_credentials_get_access_token
xc_free
xc_global_init
xc_global_user_agent
xc_in_app_message_delete
xc_in_app_message_get_button_text
xc_in_app_message_get_button_url
xc_in_app_message_get_id
xc_in_app_message_get_message
xc_in_app_message_list_copy_item_at_index
xc_in_app_message_list_delete
xc_in_app_message_list_get_count
xc_in_app_purchase_request_delete
xc_in_app_purchase_request_set_referrer
xc_in_app_purchase_request_set_utm_campaign
xc_in_app_purchase_request_set_utm_content
xc_in_app_purchase_request_set_utm_medium
xc_in_app_purchase_request_set_utm_source
xc_in_app_purchase_request_set_utm_term
xc_latest_app_delete
xc_latest_app_get_version_string
xc_latest_app_get_website_url
xc_location_delete
xc_location_dup
xc_location_get_icon_path
xc_location_get_id
xc_location_get_name
xc_location_get_place_id
xc_location_list_copy_item_at_index
xc_location_list_delete
xc_location_list_get_count
xc_network_type_to_string
xc_place_list_add_place
xc_place_list_contains_place
xc_place_list_delete
xc_place_list_remove_place
xc_speed_test_endpoint_delete
xc_speed_test_endpoint_get_ip
xc_speed_test_endpoint_get_location_id
xc_speed_test_endpoint_list_copy_item_at_index
xc_speed_test_endpoint_list_delete
xc_speed_test_endpoint_list_get_count
xc_subscription_current_payment_method
xc_subscription_delete
xc_subscription_get_billing_cycle
xc_subscription_get_experiment_value
xc_subscription_get_experiments
xc_subscription_get_expiration_time
xc_subscription_get_free_trial_status
xc_subscription_get_is_auto_bill
xc_subscription_get_is_business
xc_subscription_get_is_renewable
xc_subscription_get_is_satisfied
xc_subscription_get_play_store_obfuscated_id
xc_subscription_get_play_store_sku_at_index
xc_subscription_get_play_store_sku_list_size
xc_subscription_get_referral_dashboard_url
xc_subscription_get_referral_url
xc_subscription_get_subscription_id
xc_subscription_get_website_url
xc_subscription_is_email_address_set
xc_subscription_is_last_auto_bill_failure
xc_subscription_is_password_set
xc_subscription_is_using_in_app_purchase
xc_subscription_last_in_app_purchase_transaction_id
xc_subscription_original_in_app_purchase_transaction_id
xc_tracking_event_delete
xc_tracking_event_set_apple_search_ads_content
xc_tracking_event_set_deeplink_url
xc_tracking_event_set_device_model
xc_tracking_event_set_event_time
xc_tracking_event_set_install_time
xc_tracking_event_set_lat
xc_tracking_event_set_os_locale
xc_tracking_event_set_rdid
xc_tracking_event_set_referrer
xc_tracking_event_set_user_agent
xc_vpn_endpoint_are_equal
xc_vpn_endpoint_copy_config
xc_vpn_endpoint_copy_credentials
xc_vpn_endpoint_copy_description
xc_vpn_endpoint_copy_option
xc_vpn_endpoint_copy_shared_secret
xc_vpn_endpoint_credentials_delete
xc_vpn_endpoint_credentials_get_password
xc_vpn_endpoint_credentials_get_username
xc_vpn_endpoint_delete
xc_vpn_endpoint_get_host
xc_vpn_endpoint_get_ip
xc_vpn_endpoint_get_location_name
xc_vpn_endpoint_get_obfs_method_name
xc_vpn_endpoint_get_port
xc_vpn_endpoint_get_protocol
xc_vpn_endpoint_hash_code
xc_vpn_endpoint_list_copy_item_at_index
xc_vpn_endpoint_list_delete
xc_vpn_endpoint_list_get_count
xc_vpn_root_copy_continent_list
xc_vpn_root_copy_recommended_list
xc_vpn_root_delete
xc_vpn_session_delete
xc_vpn_session_disconnected
xc_vpn_session_heartbeat
xc_vpn_session_request_permission_to_connect
xc_web_sign_in_request_delete
xc_web_sign_in_request_set_device_name
xc_web_sign_in_request_set_os_name
xc_web_sign_in_request_set_os_version
xc_web_sign_in_token_delete
xc_xvca_manager_set_split_tunneling_applications
xc_xvca_mgr_accd_test_cancel
xc_xvca_mgr_accd_test_start
xc_xvca_mgr_begin_attempt
xc_xvca_mgr_begin_connection
xc_xvca_mgr_begin_session
xc_xvca_mgr_copy_current_attempt_id
xc_xvca_mgr_copy_current_connection_id
xc_xvca_mgr_copy_current_session_id
xc_xvca_mgr_delete
xc_xvca_mgr_end_attempt
xc_xvca_mgr_end_connection
xc_xvca_mgr_end_session
xc_xvca_mgr_init
xc_xvca_mgr_send_xvca_events
xc_xvca_mgr_set_battery_charge_percentage
xc_xvca_mgr_set_battery_optimisation_enabled
xc_xvca_mgr_set_device_idle_state
xc_xvca_mgr_set_dns_config_method
xc_xvca_mgr_set_enabled
xc_xvca_mgr_set_experiment_name
xc_xvca_mgr_set_network_lock_state
xc_xvca_mgr_set_network_reachability_state
xc_xvca_mgr_set_split_tunneling_mode
xvclient_version
Sections
.text Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 208KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 891KB - Virtual size: 891KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
rename_me.rename_me.pdf
-
侵犯版權的照片和視頻證據 - 台灣電視公司 TTV.exe.exe windows:5 windows x86 arch:x86
e456fbce099e309bfeaff191fcf3b1ee
Code Sign
48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before15-06-2016 00:00Not After15-06-2024 00:00SubjectCN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
6a:e1:85:c2:92:81:e4:14:ea:62:0e:1dCertificate
IssuerCN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BENot Before13-11-2017 16:48Not After13-02-2021 16:48SubjectCN=Haihaisoft Limited,O=Haihaisoft Limited,L=Hong Kong,ST=Hong Kong,C=HK,1.2.840.113549.1.9.1=#0c156a6f7365706840686169686169736f66742e636f6dExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
40:cb:42:89:5c:3e:74:94:26:97:ad:2fCertificate
IssuerCN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BENot Before24-01-2017 10:00Not After24-02-2028 10:00SubjectCN=GlobalSign TSA for Advanced - G3 - 001-02,O=GMO GlobalSign K.K.,C=JPExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
04:00:00:00:00:01:31:89:c6:50:04Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before02-08-2011 10:00Not After29-03-2029 10:00SubjectCN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageCertSign
KeyUsageCRLSign
04:00:00:00:00:01:21:58:53:08:a2Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before18-03-2009 10:00Not After18-03-2029 10:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7Signer
Actual PE Digest20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
m:\sumatrapdf\hpreader-windows-standard\hpreader\Release\hpreader.pdb
Imports
wininet
HttpOpenRequestW
HttpQueryInfoW
InternetConnectW
FtpCommandA
FtpFindFirstFileA
HttpEndRequestW
InternetWriteFile
HttpSendRequestExA
InternetQueryOptionW
HttpSendRequestA
InternetGetCookieA
InternetGetLastResponseInfoW
InternetConnectA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetSetOptionW
InternetOpenA
InternetCreateUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetReadFile
InternetOpenUrlW
HttpOpenRequestA
InternetOpenW
gdiplus
GdipGetImageWidth
GdipInvertMatrix
GdipCloneImage
GdipDeleteMatrix
GdipSaveImageToFile
GdipTransformMatrixPoints
GdipCreateHBITMAPFromBitmap
GdipGetImageEncoders
GdipRotateMatrix
GdipDisposeImage
GdipGetImageEncodersSize
GdipTranslateMatrix
GdipDrawImageI
GdipGetImageVerticalResolution
GdipSetWorldTransform
GdipSetClipRectI
GdipCreateMatrix
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipScaleMatrix
GdipCloneBitmapAreaI
GdipGetImageHorizontalResolution
GdipCreateBitmapFromStreamICM
GdipFillEllipseI
GdipCreatePen1
GdipDrawLineI
GdipFillRectangleI
GdipSetCompositingQuality
GdipCreateFromHDC
GdipSetPageUnit
GdipAlloc
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCloneBrush
GdipDeletePen
GdipFree
GdiplusShutdown
GdipDeleteBrush
GdipSetPenDashOffset
GdipSetPenLineJoin
GdipSetPixelOffsetMode
GdipCreatePath
GdipCloneFontFamily
GdipRestoreGraphics
GdipBitmapLockBits
GdipStringFormatGetGenericTypographic
GdipSetInterpolationMode
GdipGetCellAscent
GdipFillPath
GdipCreateFontFamilyFromName
GdipCreateRegion
GdipDeletePrivateFontCollection
GdipFillRectangle
GdipTranslateWorldTransform
GdipSetCompositingMode
GdipGetWorldTransform
GdipNewPrivateFontCollection
GdipDrawString
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipClonePath
GdipDeleteRegion
GdipTransformPath
GdipGetClipBoundsI
GdipDeletePath
GdipCreateRegionPath
GdipCreateFont
GdipCreateMatrix2
GdipSaveGraphics
GdiplusStartup
GdipDisposeImageAttributes
GdipBitmapUnlockBits
GdipIsStyleAvailable
GdipSetClipRegion
GdipGetFontCollectionFamilyList
GdipCreatePath2
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRectI
GdipGetEmHeight
GdipAddPathPath
GdipFillPolygon
GdipPrivateAddFontFile
GdipGetFamilyName
GdipDrawImagePointsRect
GdipSetTextRenderingHint
GdipSetPageScale
GdipDrawPath
GdipGetClip
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipGetDpiY
GdipSetPenDashArray
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipGetFontCollectionFamilyCount
GdipGetMatrixElements
GdipTransformRegion
GdipCreateRegionRectI
GdipGetRegionBounds
GdipSetPenLineCap197819
GdipWidenPath
GdipCreatePen2
GdipDeleteFontFamily
GdipSetPenMiterLimit
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
kernel32
WaitForMultipleObjects
QueryPerformanceCounter
SetThreadExecutionState
QueryPerformanceFrequency
GetSystemTime
GetTickCount
CreateFileA
GetFileSize
SetFilePointer
ReadFile
LocalFree
FormatMessageW
SetLastError
GetVersionExA
GetModuleHandleW
lstrcmpW
LoadLibraryA
CompareStringW
GlobalFindAtomW
FreeResource
GetModuleFileNameW
MoveFileW
GetThreadLocale
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
InterlockedExchange
CompareStringA
LoadLibraryExW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
WritePrivateProfileStringW
ResetEvent
GlobalGetAtomNameW
RaiseException
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrlenA
GlobalFlags
SetErrorMode
GetSystemDirectoryW
GetStartupInfoW
HeapAlloc
HeapFree
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetDriveTypeW
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
HeapSize
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetFileAttributesA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateProcessA
GetProcessHeap
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
GetDriveTypeA
GetFullPathNameA
GetLongPathNameW
AllocConsole
CreateProcessW
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetVersion
InterlockedCompareExchange
CreateDirectoryA
FindFirstFileA
FindNextFileA
DeleteFileA
IsDBCSLeadByte
SetFileAttributesA
DeviceIoControl
lstrcpynW
GetWindowsDirectoryW
GetOverlappedResult
ReadDirectoryChangesW
ResumeThread
SuspendThread
GetCurrentProcessId
Module32NextW
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
GetSystemInfo
Module32FirstW
GlobalMemoryStatusEx
OpenThread
CreateFileW
Thread32Next
GetVersionExW
Thread32First
FormatMessageA
GetCurrentThread
SetEvent
SetUnhandledExceptionFilter
VirtualQuery
GetLocaleInfoA
GetThreadContext
GetLogicalDrives
GetShortPathNameW
GetTempPathW
GetExitCodeProcess
GetTempFileNameW
GetEnvironmentVariableW
GetUserDefaultUILanguage
GetTimeFormatW
GetLocaleInfoW
GetDateFormatW
DeleteCriticalSection
CreateEventW
EnterCriticalSection
GetPrivateProfileIntW
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileStringW
GetSystemTimeAsFileTime
GetCommandLineW
GlobalAddAtomW
GlobalDeleteAtom
GlobalUnlock
WaitForSingleObject
GetProfileStringW
GlobalLock
InterlockedIncrement
MulDiv
InterlockedDecrement
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
lstrcatW
lstrcpyW
QueryDosDeviceW
lstrcmpiW
GetLogicalDriveStringsW
GlobalFree
GlobalAlloc
TerminateProcess
OpenProcess
TerminateThread
GetACP
WideCharToMultiByte
SetFileAttributesW
CreateDirectoryW
FileTimeToSystemTime
lstrlenW
Sleep
SystemTimeToFileTime
GetLocalTime
FindClose
DeleteFileW
FindResourceW
LoadResource
LockResource
SizeofResource
FindNextFileW
FindFirstFileW
Process32NextW
Process32FirstW
GetLastError
CreateToolhelp32Snapshot
CreateThread
MultiByteToWideChar
CloseHandle
MoveFileA
user32
SetWindowTextW
IsWindowEnabled
GetWindowThreadProcessId
CharUpperW
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
ValidateRect
TranslateMessage
GetMessageW
ShowOwnedPopups
LoadMenuW
TranslateAcceleratorW
BringWindowToTop
SetRectEmpty
InsertMenuItemW
LoadAcceleratorsW
InflateRect
GetSysColorBrush
GetMenuItemInfoW
UnregisterClassW
CharNextW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
PostThreadMessageW
MonitorFromWindow
OemToCharA
CharToOemA
CharLowerA
CharUpperA
CharToOemBuffW
OemToCharBuffA
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetDlgCtrlID
CopyRect
PtInRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemCount
GetSubMenu
IsCharAlphaNumericW
wsprintfA
GetMonitorInfoW
MonitorFromRect
FindWindowExW
LoadImageW
GetNextDlgGroupItem
ClientToScreen
SetWindowRgn
DrawFocusRect
OffsetRect
DrawEdge
WindowFromPoint
HideCaret
ShowCaret
SetClassLongW
PostQuitMessage
IsZoomed
IsDialogMessageW
TrackMouseEvent
IsCharUpperW
CharLowerW
GetForegroundWindow
GetScrollInfo
LoadBitmapW
ShowScrollBar
GetCursor
IsWindowVisible
UnregisterHotKey
SetScrollInfo
GetScrollPos
DialogBoxIndirectParamW
DialogBoxParamW
EndDialog
SendDlgItemMessageW
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetDlgItemTextW
SetActiveWindow
CloseClipboard
SetCapture
GetCapture
EmptyClipboard
OpenClipboard
ReleaseCapture
SetClipboardData
PostMessageW
ReuseDDElParam
MessageBeep
UnpackDDElParam
GetDlgItem
EndPaint
SetCursor
ScreenToClient
DrawTextW
BeginPaint
GetDC
ReleaseDC
GetSysColor
SetWindowPos
GetCursorPos
DrawFrameControl
GetMenuItemID
GetParent
ModifyMenuW
CheckMenuRadioItem
SetMenu
InsertMenuW
CheckMenuItem
GetMenu
DrawIcon
GetSystemMetrics
IsIconic
FillRect
wsprintfW
MoveWindow
SetParent
IsWindow
FindWindowW
DestroyWindow
GetWindowRect
TrackPopupMenu
SetForegroundWindow
CreateMenu
SetFocus
GetWindowLongW
AppendMenuW
EnableMenuItem
SetWindowLongW
RedrawWindow
CreatePopupMenu
RemoveMenu
MapWindowPoints
DestroyMenu
SetMenuItemInfoW
CallWindowProcW
GetMessagePos
RegisterClassExW
LoadIconW
CreateWindowExW
UpdateWindow
DefWindowProcW
EnableWindow
InvalidateRect
KillTimer
GetFocus
SetTimer
RegisterHotKey
ShowWindow
SystemParametersInfoW
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendMessageW
LoadCursorW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
GetKeyState
GetClassInfoExW
MessageBoxW
gdi32
GetObjectW
BitBlt
GetPixel
CreateRectRgn
CombineRgn
CreateDIBitmap
GetClipBox
SaveDC
RestoreDC
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateCompatibleBitmap
ScaleWindowExtEx
LineTo
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
Rectangle
StretchBlt
GetDIBits
SelectClipRgn
SetDIBits
CreateCompatibleDC
ExcludeClipRect
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
CreateRoundRectRgn
CreatePen
RoundRect
GetStockObject
EndPage
StartPage
DeleteDC
CreateDCW
SetMapMode
StartDocW
EndDoc
AbortDoc
SetTextColor
CreateFontIndirectW
GetDeviceCaps
SetBkColor
SetBkMode
SelectObject
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W
CreateFontW
SetWindowExtEx
FloodFill
MoveToEx
msimg32
AlphaBlend
comdlg32
GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgExW
GetFileTitleW
winspool.drv
DocumentPropertiesW
OpenPrinterW
ord203
ClosePrinter
advapi32
RegOpenKeyExW
SetFileSecurityA
SetFileSecurityW
RegQueryValueExW
RegDeleteValueW
RegQueryValueExA
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetValueExW
RegCreateKeyExW
shell32
SHGetFileInfoW
SHChangeNotify
SHAddToRecentDocs
DragQueryFileW
DragFinish
SHGetFolderPathW
SHGetDesktopFolder
ShellExecuteExW
SHBindToParent
DragAcceptFiles
SHGetSpecialFolderPathW
ShellExecuteW
comctl32
InitCommonControlsEx
CreatePropertySheetPageW
_TrackMouseEvent
ImageList_Draw
shlwapi
StrStrW
StrRStrIW
StrStrIW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
SHDeleteKeyW
PathAppendW
SHSetValueW
PathIsRelativeW
oledlg
OleUIBusyW
ole32
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize
oleaut32
SysStringLen
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
VariantChangeType
VariantCopy
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysFreeString
psapi
EnumProcesses
GetProcessImageFileNameW
ws2_32
closesocket
recv
gethostname
gethostbyname
WSAStartup
socket
htons
bind
listen
WSAGetLastError
accept
send
connect
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.7MB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 399KB - Virtual size: 496KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 187KB - Virtual size: 186KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ