df5a354da2be38f3aaf48f40da0a4051_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df5a354da2be38f3aaf48f40da0a4051_JaffaCakes118
Size

5.0MB
MD5

df5a354da2be38f3aaf48f40da0a4051
SHA1

8a8a791c09d3e6d62f8d2633e3c27edb46379aa4
SHA256

d9a93c70ae29e658636cae82e321059814739106a198106c0cfaec614936615b
SHA512

ca3dbe450aaf62b78303b3efb1e2fc6365ee9b3ab5f146fa51b4c062a32ea9f29eeab1c50acd07ddad89a9b32b88567d230f94291ff33e1b4644084786a6c51f
SSDEEP

98304:IVV14RGu8ANXmWRBXHilG+vmf0b+QtgbHkAdZMte56ZM6NyEwrEhby5x:IVhpA9rCl11gbHxdZMjt5wrE5Yx

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/SkinSE.dll	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/SkinSE.dll	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
df5a354da2be38f3aaf48f40da0a4051_JaffaCakes118
unpack001/BugReport.exe
unpack001/KillProcess.exe
unpack001/OnlineUpdate.exe
unpack004/$PLUGINSDIR/KillProcDLL.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

df5a354da2be38f3aaf48f40da0a4051_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/9158chat.zip
.zip
skin/Thumbs.db
skin/button_disable.bmp
skin/button_disable.png
.png
skin/button_down.bmp
skin/button_down.png
.png
skin/button_focus.png
.png
skin/button_hot.bmp
skin/button_hot.png
.png
skin/button_normal.png
.png
skin/checkbox_hot.png
.png
skin/checkbox_hot_select.png
.png
skin/checkbox_nor.png
.png
skin/checkbox_nor_select.png
.png
skin/combobox_down.bmp
skin/combobox_hot.bmp
skin/combobox_normal.bmp
skin/frame_btn_close_disable.bmp
skin/frame_btn_close_down.png
.png
skin/frame_btn_close_hot.png
.png
skin/frame_btn_close_normal.png
.png
skin/frame_btn_max_disable.bmp
skin/frame_btn_max_down.bmp
skin/frame_btn_max_hot.bmp
skin/frame_btn_max_normal.bmp
skin/frame_btn_min_disable.bmp
skin/frame_btn_min_down.bmp
skin/frame_btn_min_hot.bmp
skin/frame_btn_min_normal.bmp
skin/frame_btn_restore_disable.bmp
skin/frame_btn_restore_down.bmp
skin/frame_btn_restore_hot.bmp
skin/frame_btn_restore_normal.bmp
skin/headerctrl_Sperator.bmp
skin/headerctrl_down.bmp
skin/headerctrl_hot.bmp
skin/headerctrl_normal.bmp
skin/img/Thumbs.db
skin/img/btn9158.bmp
skin/img/icon.ico
skin/img/icon1.bmp
skin/img/icon2.bmp
skin/img/left.bmp
skin/img/loading.gif
.gif
skin/img/loading1.gif
.gif
skin/img/right.bmp
skin/listctrl_item_select.bmp
skin/menu_bar_back.bmp
skin/menu_bar_down.bmp
skin/menu_item_background.bmp
skin/menu_item_hot.bmp
skin/menu_item_pup.bmp
skin/menu_item_seperator.bmp
skin/menubtn_close.bmp
skin/menubtn_min.bmp
skin/menubtn_store.bmp
skin/radiobtn_hot.bmp
skin/radiobtn_hot_select.bmp
skin/radiobtn_nor.bmp
skin/radiobtn_nor_select.bmp
skin/scroll.bmp
skin/scroll~.bmp
skin/set_clider_channel_active.bmp
skin/set_clider_channel_normal.bmp
skin/set_slider_thumb_down.bmp
skin/set_slider_thumb_hot.bmp
skin/set_slider_thumb_normal.bmp
skin/sizelogo.bmp
skin/spin_bottom_disable.bmp
skin/spin_bottom_down.bmp
skin/spin_bottom_normal.bmp
skin/spin_bottom_over.bmp
skin/spin_left_disable.bmp
skin/spin_left_down.bmp
skin/spin_left_normal.bmp
skin/spin_left_over.bmp
skin/spin_lower_down.bmp
skin/spin_lower_hot.bmp
skin/spin_lower_normal.bmp
skin/spin_right_disable.bmp
skin/spin_right_down.bmp
skin/spin_right_normal.bmp
skin/spin_right_over.bmp
skin/spin_top_disable.bmp
skin/spin_top_down.bmp
skin/spin_top_normal.bmp
skin/spin_top_over.bmp
skin/spin_upper_down.bmp
skin/spin_upper_hot.bmp
skin/spin_upper_normal.bmp
skin/standard_progress_active.bmp
skin/standard_progress_active.png
.png
skin/standard_progress_active_v.bmp
skin/standard_progress_normal.bmp
skin/standard_progress_normal_v.bmp
skin/statusbar_back.bmp
skin/statusbar_backv.bmp
skin/tab_bottom_checked.bmp
skin/tab_bottom_normal.bmp
skin/tab_left_checked.bmp
skin/tab_left_normal.bmp
skin/tab_right_checked.bmp
skin/tab_right_normal.bmp
skin/tab_top_checked.bmp
skin/tab_top_normal.bmp
skin/toolbar_btn_down.bmp
skin/toolbar_btn_hot.bmp
skin/toolbar_drop.bmp
skin/toolbar_dropv.bmp
skin/toolbar_seperator.bmp
skin/toolbar_seperatorv.bmp
skin/windowBk.png
.png
skinse.xml
$PLUGINSDIR/SkinSE.dll
.dll windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

50:23:a2:22:db:4d:97:b9:a7:9e:af:90:e0:06:d8:b3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

22/02/2013, 00:00

Not After

22/02/2016, 23:59

Subject

CN=Hangzhou hantang culture communication co ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Hangzhou hantang culture communication co ltd,L=Hangzhou,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:6d:e5:16:fa:a2:e2:18:6a:76:f9:3f:70:36:ae:18:56:8d:78:b2
Signer

Actual PE Digest

18:6d:e5:16:fa:a2:e2:18:6a:76:f9:3f:70:36:ae:18:56:8d:78:b2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z
InstallSkinSE
SkinSE_Button_SetCursor
SkinSE_Button_SetFont
SkinSE_Button_SetFontEx
SkinSE_Button_SetToolTipText
SkinSE_Check_SetCursor
SkinSE_Check_SetFont
SkinSE_Check_SetFontEx
SkinSE_Check_SetToolTipText
SkinSE_ComboBox_SetFont
SkinSE_ComboBox_SetTextColor
SkinSE_DirectUI_SetDrawItemEventItemSubItemImage
SkinSE_DirectUI_SetDrawItemEventItemSubItemPlayAnimate
SkinSE_DirectUI_SetDrawItemEventItemSubItemValue
SkinSE_DirectUI_SetDrawItemEventItemSubItemVisible
SkinSE_DirectUI_SetDrawItemSubItemImage
SkinSE_DirectUI_SetDrawItemSubItemPlayAnimate
SkinSE_DirectUI_SetDrawItemSubItemValue
SkinSE_DirectUI_SetDrawItemSubItemVisible
SkinSE_DirectUI_SetEventItemSubItemImage
SkinSE_DirectUI_SetEventItemSubItemPlayAnimate
SkinSE_DirectUI_SetEventItemSubItemValue
SkinSE_DirectUI_SetEventItemSubItemVisible
SkinSE_DirectUI_SetSubItemImage
SkinSE_DirectUI_SetSubItemPlayAnimate
SkinSE_DirectUI_SetSubItemValue
SkinSE_DirectUI_SetSubItemVisible
SkinSE_Edit_SetBackgroundColor
SkinSE_Edit_SetFont
SkinSE_Edit_SetFontEx
SkinSE_Edit_SetTextColor
SkinSE_EnableHookSkin
SkinSE_EnableTitleMenuBar
SkinSE_GetLastError
SkinSE_GroupBox_SetBorderColor
SkinSE_GroupBox_SetFont
SkinSE_GroupBox_SetFontEx
SkinSE_GroupBox_SetLogoImage
SkinSE_GroupBox_SetLogoImageEx
SkinSE_GroupBox_SetRoundRgn
SkinSE_GroupBox_SetTextColor
SkinSE_HeaderCtrl_CreateItemProgressCtrl
SkinSE_HeaderCtrl_GetItemProgressPos
SkinSE_HeaderCtrl_SetDrawItemEventItemImage
SkinSE_HeaderCtrl_SetDrawItemEventItemValue
SkinSE_HeaderCtrl_SetDrawItemEventItemVisible
SkinSE_HeaderCtrl_SetDrawItemSkin
SkinSE_HeaderCtrl_SetDrawItemSubItemImage
SkinSE_HeaderCtrl_SetDrawItemSubItemValue
SkinSE_HeaderCtrl_SetDrawItemSubItemVisible
SkinSE_HeaderCtrl_SetItemProgressPos
SkinSE_HeaderCtrl_SetItemProgressRange
SkinSE_Init
SkinSE_ListBox_CreateItemProgressCtrl
SkinSE_ListBox_GetItemProgressPos
SkinSE_ListBox_SetBackTransparent
SkinSE_ListBox_SetDrawItemEventItemImage
SkinSE_ListBox_SetDrawItemEventItemValue
SkinSE_ListBox_SetDrawItemEventItemVisible
SkinSE_ListBox_SetDrawItemSkin
SkinSE_ListBox_SetDrawItemSubItemImage
SkinSE_ListBox_SetDrawItemSubItemValue
SkinSE_ListBox_SetDrawItemSubItemVisible
SkinSE_ListBox_SetImageList
SkinSE_ListBox_SetImageListIndex
SkinSE_ListBox_SetItemProgressPos
SkinSE_ListBox_SetItemProgressRange
SkinSE_ListCtrl_CreateItemProgressCtrl
SkinSE_ListCtrl_GetItemProgressPos
SkinSE_ListCtrl_SetDrawItemEventItemImage
SkinSE_ListCtrl_SetDrawItemEventItemValue
SkinSE_ListCtrl_SetDrawItemEventItemVisible
SkinSE_ListCtrl_SetDrawItemSkin
SkinSE_ListCtrl_SetDrawItemSubItemImage
SkinSE_ListCtrl_SetDrawItemSubItemValue
SkinSE_ListCtrl_SetDrawItemSubItemVisible
SkinSE_ListCtrl_SetImageList
SkinSE_ListCtrl_SetImageListIndex
SkinSE_ListCtrl_SetItemProgressPos
SkinSE_ListCtrl_SetItemProgressRange
SkinSE_LoadSkinResourceFromFolder
SkinSE_LoadSkinResourceFromRes
SkinSE_LoadSkinResourceFromZIP
SkinSE_Menu_EnableSkin
SkinSE_Menu_GetImageItemCount
SkinSE_Menu_RemoveItem
SkinSE_Menu_SetCurrentSkin
SkinSE_Menu_SetItemImage
SkinSE_Radio_SetCursor
SkinSE_Radio_SetFont
SkinSE_Radio_SetFontEx
SkinSE_Radio_SetToolTipText
SkinSE_RefreshAllControls
SkinSE_RemoveLayoutPos
SkinSE_SetBitmapHSB
SkinSE_SetColorHSB
SkinSE_SetHSB
SkinSE_SetKey
SkinSE_SetLayoutMainFrame
SkinSE_SetLayoutWindowPos
SkinSE_SetScrollBarSkin
SkinSE_Static_SetCursor
SkinSE_Static_SetFont
SkinSE_Static_SetFontEx
SkinSE_Static_SetTextColor
SkinSE_Static_SetToolTipText
SkinSE_SubclassWindow
SkinSE_TabCtrl_SetFont
SkinSE_TabCtrl_SetFontEx
SkinSE_TabCtrl_SetItemImage
SkinSE_TabCtrl_SetItemImageEx
SkinSE_TreeCtrl_CreateItemProgressCtrl
SkinSE_TreeCtrl_GetItemProgressPos
SkinSE_TreeCtrl_SetBackTransparent
SkinSE_TreeCtrl_SetDrawItemEventItemImage
SkinSE_TreeCtrl_SetDrawItemEventItemValue
SkinSE_TreeCtrl_SetDrawItemEventItemVisible
SkinSE_TreeCtrl_SetDrawItemSkin
SkinSE_TreeCtrl_SetDrawItemSubItemImage
SkinSE_TreeCtrl_SetDrawItemSubItemValue
SkinSE_TreeCtrl_SetDrawItemSubItemVisible
SkinSE_TreeCtrl_SetImageList
SkinSE_TreeCtrl_SetImageListIndex
SkinSE_TreeCtrl_SetItemProgressPos
SkinSE_TreeCtrl_SetItemProgressRange
SkinSE_UI_DrawBack
SkinSE_UI_GetBitmapHandle
SkinSE_UI_GetFont
SkinSE_UI_GetResourceItem
SkinSE_UnsubclassWindow
UnstallSkinSE

Sections

UPX0
Size: - Virtual size: 628KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/btn.bmp
$PLUGINSDIR/icon1.bmp
$PLUGINSDIR/left.bmp
$PLUGINSDIR/loading.gif
.gif
1vs1AVModule.xml
.xml
1vs1BAVModule.xml
.xml
1vs1SAVModule.xml
.xml
9158.exe
.exe windows:4 windows x86 arch:x86

358ab9a7300cd53b64442a050c793e4b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c2:49:3b:c3:49:c7:ae:8e:d6:3a:d5:22:bb:14:1f:4d:cf:56:75:23
Signer

Actual PE Digest

c2:49:3b:c3:49:c7:ae:8e:d6:3a:d5:22:bb:14:1f:4d:cf:56:75:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetGetConnectedState
InternetOpenUrlA

mvuilib

?SetTextColor@CBaseEdit@@QAEXKK@Z
?OnLButtonDown@CUIDlgTemplate@@IAEXIVCPoint@@@Z
?OnLButtonUp@CUIDlgTemplate@@IAEXIVCPoint@@@Z
?SetColorFrame@CSkinComboBox@@QAEXK@Z
?SetTransParent@CUIButtonTemplate@@QAEXH@Z
?OnInitDialog@CUIDlgTemplate@@MAEHXZ
?SetIsRgn@CUIDlgTemplate@@QAEX_N@Z
?GetBitmapWidth@CAppSysOperation@@QAEHXZ
?GetBitmapHeight@CAppSysOperation@@QAEHXZ
?SetShowText@CBaseEditEx@@QAEXVCString@@@Z
?SetShowText@CSkinComboBox@@QAEXVCString@@@Z
?SetTextColor@CSkinComboBox@@QAEXKK@Z
?messageMap@CUIDlgTemplate@@1UAFX_MSGMAP@@B
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??0CBaseEditEx@@QAE@XZ
??0CSkinComboBox@@QAE@XZ
??1CUIDlgTemplate@@UAE@XZ
??1CBaseEditEx@@UAE@XZ
??1CSkinComboBox@@UAE@XZ
?PaintBackGround@CUIDlgTemplate@@MAEHPAVCDC@@@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?GetPictureExEx@CSkinConfContext@@QAEPAXPBDH@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
?SetBackColor@CMenuEx@@QAEXK@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?SetFontColor@CColorStatic@@QAEXK@Z
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
?NeedShowHandCursor@CUIStaticTemplate@@QAEXH@Z
?SetToolTipText@CUINoRegularButtonTemplate@@QAEXPBD@Z
??0CUIListCtrlButtonEx@@QAE@XZ
??1CUIListCtrlButtonEx@@UAE@XZ
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?DrawItem@CUIListCtrlBaseTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?PreSubclassWindow@CUIListCtrlBaseTemplate@@MAEXXZ
?GetMessageMap@CUIListCtrlEx@@MBEPBUAFX_MSGMAP@@XZ
??1CUIListCtrlEx@@UAE@XZ
??0CUIListCtrlEx@@QAE@XZ
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
??0CUIButtonTemplate@@QAE@XZ
??1CUIButtonTemplate@@UAE@XZ
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
??1CColorStatic@@UAE@XZ
??1CUIStaticTemplate@@UAE@XZ
??0CColorStatic@@QAE@XZ
??0CUIStaticTemplate@@QAE@XZ
?SetBold@CUIStaticTemplate@@QAEX_N@Z
?SetBold@CColorStatic@@QAEX_N@Z
?SetColor@CColorStatic@@QAEXKKK@Z
??1CUINoRegularButtonTemplate@@UAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?LoadSkin@CAppSysOperation@@UAEHPAX@Z
?FitBitmapSize@CAppSysOperation@@UAEXXZ
??1CMenuEx@@UAE@XZ
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
??0CMenuEx@@QAE@XZ
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
??1CMemDC@@UAE@XZ
??0CMemDC@@QAE@PAVCDC@@AAVCRect@@@Z
??1CCustomDlg@@UAE@XZ
??0CCustomDlg@@QAE@IPAVCWnd@@@Z
?messageMap@CCustomDlg@@1UAFX_MSGMAP@@B
?LoadSkin@CCustomDlg@@QAEHXZ
?LoadSkinToBitmap@CAppSysOperation@@SA_NAAVCBitmap@@PAXAA_N@Z
??1CBaseEdit@@UAE@XZ
??0CBaseEdit@@QAE@XZ
?SetDrawFrame@CBaseEdit@@QAEXH@Z
?SetFrameColor@CBaseEdit@@QAEXK@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
??1CSkinConfContext@@UAE@XZ
??0CSkinConfContext@@QAE@XZ
?LoadSkin@CSkinConfContext@@QAEHVCString@@@Z
?SetSkinPath@CAppSysOperation@@SAXVCString@@@Z

msimg32

GradientFill

mfc42

ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord2379
ord800
ord537
ord540
ord860
ord858
ord535
ord5442
ord3318
ord665
ord5186
ord354
ord2818
ord4202
ord6134
ord4407
ord5290
ord5277
ord3708
ord567
ord781
ord4275
ord2864
ord6199
ord3874
ord3283
ord3258
ord1705
ord430
ord1269
ord641
ord6200
ord6136
ord2935
ord2516
ord361
ord3061
ord3767
ord2860
ord939
ord4129
ord1158
ord5710
ord2614
ord1200
ord1601
ord3721
ord3571
ord3626
ord3663
ord795
ord2414
ord1168
ord2116
ord3573
ord3693
ord755
ord2754
ord5787
ord5788
ord1641
ord470
ord816
ord562
ord3089
ord4133
ord4297
ord6119
ord4299
ord6880
ord924
ord640
ord2405
ord5785
ord1640
ord323
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord4234
ord2566
ord6215
ord3092
ord6241
ord4710
ord2370
ord6334
ord2289
ord1768
ord2086
ord6270
ord941
ord1644
ord3619
ord2753
ord283
ord472
ord6172
ord5789
ord2642
ord4284
ord4278
ord6663
ord2764
ord1175
ord1146
ord6157
ord3402
ord3716
ord790
ord3797
ord6197
ord3546
ord3742
ord818
ord1233
ord2859
ord2763
ord2567
ord2452
ord2078
ord2393
ord690
ord1988
ord5207
ord6059
ord389
ord2055
ord2727
ord6467
ord2730
ord2729
ord3237
ord6779
ord940
ord1979
ord6385
ord2302
ord2688
ord2135
ord926
ord6605
ord5651
ord3127
ord3616
ord350
ord1799
ord614
ord2623
ord290
ord4622
ord4226
ord2486
ord4003
ord5683
ord2915
ord804
ord686
ord609
ord6785
ord5981
ord922
ord4277
ord5600
ord1949
ord4034
ord551
ord3337
ord2820
ord3811
ord6662
ord3181
ord3178
ord668
ord4058
ord2781
ord2770
ord356
ord1980
ord5572
ord2380
ord5875
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord801
ord815
ord541
ord561
ord4046
ord2145
ord2144
ord6225
ord5231
ord5247
ord2132
ord4601
ord5861
ord6143
ord6438
ord1205
ord1247
ord824
ord1232
ord2621
ord1134
ord5435
ord1683
ord1673
ord2628
ord5980
ord2641
ord4122
ord6214
ord6196
ord4298
ord5948
ord3088
ord3875
ord3872
ord3871
ord6198
ord4286
ord4283
ord3137
ord3796
ord5719
ord6092
ord3524
ord4032
ord6095
ord4035
ord2549
ord2433
ord3353
ord3579
ord426
ord726
ord826
ord6877
ord2784
ord2725
ord5583
ord384
ord6453
ord4160
ord2863
ord2546
ord291
ord798
ord533
ord998
ord5607
ord2919
ord1997
ord6392
ord5194
ord536
ord2575
ord2574
ord3572
ord556
ord809
ord1793
ord6358
ord1088
ord2122
ord5873
ord3706
ord613
ord289
ord6648
ord3610
ord656
ord2096
ord3287
ord4000
ord6008
ord3297
ord4476
ord2803
ord326
ord2639
ord6021
ord6007
ord6907
ord2862
ord6901
ord3286
ord2582
ord4402
ord3370
ord3640
ord693
ord4243
ord3752
ord3910
ord2299
ord6195
ord3870
ord6930
ord3317
ord4224
ord2762
ord5356
ord5808
ord6058
ord1075
ord5204
ord3229
ord353
ord1187
ord4220
ord2584
ord3654
ord2438
ord2408
ord2097
ord807
ord4163
ord6625
ord554
ord5440
ord6383
ord5450
ord6394
ord2645
ord2450
ord3719
ord793
ord1576
ord810
ord4271
ord3914
ord3296
ord3303
ord3290
ord4125
ord4694
ord5148
ord923
ord6928
ord539
ord6111
ord4123
ord3996
ord1929
ord6380
ord4287
ord1105
ord2123
ord4480
ord3005
ord538
ord861
ord1795
ord5781
ord3711
ord783
ord2112
ord6442
ord3138
ord6128
ord2714
ord2455
ord1176
ord3643
ord394
ord696
ord909
ord5628
ord4185
ord398
ord700
ord955
ord4189
ord3021
ord913
ord5594
ord5632
ord3692
ord5791
ord3301
ord3293
ord6696
ord6675
ord6888
ord6905
ord2089
ord2100
ord3763
ord2513
ord293
ord4538
ord2587
ord4406
ord3394
ord3729
ord4267
ord3920
ord4317
ord2648
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4396
ord1776
ord4078
ord6055
ord2077
ord2029
ord5621
ord1638
ord4167
ord823
ord1083
ord6307
ord803
ord825
ord278
ord501
ord543
ord521
ord605
ord773
ord3584
ord3570
ord966
ord1971
ord5478
ord5796
ord4863
ord4335
ord4447
ord4411
ord2031
ord5481
ord5810
ord6449
ord3733

msvcrt

__p__fmode
__set_app_type
_controlfp
fseek
ftell
strchr
strtoul
wcscpy
_strdup
strrchr
srand
fread
_vsnprintf
fwrite
fopen
printf
fclose
fprintf
towupper
isdigit
_beginthreadex
_atoi64
_mbsrchr
__p__commode
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
localtime
strftime
puts
rand
_local_unwind2
_except_handler3
_snprintf
_purecall
_mkdir
realloc
malloc
free
_ftol
time
strncpy
sprintf
_mbscmp
atoi
__CxxFrameHandler
_adjust_fdiv
__setusermatherr
calloc
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
memmove
_itoa
_setmbcp

kernel32

GetTickCount
GetStartupInfoA
GetWindowsDirectoryA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
lstrcatA
lstrcmpiA
lstrcpynA
GetVersion
IsValidCodePage
GetCPInfo
GetCurrentThreadId
GetSystemDirectoryA
GlobalFree
IsBadWritePtr
VirtualQuery
GetLocalTime
SetUnhandledExceptionFilter
UnmapViewOfFile
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
lstrcmpA
LoadLibraryExA
GetCurrentDirectoryA
SetCurrentDirectoryA
lstrcpyA
GetCurrentProcess
SetProcessWorkingSetSize
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
GetPrivateProfileStringA
SetErrorMode
GetCommandLineA
GetFileSize
Sleep
DeviceIoControl
GetVersionExA
DeleteFileA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalFree
LocalAlloc
lstrlenA
FormatMessageA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
GetModuleHandleA
CloseHandle
CreateThread
OutputDebugStringA
GetPrivateProfileIntA
TerminateThread
GetExitCodeThread
SetFilePointer
ReadFile
CreateFileA
WriteFile
WinExec
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
FindResourceA
MulDiv
WritePrivateProfileStringA
GetModuleFileNameA
GetFileAttributesA
FindClose
FindFirstFileA
CreateDirectoryA
RemoveDirectoryA
InitializeCriticalSection

user32

CopyRect
GetWindowTextA
DrawStateA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LookupIconIdFromDirectory
CreateIconFromResourceEx
CreateIconFromResource
SetWindowRgn
GetWindowDC
GetFocus
SetFocus
SetForegroundWindow
KillTimer
GetMenuItemCount
GetMenuItemID
GetSubMenu
IsIconic
GetSystemMetrics
DrawIcon
RemoveMenu
AppendMenuA
LoadIconA
UpdateWindow
IsWindowVisible
WindowFromPoint
IsChild
GetDesktopWindow
GetWindowLongA
SetWindowLongA
SystemParametersInfoA
SetTimer
RegisterClassA
InsertMenuA
GetMenuStringA
LoadMenuA
CreateMenu
FindWindowA
SendMessageTimeoutA
MessageBoxA
SetWindowPos
InflateRect
GetDC
SetRect
FillRect
GetMenuState
ModifyMenuA
wvsprintfA
EnableWindow
SendMessageA
GetForegroundWindow
GetClassInfoA
GetSysColor
ShowWindow
GetMessagePos
SetCursor
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetWindowRgn
IsRectEmpty
SetParent
GetScrollInfo
CallWindowProcA
GetWindow
IsZoomed
EnableMenuItem
DestroyWindow
DefWindowProcA
DrawFocusRect
UnregisterClassA
MoveWindow
CreateWindowExA
GetClassNameA
RegisterClassExA
GetSystemMenu
GetWindowRect
SetCapture
PostMessageA
GetParent
LoadImageA
wsprintfA
RedrawWindow
ReleaseCapture
LoadCursorA
GetClientRect
ScreenToClient
ReleaseDC
InvalidateRect
PtInRect
LoadBitmapA
CreatePopupMenu
GetCursorPos
OffsetRect
IsWindow
ClientToScreen

gdi32

CreateCompatibleDC
GetObjectA
CreatePen
CreateSolidBrush
Rectangle
StretchBlt
BitBlt
CreateEllipticRgn
BeginPath
Ellipse
EndPath
FillPath
SetDIBits
CreateRectRgnIndirect
GetDIBColorTable
CreatePalette
OffsetRgn
DeleteObject
PtInRegion
SelectClipRgn
GetTextColor
CreateICA
GetDIBits
ExtCreateRegion
SelectPalette
RealizePalette
GetMapMode
GetTextMetricsA
CreateRoundRectRgn
GetTextExtentPoint32A
CreateRectRgn
CombineRgn
GetPixel
GetCurrentObject
CreateFontIndirectA
CreateDIBitmap
CreateBitmap
SetBkColor
GetDeviceCaps
SetTextColor
TextOutA
SetBkMode
CreateHalftonePalette
GetPaletteEntries
CreateDIBSection
SelectObject
SetDIBColorTable
SetStretchBltMode
DeleteDC
GdiFlush
CreateCompatibleBitmap
GetStockObject
CreateFontA
Polygon

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA

shell32

Shell_NotifyIconA
SHGetSpecialFolderPathA
ExtractIconA
ShellExecuteA

comctl32

ImageList_GetImageCount
ImageList_AddMasked
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetIcon
_TrackMouseEvent
ImageList_ReplaceIcon

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoUninitialize
OleSetContainedObject
OleCreateStaticFromData
OleRun
CoCreateInstance
CoInitializeEx
CoInitialize
CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SafeArrayGetUBound
SafeArrayCreate
SafeArrayPutElement
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
VariantChangeType
SysStringLen
SafeArrayGetLBound
VariantInit
VariantCopy
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysAllocString
SysFreeString
SetErrorInfo
GetErrorInfo
SysAllocStringLen
CreateErrorInfo

wsock32

WSAGetLastError
gethostname
inet_addr
gethostbyname
sendto
WSACleanup
closesocket
socket
recvfrom
select

msvcp60

??1_Lockit@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??0_Lockit@std@@QAE@XZ
??_7out_of_range@std@@6B@
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0logic_error@std@@QAE@ABV01@@Z

gdiplus

GdiplusShutdown
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromFileICM
GdipDisposeImage
GdipDeletePen
GdiplusStartup
GdipDeleteGraphics
GdipDrawImageRectI
GdipCreateFromHDC
GdipGetImageWidth
GdipGetImageHeight
GdipCreatePen1

publictool

?GetRealBuffer@CBuffer@@QAEPBEXZ
?SetPos@CBuffer@@QAEXKK@Z
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?FindFirst@CHash@@QAEXH@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?InsertItem@CHash@@QAEHJPAX@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?GetBufferLen@CBuffer@@QAEKXZ
?QueryItem@CHash@@QAEPAXPBD@Z
?QueryItem@CHash@@QAEPAXJ@Z
?GetHashItemNum@CHash@@QAEHXZ
?GetBuffer@CBuffer@@QAEPAEXZ
??1CxImageEx@@UAE@XZ
??0CxImageEx@@QAE@K@Z
?GetDIB@CxImageEx@@QBEPAXXZ
??0CBuffer@@QAE@K@Z
?FindNext@CHash@@QAEPAXXZ
??1CBuffer@@UAE@XZ
??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ
??1CHash@@UAE@XZ
??0CBuffer@@QAE@ABV0@@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
??0CBuffer@@QAE@PAEK@Z
?GetBits@CxImageEx@@QAEPAEK@Z
?base64_encode@CBase64@@SAHPADI0@Z
?base64_decode@CBase64@@SAHPADI0@Z
?Load@CxImageEx@@QAE_NPBDK@Z
?GetRealLen@CBuffer@@QAEKXZ
?Draw@CxImageEx@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z

idletrac

?Hook_GetAppWnd@@YAXPAUHWND__@@@Z
?Hook_IdleTrackerInit@@YAHXZ
?Hook_UserOnLeave@@YAXXZ
?Hook_ReSetLastTickCount@@YAXXZ
?Hook_IdleTrackerGetLastTickCount@@YAKXZ
?Hook_DelAppWnd@@YAXPAUHWND__@@@Z

cweiboclient

?WB_GetFollowAndWeibo_Count@CWeiboModule@@QAEHH_J0@Z
?WB_GET_STAT@CWeiboModule@@QAEH_J00H@Z
?WB_SENDUNREAD@CWeiboModule@@QAEHXZ
?WB_RelationOperation@CWeiboModule@@QAEH_J00HHH@Z
?WbBase_Login@CWeiboModule@@QAEHHPBD0@Z
?WbBase_Init@CWeiboModule@@QAEHPAUHWND__@@IPBDH@Z
??0CWeiboModule@@QAE@XZ
??1CWeiboModule@@UAE@XZ
?WBBase_ReleasePtr@CWeiboModule@@QAEXPAX@Z
?WB_GetFollowList@CWeiboModule@@QAEHH_J@Z
?WbBase_Init_Connect@CWeiboModule@@QAEHXZ

netapi32

Netbios

shlwapi

PathFileExistsA
PathIsDirectoryA

winmm

waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInOpen
mixerGetNumDevs
mixerOpen
waveInUnprepareHeader
mixerGetDevCapsA
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetControlDetailsA
mixerSetControlDetails
PlaySoundA
sndPlaySoundA
waveInClose
waveOutClose
mixerGetID
waveOutOpen
mixerClose

pdh

PdhGetRawCounterValue
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhRemoveCounter
PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhComputeCounterStatistics

Exports

Exports

??0CRoomInfo@@QAE@ABV0@@Z
??0CRoomInfo@@QAE@XZ
??1CRoomInfo@@UAE@XZ
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CRoomInfo@@UAEAAV0@ABV0@@Z
??_7CRoomInfo@@6B@
?ClearAll@CRoomInfo@@QAEXXZ
?DeleteAllUser@CRoomInfo@@QAEXXZ
?GetCurrentNumber@CRoomInfo@@QAEHXZ
?GetCurrentRoomStats@CRoomInfo@@QAEHXZ
?GetEnterRoomType@CRoomInfo@@QAEHXZ
?GetID@CRoomInfo@@QAE?AVCString@@XZ
?GetIntroduce@CRoomInfo@@QAE?AVCString@@XZ
?GetLeader@CRoomInfo@@QAEPAVCUserInfo@@XZ
?GetLevel@CRoomInfo@@QAEHXZ
?GetLimitNumber@CRoomInfo@@QAEHXZ
?GetMasterID@CRoomInfo@@QAE?AVCString@@XZ
?GetName@CRoomInfo@@QAE?AVCString@@XZ
?GetOther@CRoomInfo@@QAE?AVCString@@XZ
?GetPassword@CRoomInfo@@QAE?AVCString@@XZ
?GetPort@CRoomInfo@@QAEHXZ
?GetRoomLevel@CRoomInfo@@QAEHXZ
?GetSort@CRoomInfo@@QAEHXZ
?GetStatus@CRoomInfo@@QAEHXZ
?GetType@CRoomInfo@@QAEHXZ
?GetUser@CRoomInfo@@QAEXHPAVCHash@@@Z
?GetVip@CRoomInfo@@QAE_NXZ
?SetCurrentNumber@CRoomInfo@@QAEXH@Z
?SetCurrentRoomStats@CRoomInfo@@QAEXH@Z
?SetEnterRoomType@CRoomInfo@@QAEXH@Z
?SetID@CRoomInfo@@QAEXPBD@Z
?SetIntroduce@CRoomInfo@@QAEXPBD@Z
?SetLevel@CRoomInfo@@QAEXH@Z
?SetLimitNumber@CRoomInfo@@QAEXH@Z
?SetMasterID@CRoomInfo@@QAEXABVCString@@@Z
?SetName@CRoomInfo@@QAEXPBD@Z
?SetOther@CRoomInfo@@QAEXVCString@@@Z
?SetPassword@CRoomInfo@@QAEXPBD@Z
?SetPort@CRoomInfo@@QAEXH@Z
?SetRoomLevel@CRoomInfo@@QAEXH@Z
?SetSort@CRoomInfo@@QAEXH@Z
?SetStatus@CRoomInfo@@QAEXH@Z
?SetType@CRoomInfo@@QAEXH@Z
?SetVipRoom@CRoomInfo@@QAEX_N@Z
?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B

Sections

.text
Size: 880KB - Virtual size: 879KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 860KB - Virtual size: 858KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
9158AVCore2.dll
.dll windows:4 windows x86 arch:x86

be9da2191c5d4dda64a50a71ca738e0d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d
Signer

Actual PE Digest

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateThread
FindAtomA
GetAtomNameA
WaitForSingleObject

msvcrt

_strdup
_unlink
__dllonexit
_assert
_errno
_iob
_snprintf
_vsnprintf
abort
ceil
cos
cosh
exit
exp
fclose
fflush
floor
fopen
fprintf
fread
free
frexp
fseek
ftell
fwrite
ldexp
log
malloc
memcpy
memmove
memset
perror
qsort
realloc
rename
sin
sinh
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strpbrk
strstr
strtod
tan
tanh
toupper
vfprintf

Exports

Exports

DCT_common_init
DCtab_chrom
DCtab_lum
MPV_common_end
MPV_common_init
MPV_common_init_mmx
MPV_decode_defaults
MPV_decode_mb
MPV_encode_end
MPV_encode_init
MPV_encode_picture
MPV_frame_end
MPV_frame_start
X264_frame
X264_init
add_pixels_clamped_mmx
align_get_bits
align_put_bits
av_add_i
av_add_q
av_build_filternew
av_cmp_i
av_d2q
av_dbl2int
av_div_i
av_div_q
av_fast_realloc
av_first_parser
av_flt2int
av_free
av_free_static
av_freep
av_get_pict_type_char
av_i2int
av_int2dbl
av_int2flt
av_int2i
av_log
av_log2_i
av_log_get_level
av_log_set_callback
av_log_set_level
av_malloc
av_mallocz
av_mallocz_static
av_mod_i
av_mul_i
av_mul_q
av_parser_change
av_parser_close
av_parser_init
av_parser_parse
av_realloc
av_realloc_static
av_reduce
av_register_codec_parser
av_rescale
av_rescale_q
av_rescale_rnd
av_shr_i
av_strdup
av_sub_i
av_sub_q
av_vlog
av_xiphlacing
avcodec_align_dimensions
avcodec_alloc_context
avcodec_alloc_frame
avcodec_build
avcodec_check_dimensions
avcodec_close
avcodec_decode_audio
avcodec_decode_subtitle
avcodec_decode_video
avcodec_default_execute
avcodec_default_free_buffers
avcodec_default_get_buffer
avcodec_default_get_format
avcodec_default_reget_buffer
avcodec_default_release_buffer
avcodec_encode_audio
avcodec_encode_subtitle
avcodec_encode_video
avcodec_find_best_pix_fmt
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_get_chroma_sub_sample
avcodec_get_context_defaults
avcodec_get_frame_defaults
avcodec_get_pix_fmt
avcodec_get_pix_fmt_loss
avcodec_get_pix_fmt_name
avcodec_init
avcodec_open
avcodec_register_all
avcodec_set_dimensions
avcodec_string
avcodec_thread_init
avcodec_version
avpicture_alloc
avpicture_deinterlace
avpicture_fill
avpicture_free
avpicture_get_size
avpicture_layout
besselnew
cbpc_b_tab
cbpy_tab
check_marker
compute_mb_neighboors
cropTbl
draw_edges
dsputil_init
dsputil_init_mmx
dsputil_init_pix_mmx
dsputil_static_init
fdct_ifast
fdct_ifast248
fdct_r_row_sse2
ff_aic_dc_scale_table
ff_alternate_horizontal_scan
ff_alternate_vertical_scan
ff_avg_qpel16_mc11_old_c
ff_avg_qpel16_mc12_old_c
ff_avg_qpel16_mc13_old_c
ff_avg_qpel16_mc31_old_c
ff_avg_qpel16_mc32_old_c
ff_avg_qpel16_mc33_old_c
ff_avg_qpel8_mc11_old_c
ff_avg_qpel8_mc12_old_c
ff_avg_qpel8_mc13_old_c
ff_avg_qpel8_mc31_old_c
ff_avg_qpel8_mc32_old_c
ff_avg_qpel8_mc33_old_c
ff_block_permute
ff_build_rac_states
ff_clean_h263_qscales
ff_clean_intra_table_entries
ff_clean_mpeg4_qscales
ff_combine_frame
ff_copy_bits
ff_draw_horiz_band
ff_emulated_edge_mc
ff_epzs_motion_search
ff_er_add_slice
ff_er_frame_end
ff_er_frame_start
ff_estimate_b_frame_motion
ff_estimate_p_frame_motion
ff_eval
ff_faandct
ff_faandct248
ff_fdct248_islow
ff_fdct_mmx
ff_fdct_mmx2
ff_fdct_sse2
ff_fft_calc_c
ff_fft_calc_sse
ff_fft_end
ff_fft_init
ff_fft_permute
ff_find_unused_picture
ff_fix_long_mvs
ff_fix_long_p_mvs
ff_flv_encode_picture_header
ff_gcd
ff_get_best_fcode
ff_get_mb_score
ff_golomb_vlc_len
ff_h261_encode_init
ff_h261_encode_mb
ff_h261_encode_picture_header
ff_h261_loop_filter
ff_h261_reorder_mb_index
ff_h263_chroma_qscale_table
ff_h263_decode_end
ff_h263_decode_frame
ff_h263_decode_init
ff_h263_decode_mb
ff_h263_decode_mba
ff_h263_encode_mba
ff_h263_encode_motion
ff_h263_get_gob_height
ff_h263_loop_filter
ff_h263_loop_filter_strength
ff_h263_resync
ff_h263_round_chroma
ff_h263_update_motion_val
ff_h264_idct8_add_c
ff_h264_idct_add_c
ff_h264_idct_add_mmx2
ff_h264_lowres_idct_add_c
ff_h264_lowres_idct_put_c
ff_h264_lps_range
ff_h264_lps_state
ff_h264_mps_state
ff_h264_norm_shift
ff_imdct_calc
ff_init_block_index
ff_init_cabac_decoder
ff_init_cabac_encoder
ff_init_cabac_states
ff_init_me
ff_init_range_decoder
ff_init_range_encoder
ff_init_scantable
ff_interleaved_golomb_vlc_len
ff_interleaved_se_golomb_vlc_code
ff_interleaved_ue_golomb_vlc_code
ff_jpeg_fdct_islow
ff_log2_tab
ff_mba_length
ff_mba_max
ff_mdct_calc
ff_mdct_end
ff_mdct_init
ff_mmx_idct
ff_mmxext_idct
ff_mpeg1_dc_scale_table
ff_mpeg1_default_intra_matrix
ff_mpeg1_default_non_intra_matrix
ff_mpeg4_c_dc_scale_table
ff_mpeg4_clean_buffers
ff_mpeg4_decode_mb
ff_mpeg4_decode_partitions
ff_mpeg4_decode_picture_header
ff_mpeg4_default_intra_matrix
ff_mpeg4_default_non_intra_matrix
ff_mpeg4_encode_video_packet_header
ff_mpeg4_find_frame_end
ff_mpeg4_get_video_packet_prefix_length
ff_mpeg4_init_partitions
ff_mpeg4_merge_partitions
ff_mpeg4_resync_prefix
ff_mpeg4_set_direct_mv
ff_mpeg4_stuffing
ff_mpeg4_y_dc_scale_table
ff_mpeg_flush
ff_msmp4_dc_chroma_vlc
ff_msmp4_dc_luma_vlc
ff_msmp4_mb_i_table
ff_msmp4_mb_i_vlc
ff_msmpeg4_decode_init
ff_msmpeg4_encode_init
ff_parse_close
ff_pre_estimate_p_frame_motion
ff_print_debug_info
ff_put_no_rnd_qpel16_mc11_old_c
ff_put_no_rnd_qpel16_mc12_old_c
ff_put_no_rnd_qpel16_mc13_old_c
ff_put_no_rnd_qpel16_mc31_old_c
ff_put_no_rnd_qpel16_mc32_old_c
ff_put_no_rnd_qpel16_mc33_old_c
ff_put_no_rnd_qpel8_mc11_old_c
ff_put_no_rnd_qpel8_mc12_old_c
ff_put_no_rnd_qpel8_mc13_old_c
ff_put_no_rnd_qpel8_mc31_old_c
ff_put_no_rnd_qpel8_mc32_old_c
ff_put_no_rnd_qpel8_mc33_old_c
ff_put_qpel16_mc11_old_c
ff_put_qpel16_mc12_old_c
ff_put_qpel16_mc13_old_c
ff_put_qpel16_mc31_old_c
ff_put_qpel16_mc32_old_c
ff_put_qpel16_mc33_old_c
ff_put_qpel8_mc11_old_c
ff_put_qpel8_mc12_old_c
ff_put_qpel8_mc13_old_c
ff_put_qpel8_mc31_old_c
ff_put_qpel8_mc32_old_c
ff_put_qpel8_mc33_old_c
ff_rac_terminate
ff_rate_control_init
ff_rate_control_uninit
ff_rate_estimate_qscale
ff_reverse
ff_se_golomb_vlc_code
ff_set_cmp
ff_set_mpeg4_time
ff_set_qscale
ff_simple_idct_add_mmx
ff_simple_idct_mmx
ff_simple_idct_put_mmx
ff_sqrt_tab
ff_table0_dc_chroma
ff_table0_dc_lum
ff_table1_dc_chroma
ff_table1_dc_lum
ff_ue_golomb_len
ff_ue_golomb_vlc_code
ff_update_duplicate_context
ff_vbv_update
ff_vp3_dsp_init_mmx
ff_vp3_idct_add_c
ff_vp3_idct_c
ff_vp3_idct_mmx
ff_vp3_idct_put_c
ff_vp3_idct_sse2
ff_write_pass1_stats
ff_write_quant_matrix
ff_yuv420p_list
ff_zigzag248_direct
ff_zigzag_direct
first_avcodec
flv_decoder
flv_encoder
flv_h263_decode_picture_header
free_vlc
get_bits_long
get_ref_mmx
h261_cbp_tab
h261_decode_picture_header
h261_decoder
h261_encoder
h261_mba_bits
h261_mba_code
h261_mtype_bits
h261_mtype_code
h261_mv_tab
h261_parser
h261_tcoeff_level
h261_tcoeff_run
h261_tcoeff_vlc
h263_decode_init_vlc
h263_decode_picture_header
h263_decoder
h263_encode_gob_header
h263_encode_init
h263_encode_mb
h263_encode_picture_header
h263_encoder
h263_get_picture_format
h263_parser
h263_pred_motion
h263i_decoder
h263p_encoder
h264_decoder
h264_parser
img_convert
img_copy
img_get_alpha_info
img_resample
img_resample_close
img_resample_full_init
img_resample_init
init_rl
init_vlc
init_vlc_rl
intel_h263_decode_picture_header
inter_MCBPC_bits
inter_MCBPC_code
inter_level
inter_run
inter_vlc
intra_MCBPC_bits
intra_MCBPC_code
intra_level
intra_level_aic
intra_run
intra_run_aic
intra_vlc
intra_vlc_aic
inv_zigzag_direct16
inverse
j_rev_dct
j_rev_dct1
j_rev_dct2
j_rev_dct4
mc_luma_mmx
mjpeg_encoder
mm_flags
mm_support
mpeg4_decoder
mpeg4_encode_mb
mpeg4_encode_picture_header
mpeg4_encoder
mpeg4_pred_ac
mpeg4video_parser
mpegaudio_parser
mpegvideo_parser
msmpeg4_decode_ext_header
msmpeg4_decode_picture_header
msmpeg4_encode_ext_header
msmpeg4_encode_mb
msmpeg4_encode_picture_header
msmpeg4v1_decoder
msmpeg4v1_encoder
msmpeg4v2_decoder
msmpeg4v2_encoder
msmpeg4v3_decoder
msmpeg4v3_encoder
mvtab
predict_16x16_v_mmx
predict_8x8c_v_mmx
put_pixels_clamped_mmx
put_signed_pixels_clamped_mmx
put_string
register_avcodec
rv10_encoder
rv20_encoder
show_bits_long
simple_idct
simple_idct248_put
simple_idct48_add
simple_idct84_add
simple_idct_add
simple_idct_put
squareTbl
sws_close
sws_enlarge
sws_freeContext
sws_getContext
sws_init
sws_scale
tab_frw_01234567_sse2
to_AVFrame
vlc_dc_chroma_bits
vlc_dc_chroma_code
wmv1_decoder
wmv1_encoder
x264_add16x16_idct_mmxext
x264_add4x4_idct_mmxext
x264_add8x8_idct_mmxext
x264_cabac_context_init
x264_cabac_decode_bypass
x264_cabac_decode_decision
x264_cabac_decode_init
x264_cabac_decode_terminal
x264_cabac_encode_bypass
x264_cabac_encode_decision
x264_cabac_encode_flush
x264_cabac_encode_init
x264_cabac_encode_terminal
x264_cabac_mb_skip
x264_cabac_model_get
x264_cabac_model_init
x264_cabac_model_update
x264_center_filter_mmxext
x264_cpu_cpuid
x264_cpu_cpuid_test
x264_cpu_detect
x264_cpu_restore
x264_cqm_init
x264_cqm_parse_file
x264_cqm_parse_jmlist
x264_csp_init
x264_dct4x4dc_mmxext
x264_dct_init
x264_emms
x264_encoder
x264_encoder_close
x264_encoder_encode
x264_encoder_headers
x264_encoder_open
x264_encoder_reconfig
x264_eval
x264_frame_copy_picture
x264_frame_deblocking_filter
x264_frame_delete
x264_frame_expand_border
x264_frame_expand_border_filtered
x264_frame_expand_border_lowres
x264_frame_filter
x264_frame_init_lowres
x264_frame_new
x264_free
x264_horizontal_filter_mmxext
x264_idct4x4dc_mmxext
x264_log
x264_macroblock_analyse
x264_macroblock_bipred_init
x264_macroblock_cache_end
x264_macroblock_cache_init
x264_macroblock_cache_load
x264_macroblock_cache_save
x264_macroblock_encode
x264_macroblock_encode_pskip
x264_macroblock_luma_write_cavlc
x264_macroblock_probe_skip
x264_macroblock_slice_init
x264_macroblock_write_cabac
x264_macroblock_write_cavlc
x264_malloc
x264_mb_dequant_2x2_dc
x264_mb_dequant_4x4
x264_mb_dequant_4x4_dc
x264_mb_dequant_8x8
x264_mb_encode_i4x4
x264_mb_encode_i8x8
x264_mb_load_mv_direct8x8
x264_mb_mc
x264_mb_predict_intra4x4_mode
x264_mb_predict_mv
x264_mb_predict_mv_16x16
x264_mb_predict_mv_direct16x16
x264_mb_predict_mv_pskip
x264_mb_predict_mv_ref16x16

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 279KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
9158KTVPlayer.exe
.exe windows:4 windows x86 arch:x86

9cafa0c733e0cae9197ea1d3b35bcf76

Code Sign

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

01/05/2012, 00:00

Not After

31/12/2012, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G3,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae
Signer

Actual PE Digest

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord2514
ord800
ord4277
ord2763
ord537
ord1232
ord1168
ord2621
ord1134
ord2725
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord2512
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord1146
ord567
ord540
ord2135
ord818
ord2688
ord6215
ord4299
ord4287
ord6241
ord4160
ord2863
ord5575
ord2379
ord860
ord4033
ord433
ord823
ord1949
ord4034
ord2554
ord4486
ord6375
ord4274
ord4407
ord4673
ord1576

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
atol
_setmbcp
exit

kernel32

GetCommandLineA
CloseHandle
GetModuleHandleA
GetStartupInfoA
CreateMutexA

user32

PostMessageA
SetTimer
SendMessageA
AppendMenuA
GetSystemMenu
IsWindow
KillTimer
EnableWindow
GetClassInfoA
LoadIconA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
9158VCComm.dll
.dll windows:4 windows x86 arch:x86

8bee02b8e1f0aca7d2a819f4fbb924ad

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:bb:d4:69:e4:91:ae:af:3b:5b:eb:de:ef:4f:c2:bc:44:fa:48:94
Signer

Actual PE Digest

d0:bb:d4:69:e4:91:ae:af:3b:5b:eb:de:ef:4f:c2:bc:44:fa:48:94

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\work\6.6\虚拟视频\soundmodule\bin\release\9158VCComm.pdb

Imports

kernel32

OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetModuleHandleA
OutputDebugStringA
CreateProcessA
GetLastError
Sleep
CreateThread
SetThreadPriority
ResumeThread
GetExitCodeThread
TerminateThread
GetModuleFileNameA
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
WriteFile
GetStdHandle
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RtlUnwind
SetHandleCount
GetFileType
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
SetFilePointer
LoadLibraryA
GetLocaleInfoA
CreateFileA
SetStdHandle
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
GetStartupInfoA
WaitForSingleObject

user32

DefWindowProcA
FindWindowA
PostMessageA
SetWindowLongA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DestroyWindow
GetWindowLongA

gdi32

GetStockObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoTaskMemFree
StringFromCLSID
CoCreateGuid

Exports

Exports

CreateVirtualCameraCommObject

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ACore.dll
.dll windows:4 windows x86 arch:x86

e3ba61b3b00623372ff882132496db49

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5a:bf:52:ff:33:3d:44:ec:ba:cf:e5:49:6e:b0:22:d6:8d:2d:5b:19
Signer

Actual PE Digest

5a:bf:52:ff:33:3d:44:ec:ba:cf:e5:49:6e:b0:22:d6:8d:2d:5b:19

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetPrivateProfileIntA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
ExitProcess
CloseHandle
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
MultiByteToWideChar
ReadFile
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
LoadLibraryA
InitializeCriticalSection
SetStdHandle
CreateFileA
RaiseException
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_params
lame_mp3_tags_fid
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AVModule176.xml
.xml
AVModule320.xml
.xml
AVModule320_Private.xml
.xml
AVModule40.dll
.dll windows:4 windows x86 arch:x86

7bb9d53259dafc7205b8e6925a0f22a2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

51:aa:67:94:e7:54:ec:9a:90:92:92:5c:d3:4c:74:0a:24:4b:d7:07
Signer

Actual PE Digest

51:aa:67:94:e7:54:ec:9a:90:92:92:5c:d3:4c:74:0a:24:4b:d7:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

p2pclient

?NewVSP2PClient@@YAPAVCVSP2PClientInterface@@XZ
?FreeVSP2PClient@@YAXPAVCVSP2PClientInterface@@@Z
??_7IClientInterface@@6B@

mfc42

ord3079
ord4080
ord4627
ord4424
ord3742
ord3571
ord818
ord540
ord567
ord3626
ord2414
ord2452
ord4275
ord1641
ord2124
ord860
ord2818
ord5875
ord2860
ord2864
ord6157
ord3920
ord640
ord2405
ord5785
ord1640
ord323
ord2380
ord2567
ord2754
ord6172
ord5789
ord755
ord470
ord5290
ord2385
ord4837
ord2642
ord4299
ord6215
ord2379
ord6442
ord6605
ord2086
ord958
ord665
ord1979
ord6385
ord5186
ord354
ord2820
ord3811
ord5442
ord3318
ord6453
ord922
ord858
ord4278
ord5683
ord3402
ord2135
ord3089
ord773
ord941
ord501
ord5621
ord535
ord1106
ord1233
ord1083
ord1200
ord5607
ord1168
ord3825
ord342
ord1182
ord998
ord809
ord556
ord2859
ord5572
ord2915
ord6358
ord1088
ord2122
ord1949
ord4034
ord341
ord654
ord5603
ord2753
ord5858
ord5810
ord5481
ord2031
ord4411
ord4447
ord4335
ord4863
ord5796
ord5478
ord1971
ord966
ord3570
ord3584
ord605
ord521
ord543
ord278
ord6307
ord4919
ord4975
ord1638
ord3831
ord5809
ord803
ord1948
ord2396
ord3346
ord5300
ord5303
ord4079
ord4699
ord5307
ord5289
ord4622
ord817
ord565
ord2726
ord4226
ord3573
ord3977
ord1247
ord2763
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord641
ord324
ord4234
ord4710
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord3798
ord4353
ord6374
ord5163
ord5241
ord4407
ord1776
ord4078
ord6055
ord800
ord537
ord3663
ord823
ord825
ord1253
ord2077

msvcrt

_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
difftime
??1type_info@@UAE@XZ
_CxxThrowException
__dllonexit
__CxxFrameHandler
_ftol
atoi
_onexit
strstr
_purecall
_mbscmp
time

kernel32

CreateDirectoryA
FindResourceA
LoadResource
SizeofResource
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
GlobalUnlock
InterlockedDecrement
LoadLibraryA
GetWindowsDirectoryA
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetLastError
LocalFree
lstrlenA
GlobalLock
GlobalAlloc
GetModuleFileNameA
WaitForSingleObject
Sleep
OutputDebugStringA
GetTickCount
InterlockedIncrement
FreeLibrary

user32

SetRect
FillRect
GetWindowDC
LoadCursorA
CopyIcon
PeekMessageA
CopyRect
SendMessageA
GetParent
GetClientRect
IsWindow
SetCursor
GetDC
ReleaseDC
DestroyCursor
PostThreadMessageA
RedrawWindow
LoadImageA
EnableWindow
PtInRect
IsWindowVisible
PostMessageA
GetWindowRect
InvalidateRect

gdi32

BitBlt
SetStretchBltMode
CreateCompatibleDC
DeleteObject
CreateSolidBrush
CreateCompatibleBitmap
StretchBlt
GetObjectA
StretchDIBits

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
OleRun

olepro32

ord251

oleaut32

SysAllocStringByteLen
VariantClear
SysStringByteLen
SysFreeString
GetErrorInfo
SysAllocString

wsock32

setsockopt
gethostbyname
ntohs
WSAGetLastError
ioctlsocket
inet_addr

msimg32

AlphaBlend

Exports

Exports

??0CAVBaseWnd@@QAE@XZ
??0CAVInput@@QAE@XZ
??0CAVManager@@QAE@PAVCWnd@@@Z
??0CAVOutput@@QAE@XZ
??1CAVBaseWnd@@UAE@XZ
??1CAVInput@@UAE@XZ
??1CAVManager@@UAE@XZ
??1CAVOutput@@UAE@XZ
??_7CAVBaseWnd@@6B@
??_7CAVInput@@6B@
??_7CAVManager@@6B@
??_7CAVOutput@@6BCAVBaseWnd@@@
??_7CAVOutput@@6BISocketMessage@@@
?AfterCreate@CAVBaseWnd@@MAEXXZ
?AfterCreate@CAVInput@@MAEXXZ
?AfterCreate@CAVOutput@@MAEXXZ
?AfterSetBackImage@CAVBaseWnd@@MAEXXZ
?AfterSetBackImage@CAVInput@@MAEXXZ
?AfterSetBackImage@CAVOutput@@MAEXXZ
?Close@CAVBaseWnd@@UAEXXZ
?Close@CAVInput@@UAEXXZ
?Close@CAVManager@@QAEXXZ
?Close@CAVOutput@@UAEXXZ
?Create@CAVBaseWnd@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?CreateEx@CAVBaseWnd@@QAEHKPBD0KABUtagRECT@@PAVCWnd@@IPAX@Z
?CreateFloatTool@CAVBaseWnd@@QAEXXZ
?CreateFloatToolEx@CAVBaseWnd@@QAEXXZ
?CreateNormalTool@CAVBaseWnd@@QAEXXZ
?CreateNormalToolEx@CAVBaseWnd@@QAEXXZ
?CreateZoomDlg@CAVBaseWnd@@QAEXXZ
?DefWindowProcA@CAVBaseWnd@@MAEJIIJ@Z
?DeleteInput@CAVManager@@UAEHXZ
?DeleteOutput@CAVManager@@UAEHH@Z
?FloatDocking@CAVBaseWnd@@MAEXH@Z
?FloatDocking@CAVInput@@MAEXH@Z
?FloatDocking@CAVOutput@@MAEXH@Z
?GetCamera@CAVBaseWnd@@QAEHXZ
?GetDisplayAudio@CAVBaseWnd@@QAEHXZ
?GetDisplayVideo@CAVBaseWnd@@QAEHXZ
?GetInput@CAVManager@@QAEPAVCWnd@@XZ
?GetInputAudioOpen@CAVManager@@QAEHXZ
?GetMessageMap@CAVBaseWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CAVInput@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CAVOutput@@MBEPBUAFX_MSGMAP@@XZ
?GetNetRate@CAVManager@@QAEIXZ
?GetOutput@CAVManager@@QAEPAVCWnd@@H@Z
?GetOutputAudioOpen@CAVManager@@QAEHH@Z
?GetOutputVideoOpen@CAVManager@@QAEHH@Z
?GetRoomID@CAVManager@@QAEHXZ
?GetUserID@CAVBaseWnd@@QAEHXZ
?GetWordColor@CAVInput@@QAEKXZ
?GetWordColor@CAVManager@@QAEKXZ
?InitConfigInfo@CAVManager@@QAEHPBD@Z
?InsertCustomInput@CAVManager@@UAEHHPBDVCRect@@IH@Z
?InsertCustomOutput@CAVManager@@UAEHHPBDVCRect@@I@Z
?InsertInput@CAVManager@@UAEHHPBDVCRect@@IHH@Z
?InsertOutput@CAVManager@@UAEHHPBDVCRect@@IH@Z
?NotifyFloatTool@CAVBaseWnd@@QAEHIJPAJ@Z
?OnAudioFull@CAVInput@@IAEJIJ@Z
?OnClose@CAVBaseWnd@@IAEXXZ
?OnCreate@CAVBaseWnd@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CAVInput@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCreate@CAVOutput@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDestroy@CAVBaseWnd@@IAEXXZ
?OnDestroy@CAVOutput@@IAEXXZ
?OnDisplayAudio@CAVOutput@@IAEJIJ@Z
?OnDisplayVideo@CAVOutput@@IAEJIJ@Z
?OnEraseBkgnd@CAVBaseWnd@@IAEHPAVCDC@@@Z
?OnLButtonDown@CAVBaseWnd@@IAEXIVCPoint@@@Z
?OnLButtonUp@CAVBaseWnd@@IAEXIVCPoint@@@Z
?OnMouseLeave@CAVBaseWnd@@IAEJIJ@Z
?OnMouseMove@CAVBaseWnd@@IAEXIVCPoint@@@Z
?OnNotify@CAVBaseWnd@@MAEHIJPAJ@Z
?OnPaint@CAVBaseWnd@@IAEXXZ
?OnSendAudioData@CAVOutput@@IAEJIJ@Z
?OnSendVideoData@CAVOutput@@IAEJIJ@Z
?OnSize@CAVBaseWnd@@IAEXIHH@Z
?OnSize@CAVInput@@IAEXIHH@Z
?OnSocketAddAudioData@CAVOutput@@UAEXPAVCBuffer@@K@Z
?OnSocketAddVideoData@CAVOutput@@UAEXPAVCBuffer@@K@Z
?OnStaticClose@CAVBaseWnd@@IAEJIJ@Z
?OnTimer@CAVOutput@@IAEXI@Z
?OnUserStatus@CAVOutput@@IAEJIJ@Z
?OnVideoDataReturn@CAVBaseWnd@@IAEJIJ@Z
?OnVideoFull@CAVInput@@IAEJIJ@Z
?OnWaveMsgInfo@CAVBaseWnd@@IAEJIJ@Z
?OnWaveMsgInfoMany@CAVBaseWnd@@IAEJIJ@Z
?PlayAudioFromBuffer@CAVOutput@@QAEXXZ
?PlayVideoFromBuffer@CAVOutput@@QAEXXZ
?PreTranslateMessage@CAVBaseWnd@@UAEHPAUtagMSG@@@Z
?PreTranslateMessage@CAVInput@@UAEHPAUtagMSG@@@Z
?SaveSnapshotFile@CAVBaseWnd@@QAEHPAEH@Z
?SetAVConfigInfo@CAVBaseWnd@@QAEXPAVCAVConfigInfo@@@Z
?SetBackPicFile@CAVBaseWnd@@QAEHPAEH@Z
?SetBackPicFile@CAVBaseWnd@@QAEHPBD@Z
?SetBmpFile@CAVManager@@QAEXPBD@Z
?SetBmpFileTop@CAVManager@@QAEXPBD@Z
?SetBufferTime@CAVManager@@QAEXH@Z
?SetDisplayAudio@CAVBaseWnd@@UAEXH@Z
?SetDisplayAudio@CAVInput@@UAEXH@Z
?SetDisplayAudio@CAVOutput@@UAEXH@Z
?SetDisplayVideo@CAVBaseWnd@@UAEXH@Z
?SetDisplayVideo@CAVInput@@UAEXH@Z
?SetDisplayVideo@CAVOutput@@UAEXH@Z
?SetForbidP2P@CAVManager@@QAEXXZ
?SetInputAudioOpen@CAVManager@@QAEXH@Z
?SetInputBackImage@CAVManager@@QAEHPAEH@Z
?SetInputBackImage@CAVManager@@QAEHPBD@Z
?SetIsInputWindow@CAVBaseWnd@@QAEXH@Z
?SetNetInfo@CAVManager@@QAEXPBDI@Z
?SetOutputAudioOpen@CAVManager@@QAEXHH@Z
?SetOutputBackImage@CAVManager@@QAEHHPAEH@Z
?SetOutputBackImage@CAVManager@@QAEHHPBD@Z
?SetOutputVideoOpen@CAVManager@@QAEXHH@Z
?SetSnapshotFilePath@CAVManager@@QAEXPBD@Z
?SetSnapshotPath@CAVBaseWnd@@QAEXPBD@Z
?SetToolStyle@CAVBaseWnd@@QAEXH@Z
?SetUDPThread@CAVBaseWnd@@QAEXPAVCUDPThread@@@Z
?SetUserInfo@CAVBaseWnd@@QAEXHPBD@Z
?SetUserInfo@CAVManager@@QAEXHHPBD@Z
?SetVideoAlwaysOpen@CAVInput@@QAEXXZ
?SetVideoAlwaysOpen@CAVManager@@QAEXXZ
?SetVideoDevice@CAVInput@@QAEXH@Z
?SetVideoInfo@CAVManager@@QAEXHHH@Z
?SetVideoOpen@CAVBaseWnd@@QAEXH@Z
?SetVideoOpen@CAVManager@@QAEXH@Z
?SetVideoQuality@CAVManager@@QAEXH@Z
?SetVideoWord@CAVInput@@QAEXPBD@Z
?SetVideoWord@CAVManager@@QAEXPBD@Z
?SetWordColor@CAVInput@@QAEXK@Z
?SetWordColor@CAVManager@@QAEXK@Z
?StartSocket@CAVManager@@QAEXXZ
?StartThread@CAVManager@@QAEXXZ
?_GetBaseMessageMap@CAVBaseWnd@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CAVInput@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CAVOutput@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CAVBaseWnd@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CAVInput@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CAVOutput@@0QBUAFX_MSGMAP_ENTRY@@B
?messageMap@CAVBaseWnd@@1UAFX_MSGMAP@@B
?messageMap@CAVInput@@1UAFX_MSGMAP@@B
?messageMap@CAVOutput@@1UAFX_MSGMAP@@B

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AdvertisingDll.dll
.dll windows:4 windows x86 arch:x86

4d589de576885ff2f2510afd47b2312e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

05:cb:69:ec:05:e2:80:1f:61:ec:44:f4:39:22:2b:ac:1a:47:a8:f6
Signer

Actual PE Digest

05:cb:69:ec:05:e2:80:1f:61:ec:44:f4:39:22:2b:ac:1a:47:a8:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6055
ord4078
ord1776
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord3742
ord818
ord800
ord535
ord537
ord540
ord567
ord4275
ord6442
ord1233
ord924
ord860
ord6215
ord3337
ord3811
ord2818
ord5572
ord2915
ord922
ord538
ord4202
ord6283
ord858
ord6282
ord798
ord1997
ord2808
ord6407
ord1089
ord690
ord1988
ord823
ord5207
ord6059
ord389
ord2614
ord2379
ord6453
ord4299
ord6197
ord6605
ord2864
ord3663
ord6449
ord6467
ord5148
ord1200
ord3005
ord2135
ord1601
ord1168
ord861
ord2688
ord3089
ord826
ord600
ord1578
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord3922
ord1182
ord5731
ord2512
ord2554
ord4486
ord6375
ord2725
ord815
ord825
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord939
ord5199
ord532
ord4274
ord1116
ord1176
ord1575
ord1577
ord269

msvcrt

??1type_info@@UAE@XZ
strpbrk
_mbsspnp
_access
_mbspbrk
memmove
_adjust_fdiv
malloc
_purecall
__CxxFrameHandler
_initterm
free
_onexit
__dllonexit
_mbsnbicmp
_mbsrchr
_CxxThrowException
_mbscmp
atoi
_mkdir

kernel32

LocalFree
lstrlenA
MultiByteToWideChar
InterlockedIncrement
GetLastError
GetFileAttributesA
CreateDirectoryA
CopyFileA
GetPrivateProfileStringA
DeleteFileA
InterlockedDecrement
lstrlenW
WideCharToMultiByte
WritePrivateProfileStringA
CreateThread
GetPrivateProfileIntA
GetExitCodeThread
TerminateThread
CloseHandle
OutputDebugStringA
LocalAlloc

user32

EnableWindow
GetDesktopWindow
PostMessageA
KillTimer
IsWindow
SendMessageA
GetParent
SetTimer
GetClientRect

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

VariantClear
VariantInit
SysAllocString
GetErrorInfo
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString

urlmon

URLDownloadToFileA

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

wininet

InternetGetConnectedState

shlwapi

PathFileExistsA

Exports

Exports

?interfaceMap@CCustomControlSite@@1UAFX_INTERFACEMAP@@B
CreateInst

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Audio.dll
.dll windows:4 windows x86 arch:x86

519e0c3b5dba808deee142cd9b2f36d7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ca:82:c2:2b:21:81:26:2b:d2:86:ba:25:8f:3a:ba:47:87:ed:9a:9d
Signer

Actual PE Digest

ca:82:c2:2b:21:81:26:2b:d2:86:ba:25:8f:3a:ba:47:87:ed:9a:9d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
LoadResource
GetModuleHandleA
FindResourceA
GetLastError
LockResource
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
LoadLibraryA
GetProcAddress
Sleep
FreeLibrary

winmm

waveInGetNumDevs
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveInPrepareHeader
waveInStart
waveInAddBuffer
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
mmioDescend
mmioRead
mmioAscend
mmioOpenA
mmioClose
waveInOpen

audioad

ADUninit
ADSetParam
ADDo
ADInit

msvcrt

malloc
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_initterm
_adjust_fdiv
__dllonexit
free
_onexit

Exports

Exports

?CreateAudioInObject@@YAPAVIAudioIn@@XZ
?CreateAudioOutObject@@YAPAVIAudioOut@@XZ

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AudioAD.dll
.dll windows:4 windows x86 arch:x86

8a536e9b85c1388e3afa8d948565787d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7d:3c:16:73:43:63:9d:03:0f:ce:70:cd:b4:77:af:eb:30:a6:85:33
Signer

Actual PE Digest

7d:3c:16:73:43:63:9d:03:0f:ce:70:cd:b4:77:af:eb:30:a6:85:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
HeapAlloc
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
Sleep
LCMapStringA
LCMapStringW
FlushFileBuffers
RaiseException
SetStdHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CloseHandle
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

ADDo
ADDo_Float
ADInit
ADSetParam
ADUninit

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AudioCodec1000.dll
.dll windows:4 windows x86 arch:x86

e4fa261ab439294340b841df09424b0a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0c:dc:e0:09:72:41:00:97:ff:cb:f4:58:f2:3f:3d:10:fc:05:85:c0
Signer

Actual PE Digest

0c:dc:e0:09:72:41:00:97:ff:cb:f4:58:f2:3f:3d:10:fc:05:85:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringA

msvcrt

malloc
exit
_CIpow
free
_initterm
_adjust_fdiv
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
_ftol

acore

beInitStream
beEncodeChunk
beCloseStream

Exports

Exports

?CreateAudioDecoder1000@@YAPAVIAudioDecoder@@XZ
?CreateAudioEncoder1000@@YAPAVIAudioEncoder@@XZ

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1023B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AudioCodec2100.dll
.dll windows:5 windows x86 arch:x86

95c71a4addf93fec1e503611a83b4bbf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:a5:64:05:45:45:5f:6f:6f:7c:60:c0:e8:c8:fa:3a:46:52:cb:b5
Signer

Actual PE Digest

33:a5:64:05:45:45:5f:6f:6f:7c:60:c0:e8:c8:fa:3a:46:52:cb:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Program\NewChat\Client\AV\bin\AudioCodec2100.pdb

Imports

kernel32

DecodePointer
EncodePointer
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RaiseException
GetLastError
HeapFree
WriteFile
GetStdHandle
GetModuleFileNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetProcAddress
Sleep
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
IsProcessorFeaturePresent
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
CloseHandle
WriteConsoleW
SetStdHandle
CreateFileW

Exports

Exports

?CreateAudioDecoder2100@@YAPAVIAudioDecoder@@XZ
?CreateAudioDecoder2101@@YAPAVIAudioDecoder@@XZ
?CreateAudioEncoder2100@@YAPAVIAudioEncoder@@XZ
?CreateAudioEncoder2101@@YAPAVIAudioEncoder@@XZ

Sections

.text
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AudioCodec3000.dll
.dll windows:5 windows x86 arch:x86

8647872061391d0b60f8da9a0db23593

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ec:a2:1b:ed:cd:82:29:66:19:6d:9d:ff:58:2c:89:91:87:c0:ee
Signer

Actual PE Digest

4b:ec:a2:1b:ed:cd:82:29:66:19:6d:9d:ff:58:2c:89:91:87:c0:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Program\NewChat\Client\AV\Bin\AudioCodec3000.pdb

Imports

kernel32

DecodePointer
EncodePointer
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameW
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetProcAddress
Sleep
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Exports

Exports

?CreateAudioDecoder3000@@YAPAVIAudioDecoder@@XZ
?CreateAudioDecoder3001@@YAPAVIAudioDecoder@@XZ
?CreateAudioDecoder3002@@YAPAVIAudioDecoder@@XZ
?CreateAudioEncoder3000@@YAPAVIAudioEncoder@@XZ
?CreateAudioEncoder3001@@YAPAVIAudioEncoder@@XZ
?CreateAudioEncoder3002@@YAPAVIAudioEncoder@@XZ

Sections

.text
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Banner.xml
.xml
BugReport.exe
.exe windows:4 windows x86 arch:x86

bcb0747c39b5fe50e054c3276e18b072

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mvuilib

?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
?SetColor@CColorStatic@@QAEXKKK@Z
??0CUIButtonTemplate@@QAE@XZ
??1CColorStatic@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
?SetSkinPath@CAppSysOperation@@SAXVCString@@@Z
?LoadSkin@CSkinConfContext@@QAEHVCString@@@Z
??0CSkinConfContext@@QAE@XZ
??0CColorStatic@@QAE@XZ
??1CSkinConfContext@@UAE@XZ

mfc42

ord540
ord561
ord825
ord2514
ord858
ord4278
ord2764
ord537
ord2621
ord1134
ord924
ord535
ord6877
ord2725
ord5683
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord3610
ord3571
ord860
ord823
ord1146
ord1168
ord567
ord3626
ord3663
ord2414
ord2302
ord939
ord4160
ord2863
ord2379
ord2818
ord3873
ord6215
ord536
ord2642
ord6241
ord3092
ord6199
ord1768
ord2078
ord4299
ord1641
ord6605
ord3619
ord640
ord2405
ord5875
ord2452
ord5785
ord1640
ord323
ord2754
ord2645
ord755
ord2567
ord6880
ord470
ord6283
ord6282
ord665
ord354
ord1979
ord1576
ord3318
ord5186
ord2575
ord3574
ord2574
ord3572
ord4396
ord609
ord556
ord809
ord1793
ord4275
ord2122
ord2859
ord6197
ord3706
ord815
ord800
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord656
ord5442

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
sprintf
atoi
??1type_info@@UAE@XZ
_setmbcp
_CxxThrowException
__dllonexit
_onexit
_exit
_XcptFilter
_mbscmp
exit
_acmdln
__getmainargs
_initterm
__CxxFrameHandler

kernel32

GetFileSize
GetModuleFileNameA
CreateFileA
CreateSemaphoreA
GetLastError
CloseHandle
GetCommandLineA
SetEvent
WaitForSingleObject
CreateThread
CreateEventA
GetModuleHandleA
GetStartupInfoA
WinExec
ReadFile
SetFilePointer
GlobalMemoryStatus
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
lstrlenW
lstrlenA
LocalFree
MultiByteToWideChar

user32

EnableWindow
SetCursor
GetWindowDC
InvalidateRect
ReleaseDC
GetWindowRect
SendMessageA
AppendMenuA
GetSystemMenu
PostMessageA
GetClientRect
PtInRect
LoadImageA
LoadIconA
SetWindowRgn

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetPixel
GetObjectA
CreateFontA
BitBlt
StretchBlt
SetBkColor
SetTextColor
DeleteDC
CreateRectRgn
CombineRgn
DeleteObject
CreateBitmap

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

comctl32

_TrackMouseEvent

ole32

CoCreateInstance
OleRun
CoInitialize

oleaut32

GetErrorInfo
SysFreeString
VariantClear
SysAllocString

ws2_32

getsockopt
setsockopt
recv
send
closesocket
socket
htons
connect
gethostname
gethostbyname
WSAGetLastError
inet_addr
WSAStartup
WSACleanup
inet_ntoa

shlwapi

PathFileExistsA
StrFormatByteSizeA
PathIsDirectoryA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CWeiboClient.dll
.dll windows:4 windows x86 arch:x86

4d270513f2cdd46d9895f26c61a16418

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

98:1b:e4:e0:fd:5a:67:71:49:03:50:96:6c:db:17:40:30:5e:8e:98
Signer

Actual PE Digest

98:1b:e4:e0:fd:5a:67:71:49:03:50:96:6c:db:17:40:30:5e:8e:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord4129
ord5683
ord5572
ord2919
ord922
ord3584
ord543
ord803
ord665
ord6385
ord1979
ord3318
ord5186
ord354
ord6663
ord4277
ord6467
ord6215
ord2864
ord1134
ord1200
ord3571
ord3626
ord755
ord640
ord2405
ord2414
ord2753
ord2566
ord5785
ord1641
ord1640
ord323
ord470
ord6197
ord2393
ord5731
ord5442
ord268
ord1168
ord816
ord562
ord3706
ord6453
ord2915
ord1146
ord5873
ord2763
ord939
ord940
ord1997
ord5465
ord925
ord3619
ord5651
ord3616
ord3127
ord350
ord4396
ord3574
ord2575
ord3402
ord609
ord556
ord809
ord2859
ord2860
ord5875
ord3874
ord4284
ord2122
ord6358
ord1088
ord1175
ord1228
ord3005
ord2135
ord1233
ord6880
ord3092
ord1601
ord538
ord861
ord4299
ord2688
ord539
ord3089
ord4278
ord5710
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord2379
ord4275
ord567
ord818
ord3742
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord6394
ord5450
ord6383
ord5440
ord2614
ord924
ord823
ord389
ord6059
ord5207
ord533
ord5194
ord6407
ord1988
ord798
ord690
ord537
ord860
ord2818
ord535
ord540
ord858
ord800
ord941
ord825
ord1567
ord3663
ord269
ord826
ord600
ord1578
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbscmp
towupper
_snprintf
wcslen
printf
malloc
free
atoi
_ftol
_mbclen
_mbsinc
sprintf
memmove
strncpy
rename
time
srand
rand
__CxxFrameHandler
_purecall
_ltoa
_access
_CxxThrowException
_itoa

kernel32

LeaveCriticalSection
EnterCriticalSection
GetLocalTime
DeleteCriticalSection
InitializeCriticalSection
GetLastError
GlobalAlloc
DeviceIoControl
GlobalFree
InterlockedDecrement
GetModuleFileNameA
IsBadReadPtr
Sleep
SetCurrentDirectoryA
DeleteFileA
GetPrivateProfileIntA
CreateThread
CloseHandle
GetPrivateProfileStringA
OutputDebugStringA
InterlockedIncrement
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
lstrlenA
MulDiv
GlobalUnlock
GlobalLock
LockResource
SizeofResource
LoadResource
FindResourceA
WriteFile
FreeLibrary
GetProcAddress
LoadLibraryA
CreateEventA
SetThreadPriority
SetEvent
GetExitCodeThread
WaitForMultipleObjects
ResetEvent
TerminateThread
SetLastError
LocalFree
lstrcpynA
CreateFileA
LocalAlloc

user32

SetTimer
InvalidateRect
ReleaseDC
GetDC
LoadBitmapA
LoadImageA
SetWindowLongA
GetWindowLongA
MessageBoxExA
SetWindowRgn
DrawStateA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
GetWindowRect
GetParent
GetClientRect
EnableWindow
PostMessageA
SendMessageA
KillTimer

gdi32

CreateFontIndirectA
GetBitmapBits
GetDIBColorTable
CreateDCA
GetStockObject
SelectPalette
RealizePalette
GetDIBits
CreateRectRgnIndirect
CreateBitmap
SelectObject
SetBkColor
SetTextColor
DeleteDC
DeleteObject
GetObjectA
CreateRectRgn
GetPixel
CombineRgn
StretchBlt
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextExtentPoint32A

comctl32

_TrackMouseEvent

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleRun

olepro32

ord251

oleaut32

CreateErrorInfo
VariantChangeType
SetErrorInfo
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayCreate
GetErrorInfo
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayPutElement

ws2_32

ioctlsocket
select
WSAEnumNetworkEvents
WSAEventSelect
send
sendto
WSASendTo
accept
htonl
WSAConnect
listen
getsockopt
socket
WSAAsyncSelect
ntohs
connect
WSARecv
WSASend
WSAWaitForMultipleEvents
closesocket
shutdown
inet_addr
htons
bind
WSACreateEvent
WSAResetEvent
WSASocketA
WSACloseEvent
setsockopt
WSAStartup
gethostname
gethostbyname
inet_ntoa
WSACleanup
recv
WSAGetLastError
WSAGetOverlappedResult

msvcp60

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ

Exports

Exports

??0CWeiboModule@@QAE@ABV0@@Z
??0CWeiboModule@@QAE@XZ
??1CWeiboModule@@UAE@XZ
??4CWeiboModule@@QAEAAV0@ABV0@@Z
??_7CWeiboModule@@6B@
?SetActiveWebUrl@CWeiboModule@@QAEXVCString@@00@Z
?SetMainWeiboRect@CWeiboModule@@QAEXPAUtagRECT@@@Z
?SetOtherMainUrl@CWeiboModule@@QAEXVCString@@_J@Z
?SetStarRankUrl@CWeiboModule@@QAEXVCString@@@Z
?SetWebUrl@CWeiboModule@@QAEXVCString@@@Z
?WBBase_ReleasePtr@CWeiboModule@@QAEXPAX@Z
?WBBase_SafeUnloadModule@CWeiboModule@@QAEHXZ
?WBWnd_ShowActiveWnd@CWeiboModule@@QAEHPAUtagPOINT@@H@Z
?WBWnd_ShowMainWeibo@CWeiboModule@@QAEHVCString@@0PAUtagRECT@@00H@Z
?WBWnd_ShowSend_Weibo@CWeiboModule@@QAEHVCString@@0PAUHWND__@@IPAUtagRECT@@00H@Z
?WBWnd_ShowSet@CWeiboModule@@QAEHVCString@@0PAUHWND__@@IPAUtagRECT@@00H@Z
?WB_GET_STAT@CWeiboModule@@QAEH_J00H@Z
?WB_GetFollowAndWeibo_Count@CWeiboModule@@QAEHH_J0@Z
?WB_GetFollowList@CWeiboModule@@QAEHH_J@Z
?WB_RelationOperation@CWeiboModule@@QAEH_J00HHH@Z
?WB_SENDUNREAD@CWeiboModule@@QAEHXZ
?WbBase_Init@CWeiboModule@@QAEHPAUHWND__@@IPBDH@Z
?WbBase_Init_Connect@CWeiboModule@@QAEHXZ
?WbBase_Login@CWeiboModule@@QAEHHPBD0@Z

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1020KB - Virtual size: 1019KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDVCtrlLib.dll
.dll windows:4 windows x86 arch:x86

3f664f110b12b93a79332cf1c0182a6f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

15:af:0b:18:f4:bb:d7:af:7d:ff:52:ac:f3:aa:c6:d2:e6:9f:0d:c3
Signer

Actual PE Digest

15:af:0b:18:f4:bb:d7:af:7d:ff:52:ac:f3:aa:c6:d2:e6:9f:0d:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord6380
ord6215
ord2086
ord2614
ord860
ord2645
ord2642
ord816
ord1768
ord3920
ord562
ord4376
ord4853
ord3619
ord324
ord4234
ord3706
ord6453
ord3874
ord5261
ord2078
ord4710
ord6055
ord1776
ord5290
ord4424
ord3742
ord2753
ord2566
ord2393
ord665
ord1979
ord1567
ord5442
ord268
ord3318
ord5186
ord354
ord818
ord567
ord4275
ord2152
ord1233
ord858
ord924
ord2864
ord5981
ord2754
ord3402
ord3721
ord809
ord795
ord556
ord1088
ord2122
ord3262
ord6358
ord535
ord2859
ord6880
ord941
ord5572
ord2915
ord1200
ord926
ord1146
ord6197
ord5683
ord5873
ord4277
ord2763
ord939
ord940
ord1997
ord5465
ord798
ord5194
ord533
ord925
ord1862
ord4220
ord2584
ord3654
ord2438
ord2450
ord2971
ord4133
ord4297
ord5788
ord472
ord4083
ord2863
ord5787
ord283
ord812
ord5862
ord559
ord5710
ord5651
ord3616
ord3127
ord350
ord6385
ord4396
ord3574
ord2575
ord609
ord4284
ord3573
ord3693
ord2380
ord6199
ord470
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord323
ord1640
ord1641
ord5785
ord6172
ord5875
ord2860
ord5789
ord2818
ord2405
ord640
ord755
ord3571
ord2379
ord2302
ord540
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord4129
ord2985
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord5265
ord2414
ord641
ord3626
ord1182
ord342
ord1253
ord1168
ord800
ord537
ord823
ord825
ord3797
ord3663

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
__CxxFrameHandler
_mbsnbcpy
_CxxThrowException
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
toupper
malloc
free
_stat
fopen
fwrite
fclose
sprintf
strstr
_mbsstr
_mbsinc
_mbclen
_ftol
atoi

kernel32

GetPrivateProfileIntA
GetProcAddress
CreateFileA
WriteFile
CloseHandle
lstrcatA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
lstrlenA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetLastError
LocalFree
GetLocalTime

user32

IsWindow
InvalidateRect
SetTimer
GetClientRect
SendMessageA
PostMessageA
CopyRect
ScreenToClient
EqualRect
GetWindowLongA
ReleaseDC
KillTimer
ClientToScreen
GetParent
GetSysColor
MessageBeep
SetCapture
SetWindowRgn
LoadIconA
DrawFocusRect
SetRect
FillRect
GetWindowTextA
DrawStateA
GetDC
EnableWindow
MessageBoxExA
DestroyIcon
AppendMenuA
GetMenuItemID
ReleaseCapture
PtInRect
SetCursor
SetWindowLongA
InflateRect
CopyIcon
LoadCursorA
GetWindowRect
GetMenuItemCount
GetMenuItemInfoA
GetSubMenu
OffsetRect
DrawIconEx
DrawEdge
GetSystemMetrics
SystemParametersInfoA
LoadImageA
LoadBitmapA
RedrawWindow

gdi32

GetPixel
CreateRectRgn
GetStockObject
GetTextExtentPoint32A
DeleteObject
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
CreateRectRgnIndirect
GetDIBits
CombineRgn
SelectPalette
CreateDCA
GetDIBColorTable
GetBitmapBits
Rectangle
GetTextColor
CreateFontA
PatBlt
CreateDIBitmap
CreateSolidBrush
CreatePen
RoundRect
StretchBlt
GetDeviceCaps
GetObjectA
CreateFontIndirectA
CreateRoundRectRgn
CreateCompatibleDC
RealizePalette
BitBlt
CreateCompatibleBitmap

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

_TrackMouseEvent
ImageList_Draw
ImageList_GetImageInfo

ole32

StgCreateDocfileOnILockBytes
CoInitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal

olepro32

ord251

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString
GetErrorInfo
VariantClear

winmm

sndPlaySoundA

Exports

Exports

??0CCressXML@@QAE@XZ
??0CDlgMessage@@QAE@PAVCWnd@@@Z
??0CDlgResize@@QAE@IPAVCWnd@@@Z
??0CGifBrowser@@QAE@XZ
??0CGifCore@@QAE@XZ
??0CGifPlayer@@QAE@XZ
??0CGifWnd@@QAE@XZ
??0CHash@@QAE@ABV0@@Z
??0CHash@@QAE@K@Z
??0CHash@@QAE@XZ
??0CHyperLink@@QAE@XZ
??0CLibFunc@@QAE@ABV0@@Z
??0CLibFunc@@QAE@XZ
??0CLog@@QAE@ABV0@@Z
??0CLog@@QAE@XZ
??0CMenuXP@@QAE@XZ
??0CPicture2@@QAE@ABV0@@Z
??0CPicture2@@QAE@XZ
??0CResizeBtnEx@@QAE@XZ
??0CResizeButton@@QAE@XZ
??0CXPButton@@QAE@XZ
??0CXPMenu@@QAE@XZ
??1CCressXML@@UAE@XZ
??1CDlgMessage@@UAE@XZ
??1CDlgResize@@UAE@XZ
??1CGifBrowser@@UAE@XZ
??1CGifCore@@UAE@XZ
??1CGifPlayer@@UAE@XZ
??1CGifWnd@@UAE@XZ
??1CHash@@UAE@XZ
??1CHyperLink@@UAE@XZ
??1CLibFunc@@UAE@XZ
??1CLog@@QAE@XZ
??1CMenuXP@@UAE@XZ
??1CPicture2@@UAE@XZ
??1CResizeBtnEx@@UAE@XZ
??1CResizeButton@@UAE@XZ
??1CXPButton@@UAE@XZ
??1CXPMenu@@UAE@XZ
??4CHash@@QAEAAV0@ABV0@@Z
??4CLibFunc@@QAEAAV0@ABV0@@Z
??4CLog@@QAEAAV0@ABV0@@Z
??4CPicture2@@QAEAAV0@ABV0@@Z
??_7CCressXML@@6B@
??_7CDlgMessage@@6B@
??_7CDlgResize@@6B@
??_7CGifBrowser@@6B@
??_7CGifCore@@6B@
??_7CGifPlayer@@6B@
??_7CGifWnd@@6B@
??_7CHash@@6B@
??_7CHyperLink@@6B@
??_7CLibFunc@@6B@
??_7CMenuXP@@6B@
??_7CPicture2@@6B@
??_7CResizeBtnEx@@6B@
??_7CResizeButton@@6B@
??_7CXPButton@@6B@
??_7CXPMenu@@6B@
??_FCDlgMessage@@QAEXXZ
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?AddChild@CCressXML@@QAEXPBD0AAVCString@@1@Z
?AddChilds@CCressXML@@QAEXPBD0PAVCString@@1H@Z
?AddSideBar@CMenuXP@@QAEHPAVCMenuXPSideBar@@@Z
?AppendGiftData@CGifPlayer@@QAEPAU_GIFTANIMATEDATA@@XZ
?AppendODMenu@CMenuXP@@QAEHIPAVCMenuXPItem@@PAUtagACCEL@@@Z
?AppendODPopup@CMenuXP@@QAEHIPAVCMenu@@PAVCMenuXPItem@@@Z
?AppendSeparator@CMenuXP@@QAEHXZ
?Break@CMenuXP@@QAEXXZ
?BreakBar@CMenuXP@@QAEXXZ
?CalcWndRect@CDlgMessage@@MAEXXZ
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?Char2Point@CLibFunc@@SAHPAUtagPOINT@@PBD@Z
?Char2Rect@CLibFunc@@SAHPAUtagRECT@@PBD@Z
?Char2Size@CLibFunc@@SAHPAUtagSIZE@@PBD@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
?CharToInt_16@CLibFunc@@SAJPBDH@Z
?Clear@CMenuXP@@IAEXXZ
?CopyRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?Create@CGifPlayer@@QAEHPAVCWnd@@K@Z
?Create@CGifWnd@@QAEHABUtagRECT@@PAVCWnd@@IK@Z
?CreateFontA@CLibFunc@@SAHAAVCFont@@HHPBD@Z
?CreateGradientBMP@CMenuXP@@IAEPAUHBITMAP__@@PAUHDC__@@KKHHHH@Z
?CtlColor@CHyperLink@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CutString@CLibFunc@@SAHAAVCString@@HHH@Z
?CutString@CLibFunc@@SAHPADHHH@Z
?DefaultFont@CLibFunc@@SAPAVCFont@@XZ
?DeleteAllNode@CCressXML@@QAEXPBD0@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?DeleteNode@CCressXML@@QAEXABVCString@@@Z
?Destroy@CHash@@QAEXXZ
?DestroyWindow@CGifPlayer@@UAEHXZ
?DoDataExchange@CDlgMessage@@MAEXPAVCDataExchange@@@Z
?DoDataExchange@CDlgResize@@MAEXPAVCDataExchange@@@Z
?DoGradientFill@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@PBUtagRECT@@@Z
?Draw@CGifCore@@QAEHPAVCDC@@UtagPOINT@@@Z
?DrawBack@CDlgResize@@UAEXPAVCDC@@PBUtagRECT@@@Z
?DrawBackGround@CMenuXP@@MAEXPAVCDC@@VCRect@@HH@Z
?DrawBgClr@CXPMenu@@QAEXPAVCDC@@VCRect@@H@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?DrawBorderSpecial@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HHK@Z
?DrawBtnFace@CResizeBtnEx@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFace@CResizeButton@@UAEXPAVCDC@@UtagPOINT@@I@Z
?DrawBtnFaceEx@CResizeButton@@QAEXPAVCDC@@UtagPOINT@@1I@Z
?DrawButton@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@0UtagPOINT@@1HHUtagSIZE@@H@Z
?DrawCaption@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@2HHUtagSIZE@@H@Z
?DrawCheckMark@CMenuXP@@MAEXPAVCDC@@VCRect@@H@Z
?DrawColor2GrayScale@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HH@Z
?DrawEmbossed@CMenuXP@@IAEXPAVCDC@@PAUHICON__@@VCRect@@HH@Z
?DrawFrame@CGifCore@@QAEXPAVCDC@@H@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@0PBUtagRECT@@1@Z
?DrawHollowRect@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@PBUtagRECT@@2@Z
?DrawIcon@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHICON__@@HHH@Z
?DrawIcon@CXPMenu@@QAEXPAVCDC@@VCRect@@IIH@Z
?DrawIconArea@CMenuXP@@MAEXPAVCDC@@VCRect@@HHH@Z
?DrawImage@CXPMenu@@QAEXPAVCDC@@AAVCRect@@PAVCImageList@@HH@Z
?DrawInsideBorder@CXPButton@@UAEXPAVCDC@@PAVCRect@@@Z
?DrawItem@CMenuXP@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CResizeButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPButton@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CXPMenu@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawMenuText@CMenuXP@@MAEXAAVCDC@@VCRect@@VCString@@K@Z
?DrawNumberEx@CLibFunc@@SAXPAVCDC@@PAVCBitmap@@HHHHHHHKH@Z
?DrawSeparator@CXPMenu@@QAEXPAVCDC@@VCRect@@@Z
?DrawSideBar@CMenuXP@@MAEXPAVCDC@@VCRect@@PAUHICON__@@VCString@@@Z
?DrawTextA@CLibFunc@@SAHPAVCDC@@PBDHVCRect@@IH@Z
?DrawTextA@CMenuXP@@MAEXPAVCDC@@VCRect@@VCString@@HHH@Z
?DrawTextA@CXPMenu@@QAEXPAVCDC@@VCRect@@VCString@@@Z
?DrawTitle@CDlgResize@@MAEXPAVCDC@@@Z
?DrawTitle@CLibFunc@@SAXPAVCDC@@HHHHPAVCBitmap@@HHH@Z
?EndDialog@CDlgMessage@@IAEXH@Z
?FillRect@CMenuXP@@IAEXPAVCDC@@ABVCRect@@K@Z
?FindFirst@CHash@@QAEXH@Z
?FindGiftData@CGifPlayer@@QBEPAU_GIFTANIMATEDATA@@H@Z
?FindNext@CHash@@QAEPAXPAPAD@Z
?FindNext@CHash@@QAEPAXXZ
?FindSubMenuFromID@CMenuXP@@QAEPAV1@K@Z
?FinishedSence@CGifPlayer@@IAEXXZ
?FirstLetter@CLibFunc@@SAXHAAVCString@@@Z
?FreePictureData@CPicture2@@QAEXXZ
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetAutoSize@CHyperLink@@QBEHXZ
?GetBkColor@CGifCore@@QBEKXZ
?GetCurGifCore@CGifPlayer@@QBEPAVCGifCore@@XZ
?GetCurRgn@CGifCore@@QBEHAAVCRgn@@@Z
?GetCurTime@CLog@@QAEXAAVCString@@@Z
?GetCurrentPos@CHash@@QAEHXZ
?GetDelay@CGifCore@@QBEHXZ
?GetFirst@CHash@@QAEPAXH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?GetFirstLetter@CLibFunc@@SAXPBDAAVCString@@@Z
?GetFrameCount@CGifCore@@QBEHXZ
?GetFullXMLToString@CCressXML@@QAE?AVCString@@XZ
?GetHashArrayNum@CHash@@QAEKXZ
?GetHashItemNum@CHash@@QAEHXZ
?GetHeight@CResizeButton@@QBEHXZ
?GetHoverColour@CHyperLink@@QBEKXZ
?GetLinkColour@CHyperLink@@QBEKXZ
?GetLinkCursor@CHyperLink@@QBEPAUHICON__@@XZ
?GetLoadError@CCressXML@@QAEHXZ
?GetMessageMap@CDlgMessage@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CDlgResize@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifBrowser@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifPlayer@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CGifWnd@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CHyperLink@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CResizeButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CXPButton@@MBEPBUAFX_MSGMAP@@XZ
?GetMilliseconds@CLibFunc@@SAJABU_SYSTEMTIME@@0@Z
?GetNexNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@V2@@Z
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetNextBlock@CGifCore@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CGifCore@@IBEHXZ
?GetNextGraphicBlock@CGifCore@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetNodeNum@CCressXML@@QAEHPBD@Z
?GetNodeText@CCressXML@@QAE?AVCString@@XZ
?GetRegKey@CHyperLink@@KAJPAUHKEY__@@PBDPAD@Z
?GetRgnFromImage@CLibFunc@@SAXPAVCDC@@AAVCRgn@@PAVCBitmap@@K@Z
?GetRuntimeClass@CMenuXP@@UBEPAUCRuntimeClass@@XZ
?GetSize@CGifCore@@QBE?AUtagSIZE@@XZ
?GetSize@CPicture2@@QBE?AVCSize@@XZ
?GetSize@CResizeButton@@QBE?AUtagSIZE@@XZ
?GetSubBlocksLen@CGifCore@@IBEII@Z
?GetURL@CHyperLink@@QBE?AVCString@@XZ
?GetUnderline@CHyperLink@@QBEHXZ
?GetUpperDirectory@CLibFunc@@SAHPBDAAVCString@@H@Z
?GetValueByIndex@CCressXML@@QAE?AVCString@@H@Z
?GetValueByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetVisited@CHyperLink@@QBEHXZ
?GetVisitedColour@CHyperLink@@QBEKXZ
?GetWidth@CResizeButton@@QBEHXZ
?GetXMLByName@CCressXML@@QAE?AVCString@@PBD@Z
?GetXMLToString@CCressXML@@QAE?AVCString@@XZ
?GotoURL@CHyperLink@@SAPAUHINSTANCE__@@PBDH@Z
?HashFun@CHash@@IAEKJAAK@Z
?HashFun@CHash@@IAEKPBDAAK@Z
?InitCtrlSkin@CDlgMessage@@MAEXXZ
?InitCtrlSkin@CDlgResize@@MAEXXZ
?InitItem@CDlgMessage@@IAEXXZ
?InitParam@CHash@@QAEHXZ
?InitToolTip@CResizeButton@@IAEXI@Z
?InsertItem@CHash@@QAEHJPAX@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?IsAnimatedGIF@CGifCore@@QBEHXZ
?IsGIF@CGifCore@@QBEHXZ
?IsInQueque@CGifPlayer@@IBEHHJ@Z
?IsLoadPicture@CPicture2@@QBEHXZ
?IsPlaying@CGifCore@@QBEHXZ
?IsPlaying@CGifPlayer@@QBEHXZ
?IsSubtract@CLibFunc@@SAHUtagPOINT@@UtagSIZE@@00@Z
?Load@CGifCore@@QAEHPAXK@Z
?Load@CGifCore@@QAEHPBD0@Z
?Load@CGifCore@@QAEHPBD@Z
?Load@CPicture2@@QAEHIPBD@Z
?Load@CPicture2@@QAEHVCString@@@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?LoadFile@CCressXML@@QAEHPBD@Z
?LoadGif@CGifWnd@@QAEHPBD@Z
?LoadGifEx@CGifBrowser@@QAEHPBDH@Z
?LoadGiftData@CGifPlayer@@QAEHPAU_GIFTANIMATEDATA@@HPBDH@Z
?LoadPictureData@CPicture2@@QAEHPBEH@Z
?LoadStringsFromFile@CLibFunc@@SAXPBDPAVCString@@H@Z
?LoadXML@CCressXML@@QAEHPBD@Z
?MeasureItem@CMenuXP@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CXPMenu@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?OnBtnDlgClose@CDlgResize@@IAEXXZ
?OnBtnDlgMin@CDlgResize@@IAEXXZ
?OnBtnDlgNormal@CDlgResize@@IAEXXZ
?OnCancel@CDlgMessage@@MAEXXZ
?OnClicked@CHyperLink@@IAEXXZ
?OnCloseResize@CDlgMessage@@MAEXH@Z
?OnCloseResize@CDlgResize@@MAEXH@Z
?OnCreate@CGifPlayer@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnDestroy@CDlgResize@@IAEXXZ
?OnEraseBkgnd@CDlgResize@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifPlayer@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CGifWnd@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CResizeButton@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CXPButton@@IAEHPAVCDC@@@Z
?OnInitDialog@CDlgMessage@@MAEHXZ
?OnInitDialog@CDlgResize@@MAEHXZ
?OnLButtonDown@CDlgMessage@@IAEXIVCPoint@@@Z
?OnMenuChar@CMenuXP@@SAJIIPAVCMenu@@@Z
?OnMouseHover@CXPButton@@IAEJIJ@Z
?OnMouseLeave@CResizeButton@@IAEJIJ@Z
?OnMouseLeave@CXPButton@@IAEJIJ@Z
?OnMouseMove@CHyperLink@@IAEXIVCPoint@@@Z
?OnMouseMove@CResizeButton@@IAEXIVCPoint@@@Z
?OnMouseMove@CXPButton@@IAEXIVCPoint@@@Z
?OnNcHitTest@CDlgResize@@IAEIVCPoint@@@Z
?OnNo@CDlgMessage@@MAEXXZ
?OnOK@CDlgMessage@@MAEXXZ
?OnPaint@CDlgMessage@@IAEXXZ
?OnPaint@CDlgResize@@IAEXXZ
?OnPaint@CGifBrowser@@IAEXXZ
?OnPaint@CGifPlayer@@IAEXXZ
?OnPaint@CGifWnd@@IAEXXZ
?OnSetCursor@CHyperLink@@IAEHPAVCWnd@@II@Z
?OnSetFocus@CGifPlayer@@IAEXPAVCWnd@@@Z
?OnSize@CDlgResize@@IAEXIHH@Z
?OnSizing@CDlgResize@@IAEXIPAUtagRECT@@@Z
?OnTimer@CDlgMessage@@IAEXI@Z
?OnTimer@CGifPlayer@@IAEXI@Z
?OnTimer@CGifWnd@@IAEXI@Z
?OnYes@CDlgMessage@@MAEXXZ
?OrientationItem@CDlgMessage@@MAEXHH@Z
?OrientationItem@CDlgResize@@MAEXHH@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?PaintToDC@@YAXPAVCDC@@PBUtagRECT@@PAVCBitmap@@HH@Z
?PositionWindow@CHyperLink@@IAEXXZ
?PreCreateWindow@CDlgResize@@MAEHAAUtagCREATESTRUCTA@@@Z
?PreSubclassWindow@CHyperLink@@MAEXXZ
?PreSubclassWindow@CResizeButton@@MAEXXZ
?PreSubclassWindow@CXPButton@@MAEXXZ
?PreTranslateMessage@CHyperLink@@UAEHPAUtagMSG@@@Z
?PreTranslateMessage@CResizeButton@@MAEHPAUtagMSG@@@Z
?PrepareDC@CGifCore@@IAEHHH@Z
?QueryItem@CHash@@QAEPAXJ@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?RemoveRectFromRgn@CLibFunc@@SAXAAVCRgn@@QAUtagRECT@@@Z
?ReplaceBtnFace@CResizeButton@@QAEHPAVCBitmap@@@Z
?ReportError@CHyperLink@@IAEXH@Z
?ResetDataPointer@CGifCore@@IAEXXZ
?ResetIconIndex@CResizeButton@@QAEXH@Z
?ResetSrcOffset@CResizeBtnEx@@QAEXUtagPOINT@@@Z
?SaveAsBitmap@CPicture2@@QAEHVCString@@@Z
?SaveBitmap2File@CLibFunc@@SAHPBDPAUHBITMAP__@@@Z
?SaveCurrentFace@@YAXPAVCDC@@AAPAVCBitmap@@HH@Z
?SaveCurrentFace@@YAXPAVCDC@@AAVCBitmap@@HH@Z
?SaveFile@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?SelectNodeToList@CCressXML@@QAEHV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@PBD@Z
?SetAttrValue@CCressXML@@QAEXPBD0@Z
?SetAutoSize@CHyperLink@@QAEXH@Z
?SetBackBitmap@CMenuXP@@QAEXPAUHBITMAP__@@@Z
?SetBackColor@CMenuXP@@QAEXK@Z
?SetBackData@CDlgResize@@QAEXPAVCBitmap@@UtagSIZE@@HK@Z
?SetBkColor@CGifBrowser@@QAEXK@Z
?SetBkColor@CGifCore@@QAEXK@Z
?SetBkColor@CGifWnd@@QAEXK@Z
?SetBoldTitle@CDlgResize@@QAEXH@Z
?SetBoldTitle@CResizeButton@@QAEXH@Z
?SetBtnText@CDlgMessage@@QAEXPBD00@Z
?SetButtonRes@CDlgMessage@@QAEXPAVCBitmap@@HHH@Z
?SetCenterPoint@CGifPlayer@@IAEXUtagPOINT@@PAVCGifCore@@@Z
?SetColours@CHyperLink@@QAEXKKK@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?SetCurFaceEx@CResizeBtnEx@@QAEHPAVCBitmap@@UtagPOINT@@HHHHH@Z
?SetCurFont@CDlgResize@@QAEXPAVCFont@@@Z
?SetDefaultCursor@CHyperLink@@IAEXXZ
?SetDisabledTextColor@CMenuXP@@QAEXK@Z
?SetDrawTitle@CResizeButton@@QAEXH@Z
?SetIconAreaColor@CMenuXP@@QAEXK@Z
?SetIconBitmap@CResizeButton@@QAEXPAVCBitmap@@HHHH@Z
?SetIconBmp@CDlgResize@@QAEXPAVCBitmap@@HH@Z
?SetLinkCursor@CHyperLink@@QAEXPAUHICON__@@@Z
?SetLogPath@CLog@@QAEXPBD0@Z
?SetMenuFont@CMenuXP@@QAEHUtagLOGFONTA@@@Z
?SetMenuItemSize@CXPMenu@@QAEXHH@Z
?SetMenuItemSize@CXPMenu@@QAEXUtagSIZE@@@Z
?SetMenuStyle@CMenuXP@@QAEXW4MENUSTYLE@1@@Z
?SetModelType@CDlgMessage@@QAEXHHHH@Z
?SetMsgColor@CDlgMessage@@QAEXK@Z
?SetMsgTextIntervalBorder@CDlgMessage@@QAEXEEEE@Z
?SetPictureData@CMenuXP@@QAEXPAEH@Z
?SetPlayEffect@CGifPlayer@@QAEXH@Z
?SetPlaySound@CGifPlayer@@QAEXH@Z
?SetResPath@CGifPlayer@@QAEXPBD@Z
?SetResize@CDlgResize@@QAEXH@Z
?SetRoundRect@CDlgResize@@QAEXH@Z
?SetSelectedBarColor@CMenuXP@@QAEXK@Z
?SetSelectedTextColor@CMenuXP@@QAEXK@Z
?SetSideBarEndColor@CMenuXP@@QAEXK@Z
?SetSideBarStartColor@CMenuXP@@QAEXK@Z
?SetTextColor@CMenuXP@@QAEXK@Z
?SetTitleColor@CDlgResize@@QAEXK@Z
?SetTitleColor@CResizeButton@@QAEXK@Z
?SetTitlePoint@CDlgResize@@QAEXHH@Z
?SetToolTipText@CResizeButton@@QAEXPBDHI@Z
?SetTransparent@CResizeButton@@QAEXH@Z
?SetTransparentAlpha@CLibFunc@@SAXPAVCWnd@@EK@Z
?SetURL@CHyperLink@@QAEXVCString@@@Z
?SetUnderline@CHyperLink@@QAEXH@Z
?SetVisited@CHyperLink@@QAEXH@Z
?SetWndMinSize@CDlgResize@@QAEXUtagSIZE@@@Z
?SetXMLTitle@CCressXML@@QAEXPBD@Z
?Show@CPicture2@@QAEHPAVCDC@@HHHH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCPoint@@1HH@Z
?Show@CPicture2@@QAEHPAVCDC@@VCRect@@@Z
?ShowBitmapResource@CPicture2@@QAEHPAVCDC@@HVCPoint@@@Z
?ShowMessage@CDlgMessage@@QAEHPBD0HH@Z
?ShowPart@CPicture2@@QAEHPAVCDC@@HHHHHHHH@Z
?Size2Content@CResizeButton@@QAEXXZ
?Size2Gif@CGifPlayer@@QAEXPAVCGifCore@@@Z
?SkipNextBlock@CGifCore@@IAEHXZ
?SkipNextGraphicBlock@CGifCore@@IAEHXZ
?StartPlay1@CGifPlayer@@QAEHUtagPOINT@@0HPBDHH@Z
?StartPlay3@CGifPlayer@@QAEHUtagPOINT@@0HPBDJPBJ@Z
?StartPlayEx@CGifPlayer@@QAEHUtagPOINT@@0HPBDHHHJPBJ@Z
?StepFrame@CGifCore@@QAEHXZ
?Stop@CGifCore@@QAEXXZ
?ToggleSence@CGifPlayer@@IAEXH@Z
?TransInt2Char_Comma@CLibFunc@@SAXJAAVCString@@@Z
?TransVersionA2I@CLibFunc@@SAKPBD@Z
?TransVersionI2A@CLibFunc@@SA?AVCString@@K@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@1HHHHH@Z
?TransparentBMP@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@HHHHHH@Z
?TransparentBlt2@@YAXPAUHDC__@@HHHH0HHHHI@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
?TransparentToDC@@YAXPAVCDC@@HHPAVCBitmap@@K@Z
?TransparentToDC@@YAXPAVCDC@@UtagRECT@@PAVCBitmap@@1K@Z
?UnLoad@CGifCore@@QAEXXZ
?UpdateSizeOnDC@CPicture2@@QAEHPAVCDC@@@Z
?Visite@CHyperLink@@QAEXVCString@@@Z
?_GetBaseClass@CMenuXP@@KGPAUCRuntimeClass@@XZ
?_GetBaseMessageMap@CDlgMessage@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CDlgResize@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifBrowser@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifPlayer@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CGifWnd@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CHyperLink@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CResizeButton@@KGPBUAFX_MSGMAP@@XZ
?_GetBaseMessageMap@CXPButton@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CDlgMessage@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CDlgResize@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifBrowser@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifPlayer@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CGifWnd@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CHyperLink@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CResizeButton@@0QBUAFX_MSGMAP_ENTRY@@B
?_messageEntries@CXPButton@@0QBUAFX_MSGMAP_ENTRY@@B
?classCMenuXP@CMenuXP@@2UCRuntimeClass@@B
?g_Log@@3VCLog@@A
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?loadbmpS@@YAXABVCString@@AAVCBitmap@@PAH2@Z
?loadbmpS@@YAXIAAVCBitmap@@PAH1@Z
?messageMap@CDlgMessage@@1UAFX_MSGMAP@@B
?messageMap@CDlgResize@@1UAFX_MSGMAP@@B
?messageMap@CGifBrowser@@1UAFX_MSGMAP@@B
?messageMap@CGifPlayer@@1UAFX_MSGMAP@@B
?messageMap@CGifWnd@@1UAFX_MSGMAP@@B
?messageMap@CHyperLink@@1UAFX_MSGMAP@@B
?messageMap@CResizeButton@@1UAFX_MSGMAP@@B
?messageMap@CXPButton@@1UAFX_MSGMAP@@B

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DDVEC.dll
.dll windows:4 windows x86 arch:x86

ca5fb99e980e62a1857a755349a73a5c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e9:63:54:19:91:42:77:c8:5e:a9:eb:9f:1d:65:f1:f3:35:22:ca:86
Signer

Actual PE Digest

e9:63:54:19:91:42:77:c8:5e:a9:eb:9f:1d:65:f1:f3:35:22:ca:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord4486
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord800
ord860
ord540
ord354
ord823
ord2915
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6375
ord3831
ord4274
ord269
ord826
ord600
ord1578
ord6467
ord1116

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
__CxxFrameHandler

kernel32

LocalFree
LocalAlloc

Exports

Exports

??0DE_DLL@@QAE@ABV0@@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
??4DE_DLL@@QAEAAV0@ABV0@@Z
??_7DE_DLL@@6B@
?DC_File@DE_DLL@@QAEHPBD0@Z
?EC_File@DE_DLL@@QAEHPBD0@Z

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DownLoad.exe
.exe windows:4 windows x86 arch:x86

96a3b5a123e16e0d9c5351379038fd3e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

85:aa:d2:83:0f:7b:ea:4e:d7:d8:fd:3b:e4:ec:e7:86:16:43:94:db
Signer

Actual PE Digest

85:aa:d2:83:0f:7b:ea:4e:d7:d8:fd:3b:e4:ec:e7:86:16:43:94:db

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4998
ord4710
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord3571
ord3711
ord3402
ord783
ord800
ord860
ord4224
ord1146
ord1168
ord540
ord2135
ord6650
ord6591
ord6807
ord6857
ord6823
ord6855
ord6832
ord6859
ord6867
ord6847
ord6814
ord6839
ord6846
ord6858
ord6816
ord6815
ord6812
ord6845
ord6856
ord4589
ord4588
ord4899
ord4370
ord4892
ord6817
ord5076
ord4340
ord4347
ord4720
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord6054
ord5281
ord3748
ord1725
ord5260
ord6614
ord6691
ord4432
ord6514
ord818
ord2841
ord2302
ord2614
ord2107
ord535
ord4299
ord6199
ord6215
ord2112
ord2864
ord4277
ord2763
ord537
ord858
ord4129
ord5683
ord5572
ord2919
ord3626
ord2863
ord2915
ord2393
ord941
ord5356
ord5808
ord1075
ord5204
ord6059
ord3229
ord389
ord823
ord755
ord470
ord2818
ord3706
ord924
ord4853
ord2764
ord2566
ord4133
ord4297
ord5788
ord472
ord2753
ord922
ord5148
ord3752
ord3089
ord6128
ord3874
ord939
ord6803
ord2642
ord640
ord2405
ord5789
ord6172
ord5785
ord1640
ord323
ord5450
ord5440
ord6383
ord6394
ord6877
ord6930
ord4278
ord3584
ord543
ord803
ord3790
ord5651
ord3616
ord665
ord3127
ord1979
ord6010
ord5186
ord350
ord354
ord6385
ord5645
ord5583
ord6597
ord6800
ord6478
ord6880
ord6453
ord6699
ord6835
ord1228
ord6663
ord809
ord556
ord1088
ord2122
ord3797
ord2859
ord1200
ord926
ord1949
ord4034
ord2820
ord3811
ord3663
ord825
ord567
ord1641
ord795
ord3721
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord4376
ord5265
ord1134
ord2621
ord2514
ord815
ord561
ord3738
ord4622
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord5277
ord2379
ord2385
ord6374
ord5875
ord2860
ord3619
ord4275
ord6197
ord2414
ord5163
ord5241
ord4407
ord1776
ord4078
ord4160
ord6055
ord1576

msvcrt

_XcptFilter
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_mbsrchr
_mbsstr
strstr
_ltoa
_mbsnbicmp
vsprintf
_mbsicmp
fopen
fread
fclose
_purecall
_ftol
sprintf
_mbscmp
atol
atoi
__CxxFrameHandler
_setmbcp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_exit

kernel32

IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
SetUnhandledExceptionFilter
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
LeaveCriticalSection
CreateFileA
GetLastError
SetFilePointer
WriteFile
FlushFileBuffers
EnterCriticalSection
SetEvent
GetExitCodeThread
TerminateThread
CloseHandle
WaitForSingleObject
Sleep
CreateEventA
CreateThread
DeleteCriticalSection
InitializeCriticalSection
CopyFileA
DeleteFileA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetTickCount
GetPrivateProfileStringA
GetModuleFileNameA
OutputDebugStringA
GetStartupInfoA

user32

wvsprintfA
CopyIcon
PostMessageA
ReleaseDC
SetTimer
LoadIconA
LoadCursorA
SendMessageA
InflateRect
SetWindowLongA
FindWindowA
ReleaseCapture
SetCursor
GetDC
RedrawWindow
SetCapture
MessageBeep
GetSysColor
GetParent
GetWindowRect
LoadImageA
IsWindowVisible
IsWindow
SetRect
OffsetRect
PtInRect
InvalidateRect
ShowScrollBar
SetWindowRgn
MessageBoxA
KillTimer
SetWindowPos
DestroyIcon
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
EnableWindow

gdi32

GetTextExtentPoint32A
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
CreateRoundRectRgn
CreateFontA
GetObjectA
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA

comctl32

_TrackMouseEvent

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

ws2_32

setsockopt
recv
htons
connect
closesocket
socket
WSAGetLastError
inet_addr
gethostbyname
inet_ntoa
WSACleanup
WSAStartup
send

ddvec

?EC_File@DE_DLL@@QAEHPBD0@Z
??0DE_DLL@@QAE@XZ
??1DE_DLL@@UAE@XZ
?DC_File@DE_DLL@@QAEHPBD0@Z

ddvctrllib

??0CCressXML@@QAE@XZ
?LoadFile@CCressXML@@QAEHPBD@Z
?PaintToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HH@Z
?SelectNodeToList@CCressXML@@QAEHPBD@Z
?QueryNode@CCressXML@@QAE?AV?$_com_ptr_t@V?$_com_IIID@UIXMLDOMNode@MSXML2@@$1?_GUID_2933bf80_7b36_11d2_b20e_00c04f983e60@@3U__s_GUID@@A@@@@H@Z
?DrawBorder@CLibFunc@@SAXPAVCDC@@AAVCBitmap@@UtagPOINT@@UtagSIZE@@3HK@Z
?ADD_Log@CLog@@QAEXABVCString@@H@Z
?ADD_Log@CLog@@QAEXPBDHH@Z
?TransparentToDC@@YAXPAVCDC@@HHHHPAVCBitmap@@HHHHK@Z
??1CCressXML@@UAE@XZ
?loadbmpS@@YAHPBDAAVCBitmap@@@Z
?SetCurFace@CResizeButton@@QAEXPAVCBitmap@@HHH@Z
?LoadBitmapA@CResizeButton@@QAEHPBDHHH@Z
?Char2IntEx@CLibFunc@@SAHPBDPAHAAH@Z
?CharToColor@CLibFunc@@SAKPBDH@Z
??1CResizeButton@@UAE@XZ
??0CResizeButton@@QAE@XZ
?SetLogPath@CLog@@QAEXPBD0@Z
?g_Log@@3VCLog@@A
?GetAttrValueByName@CCressXML@@QAE?AVCString@@PBD@Z

wininet

InternetGetConnectedState

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DynamicEffects.dll
.dll windows:4 windows x86 arch:x86

395bb9cba154671e4fd27a7635c5725f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:a3:e8:5e:7e:f6:ba:e2:59:df:ff:57:9d:7c:b5:3c:b5:21:4b:77
Signer

Actual PE Digest

81:a3:e8:5e:7e:f6:ba:e2:59:df:ff:57:9d:7c:b5:3c:b5:21:4b:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundW

mfc42

ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord825
ord800
ord823
ord2818
ord540
ord1105
ord1200
ord860
ord941
ord537
ord2379
ord4299
ord4278
ord858
ord922
ord539
ord535
ord923
ord2864
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord3259
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord5683
ord2725
ord1187
ord6605
ord924
ord798
ord1997
ord6392
ord5194
ord533
ord4129
ord1949
ord818
ord567
ord4275
ord6442
ord1168
ord4277
ord2764
ord6453
ord6215
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord1116
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord1176
ord4079

msvcrt

_initterm
malloc
_adjust_fdiv
free
_onexit
_purecall
_CIpow
time
srand
rand
atoi
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_beginthreadex
_ftol
__CxxFrameHandler
wcscpy
__dllonexit
??1type_info@@UAE@XZ
_mbscmp
exit
localtime
strftime
puts

kernel32

GetExitCodeThread
TerminateThread
CloseHandle
OutputDebugStringA
GetLastError
lstrlenA
WaitForSingleObject
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
LocalAlloc
GetModuleFileNameA
GetFileAttributesA
CreateDirectoryA
GetVersionExA
GetPrivateProfileIntA
MultiByteToWideChar
Sleep
WritePrivateProfileStringA

user32

IsIconic
SetWindowPos
DefWindowProcA
GetClassInfoExA
UnregisterClassA
RegisterClassExA
IsWindowVisible
SetCursor
GetWindowRect
GetWindowLongA
SetWindowLongA
GetCursorPos
ScreenToClient
PtInRect
LoadCursorA
SetTimer
GetDesktopWindow
SetRectEmpty
EnableWindow
PostMessageA
GetClientRect
IsWindow
GetDC
ReleaseDC
CopyRect
KillTimer

gdi32

DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject

ole32

StgIsStorageFile
StgOpenStorage
StringFromGUID2
CoTaskMemFree

gdiplus

GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawImageI
GdipLoadImageFromStream
GdipDeleteBrush
GdipFillPath
GdipCreateSolidFill
GdipSetPenLineJoin
GdipCloneBrush
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRectI
GdipScaleWorldTransform
GdipCreateFontFamilyFromName
GdipCreateStringFormat
GdipCreatePen1
GdipSetPenColor
GdipCreatePath
GdipAddPathStringI
GdipDrawPath
GdipDeletePath
GdipDeletePen
GdipDeleteStringFormat
GdipDeleteFontFamily
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertySize
GdipGetPropertyItem
GdipDrawImageRectRect
GdipCloneImage
GdipDisposeImage
GdipFree
GdipCreateFromHDC
GdipDrawImageRectI
GdipReleaseDC
GdipDeleteGraphics
GdipAlloc
GdipLoadImageFromFile
GdipImageGetFrameDimensionsCount

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0logic_error@std@@QAE@ABV01@@Z

shlwapi

PathFileExistsW

msimg32

AlphaBlend

Exports

Exports

CreateDEManage

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Guide1.xml
.xml
Guide2.xml
.xml
HardwareINFO.dll
.dll windows:4 windows x86 arch:x86

5c15a01e5615454df0d857bb5d0a6da5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

30:3e:8e:6f:d8:24:ed:6f:3b:3c:94:2e:2f:4f:83:90:ea:b2:d5:ed
Signer

Actual PE Digest

30:3e:8e:6f:d8:24:ed:6f:3b:3c:94:2e:2f:4f:83:90:ea:b2:d5:ed

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord5307
ord3738
ord561
ord815
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1116
ord1253
ord1255
ord6467
ord1578
ord600
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord4486
ord2554
ord6375
ord4274
ord4424
ord825
ord826
ord269

msvcrt

free
atoi
sprintf
_beginthreadex
_except_handler3
malloc
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
??2@YAPAXI@Z
__CxxFrameHandler
_local_unwind2
__dllonexit

kernel32

LocalFree
GetModuleHandleA
GetProcAddress
GetTickCount
SetEvent
Sleep
CreateEventA
WaitForSingleObject
CloseHandle
LocalAlloc

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

HD_End
HD_GetCpuFrq
HD_GetCpuINFO
HD_Start

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Head/superbomb.png
.png
IMClient.dll
.dll windows:4 windows x86 arch:x86

2ea43d58995de055d1b4868b627f9417

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:38:99:48:30:88:14:f6:1e:2c:28:d8:5a:ab:20:42:6c:de:98:b1
Signer

Actual PE Digest

65:38:99:48:30:88:14:f6:1e:2c:28:d8:5a:ab:20:42:6c:de:98:b1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

??1CUIListCtrlEx@@UAE@XZ
?PreSubclassWindow@CUIListCtrlBaseTemplate@@MAEXXZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?AddGraph@CCarveGraph@@UAEHPAV1@@Z
?RemoveGraph@CCarveGraph@@UAEHPAV1@@Z
??0CUIListCtrlEx@@QAE@XZ
?SetGraphParameters@CCarveGraph@@UAEHXZ
?InitCarveGraph@CCarveGraph@@UAEHXZ
?CarveGraphGround@CCarveGraph@@UAEHPAVCDC@@@Z
?CarveGraphDrawItem@CCarveGraph@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?IsGraphSupportCurrentControl@CCarveGraph@@UAEHXZ
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
??0CMenuEx@@QAE@XZ
?SetBackColor@CMenuEx@@QAEXK@Z
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
??1CMenuEx@@UAE@XZ
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
??0CUINoRegularButtonTemplate@@QAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
?OnLButtonDown@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?GetCurrentGraph@CCarveGraph@@UAEPAV1@XZ
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetColor@CColorStatic@@QAEXKKK@Z
?SetBold@CColorStatic@@QAEX_N@Z
??1CColorStatic@@UAE@XZ
??0CColorStatic@@QAE@XZ
??0CUIButtonTemplate@@QAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??1CCarveGraph@@UAE@XZ

mfc42

ord4317
ord2753
ord6055
ord4078
ord1776
ord4407
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3742
ord825
ord800
ord2763
ord2818
ord540
ord535
ord755
ord2567
ord470
ord4299
ord2379
ord537
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5241
ord3136
ord4425
ord3597
ord641
ord860
ord324
ord2302
ord4234
ord4710
ord858
ord941
ord2820
ord3811
ord926
ord924
ord922
ord4278
ord4129
ord5710
ord939
ord6877
ord6663
ord925
ord2764
ord5280
ord3663
ord823
ord665
ord354
ord6779
ord1979
ord5186
ord6385
ord773
ord501
ord804
ord686
ord609
ord1083
ord1768
ord6215
ord6785
ord2086
ord1168
ord4284
ord5683
ord2566
ord5981
ord4277
ord567
ord818
ord4275
ord2078
ord3693
ord3626
ord2414
ord4133
ord4297
ord5788
ord1641
ord5600
ord6199
ord2642
ord2754
ord6241
ord3402
ord3571
ord2135
ord2864
ord2405
ord5785
ord640
ord5875
ord1640
ord323
ord2574
ord3572
ord2575
ord4396
ord3574
ord556
ord809
ord1793
ord1088
ord2122
ord2859
ord6197
ord6172
ord3706
ord3089
ord1253
ord342
ord1182
ord6438
ord5607
ord2862
ord3092
ord3996
ord4287
ord5572
ord2915
ord6270
ord1644
ord998
ord5621
ord6605
ord4204
ord6134
ord6648
ord3763
ord3874
ord2803
ord2639
ord3573
ord2860
ord6021
ord3920
ord6880
ord3708
ord781
ord4220
ord2584
ord3654
ord2438
ord1756
ord3719
ord793
ord3619
ord2452
ord2645
ord3283
ord1269
ord6200
ord6136
ord2935
ord2516
ord361
ord3061
ord3767
ord1200
ord1601
ord3005
ord1233
ord4123
ord861
ord2688
ord3721
ord795
ord5789
ord3797
ord4402
ord3640
ord4243
ord6905
ord3301
ord6762
ord6696
ord283
ord1949
ord4034
ord4538
ord3394
ord2587
ord4406
ord3729
ord384
ord4267
ord5787

msvcrt

_CxxThrowException
__CxxFrameHandler
_mbscmp
atoi
sprintf
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv

kernel32

GetLastError
lstrcmpA
OutputDebugStringA
GetVersion
Sleep
FormatMessageA
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary
CreateDirectoryA
GetFileAttributesA
lstrlenA
GetModuleFileNameA
GetModuleHandleA
MultiByteToWideChar
InterlockedDecrement

user32

SetWindowLongA
GetDesktopWindow
GetWindowRect
SetWindowRgn
ReleaseDC
InvalidateRect
GetWindowDC
GetParent
ScreenToClient
SetCursor
LoadImageA
SetWindowPos
IsWindowVisible
GetWindowLongA
PtInRect
GetCursorPos
WindowFromPoint
IsChild
SendMessageA
IsIconic
FlashWindow
SetForegroundWindow
ClientToScreen
CreatePopupMenu
FillRect
GetClientRect
InflateRect
EnableWindow
IsWindow
GetDC
PostMessageA
DrawStateA
GetWindowTextA
CopyRect
EnableMenuItem
AppendMenuA
SetCapture
ReleaseCapture
SetTimer
KillTimer
wsprintfA
RedrawWindow
GetWindow
GetClassNameA
OffsetRect
GetFocus
LoadCursorA

gdi32

CreateRectRgn
CreateDIBitmap
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetStockObject
StretchBlt
GetMapMode
CreateSolidBrush
DeleteObject
DeleteDC
CombineRgn
SetBkColor
CreateFontA
RoundRect
SetDIBits
GetDIBits
FillPath
EndPath
Ellipse
BeginPath
CreateCompatibleBitmap
CreateBitmap
GetPixel
Rectangle
CreateCompatibleDC
GetObjectA
BitBlt
CreatePen
SetTextColor

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

_TrackMouseEvent
ImageList_Draw

ole32

OleRun
CoCreateInstance
CoInitialize
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
OleSetContainedObject
CoInitializeEx

oleaut32

SafeArrayGetUBound
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocString
VariantInit
SysFreeString
VariantClear
GetErrorInfo
SafeArrayGetLBound

publictool

?QueryItem@CHash@@QAEPAXJ@Z
??1CxImageEx@@UAE@XZ
?GetBits@CxImageEx@@QAEPAEK@Z
?InsertItem@CHash@@QAEHJPAX@Z
?Load@CxImageEx@@QAE_NPBDK@Z
??0CxImageEx@@QAE@K@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?GetHashItemNum@CHash@@QAEHXZ
??1CHash@@UAE@XZ
??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXXZ
?GetDIB@CxImageEx@@QBEPAXXZ

Exports

Exports

??0CCarveGraph@@QAE@ABV0@@Z
??4CCarveGraph@@QAEAAV0@ABV0@@Z
??_7CCarveGraph@@6B@
?FlagControlHaveSkin@CAppSysOperation@@QAEXH@Z
?GetCheckButtonChecked@CUINoRegularButtonTemplate@@IAEIXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?SetCheckButtonChecked@CUINoRegularButtonTemplate@@IAEXW4MOUSESTATE@@@Z
?SetSelectIndex@CMenuEx@@QAEXI@Z
CreateIMClient

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IdleTrac.dll
.dll windows:4 windows x86 arch:x86

263c12a197d3bb2ac758eba4a39da260

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:eb:ab:18:0b:78:7b:9c:57:e5:52:f0:8b:40:5e:bf:db:3b:2b:95
Signer

Actual PE Digest

44:eb:ab:18:0b:78:7b:9c:57:e5:52:f0:8b:40:5e:bf:db:3b:2b:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetTickCount

user32

SendMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

Exports

Exports

?Hook_DelAppWnd@@YAXPAUHWND__@@@Z
?Hook_GetAppWnd@@YAXPAUHWND__@@@Z
?Hook_IdleTrackerGetLastTickCount@@YAKXZ
?Hook_IdleTrackerInit@@YAHXZ
?Hook_IdleTrackerTerm@@YAXXZ
?Hook_ReSetLastTickCount@@YAXXZ
?Hook_UserOnLeave@@YAXXZ

Sections

.text
Size: 4KB - Virtual size: 563B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 619B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IdleTra
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ImageOle.dll
.dll regsvr32 windows:4 windows x86 arch:x86

44660346896afa7fcf9a9e309322676b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d9:fe:80:25:2f:3f:11:e2:81:97:64:dc:d5:0a:d3:14:00:a4:fd:4b
Signer

Actual PE Digest

d9:fe:80:25:2f:3f:11:e2:81:97:64:dc:d5:0a:d3:14:00:a4:fd:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
DeleteCriticalSection
EnterCriticalSection
HeapDestroy
GetCurrentThreadId
LeaveCriticalSection
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
DisableThreadLibraryCalls
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
GetCurrentProcess
FlushInstructionCache
lstrlenW
CreateFileA
SetFilePointer
ReadFile
InterlockedDecrement
GetTickCount
CloseHandle
GlobalUnlock
InterlockedIncrement
GlobalLock
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar

user32

GetWindowLongA
CreateWindowExA
CallWindowProcA
EndPaint
GetFocus
ShowWindow
GetWindowTextA
GetClientRect
CharNextA
DefWindowProcA
IsWindow
GetClassNameA
GetKeyState
PtInRect
UnionRect
SetWindowPos
SetWindowRgn
OffsetRect
IsWindowVisible
KillTimer
WindowFromDC
DestroyWindow
SendMessageA
SetFocus
ReleaseDC
GetDC
GetParent
IsChild
InvalidateRect
EqualRect
IntersectRect
RegisterClassExA
UpdateWindow
SetTimer
SetWindowLongA
BeginPaint
GetClassInfoExA
LoadCursorA
wsprintfA

gdi32

RestoreDC
CreateDCA
DeleteDC
BitBlt
DeleteObject
SelectClipRgn
CreateRectRgn
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
SaveDC
LPtoDP
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA

advapi32

RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA

ole32

OleRegGetUserType
CoLoadLibrary
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
WriteClassStm
CreateOleAdviseHolder
OleRegEnumVerbs
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
OleSaveToStream

oleaut32

SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VariantChangeType
VariantClear
OleCreatePropertyFrame
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

gdiplus

GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipCreateFromHDC
GdipAlloc
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdiplusShutdown
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipDeleteGraphics
GdipFree

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

msvcrt

__CxxFrameHandler
free
malloc
??2@YAPAXI@Z
realloc
strcat
memcpy
memset
memcmp
_purecall
_adjust_fdiv
strcpy
_mbsrchr
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_initterm

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Invoker9158.dll
.dll regsvr32 windows:4 windows x86 arch:x86

8e767431c63e6722bf3345f4b588f583

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7f:aa:76:b4:20:d2:82:14:45:59:10:d5:b7:71:39:9b:46:6a:0e:1e
Signer

Actual PE Digest

7f:aa:76:b4:20:d2:82:14:45:59:10:d5:b7:71:39:9b:46:6a:0e:1e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3922
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord3953
ord2725
ord1131
ord826
ord600
ord269
ord5731
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord5683
ord4202
ord4277
ord1578
ord1255
ord1253
ord1570
ord1197
ord2818
ord539
ord924
ord861
ord6467
ord540
ord4278
ord858
ord535
ord860
ord1243
ord800
ord537
ord823
ord825
ord3830
ord342
ord1116
ord1176
ord1575
ord1168
ord1577
ord1182

msvcrt

_CxxThrowException
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_purecall
strcmp
memcmp
_mbscmp
atoi
__CxxFrameHandler
memcpy

kernel32

WinExec
lstrlenA
CloseHandle
InterlockedIncrement
InterlockedDecrement
LocalFree
Process32Next
Process32First
CreateToolhelp32Snapshot
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
lstrlenW

user32

PostMessageA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA

oleaut32

LoadRegTypeLi
SysStringLen
SysFreeString
VariantClear

atl

ord58
ord57
ord18
ord15
ord21
ord16
ord23
ord32
ord30

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ItemVer.xml
.xml
KillProcess.exe
.exe windows:4 windows x86 arch:x86

a24455875a598b8ba572823d93757c31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
TerminateProcess
OpenProcess
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLastError
SetConsoleCtrlHandler
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
SetFilePointer
SetStdHandle
FlushFileBuffers

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MVUILib.dll
.dll windows:4 windows x86 arch:x86

89e23e77f08c4b9df8538db714e61096

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

97:cf:d6:ae:f5:cd:49:cc:a6:8b:0b:a7:cc:bc:d4:3a:40:d4:ea:c4
Signer

Actual PE Digest

97:cf:d6:ae:f5:cd:49:cc:a6:8b:0b:a7:cc:bc:d4:3a:40:d4:ea:c4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

publictool

?DeleteItem@CHash@@QAEPAXJ@Z
?InsertItem@CHash@@QAEHJPAX@Z
?QueryItem@CHash@@QAEPAXJ@Z
?GetWidth@CxImageEx@@QBEKXZ
?GetHeight@CxImageEx@@QBEKXZ
?Draw@CxImageEx@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
??0CxImageEx@@QAE@K@Z
?Load@CxImageEx@@QAE_NPBDK@Z
??1CxImageEx@@UAE@XZ
?GetDIB@CxImageEx@@QBEPAXXZ
?GetBits@CxImageEx@@QAEPAEK@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXXZ
??1CHash@@UAE@XZ
??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ

mfc42

ord1146
ord1168
ord2818
ord540
ord6880
ord3573
ord3721
ord795
ord1641
ord3619
ord2860
ord5875
ord4284
ord4234
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord641
ord326
ord325
ord324
ord922
ord535
ord823
ord3584
ord543
ord803
ord640
ord2405
ord5785
ord1640
ord323
ord3286
ord3301
ord3293
ord1862
ord3571
ord4220
ord2584
ord3654
ord384
ord686
ord2438
ord2408
ord2753
ord2567
ord537
ord3693
ord5787
ord5788
ord2754
ord2452
ord2096
ord2097
ord1175
ord807
ord4163
ord6625
ord554
ord860
ord2614
ord5572
ord2919
ord2863
ord1644
ord858
ord5440
ord6383
ord5450
ord6394
ord3742
ord809
ord818
ord501
ord556
ord773
ord5621
ord1088
ord2078
ord2122
ord1083
ord4299
ord3089
ord2864
ord6358
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord2982
ord4622
ord3738
ord815
ord561
ord4278
ord5683
ord2725
ord924
ord3402
ord755
ord470
ord6453
ord800
ord665
ord1979
ord1567
ord5442
ord268
ord3318
ord5186
ord354
ord6242
ord6320
ord5789
ord6172
ord3874
ord6199
ord2582
ord3370
ord4402
ord3640
ord693
ord4243
ord6696
ord2862
ord3797
ord4133
ord4297
ord472
ord4694
ord6907
ord3092
ord3910
ord6905
ord2575
ord4396
ord3574
ord3706
ord609
ord4123
ord2450
ord5873
ord613
ord6385
ord4224
ord289
ord700
ord398
ord2841
ord5148
ord3752
ord6762
ord5981
ord2107
ord955
ord4189
ord3021
ord5594
ord5277
ord2915
ord5053
ord6662
ord1200
ord4277
ord4202
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord2448
ord2080
ord1802
ord2513
ord293
ord5834
ord2044
ord2086
ord2580
ord4400
ord3630
ord682
ord3996
ord6007
ord3708
ord781
ord5937
ord4132
ord6136
ord6134
ord3876
ord3716
ord790
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4398
ord1776
ord4078
ord6055
ord4271
ord810
ord3733
ord3663
ord283
ord2414
ord3626
ord656
ord3610
ord4407
ord2379
ord2859
ord2566
ord4480
ord4275
ord616
ord825
ord567
ord3582
ord4424
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord2393
ord3147
ord826
ord269
ord2578
ord4218
ord2023
ord2411
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1575
ord1176
ord1116
ord5714
ord913

msvcrt

_CxxThrowException
??0exception@@QAE@ABV0@@Z
atoi
_mbscmp
memmove
__CxxFrameHandler
wcslen
??1exception@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
sprintf
_ismbcdigit
atol
_beginthreadex
??0exception@@QAE@ABQBD@Z

kernel32

LocalFree
lstrlenA
GetVersion
lstrcpyA
OutputDebugStringA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetLastError
lstrcpynA
ResumeThread
Sleep
ResetEvent
SetEvent
GetExitCodeThread
TerminateThread
CloseHandle
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
LocalAlloc

user32

SetWindowLongA
SetTimer
GetCursorPos
KillTimer
DrawEdge
GetSystemMetrics
GrayStringA
TabbedTextOutA
DrawTextA
ScreenToClient
IsWindowVisible
GetNextDlgGroupItem
GetCapture
OffsetRect
RedrawWindow
GetWindowRgn
SetWindowRgn
GetDlgItem
ReleaseCapture
SetCapture
GetFocus
UpdateWindow
SetRect
GetParent
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetMenuStringA
GetSubMenu
ReleaseDC
GetWindowRect
GetWindowDC
EnableWindow
SendMessageA
GetWindowLongA
CreatePopupMenu
InsertMenuA
AppendMenuA
GetMenuItemID
RemoveMenu
LoadBitmapA
LoadImageA
CopyRect
DrawStateA
GetSysColor
GetClientRect
InflateRect
InvalidateRect
GetDC
FillRect
EqualRect
PostMessageA
PtInRect
LoadCursorA
SetCursor

gdi32

StretchBlt
CreateBitmap
Rectangle
SetTextColor
SetBkColor
RoundRect
CreateRoundRectRgn
GetMapMode
GetStockObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateFontA
GetDIBits
GetPixel
CombineRgn
OffsetRgn
SetBkMode
GetTextMetricsA
SetTextAlign
FillRgn
CreateRectRgn
GetRgnBox
PtInRegion
SelectClipRgn
GetBkColor
CreateDIBitmap
GetBitmapBits
SetBitmapBits
GetTextExtentPoint32A
CreateSolidBrush
CreateFontIndirectA
GetObjectA
DeleteDC
DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreatePen

comctl32

ImageList_Draw
ImageList_AddMasked
ImageList_GetImageCount
_TrackMouseEvent

ole32

CoInitialize
CoCreateInstance
OleRun
CreateStreamOnHGlobal

olepro32

ord251

oleaut32

SysStringLen
SysAllocStringLen
VariantInit
VariantCopy
VariantClear
SysAllocStringByteLen
SysAllocString
SysStringByteLen
GetErrorInfo
SetErrorInfo
VariantChangeType
CreateErrorInfo
SysFreeString

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??_7out_of_range@std@@6B@
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0out_of_range@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z

Exports

Exports

??0CAppSysAttribute@@QAE@XZ
??0CAppSysOperation@@QAE@XZ
??0CBaseComboBox@@QAE@XZ
??0CBaseEdit@@QAE@XZ
??0CBaseEditEx@@QAE@XZ
??0CBaseTreeCtrl@@QAE@XZ
??0CCarveGraph@@QAE@ABV0@@Z
??0CCarveGraph@@QAE@XZ
??0CColorStatic@@QAE@XZ
??0CCustomDlg@@QAE@IPAVCWnd@@@Z
??0CCustomDlg@@QAE@PBDPAVCWnd@@@Z
??0CCustomDlg@@QAE@XZ
??0CIconStringMgr@@QAE@XZ
??0CMemDC@@QAE@PAVCDC@@AAVCRect@@@Z
??0CMenuEx@@QAE@XZ
??0CMultiBtn@@QAE@XZ
??0CMyPictureEx@@QAE@ABV0@@Z
??0CMyPictureEx@@QAE@XZ
??0CPictureEx@@QAE@XZ
??0CPictureExEx@@QAE@ABV0@@Z
??0CPictureExEx@@QAE@XZ
??0CRoundCornerRectangleGraph@@QAE@XZ
??0CSkinComboBox@@QAE@XZ
??0CSkinConfContext@@QAE@XZ
??0CSkinExComboBox@@QAE@XZ
??0CUIButtonTemplate@@QAE@XZ
??0CUIComboxTemplate@@QAE@XZ
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??0CUIDlgTemplate@@QAE@PBDPAVCWnd@@@Z
??0CUIDlgTemplate@@QAE@XZ
??0CUIEditTemplate@@QAE@XZ
??0CUIHeadCtrlTemplate@@QAE@XZ
??0CUIListCtrlBaseTemplate@@QAE@XZ
??0CUIListCtrlButtonEx@@QAE@XZ
??0CUIListCtrlEx@@QAE@XZ
??0CUIListCtrlTemplate@@QAE@PAVCHeaderCtrl@@@Z
??0CUIListCtrlTemplate@@QAE@XZ
??0CUINoFrameEdit@@QAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
??0CUIOtherdrawListCtrlTemplate@@QAE@XZ
??0CUIOwnerdrawListCtrlTemplate@@QAE@XZ
??0CUIRichEditTemplate@@QAE@XZ
??0CUISliderTemplate@@QAE@XZ
??0CUISortListCtrlEx@@QAE@XZ
??0CUIStaticTemplate@@QAE@XZ
??1CAppSysAttribute@@UAE@XZ
??1CAppSysOperation@@UAE@XZ
??1CBaseComboBox@@UAE@XZ
??1CBaseEdit@@UAE@XZ
??1CBaseEditEx@@UAE@XZ
??1CBaseTreeCtrl@@UAE@XZ
??1CCarveGraph@@UAE@XZ
??1CColorStatic@@UAE@XZ
??1CCustomDlg@@UAE@XZ
??1CIconStringMgr@@UAE@XZ
??1CMemDC@@UAE@XZ
??1CMenuEx@@UAE@XZ
??1CMultiBtn@@UAE@XZ
??1CMyPictureEx@@UAE@XZ
??1CPictureEx@@UAE@XZ
??1CPictureExEx@@UAE@XZ
??1CRoundCornerRectangleGraph@@UAE@XZ
??1CSkinComboBox@@UAE@XZ
??1CSkinConfContext@@UAE@XZ
??1CSkinExComboBox@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??1CUIComboxTemplate@@UAE@XZ
??1CUIDlgTemplate@@UAE@XZ
??1CUIEditTemplate@@UAE@XZ
??1CUIHeadCtrlTemplate@@UAE@XZ
??1CUIListCtrlBaseTemplate@@UAE@XZ
??1CUIListCtrlButtonEx@@UAE@XZ
??1CUIListCtrlEx@@UAE@XZ
??1CUIListCtrlTemplate@@UAE@XZ
??1CUINoFrameEdit@@UAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
??1CUIOtherdrawListCtrlTemplate@@UAE@XZ
??1CUIOwnerdrawListCtrlTemplate@@UAE@XZ
??1CUIRichEditTemplate@@UAE@XZ
??1CUISliderTemplate@@UAE@XZ
??1CUISortListCtrlEx@@UAE@XZ
??1CUIStaticTemplate@@UAE@XZ
??4CCarveGraph@@QAEAAV0@ABV0@@Z
??4CMyPictureEx@@QAEAAV0@ABV0@@Z
??4CPictureExEx@@QAEAAV0@ABV0@@Z
??CCMemDC@@QAEPAV0@XZ
??_7CAppSysAttribute@@6B@
??_7CAppSysOperation@@6B@
??_7CBaseComboBox@@6B@
??_7CBaseEdit@@6B@
??_7CBaseEditEx@@6B@
??_7CBaseTreeCtrl@@6B@
??_7CCarveGraph@@6B@
??_7CColorStatic@@6B@
??_7CCustomDlg@@6BCAppSysOperation@@@
??_7CCustomDlg@@6BCDialog@@@
??_7CIconStringMgr@@6B@
??_7CMemDC@@6B@
??_7CMenuEx@@6B@
??_7CMultiBtn@@6B@
??_7CMyPictureEx@@6B@
??_7CPictureEx@@6B@
??_7CPictureExEx@@6B@
??_7CRoundCornerRectangleGraph@@6B@
??_7CSkinComboBox@@6BCAppSysOperation@@@
??_7CSkinComboBox@@6BCComboBox@@@
??_7CSkinConfContext@@6B@
??_7CSkinExComboBox@@6BCAppSysOperation@@@
??_7CSkinExComboBox@@6BCComboBox@@@
??_7CUIButtonTemplate@@6BCAppSysAttribute@@@
??_7CUIButtonTemplate@@6BCAppSysOperation@@@
??_7CUIButtonTemplate@@6BCButton@@@
??_7CUIComboxTemplate@@6BCAppSysAttribute@@@
??_7CUIComboxTemplate@@6BCAppSysOperation@@@
??_7CUIComboxTemplate@@6BCCarveGraph@@@
??_7CUIComboxTemplate@@6BCComboBox@@@
??_7CUIDlgTemplate@@6BCAppSysOperation@@@
??_7CUIDlgTemplate@@6BCDialog@@@
??_7CUIEditTemplate@@6BCAppSysAttribute@@@
??_7CUIEditTemplate@@6BCAppSysOperation@@@
??_7CUIEditTemplate@@6BCCarveGraph@@@
??_7CUIEditTemplate@@6BCEdit@@@
??_7CUIHeadCtrlTemplate@@6BCAppSysAttribute@@@
??_7CUIHeadCtrlTemplate@@6BCAppSysOperation@@@
??_7CUIHeadCtrlTemplate@@6BCHeaderCtrl@@@
??_7CUIListCtrlBaseTemplate@@6BCAppSysAttribute@@@
??_7CUIListCtrlBaseTemplate@@6BCAppSysOperation@@@
??_7CUIListCtrlBaseTemplate@@6BCListCtrl@@@
??_7CUIListCtrlButtonEx@@6BCAppSysAttribute@@@
??_7CUIListCtrlButtonEx@@6BCAppSysOperation@@@
??_7CUIListCtrlButtonEx@@6BCListCtrl@@@
??_7CUIListCtrlEx@@6BCAppSysAttribute@@@
??_7CUIListCtrlEx@@6BCAppSysOperation@@@
??_7CUIListCtrlEx@@6BCListCtrl@@@
??_7CUIListCtrlTemplate@@6BCAppSysAttribute@@@
??_7CUIListCtrlTemplate@@6BCAppSysOperation@@@
??_7CUIListCtrlTemplate@@6BCListCtrl@@@
??_7CUINoFrameEdit@@6B@
??_7CUINoRegularButtonTemplate@@6BCAppSysAttribute@@@
??_7CUINoRegularButtonTemplate@@6BCAppSysOperation@@@
??_7CUINoRegularButtonTemplate@@6BCButton@@@
??_7CUIOtherdrawListCtrlTemplate@@6BCAppSysAttribute@@@
??_7CUIOtherdrawListCtrlTemplate@@6BCAppSysOperation@@@
??_7CUIOtherdrawListCtrlTemplate@@6BCListCtrl@@@
??_7CUIOwnerdrawListCtrlTemplate@@6BCAppSysAttribute@@@
??_7CUIOwnerdrawListCtrlTemplate@@6BCAppSysOperation@@@
??_7CUIOwnerdrawListCtrlTemplate@@6BCListCtrl@@@
??_7CUIRichEditTemplate@@6BCAppSysAttribute@@@
??_7CUIRichEditTemplate@@6BCAppSysOperation@@@
??_7CUIRichEditTemplate@@6BCCarveGraph@@@
??_7CUIRichEditTemplate@@6BCRichEditCtrl@@@
??_7CUISliderTemplate@@6BCAppSysAttribute@@@
??_7CUISliderTemplate@@6BCAppSysOperation@@@
??_7CUISliderTemplate@@6BCSliderCtrl@@@
??_7CUISortListCtrlEx@@6BCAppSysAttribute@@@
??_7CUISortListCtrlEx@@6BCAppSysOperation@@@
??_7CUISortListCtrlEx@@6BCListCtrl@@@
??_7CUIStaticTemplate@@6BCAppSysAttribute@@@
??_7CUIStaticTemplate@@6BCAppSysOperation@@@
??_7CUIStaticTemplate@@6BCStatic@@@
?AddBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?AddBtnInfo@CMultiBtn@@QAEXHPBD0@Z
?AddCBImageItems@CSkinExComboBox@@QAEXAAV?$vector@PAUHBITMAP__@@V?$allocator@PAUHBITMAP__@@@std@@@std@@V?$vector@PBDV?$allocator@PBD@std@@@3@@Z
?AddGraph@CCarveGraph@@UAEHPAV1@@Z
?AddIconItem@CIconStringMgr@@QAEXAAUICONString@@@Z
?AddItemStamp@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?AddLPVOIDInfo@CUIOtherdrawListCtrlTemplate@@QAEXPAXH@Z
?AddListColumn@CUIListCtrlTemplate@@UAEHUStructHeadCtrlData@@@Z
?AddListIcon@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddMobile@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddMsg@CUIRichEditTemplate@@QAEXAAVCString@@AAKHH@Z
?AddName@CUIRichEditTemplate@@QAEXAAVCString@@AAK@Z
?AddNewVip@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?AddStatus@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?AddText@CUIRichEditTemplate@@QAEXAAVCString@@AAK@Z
?AddText@CUIRichEditTemplate@@QAEXPBDAAK@Z
?AddWeb@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AnimateOutSide@CPictureEx@@QAEXXZ
?AnimationGif@CUIOtherdrawListCtrlTemplate@@CGIPAX@Z
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?AttachHeaderCtrl@CUIListCtrlBaseTemplate@@QAEXXZ
?AttachHeaderCtrl@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?AttachHeaderCtrl@CUIOwnerdrawListCtrlTemplate@@QAEXXZ
?BmpToMem@CSkinExComboBox@@AAEXHPAVCDC@@VCRect@@@Z
?CalculateLeftImagePos@CMenuEx@@IAEXPAVCMenu@@@Z
?CarveGraphDrawItem@CCarveGraph@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?CarveGraphDrawItem@CRoundCornerRectangleGraph@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?CarveGraphDrawItem@CUIEditTemplate@@MAEHPAUtagDRAWITEMSTRUCT@@@Z
?CarveGraphGround@CCarveGraph@@UAEHPAVCDC@@@Z
?CarveGraphGround@CRoundCornerRectangleGraph@@UAEHPAVCDC@@@Z
?ChangeMenuStyle@CMenuEx@@IAEXPAVCMenu@@PAUHMENU__@@@Z
?CheckHover@CUIButtonTemplate@@IAEXVCPoint@@@Z
?CheckHover@CUINoRegularButtonTemplate@@IAEXVCPoint@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?CleanButtonImageItemValid@CUIListCtrlTemplate@@MAEHXZ
?CleanIconItems@CIconStringMgr@@QAEXXZ
?CleanImageItemValid@CUIListCtrlTemplate@@MAEHXZ
?CleanListColumn@CUIListCtrlTemplate@@MAEHXZ
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?CleanSkin@CUISliderTemplate@@UAEHPAX@Z
?CleanTemplateImageList@CUIListCtrlTemplate@@MAEHXZ
?CleanUp@CAppSysOperation@@UAEXXZ
?CleanUp@CUIListCtrlTemplate@@MAEXXZ
?CloseThread@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?CombinePic@CMyPictureEx@@IAEXPAVCBitmap@@HHH@Z
?Compare@CUIListCtrlTemplate@@SGHJJJ@Z
?Create@CMultiBtn@@UAEHPBD0KABUtagRECT@@PAVCWnd@@IPAUCCreateContext@@@Z
?Create@CPictureEx@@QAEHABUtagRECT@@PAVCWnd@@IK@Z
?Create@CUIComboxTemplate@@QAEHKABUtagRECT@@PAVCWnd@@I@Z
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
?Create@CUIDlgTemplate@@QAEHPBDPAVCWnd@@@Z
?CreateListHeader@CUIListCtrlTemplate@@UAEHW4TEXTPOS@@@Z
?CreateMaskBitmap@CUINoRegularButtonTemplate@@AAEHPAUHDC__@@AAVCBitmap@@1HHHHK@Z
?CreateObject@CUIComboxTemplate@@SGPAVCObject@@XZ
?CreateRgnFromBitmap@CUINoRegularButtonTemplate@@IAEPAUHRGN__@@PAUHBITMAP__@@K@Z
?CtlColor@CBaseEdit@@QAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CColorStatic@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CUIEditTemplate@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?CtlColor@CUIStaticTemplate@@IAEPAUHBRUSH__@@PAVCDC@@I@Z
?DefWindowProcA@CColorStatic@@MAEJIIJ@Z
?DelAllBadge@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DelAllItemIcon@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DelAllItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DelBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?DelItemIcon@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DelItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DelState@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DeleteAllItemColor@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DeleteAllToolTips@CUIOtherdrawListCtrlTemplate@@UAEXXZ
?DeleteItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DeleteItem@CUIOwnerdrawListCtrlTemplate@@QAEXH@Z
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
?DragColumn@CUIListCtrlTemplate@@IAEXHH@Z
?DrawBK@CUISliderTemplate@@QAEXPAVCDC@@@Z
?DrawBitmapAddFont@CUIOtherdrawListCtrlTemplate@@QAEXPAUHDC__@@PAUHBITMAP__@@PBDHHHHHHHHH@Z
?DrawButton@CUIButtonTemplate@@IAEXPAVCDC@@PAVCRect@@I@Z
?DrawButton@CUIListCtrlButtonEx@@QAEXPAVCDC@@AAVCRect@@H@Z
?DrawButton@CUINoRegularButtonTemplate@@IAEXPAVCDC@@PAVCRect@@I@Z
?DrawButtonCaption@CUIButtonTemplate@@IAEXPAUHDC__@@PAVCRect@@HH@Z
?DrawButtonCaption@CUINoRegularButtonTemplate@@IAEXPAUHDC__@@PAVCRect@@HH@Z
?DrawButtonColumn@CUIListCtrlTemplate@@MAEHXZ
?DrawButtonImage@CUIListCtrlTemplate@@MAEHPAVCDC@@AAVCRect@@HHK@Z
?DrawChannel@CUISliderTemplate@@AAEXPAVCDC@@PAUtagNMCUSTOMDRAWINFO@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUINoRegularButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?DrawContent@CUIHeadCtrlTemplate@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?DrawContent@CUIListCtrlTemplate@@MAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?DrawDlgWindowRgn@CUIDlgTemplate@@IAEXPAVCDC@@@Z
?DrawDropDown@CSkinComboBox@@QAEXPAVCDC@@@Z
?DrawItem@CMenuEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CSkinExComboBox@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIComboxTemplate@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIListCtrlBaseTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIListCtrlButtonEx@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIListCtrlTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUINoRegularButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIOtherdrawListCtrlTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItem@CUIOwnerdrawListCtrlTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawItemText@CUIListCtrlBaseTemplate@@IAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?DrawItemText@CUIOtherdrawListCtrlTemplate@@IAEHPAVCDC@@VCString@@AAVCRect@@H_N@Z
?DrawItemText@CUIOwnerdrawListCtrlTemplate@@IAEHPAVCDC@@VCString@@AAVCRect@@H_N@Z
?DrawMenuItemImage@CMenuEx@@IAEXPAVCDC@@AAVCRect@@HHHHPAUtagMENUITEM@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawPushButton@CUINoRegularButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUINoRegularButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?DrawSkin@CUIComboxTemplate@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?DrawSkin@CUIListCtrlTemplate@@MAEHPAUtagDRAWITEMSTRUCT@@@Z
?DrawThumb@CUISliderTemplate@@AAEXPAVCDC@@PAUtagNMCUSTOMDRAWINFO@@@Z
?DrawTransparent@CUISliderTemplate@@QAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?EnableSort@CUIListCtrlTemplate@@IAEHH@Z
?EnableWndMove@CUIDlgTemplate@@IAEXH@Z
?FillHightLightRect@CUIListCtrlBaseTemplate@@IAEXPAVCDC@@AAVCRect@@KK@Z
?FillHightLightRect@CUIListCtrlTemplate@@AAEXPAVCDC@@AAVCRect@@KK@Z
?FillHightLightRect@CUIOtherdrawListCtrlTemplate@@IAEXPAVCDC@@AAVCRect@@KK@Z
?FillHightLightRect@CUIOwnerdrawListCtrlTemplate@@IAEXPAVCDC@@AAVCRect@@KK@Z
?FillItemColor@CUIListCtrlBaseTemplate@@IAEXPAVCDC@@AAVCRect@@K@Z
?FillItemColor@CUIListCtrlTemplate@@AAEXPAVCDC@@AAVCRect@@K@Z
?FillItemColor@CUIOtherdrawListCtrlTemplate@@IAEXPAVCDC@@AAVCRect@@K@Z
?FillItemColor@CUIOwnerdrawListCtrlTemplate@@IAEXPAVCDC@@AAVCRect@@K@Z
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?FitBitmapSize@CUINoRegularButtonTemplate@@UAEXXZ
?FlagControlHaveSkin@CAppSysOperation@@QAEXH@Z
?FrameRgn3D@CUIButtonTemplate@@IAEXPAUHDC__@@QAUHRGN__@@H@Z
?FrameRgn3D@CUINoRegularButtonTemplate@@IAEXPAUHDC__@@QAUHRGN__@@H@Z
?GetAddIconItem@CIconStringMgr@@QAEPAUICONString@@AAVCString@@@Z
?GetAddIconItem@CIconStringMgr@@QAEPAUICONString@@H@Z
?GetBackGroundColor@CCarveGraph@@QAEKXZ
?GetBitmapHeight@CAppSysOperation@@QAEHXZ
?GetBitmapWidth@CAppSysOperation@@QAEHXZ
?GetBkColor@CPictureEx@@QBEKXZ
?GetButtonSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetCheckButtonChecked@CUIButtonTemplate@@IAEIXZ
?GetCheckButtonChecked@CUINoRegularButtonTemplate@@IAEIXZ
?GetComboxSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?GetCtrlHeight@CAppSysOperation@@QAEHXZ
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?GetCtrlWidth@CAppSysOperation@@QAEHXZ
?GetCurrentControlType@CCarveGraph@@QAEIXZ
?GetCurrentGraph@CCarveGraph@@UAEPAV1@XZ
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?GetCurrentSkin@CUINoRegularButtonTemplate@@MAEHPAX@Z
?GetCurrentWnd@CCarveGraph@@QAEPAUHWND__@@XZ
?GetDialogSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetEditBoxSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetFrameCount@CMyPictureEx@@QBEHXZ
?GetFrameCount@CPictureExEx@@QBEHXZ
?GetIconData@CUIOtherdrawListCtrlTemplate@@QAEPAUtagListItemData@@H@Z
?GetIconItems@CIconStringMgr@@QAEHXZ
?GetIconStringMgr@CUIComboxTemplate@@QAEPAVCIconStringMgr@@XZ
?GetImageDate@CUIOtherdrawListCtrlTemplate@@QAEPAUtagListItemData@@H@Z
?GetImageFromToolBar@CMenuEx@@IAEHIPAVCToolBar@@KI@Z
?GetImageSkinConf@CSkinConfContext@@QAEHPBDPAPAUHBITMAP__@@@Z
?GetIsMouseSensitive@CUIListCtrlEx@@QAE_NXZ
?GetItem@CUIComboxTemplate@@IAEPAUStructComboxItem@@H@Z
?GetItemHeight@CUIOtherdrawListCtrlTemplate@@QAEHXZ
?GetItemText@CUIComboxTemplate@@QAEAAVCString@@H@Z
?GetItemToolTipText@CUIOtherdrawListCtrlTemplate@@UAE?AVCString@@HH@Z
?GetListCtrlSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetMessageMap@CBaseComboBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CBaseEdit@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CBaseEditEx@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CBaseTreeCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CColorStatic@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CCustomDlg@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CMultiBtn@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CPictureEx@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CSkinComboBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CSkinExComboBox@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIButtonTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIComboxTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIDlgTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIEditTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIHeadCtrlTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListCtrlBaseTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListCtrlButtonEx@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListCtrlEx@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIListCtrlTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUINoFrameEdit@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUINoRegularButtonTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIOtherdrawListCtrlTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIOwnerdrawListCtrlTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIRichEditTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUISliderTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetMessageMap@CUIStaticTemplate@@MBEPBUAFX_MSGMAP@@XZ
?GetNextBlock@CMyPictureEx@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlock@CPictureExEx@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CMyPictureEx@@IBEHXZ
?GetNextBlockLen@CPictureExEx@@IBEHXZ
?GetNextGraphicBlock@CMyPictureEx@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetNextGraphicBlock@CPictureExEx@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetPaintRect@CMyPictureEx@@QAEHPAUtagRECT@@@Z
?GetPaintRect@CPictureExEx@@QAEHPAUtagRECT@@@Z
?GetPicWnd@CUIOtherdrawListCtrlTemplate@@QAEPAVCWnd@@HH@Z
?GetPictureExEx@CSkinConfContext@@QAEPAXPBDH@Z
?GetRadioCheck@CUIButtonTemplate@@QAE_NXZ
?GetRadioCheck@CUINoRegularButtonTemplate@@QAE_NXZ
?GetRuntimeClass@CMenuEx@@UBEPAUCRuntimeClass@@XZ
?GetRuntimeClass@CUIComboxTemplate@@UBEPAUCRuntimeClass@@XZ
?GetSize@CMyPictureEx@@QBE?AUtagSIZE@@XZ
?GetSize@CPictureExEx@@QBE?AUtagSIZE@@XZ
?GetSliderCtrlSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetSpaceTextBmp@CUIComboxTemplate@@QAEHXZ
?GetStaticSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?GetSubBlocksLen@CMyPictureEx@@IBEII@Z
?GetSubBlocksLen@CPictureExEx@@IBEII@Z
?GetTextItemHeight@CUIComboxTemplate@@QAEHXZ
?GetWindowVer@CAppSysOperation@@SAXXZ
?GetWndMove@CUIDlgTemplate@@IAEHXZ
?GrayStringA@CMenuEx@@IAEXPAVCDC@@ABVCString@@VCRect@@@Z
?HandleLeftMouseListBtnClick@CUIListCtrlTemplate@@MAEHXZ
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUINoRegularButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUINoRegularButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseMove@CUINoRegularButtonTemplate@@MAEHIVCPoint@@@Z
?HitTest@CUIButtonTemplate@@IAEHVCPoint@@@Z
?HitTest@CUINoRegularButtonTemplate@@IAEHVCPoint@@@Z
?HitTestEx@CUIListCtrlButtonEx@@QAEHAAVCPoint@@AAH@Z
?Init@CUIListCtrlTemplate@@UAEHXZ
?InitCarveGraph@CCarveGraph@@UAEHXZ
?InitCarveGraph@CRoundCornerRectangleGraph@@UAEHXZ
?InitCarveGraph@CUIEditTemplate@@MAEHXZ
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?InsertMenuEx@CMenuEx@@QAEHIIIPBD@Z
?IsAnimatedGIF@CMyPictureEx@@QBEHXZ
?IsAnimatedGIF@CPictureExEx@@QBEHXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?IsControlHaveSkin@CUIListCtrlTemplate@@MAEHXZ
?IsGIF@CMyPictureEx@@QBEHXZ
?IsGIF@CPictureExEx@@QBEHXZ
?IsGraphSupportCurrentControl@CCarveGraph@@UAEHXZ
?IsGraphSupportCurrentControl@CRoundCornerRectangleGraph@@UAEHXZ
?IsNumber@CUIListCtrlTemplate@@KAHPBD@Z
?IsPlaying@CMyPictureEx@@QBEHXZ
?IsPlaying@CPictureExEx@@QBEHXZ
?IsRadioGroup@CUIButtonTemplate@@IAEHXZ
?IsRadioGroup@CUINoRegularButtonTemplate@@IAEHXZ
?IsStyle3State@CUIButtonTemplate@@IAEHXZ
?IsStyle3State@CUINoRegularButtonTemplate@@IAEHXZ
?IsStyleAuto@CUIButtonTemplate@@IAEHXZ
?IsStyleAuto@CUINoRegularButtonTemplate@@IAEHXZ
?IsStyleCheckBox@CUIButtonTemplate@@IAEHXZ
?IsStyleCheckBox@CUINoRegularButtonTemplate@@IAEHXZ
?IsStyleRadio@CUIButtonTemplate@@IAEHXZ
?IsStyleRadio@CUINoRegularButtonTemplate@@IAEHXZ
?IsWin98@CAppSysOperation@@SAHXZ
?Load@CMyPictureEx@@QAEHPBDH@Z
?Load@CPictureEx@@QAEHPBDPAX@Z
?Load@CPictureExEx@@QAEHPAXK@Z
?Load@CPictureExEx@@QAEHPBD0@Z
?Load@CPictureExEx@@QAEHPBD@Z
?LoadBitmapA@CMyPictureEx@@IAEPAUHBITMAP__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?LoadButtonSkin@CUIListCtrlButtonEx@@QAEHPAX@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
?LoadPngBitmap@CMyPictureEx@@IAEPAUHBITMAP__@@VCString@@@Z
?LoadSkin@CAppSysOperation@@UAEHPAX@Z
?LoadSkin@CCustomDlg@@QAEHXZ
?LoadSkin@CSkinComboBox@@UAEHPAX@Z
?LoadSkin@CSkinConfContext@@QAEHVCString@@@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?LoadSkin@CUIComboxTemplate@@UAEHPAX@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?LoadSkin@CUIEditTemplate@@UAEHPAX@Z
?LoadSkin@CUIHeadCtrlTemplate@@UAEHPAX@Z
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?LoadSkin@CUIListCtrlTemplate@@UAEHPAX@Z
?LoadSkin@CUINoRegularButtonTemplate@@UAEHPAX@Z
?LoadSkin@CUINoRegularButtonTemplate@@UAEHPAXPAVCDC@@@Z
?LoadSkin@CUIOtherdrawListCtrlTemplate@@UAEHPAX@Z
?LoadSkin@CUIOwnerdrawListCtrlTemplate@@UAEHPAX@Z
?LoadSkin@CUISliderTemplate@@UAEHPAX@Z
?LoadSkin@CUIStaticTemplate@@UAEHPAX@Z
?LoadSkinToBitmap@CAppSysOperation@@SA_NAAVCBitmap@@PAXAA_N@Z
?LoadTemplateButtonImageList@CUIListCtrlTemplate@@MAEHVCString@@HHK@Z
?LoadToolBar@CMenuEx@@QAEXII@Z
?MeasureItem@CMenuEx@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CSkinExComboBox@@MAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CUIComboxTemplate@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?MeasureItem@CUIOtherdrawListCtrlTemplate@@IAEXPAUtagMEASUREITEMSTRUCT@@@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?MoveButtonWindow@CMultiBtn@@QAEXXZ
?NeedShowHandCursor@CBaseTreeCtrl@@QAEXH@Z
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?NeedShowHandCursor@CUIStaticTemplate@@QAEXH@Z
?OnBMGetCheck@CUIButtonTemplate@@IAEJIJ@Z
?OnBMGetCheck@CUINoRegularButtonTemplate@@IAEJIJ@Z
?OnBMSetCheck@CUIButtonTemplate@@IAEJIJ@Z
?OnBMSetCheck@CUINoRegularButtonTemplate@@IAEJIJ@Z
?OnCBPaint@CUIComboxTemplate@@IAEXPAVCDC@@@Z
?OnCreate@CUIRichEditTemplate@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCtlColor@CBaseComboBox@@IAEPAUHBRUSH__@@PAVCDC@@PAVCWnd@@I@Z
?OnCtlColor@CBaseEdit@@IAEPAUHBRUSH__@@PAVCDC@@PAVCWnd@@I@Z
?OnCtlColor@CSkinComboBox@@IAEPAUHBRUSH__@@PAVCDC@@PAVCWnd@@I@Z
?OnCustomDraw@CUISliderTemplate@@IAEXPAUtagNMHDR@@PAJ@Z
?OnDeleteallitems@CUIOtherdrawListCtrlTemplate@@IAEXPAUtagNMHDR@@PAJ@Z
?OnDeleteallitems@CUIOwnerdrawListCtrlTemplate@@IAEXPAUtagNMHDR@@PAJ@Z
?OnDestroy@CPictureEx@@IAEXXZ
?OnDestroy@CSkinComboBox@@IAEXXZ
?OnDestroy@CUIDlgTemplate@@IAEXXZ
?OnEditKillFocus@CSkinComboBox@@IAEJIJ@Z
?OnEraseBkgnd@CMultiBtn@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIButtonTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIComboxTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIDlgTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIHeadCtrlTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIListCtrlBaseTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIListCtrlTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUINoRegularButtonTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIOtherdrawListCtrlTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIOwnerdrawListCtrlTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUISliderTemplate@@IAEHPAVCDC@@@Z
?OnEraseBkgnd@CUIStaticTemplate@@IAEHPAVCDC@@@Z
?OnGetDlgCode@CUIButtonTemplate@@IAEIXZ
?OnGetDlgCode@CUINoRegularButtonTemplate@@IAEIXZ
?OnHScroll@CUIListCtrlBaseTemplate@@IAEXIIPAVCScrollBar@@@Z
?OnHScroll@CUIOtherdrawListCtrlTemplate@@IAEXIIPAVCScrollBar@@@Z
?OnHScroll@CUIOwnerdrawListCtrlTemplate@@IAEXIIPAVCScrollBar@@@Z
?OnHeaderChanged@CUIListCtrlTemplate@@IAEXPAUtagNMHDR@@PAJ@Z
?OnHeaderClicked@CUIListCtrlTemplate@@IAEXPAUtagNMHDR@@PAJ@Z
?OnInitDialog@CUIDlgTemplate@@MAEHXZ

Sections

.text
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MixerXP.dll
.dll windows:4 windows x86 arch:x86

be4b7496ae3a9a71597cbbc9706a6998

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f2:82:56:22:05:fe:75:7f:1d:84:25:60:15:f2:11:d3:c1:30:57:d7
Signer

Actual PE Digest

f2:82:56:22:05:fe:75:7f:1d:84:25:60:15:f2:11:d3:c1:30:57:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord800
ord540
ord858
ord535
ord860
ord1168
ord825
ord342
ord1182
ord2764
ord537
ord823
ord1253

msvcrt

_initterm
malloc
_adjust_fdiv
free
strncpy
__CxxFrameHandler
?terminate@@YAXXZ
_except_handler3

kernel32

OutputDebugStringA

user32

DestroyWindow

winmm

waveOutGetDevCapsA
sndPlaySoundA
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetDevCapsA
waveInGetNumDevs
mixerGetNumDevs
mixerClose
waveOutClose
mixerGetID
waveOutOpen
waveInClose
waveInOpen
mixerOpen
waveOutGetNumDevs
waveInGetDevCapsA

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

CreateMixer9158

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatGuest.dll
.dll windows:4 windows x86 arch:x86

7c19970bc84ad572da6046a35cab0211

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:35:a6:bf:b3:b5:97:1e:96:e2:b3:52:3a:b3:62:63:ba:85:e0:26
Signer

Actual PE Digest

9f:35:a6:bf:b3:b5:97:1e:96:e2:b3:52:3a:b3:62:63:ba:85:e0:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

?AddMobile@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddListIcon@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?SetItemGifImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@@Z
?SetItemColor@CUIOtherdrawListCtrlTemplate@@QAEXHK@Z
?SetItemConsumeImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@H@Z
?CloseThread@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DeleteItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetToolTipHitMask@CUIOtherdrawListCtrlTemplate@@QAEGG@Z
?SetListCtrlBackTpye@CUIOtherdrawListCtrlTemplate@@QAEX_N@Z
?SetSelectFrameColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetNewBackType@CUIOtherdrawListCtrlTemplate@@QAEXKK@Z
?SetSelectColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?AddLPVOIDInfo@CUIOtherdrawListCtrlTemplate@@QAEXPAXH@Z
?SelectItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetItemHeight@CUIOtherdrawListCtrlTemplate@@QAEXI@Z
?AddItemStamp@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?DelItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?DelAllItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?NeedShowHandCursor@CUINoRegularButtonTemplate@@QAEXH@Z
?SetBGColor@CBaseEdit@@QAEXK@Z
?AddStatus@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?DelState@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
??_7CPictureExEx@@6B@
??0CUIListCtrlButtonEx@@QAE@XZ
??1CPictureEx@@UAE@XZ
??0CPictureEx@@QAE@XZ
?SetDrawFrame@CUIListCtrlBaseTemplate@@QAEXH@Z
?SetFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetFontColor@CColorStatic@@QAEXK@Z
?LoadSkin@CUIListCtrlBaseTemplate@@UAEHPAX@Z
?DrawItem@CUIListCtrlBaseTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?PreSubclassWindow@CUIListCtrlBaseTemplate@@MAEXXZ
?GetMessageMap@CUIListCtrlEx@@MBEPBUAFX_MSGMAP@@XZ
??1CUIListCtrlEx@@UAE@XZ
??0CUIListCtrlEx@@QAE@XZ
?messageMap@CUIListCtrlEx@@1UAFX_MSGMAP@@B
?LoadSkin@CUIOtherdrawListCtrlTemplate@@UAEHPAX@Z
?OnToolTipText@CUIOtherdrawListCtrlTemplate@@MAEHIPAUtagNMHDR@@PAJ@Z
?GetItemToolTipText@CUIOtherdrawListCtrlTemplate@@UAE?AVCString@@HH@Z
?SetItemToolTipText@CUIOtherdrawListCtrlTemplate@@UAEHHHPBD@Z
?DeleteAllToolTips@CUIOtherdrawListCtrlTemplate@@UAEXXZ
?DrawItem@CUIOtherdrawListCtrlTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?WindowProc@CUIOtherdrawListCtrlTemplate@@MAEJIIJ@Z
?OnToolHitTest@CUIOtherdrawListCtrlTemplate@@MBEHVCPoint@@PAUtagTOOLINFOA@@@Z
?PreSubclassWindow@CUIOtherdrawListCtrlTemplate@@MAEXXZ
??0CUIOtherdrawListCtrlTemplate@@QAE@XZ
??1CUIOtherdrawListCtrlTemplate@@UAE@XZ
?messageMap@CUIOtherdrawListCtrlTemplate@@1UAFX_MSGMAP@@B
?OnMouseMove@CUIOtherdrawListCtrlTemplate@@IAEXIVCPoint@@@Z
?LoadSkin@CSkinComboBox@@UAEHPAX@Z
?messageMap@CSkinComboBox@@1UAFX_MSGMAP@@B
?AddWeb@CUIOtherdrawListCtrlTemplate@@QAEHHPAX0@Z
?AddNewVip@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
?SetTransParent@CUIButtonTemplate@@QAEXH@Z
?AttachHeaderCtrl@CUIListCtrlBaseTemplate@@QAEXXZ
?SetSelectColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetSelectFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetSelectTextColor@CUIListCtrlBaseTemplate@@QAEXK@Z
??1CUISortListCtrlEx@@UAE@XZ
??0CUISortListCtrlEx@@QAE@XZ
?AddCBImageItems@CSkinExComboBox@@QAEXAAV?$vector@PAUHBITMAP__@@V?$allocator@PAUHBITMAP__@@@std@@@std@@V?$vector@PBDV?$allocator@PBD@std@@@3@@Z
??0CSkinExComboBox@@QAE@XZ
??1CSkinExComboBox@@UAE@XZ
?SetTextColor@CBaseEdit@@QAEXKK@Z
?SetBold@CColorStatic@@QAEX_N@Z
?GetPictureExEx@CSkinConfContext@@QAEPAXPBDH@Z
?AddBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?DelBadge@CUIOtherdrawListCtrlTemplate@@QAEHH@Z
?SetBadge@CUIOtherdrawListCtrlTemplate@@QAEXVCString@@H@Z
?SetBackColor@CMenuEx@@QAEXK@Z
?LoadToolBar@CMenuEx@@QAEXII@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?RemoveMenuEx@CMenuEx@@QAEHII@Z
??1CUIListCtrlButtonEx@@UAE@XZ
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
??0CUISliderTemplate@@QAE@XZ
??1CUISliderTemplate@@UAE@XZ
?LoadSkinToBitmap@CAppSysOperation@@SA_NAAVCBitmap@@PAXAA_N@Z
?LoadSkin@CCustomDlg@@QAEHXZ
?SetBold@CUIStaticTemplate@@QAEX_N@Z
?messageMap@CCustomDlg@@1UAFX_MSGMAP@@B
??0CCustomDlg@@QAE@IPAVCWnd@@@Z
??1CCustomDlg@@UAE@XZ
?LoadSkin@CAppSysOperation@@UAEHPAX@Z
?GetRuntimeClass@CMenuEx@@UBEPAUCRuntimeClass@@XZ
?DrawItem@CMenuEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?MeasureItem@CMenuEx@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?SetFrameColor@CBaseEdit@@QAEXK@Z
?SetDrawFrame@CBaseEdit@@QAEXH@Z
??0CBaseEdit@@QAE@XZ
??1CBaseEdit@@UAE@XZ
?SetToolTipText@CUINoRegularButtonTemplate@@QAEXPBD@Z
?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
??0CMemDC@@QAE@PAVCDC@@AAVCRect@@@Z
??1CMemDC@@UAE@XZ
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
?OnInitDialog@CUIDlgTemplate@@MAEHXZ
?messageMap@CUIDlgTemplate@@1UAFX_MSGMAP@@B
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??0CUIButtonTemplate@@QAE@XZ
??1CUIDlgTemplate@@UAE@XZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CUIDlgTemplate@@MAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
??0CMenuEx@@QAE@XZ
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
??1CMenuEx@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetColorFrame@CSkinComboBox@@QAEXK@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
??0CSkinComboBox@@QAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
??0CUIStaticTemplate@@QAE@XZ
??1CSkinComboBox@@UAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
??1CUIStaticTemplate@@UAE@XZ
?SetColor@CColorStatic@@QAEXKKK@Z
??0CColorStatic@@QAE@XZ
??1CColorStatic@@UAE@XZ

winmm

waveOutClose
mixerGetID
mixerGetControlDetailsA
mixerSetControlDetails
sndPlaySoundA
mmioWrite
mmioAdvance
mmioSetInfo
mmioSeek
mmioCreateChunk
mmioGetInfo
waveOutOpen
mmioClose
mmioDescend
mmioOpenA
mmioOpenW
mmioAscend
mmioRead
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetDevCapsA
mixerOpen
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInOpen
mixerClose
mixerGetNumDevs

avmodule50

?StartThread@CAVManager@@QAEXXZ
?SetBufferTime@CAVManager@@QAEXH@Z
?SetAudioInfo@CAVManager@@QAEXHHHHH_N0@Z
?InitConfigInfo@CAVManager@@QAEHPBD@Z
?SetUserInfo@CAVManager@@QAEXHHPBD@Z
?SetNetInfo@CAVManager@@QAEXPBDI@Z
?StartSocket@CAVManager@@QAEXXZ
?GetNetRate@CAVManager@@QAEIXZ
?SetInputAudioOpen@CAVManager@@QAEXH@Z
?GetInputAudioOpen@CAVManager@@QAEHXZ
?GetOutput@CAVManager@@QAEPAVCWnd@@H@Z
?SetVideoInfoEx@CAVManager@@QAEXHHHHH@Z
?GetInput@CAVManager@@QAEPAVCWnd@@XZ
?SetOutputAudioOpen@CAVManager@@QAEXHH@Z
?AddAudioData@CAVManager@@QAEXPAEH@Z
?GetAudioFrameLength@CAVManager@@QAEHXZ
?SetWaveIn@CAVManager@@QAE_N_N@Z
?SetSnapshotFilePath@CAVManager@@QAEXPBD@Z
?Close@CAVManager@@QAEXXZ
??0CAVManager@@QAE@PAVCWnd@@@Z

mfc42

ord700
ord398
ord6379
ord4267
ord3729
ord4406
ord955
ord6119
ord562
ord816
ord5148
ord2113
ord6111
ord6128
ord3138
ord4287
ord2112
ord783
ord3711
ord4083
ord3289
ord2455
ord2408
ord1862
ord1795
ord4123
ord538
ord3005
ord1116
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4809
ord656
ord3610
ord1601
ord3767
ord3061
ord361
ord2516
ord2935
ord781
ord3708
ord1929
ord4189
ord3021
ord913
ord5594
ord5632
ord819
ord568
ord6145
ord5863
ord1265
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord4033
ord433
ord4538
ord3394
ord2097
ord3920
ord4317
ord2587
ord5265
ord4376
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord3571
ord800
ord641
ord540
ord324
ord825
ord3626
ord3663
ord2414
ord4234
ord2864
ord823
ord858
ord924
ord6199
ord3092
ord2818
ord6241
ord4710
ord4299
ord2379
ord1768
ord1641
ord535
ord2405
ord5785
ord640
ord1640
ord323
ord2302
ord2078
ord537
ord860
ord3874
ord3584
ord543
ord1187
ord803
ord668
ord3181
ord3178
ord4058
ord2781
ord2770
ord356
ord1175
ord1168
ord2764
ord6215
ord2086
ord2370
ord6334
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord6055
ord1776
ord5290
ord3402
ord4424
ord567
ord2135
ord609
ord693
ord818
ord2688
ord4284
ord6605
ord755
ord1099
ord470
ord922
ord4278
ord5683
ord2393
ord690
ord665
ord1988
ord1979
ord6385
ord5353
ord5186
ord354
ord5207
ord6059
ord389
ord6663
ord5875
ord4476
ord2915
ord4853
ord3706
ord4133
ord4297
ord2859
ord6880
ord4402
ord3640
ord6905
ord3998
ord2567
ord3996
ord3301
ord5981
ord4243
ord2754
ord501
ord5621
ord1083
ord1949
ord4034
ord6134
ord4129
ord2642
ord2566
ord941
ord3619
ord2452
ord2116
ord2546
ord1176
ord291
ord809
ord773
ord556
ord1088
ord2122
ord6901
ord3977
ord6007
ord6907
ord5642
ord998
ord2639
ord2862
ord3286
ord6157
ord3716
ord790
ord4275
ord3797
ord6197
ord3546
ord3742
ord1233
ord3089
ord3721
ord795
ord3573
ord5787
ord6172
ord5789
ord283
ord939
ord4396
ord3574
ord3693
ord3317
ord613
ord289
ord2860
ord923
ord6453
ord2763
ord5810
ord5481
ord2031
ord4411
ord4447
ord4335
ord4863
ord5796
ord5478
ord1971
ord966
ord3570
ord605
ord521
ord278
ord6307
ord4167
ord1638
ord2029
ord2077
ord2575
ord940
ord926
ord5710
ord6877
ord1200
ord6200
ord5937
ord6136
ord6779
ord6648
ord3763
ord2513
ord293
ord3771
ord4277
ord2753
ord1574
ord5607
ord2762
ord5442
ord3318
ord472
ord2820
ord3811
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord801
ord541
ord804
ord686
ord2301
ord2289
ord4204
ord3283
ord3258
ord1705
ord430
ord1269
ord4694
ord6883
ord539
ord6143
ord925
ord861
ord6785
ord6282
ord6283
ord3097
ord6569
ord542
ord2777
ord3337
ord1980
ord5600
ord3994
ord2776
ord6467
ord2096
ord384
ord798
ord1997
ord6392
ord5194
ord533
ord5572
ord2919
ord6778
ord6930
ord1158
ord2614
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord3803
ord6358
ord1799
ord614
ord2623
ord290
ord4226
ord2486
ord4003
ord5788
ord6021
ord5440
ord6383
ord5450
ord6394
ord6442
ord2784
ord2100
ord2580
ord4400
ord3630
ord682
ord6734
ord3572
ord1793
ord4160
ord5873
ord2515
ord355
ord6696
ord2582
ord3370
ord6762
ord6242
ord5861
ord3752
ord3910
ord4202
ord2089
ord4480
ord5651
ord3616
ord3127
ord5608
ord5356
ord5808
ord6058
ord1075
ord5204
ord3229
ord353
ord3293
ord3719
ord793
ord326
ord2645
ord1567
ord268
ord6888
ord6675
ord5807
ord3698
ord765
ord4224
ord2108
ord2574

msvcrt

_itoa
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_EH_prolog
strstr
malloc
_vsnprintf
printf
fprintf
memmove
towupper
isdigit
_mbsrchr
_local_unwind2
_except_handler3
exit
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_i64toa
_snprintf
srand
localtime
strftime
puts
_beginthreadex
atol
wcslen
_atoi64
rand
fscanf
fgets
getc
fputc
fflush
ftell
fseek
fwrite
fread
fopen
fclose
_purecall
strncpy
sprintf
time
_ftol
__CxxFrameHandler
atoi
_mbscmp
wcscpy

kernel32

WaitForSingleObject
CreateFileA
GetFileSize
ReadFile
GetLastError
CreateDirectoryA
GetFileAttributesA
WideCharToMultiByte
WinExec
GetPrivateProfileStringA
WritePrivateProfileStringA
OutputDebugStringA
FindResourceW
LoadResource
SizeofResource
LockResource
lstrlenW
InterlockedIncrement
GetVersionExA
IsDBCSLeadByte
GetModuleFileNameA
GetTickCount
Sleep
InterlockedDecrement
MultiByteToWideChar
CreateThread
lstrlenA
GetExitCodeThread
TerminateThread
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
CreateEventA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
InitializeCriticalSection
lstrcmpA
GetSystemDirectoryA
MulDiv
lstrcpynA
GetWindowsDirectoryA
IsValidCodePage
GetCPInfo
GetVersion
LocalAlloc
LocalFree
FindFirstFileA
FindClose
GetCurrentThreadId
FindResourceA
GlobalFree
WriteFile
IsBadWritePtr
VirtualQuery
FormatMessageA
GetLocalTime
SetFilePointer
SetUnhandledExceptionFilter
SetEvent
GetPrivateProfileIntA

user32

GetMenuState
CreateWindowExA
GetMenuItemRect
wvsprintfA
SetCapture
ReleaseCapture
wsprintfA
UnhookWindowsHookEx
CreateMenu
GetMenuStringA
ModifyMenuA
InsertMenuA
SetWindowsHookExA
CallNextHookEx
GetClassNameA
CallWindowProcA
IsRectEmpty
SetParent
GetScrollInfo
DestroyWindow
MessageBeep
CopyIcon
IsZoomed
RegisterClassA
MoveWindow
EnableMenuItem
MessageBoxA
InflateRect
CopyImage
UpdateWindow
GetDlgCtrlID
BeginPaint
EndPaint
DefWindowProcA
SetRect
FillRect
RegisterClassExA
SetFocus
IsWindowVisible
SetRectEmpty
KillTimer
GetMenu
GetMenuItemCount
GetClassInfoExA
InvalidateRect
CreatePopupMenu
CopyRect
DrawTextA
GetSysColor
LoadBitmapA
SetTimer
SetWindowRgn
GetSystemMetrics
GetWindowRect
SetCursor
PtInRect
LoadCursorA
LoadImageA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
LoadMenuA
GetSubMenu
GetClientRect
IsWindow
SendMessageA
EnableWindow
GetDC
ShowScrollBar
GetWindowDC
OffsetRect
ReleaseDC
GetParent
PostMessageA
GetWindow
GetWindowTextA
GetWindowLongA
ScreenToClient
SetWindowLongA
RedrawWindow
DrawStateA
WindowFromPoint
IsChild
SetActiveWindow
FindWindowA
LoadIconA
CheckMenuItem
GetDesktopWindow
GetAsyncKeyState
GetFocus
SetForegroundWindow
GetMenuItemID
UnregisterClassA
ShowWindow
SystemParametersInfoA
GetSystemMenu
RemoveMenu
IsIconic
FlashWindow
SetWindowPos
ClientToScreen

gdi32

GetDIBits
SetDIBits
Ellipse
GetDeviceCaps
EnumFontFamiliesExA
GetPixel
CreateBitmap
SetBkColor
GetMapMode
GetTextMetricsA
GetTextExtentPoint32A
Rectangle
SetMapMode
SetBkMode
SetTextColor
CreateFontIndirectA
TextOutA
CreatePen
CreateFontA
CreateCompatibleBitmap
GetStockObject
StretchBlt
CreateRoundRectRgn
CreateRectRgn
BeginPath
EndPath
PathToRegion
CombineRgn
CreateSolidBrush
CreateDIBSection
SelectObject
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBitmap
FillPath
GetObjectA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Add
_TrackMouseEvent

ole32

CoCreateInstance
CoInitialize
OleRun
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleSetContainedObject
ReleaseStgMedium
OleDuplicateData
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize

olepro32

ord251

oleaut32

CreateErrorInfo
SysAllocStringByteLen
SysAllocString
SysFreeString
VariantInit
VariantCopy
VariantClear
VariantChangeType
SysStringLen
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SetErrorInfo
SysStringByteLen

wsock32

sendto
socket
gethostbyname
inet_addr
WSACleanup
WSAGetLastError
select
shutdown
closesocket
recvfrom
__WSAFDIsSet

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

gdiplus

GdipCreatePen1
GdipDrawString
GdipDeleteFontFamily
GdipGetFontSize
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCreateStringFormat
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipFillRectangleI
GdipCreateSolidFill
GdipCreateFromHDC
GdipFree
GdipAlloc
GdipCloneBrush
GdipDrawLineI
GdipCreateFontFamilyFromName
GdipCloneImage
GdipDrawImageRect
GdipLoadImageFromFile
GdipReleaseDC
GdipDeletePath
GdipDrawPath
GdipAddPathStringI
GdipCreatePath
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipDrawRectangleI
GdipDeletePen
GdipDeleteFont
GdipDisposeImage
GdipDeleteBrush
GdipDeleteStringFormat
GdipDeleteGraphics
GdipCreateFont

publictool

?Close@CxMemFile@@UAE_NXZ
??0CxMemFile@@QAE@PAEK@Z
??1CxMemFile@@UAE@XZ
?Destroy@CxImage@@QAE_NXZ
?DestroyFrames@CxImage@@QAE_NXZ
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@ABV0@_N11@Z
?Save@CxImage@@QAE_NPBDK@Z
?SetJpegQuality@CxImage@@QAEXE@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?IsGrayScale@CxImage@@QAE_NXZ
?IsValid@CxImage@@QBE_NXZ
?Load@CxImage@@QAE_NPBDK@Z
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?GetRealBuffer@CBuffer@@QAEPBEXZ
?Read@CxMemFile@@UAEIPAXII@Z
??0CBuffer@@QAE@PAEK@Z
??0CBuffer@@QAE@ABV0@@Z
?base64_encode@CBase64@@SAHPADI0@Z
?base64_decode@CBase64@@SAHPADI0@Z
?GetHashItemNum@CHash@@QAEHXZ
?InsertItem@CHash@@QAEHPBDPAX@Z
?QueryItem@CHash@@QAEPAXPBD@Z
?UnCompressNetData@CZip@@SA_NPAEPAKPBEK@Z
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?GetC@CxMemFile@@UAEJXZ
?GetS@CxMemFile@@UAEPADPADH@Z
?Scanf@CxMemFile@@UAEJPBDPAX@Z
?Write@CxMemFile@@UAEIPBXII@Z
?Seek@CxMemFile@@UAE_NJH@Z
?Tell@CxMemFile@@UAEJXZ
?Size@CxMemFile@@UAEJXZ
?Flush@CxMemFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxMemFile@@UAEJXZ
?GetRealLen@CBuffer@@QAEKXZ
?PutC@CxMemFile@@UAE_NE@Z
??1CBuffer@@UAE@XZ
??0CBuffer@@QAE@K@Z
?GetBuffer@CBuffer@@QAEPAEXZ
?GetBufferLen@CBuffer@@QAEKXZ
?SetPos@CBuffer@@QAEXKK@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?InsertItem@CHash@@QAEHJPAX@Z
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXXZ
??1CHash@@UAE@XZ
?InitParam@CHash@@QAEHXZ
??0CxImageEx@@QAE@K@Z
?Load@CxImageEx@@QAE_NPBDK@Z
?GetDIB@CxImageEx@@QBEPAXXZ
?GetBits@CxImageEx@@QAEPAEK@Z
??1CxImageEx@@UAE@XZ
?QueryItem@CHash@@QAEPAXJ@Z
??0CHash@@QAE@K@Z

shlwapi

PathFileExistsA
PathIsDirectoryA

pdh

PdhGetRawCounterValue
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhRemoveCounter
PdhAddCounterA
PdhCloseQuery
PdhOpenQueryA
PdhComputeCounterStatistics

Exports

Exports

??0CFlashTab@@QAE@PAVCWnd@@@Z
??0CPictureExEx@@QAE@XZ
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??0mutecontrol@@QAE@ABV0@@Z
??0mutecontrol@@QAE@XZ
??1CFlashTab@@UAE@XZ
??1CPictureExEx@@UAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1mutecontrol@@UAE@XZ
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4mutecontrol@@QAEAAV0@ABV0@@Z
??_7CFlashTab@@6B@
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_7mutecontrol@@6B@
??_FCFlashTab@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Close@mutecontrol@@QAEXXZ
?Create@mutecontrol@@QAEXPAVCWnd@@KK@Z
?DoDataExchange@CFlashTab@@MAEXPAVCDataExchange@@@Z
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetAppPath@CFlashTab@@AAEXXZ
?GetC@CxIOFile@@UAEJXZ
?GetFrameCount@CPictureExEx@@QBEHXZ
?GetMessageMap@CFlashTab@@MBEPBUAFX_MSGMAP@@XZ
?GetNextBlock@CPictureExEx@@IBE?AW4GIFBlockTypes@1@XZ
?GetNextBlockLen@CPictureExEx@@IBEHXZ
?GetNextGraphicBlock@CPictureExEx@@IAEPAXPAI0PAUtagSIZE@@10@Z
?GetPaintRect@CPictureExEx@@QAEHPAUtagRECT@@@Z
?GetS@CxIOFile@@UAEPADPADH@Z
?GetSize@CPictureExEx@@QBE?AUtagSIZE@@XZ
?GetSubBlocksLen@CPictureExEx@@IBEII@Z
?GetValue@mutecontrol@@QAEKXZ
?IsAnimatedGIF@CPictureExEx@@QBEHXZ
?IsGIF@CPictureExEx@@QBEHXZ
?IsPlaying@CPictureExEx@@QBEHXZ
?Load@CPictureExEx@@QAEHPAXK@Z
?Load@CPictureExEx@@QAEHPBD0@Z
?Load@CPictureExEx@@QAEHPBD@Z
?OnButtonClose@CFlashTab@@IAEXXZ
?OnInitDialog@CFlashTab@@MAEHXZ
?OnKillFocus@CFlashTab@@IAEXPAVCWnd@@@Z
?OnNotify@CFlashTab@@MAEHIJPAJ@Z
?OnPaint@CFlashTab@@IAEXXZ
?OnSelect@CFlashTab@@IAEJIJ@Z
?OnSetFocus@CFlashTab@@IAEJIJ@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?ResetDataPointer@CPictureExEx@@IAEXXZ
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?SetPaintRect@CPictureExEx@@QAEHPBUtagRECT@@@Z
?SetValue@mutecontrol@@QAEXK@Z
?Size@CxIOFile@@UAEJXZ
?SkipNextBlock@CPictureExEx@@IAEHXZ
?SkipNextGraphicBlock@CPictureExEx@@IAEHXZ
?Tell@CxIOFile@@UAEJXZ
?UnLoad@CPictureExEx@@QAEXXZ
?Write@CxIOFile@@UAEIPBXII@Z
?_GetBaseMessageMap@CFlashTab@@KGPBUAFX_MSGMAP@@XZ
?_messageEntries@CFlashTab@@0QBUAFX_MSGMAP_ENTRY@@B
?initCtrl@CFlashTab@@AAEXXZ
?messageMap@CFlashTab@@1UAFX_MSGMAP@@B
CreatePublicDLL

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV.dll
.dll windows:4 windows x86 arch:x86

ed4f07701b9193bc6a264d6d02e935c2

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:91:fa:89:70:5d:d4:8d:07:23:72:85:b1:c7:fc:a2:8d:d3:3f:01
Signer

Actual PE Digest

75:91:fa:89:70:5d:d4:8d:07:23:72:85:b1:c7:fc:a2:8d:d3:3f:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord1187
ord4220
ord2584
ord3654
ord924
ord384
ord2754
ord2408
ord2753
ord537
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord2614
ord5572
ord2919
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord858
ord5875
ord323
ord1640
ord1641
ord686
ord5785
ord600
ord826
ord269
ord2567
ord2566
ord2405
ord640
ord2414
ord3626
ord3663
ord540
ord800
ord3571
ord823
ord2438
ord825
ord1116

msvcrt

__CxxFrameHandler
_snprintf
memmove
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetMenuItemID
AppendMenuA
InsertMenuA
CreatePopupMenu
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetMenuStringA
FillRect
GetSubMenu

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiChatKTV3.dll
.dll windows:4 windows x86 arch:x86

dbb0007891f3bce41b5618c638f54f0f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f6:8e:42:f7:1f:d5:6d:64:c8:9e:1e:7e:1d:9f:d4:72:82:18:54:73
Signer

Actual PE Digest

f6:8e:42:f7:1f:d5:6d:64:c8:9e:1e:7e:1d:9f:d4:72:82:18:54:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord1200
ord1187
ord4220
ord2584
ord3654
ord924
ord384
ord2754
ord2408
ord2753
ord537
ord3573
ord3693
ord5787
ord5788
ord283
ord2859
ord2452
ord2096
ord2097
ord1168
ord535
ord1175
ord1146
ord807
ord4163
ord6625
ord554
ord860
ord2614
ord5572
ord2919
ord2863
ord1644
ord5440
ord6383
ord5450
ord6394
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord858
ord5875
ord323
ord1640
ord1641
ord686
ord5785
ord600
ord826
ord269
ord2567
ord2566
ord2405
ord640
ord2414
ord3663
ord3626
ord540
ord800
ord3571
ord823
ord2438
ord825
ord1116

msvcrt

__CxxFrameHandler
_snprintf
memmove
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ
_purecall

kernel32

LocalFree
LoadLibraryA
GetLastError
GetProcAddress
FreeLibrary
LocalAlloc

user32

LoadBitmapA
GetDC
ReleaseDC
SendMessageA
CopyRect
RemoveMenu
DrawStateA
InflateRect
GetSysColor
LoadImageA
GetClientRect
GetSystemMetrics
GetMenuItemID
AppendMenuA
InsertMenuA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetMenuStringA
GetSubMenu
FillRect
CreatePopupMenu

gdi32

Rectangle
GetObjectA
CreatePen
GetTextExtentPoint32A
CreateCompatibleDC
CreateSolidBrush
StretchBlt
BitBlt
CreateCompatibleBitmap

comctl32

ImageList_Draw
ImageList_AddMasked

Exports

Exports

CreateKTV
GetDllIndex

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MultiTenRoom.dll
.dll windows:4 windows x86 arch:x86

26f45632e76afca07d942129f6233159

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9c:5f:46:41:e8:67:42:c0:53:fe:d1:40:02:6a:49:21:de:0c:f1:2b
Signer

Actual PE Digest

9c:5f:46:41:e8:67:42:c0:53:fe:d1:40:02:6a:49:21:de:0c:f1:2b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

sndPlaySoundA
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetLineControlsA
mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA

mvuilib

?SetItemConsumeImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@H@Z
?RemoveMenuEx@CMenuEx@@QAEHII@Z
?LoadMenuA@CMenuEx@@QAEHI@Z
?SetItemHeight@CUIOtherdrawListCtrlTemplate@@QAEXI@Z
?ModifyMenuEx@CMenuEx@@QAEHIIIPBD@Z
?SelectItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetItemColor@CUIOtherdrawListCtrlTemplate@@QAEXHK@Z
?SetItemGifImage@CUIOtherdrawListCtrlTemplate@@QAEHHHPBDKVCString@@@Z
?SetToolTipHitMask@CUIOtherdrawListCtrlTemplate@@QAEGG@Z
?AddLPVOIDInfo@CUIOtherdrawListCtrlTemplate@@QAEXPAXH@Z
?OnMouseMove@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?PreSubclassWindow@CColorStatic@@UAEXXZ
?WindowProc@CColorStatic@@MAEJIIJ@Z
?DefWindowProcA@CColorStatic@@MAEJIIJ@Z
?NeedShowHandCursor@CUIButtonTemplate@@QAEXH@Z
?SetToolTipText@CUIButtonTemplate@@QAEXPBD@Z
?SetSkinConfContext@CUIDlgTemplate@@QAEXPAVCSkinConfContext@@@Z
?Create@CUIDlgTemplate@@QAEHIPAVCWnd@@@Z
??1CBaseComboBox@@UAE@XZ
?DeleteItem@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?SetSelectColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetSelectFrameColor@CUIOtherdrawListCtrlTemplate@@QAEXK@Z
?SetListCtrlBackTpye@CUIOtherdrawListCtrlTemplate@@QAEX_N@Z
?GetBitmapWidth@CAppSysOperation@@QAEHXZ
?GetBitmapHeight@CAppSysOperation@@QAEHXZ
??0CUIOtherdrawListCtrlTemplate@@QAE@XZ
??1CUIOtherdrawListCtrlTemplate@@UAE@XZ
?OnInitDialog@CUIDlgTemplate@@MAEHXZ
?SetFrameColor@CUIListCtrlBaseTemplate@@QAEXK@Z
?SetDrawFrame@CUIListCtrlBaseTemplate@@QAEXH@Z
?messageMap@CUIDlgTemplate@@1UAFX_MSGMAP@@B
?DoDataExchange@CUIDlgTemplate@@MAEXPAVCDataExchange@@@Z
??0CUIDlgTemplate@@QAE@IPAVCWnd@@@Z
??0CUIListCtrlButtonEx@@QAE@XZ
??1CUIDlgTemplate@@UAE@XZ
??1CUIListCtrlButtonEx@@UAE@XZ
?FitBitmapSize@CAppSysOperation@@UAEXXZ
?PaintBackGround@CUIDlgTemplate@@MAEHPAVCDC@@@Z
?LoadSkin@CUIDlgTemplate@@UAEHPAX@Z
?GetCurrentSkin@CAppSysOperation@@UAEHPAX@Z
?OnLButtonDown@CUIButtonTemplate@@IAEXIVCPoint@@@Z
?SetBold@CColorStatic@@QAEX_N@Z
??1CMenuEx@@UAE@XZ
??0CMenuEx@@QAE@XZ
?AppendMenuEx@CMenuEx@@QAEHIIPBD@Z
?GetRuntimeClass@CMenuEx@@UBEPAUCRuntimeClass@@XZ
?DrawItem@CMenuEx@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?MeasureItem@CMenuEx@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z
?messageMap@CUIButtonTemplate@@1UAFX_MSGMAP@@B
?PreSubclassWindow@CUIButtonTemplate@@MAEXXZ
?PreTranslateMessage@CUIButtonTemplate@@MAEHPAUtagMSG@@@Z
?DrawItem@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?HandleMouseMove@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnDown@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?HandleMouseLeftBtnUp@CUIButtonTemplate@@MAEHIVCPoint@@@Z
?DrawPushButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawRadioButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawCheckBoxButton@CUIButtonTemplate@@MAEXPAUtagDRAWITEMSTRUCT@@@Z
?SetCtrlTextFont@CAppSysAttribute@@UAEXUtagLOGFONTA@@@Z
?GetCtrlTextFont@CAppSysAttribute@@UAEAAUtagLOGFONTA@@XZ
?SetCtrlTextColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlTextColor@CAppSysAttribute@@UAEKXZ
?SetCtrlBackColor@CAppSysAttribute@@UAEXK@Z
?GetCtrlBackColor@CAppSysAttribute@@UAEKXZ
?SetCtrlTextBold@CAppSysAttribute@@UAEXH@Z
?EnableCtrlTextBold@CAppSysAttribute@@UAEHXZ
??0CBaseComboBox@@QAE@XZ
??1CUIStaticTemplate@@UAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ
??1CColorStatic@@UAE@XZ
??1CSkinComboBox@@UAE@XZ
??0CUIStaticTemplate@@QAE@XZ
??0CUINoRegularButtonTemplate@@QAE@XZ
??0CColorStatic@@QAE@XZ
??0CSkinComboBox@@QAE@XZ
?SetColor@CColorStatic@@QAEXKKK@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?SetColorFrame@CSkinComboBox@@QAEXK@Z
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
??1CBaseEdit@@UAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??0CBaseEdit@@QAE@XZ
?SetCtrlTextHeight@CAppSysAttribute@@UAEXH@Z
?GetCtrlTextHeight@CAppSysAttribute@@UAEHXZ
?SetCtrlTextType@CAppSysAttribute@@UAEHVCString@@@Z
?GetCtrlTextType@CAppSysAttribute@@UAEAAVCString@@XZ
?FitBitmapSize@CUIButtonTemplate@@UAEXXZ
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@@Z
?AttachBitmapHadle@CAppSysOperation@@UAEXPAUHBITMAP__@@PAVCBitmap@@@Z
?CleanUp@CAppSysOperation@@UAEXXZ
?PaintBackGround@CAppSysOperation@@UAEHPAVCDC@@@Z
?DrawSkin@CAppSysOperation@@UAEHPAUtagDRAWITEMSTRUCT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHUtagRECT@@@Z
?AdjustPosition@CAppSysOperation@@UAEHHHHH@Z
?DrawContent@CAppSysOperation@@UAEHPAVCDC@@VCString@@AAVCRect@@H@Z
?LoadSkin@CUIButtonTemplate@@UAEHPAX@Z
?CleanSkin@CAppSysOperation@@UAEHPAX@Z
?GetCurrentSkin@CUIButtonTemplate@@MAEHPAX@Z
?InitializeOperation@CAppSysOperation@@UAEXPAVCWnd@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@@Z
?LoadBitmapFileToMem@CAppSysOperation@@UAEHPAUHINSTANCE__@@VCString@@PAVCBitmap@@@Z
?CleanBitmapMem@CAppSysOperation@@UAEHXZ
?IsControlHaveSkin@CAppSysOperation@@UAEHXZ
?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
?SetHaveText@CUIButtonTemplate@@QAEX_NI@Z
?SetBtnTextColor@CUIButtonTemplate@@QAEXK@Z
?SetFrameColor@CBaseEdit@@QAEXK@Z
?SetDrawFrame@CBaseEdit@@QAEXH@Z
??0CUIButtonTemplate@@QAE@XZ

avmodule50

?GetOutput@CAVManager@@QAEPAVCWnd@@H@Z
?GetNetRate@CAVManager@@QAEIXZ
??0CAVManager@@QAE@PAVCWnd@@@Z
?SetNetInfo@CAVManager@@QAEXPBDI@Z
?StartThread@CAVManager@@QAEXXZ
?SetBufferTime@CAVManager@@QAEXH@Z
?SetAudioInfo@CAVManager@@QAEXHHHHH_N0@Z
?SetVideoInfoEx@CAVManager@@QAEXHHHHH@Z
?InitConfigInfo@CAVManager@@QAEHPBD@Z
?StartSocket@CAVManager@@QAEXXZ
?GetInput@CAVManager@@QAEPAVCWnd@@XZ
?Close@CAVManager@@QAEXXZ
?SetUserInfo@CAVManager@@QAEXHHPBD@Z
?SetSnapshotFilePath@CAVManager@@QAEXPBD@Z

mfc42

ord1243
ord3771
ord291
ord2546
ord6143
ord6883
ord2065
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord1182
ord1577
ord1575
ord1176
ord1116
ord342
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord540
ord825
ord2302
ord860
ord2818
ord858
ord924
ord2078
ord6199
ord6241
ord535
ord537
ord4299
ord3874
ord2370
ord3092
ord6334
ord3571
ord5241
ord809
ord773
ord641
ord823
ord556
ord501
ord324
ord3626
ord3663
ord2414
ord4234
ord1088
ord2122
ord6215
ord6901
ord4710
ord6905
ord3977
ord6007
ord6907
ord5642
ord1083
ord998
ord2639
ord2862
ord3286
ord755
ord2754
ord470
ord2086
ord1168
ord6605
ord640
ord5785
ord1640
ord1641
ord1146
ord323
ord2405
ord6157
ord6055
ord1776
ord5290
ord3402
ord4424
ord3716
ord790
ord567
ord4275
ord2379
ord2859
ord3797
ord6197
ord3546
ord3742
ord818
ord1233
ord2864
ord3089
ord2135
ord3619
ord2116
ord4284
ord6172
ord5875
ord5789
ord2567
ord2566
ord283
ord1175
ord939
ord4396
ord3574
ord2438
ord6270
ord941
ord4129
ord1644
ord2763
ord4278
ord5683
ord5621
ord665
ord354
ord6779
ord940
ord1979
ord5442
ord3318
ord5186
ord6385
ord804
ord686
ord609
ord1768
ord6785
ord5981
ord922
ord4277
ord2764
ord3693
ord4133
ord4297
ord5788
ord5600
ord2642
ord3573
ord6663
ord2575
ord2574
ord3572
ord1793
ord4160
ord6358
ord5873
ord3706
ord3721
ord795
ord6453
ord2860
ord613
ord289
ord6021
ord5787
ord6880
ord926
ord3301
ord3996
ord2452
ord4476
ord384
ord2289
ord6696
ord2100
ord2096
ord2298
ord2119
ord353
ord1187
ord4220
ord2584
ord3654
ord2408
ord2753
ord2097
ord807
ord4163
ord6625
ord554
ord2614
ord5572
ord2919
ord2863
ord5440
ord6383
ord5450
ord6394
ord3317
ord2582
ord4402
ord3640
ord3293
ord3910
ord3452
ord2515
ord355
ord5710
ord4202
ord5607
ord1200
ord3708
ord781
ord1756
ord6134
ord3719
ord793
ord326
ord2645
ord3998
ord2380
ord2776
ord690
ord2393
ord1988
ord5207
ord6059
ord389
ord1929
ord3005
ord1601
ord538
ord4123
ord861
ord2688
ord539
ord4400
ord3630
ord682
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord5794
ord5678
ord5736
ord5579
ord5571
ord4694
ord5864
ord3596
ord3754
ord3753
ord3370
ord693
ord4243
ord6242
ord2714
ord3711
ord783
ord2112
ord6442
ord4287
ord3138
ord6128
ord3752
ord2915
ord398
ord700
ord955
ord4189
ord3021
ord913
ord5594
ord5632
ord6877
ord6200
ord5937
ord6136
ord6648
ord3763
ord2513
ord293
ord5356
ord5808
ord1075
ord5204
ord3229
ord1949
ord4034
ord4538
ord2587
ord4406
ord3394
ord3729
ord4267
ord3920
ord4317
ord5575
ord4033
ord433
ord1799
ord614
ord2623
ord290
ord4622
ord4226
ord2486
ord4003
ord3584
ord543
ord803
ord3283
ord3258
ord1705
ord430
ord1269
ord2935
ord2516
ord361
ord3061
ord3767
ord1158
ord2820
ord3811
ord536
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3738
ord815
ord561
ord3953
ord801
ord541
ord6111
ord6195
ord3870
ord4204
ord6283
ord925
ord6061

msvcrt

wcslen
_adjust_fdiv
_initterm
free
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__CxxFrameHandler
atoi
_mbscmp
_ftol
fclose
fprintf
fopen
sprintf
rand
_CxxThrowException
memmove
_mbsrchr
towupper
_purecall
malloc
strncpy
time
_i64toa
atol
_snprintf
__dllonexit
_onexit
_except_handler3

kernel32

GetFileSize
GetLastError
GlobalAlloc
GetModuleHandleA
GlobalUnlock
GetVersionExA
OutputDebugStringA
LocalAlloc
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WritePrivateProfileStringA
lstrcmpA
lstrcpynA
GetWindowsDirectoryA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetExitCodeThread
TerminateThread
WriteFile
IsBadWritePtr
VirtualQuery
FormatMessageA
SetFilePointer
SetUnhandledExceptionFilter
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenA
CreateFileA
GlobalLock
ReadFile
GetTickCount
CreateThread
CloseHandle
GetLocalTime
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
Sleep
GetModuleFileNameA
WinExec

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClassNameA
SetActiveWindow
GetDesktopWindow
CopyIcon
MessageBeep
GetWindow
CallWindowProcA
GetScrollInfo
SetParent
IsRectEmpty
OffsetRect
UpdateWindow
GrayStringA
DrawTextA
TabbedTextOutA
SetForegroundWindow
IsIconic
GetSystemMetrics
GetAsyncKeyState
LoadIconA
ReleaseCapture
SetCapture
EnableMenuItem
GetMessagePos
wvsprintfA
GetWindowLongA
SetWindowLongA
GetMenuItemRect
CreateWindowExA
ModifyMenuA
GetMenuState
CreateMenu
LoadMenuA
GetMenuItemCount
GetMenuStringA
GetSubMenu
InsertMenuA
AppendMenuA
GetMenuItemID
RemoveMenu
GetSysColor
ShowWindow
FlashWindow
MessageBoxA
RedrawWindow
DrawIcon
wsprintfA
CopyRect
GetWindowTextA
DrawStateA
SetWindowRgn
GetWindowDC
SetWindowPos
IsWindow
KillTimer
IsWindowVisible
SetTimer
PostMessageA
SetRectEmpty
GetClientRect
EnableWindow
GetFocus
GetDlgCtrlID
SendMessageA
WindowFromPoint
IsChild
SendMessageTimeoutA
InflateRect
CreatePopupMenu
GetWindowRect
LoadImageA
FillRect
ClientToScreen
GetParent
ScreenToClient
LoadCursorA
SetCursor
GetDC
ReleaseDC
InvalidateRect
PtInRect
LoadBitmapA
GetCursorPos

gdi32

GetTextExtentPoint32A
GetTextMetricsA
GetMapMode
PtVisible
CreatePen
ExtTextOutA
Escape
SetDIBits
GetDIBits
CreateFontIndirectA
EndPath
Ellipse
BeginPath
CreateRoundRectRgn
Rectangle
CreateCompatibleBitmap
CreateBitmap
SelectObject
SetBkColor
CreateRectRgn
CombineRgn
GetPixel
TextOutA
CreateSolidBrush
FillPath
CreateDIBitmap
SetTextColor
DeleteDC
DeleteObject
CreateFontA
GetStockObject
StretchBlt
BitBlt
GetObjectA
RectVisible
CreateCompatibleDC

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc

comctl32

FlatSB_EnableScrollBar
InitCommonControlsEx
ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent
InitializeFlatSB

ole32

StgCreateDocfileOnILockBytes
CoCreateInstance
CoInitialize
OleCreateStaticFromData
CreateILockBytesOnHGlobal
CoUninitialize
OleSetContainedObject
CoInitializeEx
OleRun

oleaut32

VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
SafeArrayPutElement
SafeArrayCreate
SafeArrayGetUBound
SafeArrayGetLBound
GetErrorInfo
SetErrorInfo
VariantChangeType
CreateErrorInfo

publictool

??1CBuffer@@UAE@XZ
?base64_decode@CBase64@@SAHPADI0@Z
?GetBits@CxImageEx@@QAEPAEK@Z
??1CxImageEx@@UAE@XZ
?QueryItem@CHash@@QAEPAXPBD@Z
??0CBuffer@@QAE@K@Z
?GetHashItemNum@CHash@@QAEHXZ
??1CHash@@UAE@XZ
??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ
?QueryItem@CHash@@QAEPAXJ@Z
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXXZ
?GetBufferLen@CBuffer@@QAEKXZ
?SetPos@CBuffer@@QAEXKK@Z
?GetBuffer@CBuffer@@QAEPAEXZ
?base64_encode@CBase64@@SAHPADI0@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?InsertItem@CHash@@QAEHJPAX@Z
??0CxImageEx@@QAE@K@Z
?Load@CxImageEx@@QAE_NPBDK@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?GetDIB@CxImageEx@@QBEPAXXZ

Exports

Exports

??0CRoomInfo@@QAE@ABV0@@Z
??0CRoomInfo@@QAE@XZ
??1CRoomInfo@@UAE@XZ
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CRoomInfo@@UAEAAV0@ABV0@@Z
??_7CRoomInfo@@6B@
?ClearAll@CRoomInfo@@QAEXXZ
?DeleteAllUser@CRoomInfo@@QAEXXZ
?GetCurrentNumber@CRoomInfo@@QAEHXZ
?GetCurrentRoomStats@CRoomInfo@@QAEHXZ
?GetEnterRoomType@CRoomInfo@@QAEHXZ
?GetID@CRoomInfo@@QAE?AVCString@@XZ
?GetIntroduce@CRoomInfo@@QAE?AVCString@@XZ
?GetLeader@CRoomInfo@@QAEPAVCUserInfo@@XZ
?GetLevel@CRoomInfo@@QAEHXZ
?GetLimitNumber@CRoomInfo@@QAEHXZ
?GetMasterID@CRoomInfo@@QAE?AVCString@@XZ
?GetName@CRoomInfo@@QAE?AVCString@@XZ
?GetOther@CRoomInfo@@QAE?AVCString@@XZ
?GetPassword@CRoomInfo@@QAE?AVCString@@XZ
?GetPort@CRoomInfo@@QAEHXZ
?GetRoomLevel@CRoomInfo@@QAEHXZ
?GetSort@CRoomInfo@@QAEHXZ
?GetStatus@CRoomInfo@@QAEHXZ
?GetType@CRoomInfo@@QAEHXZ
?GetUser@CRoomInfo@@QAEXHPAVCHash@@@Z
?GetVip@CRoomInfo@@QAE_NXZ
?SetCurrentNumber@CRoomInfo@@QAEXH@Z
?SetCurrentRoomStats@CRoomInfo@@QAEXH@Z
?SetEnterRoomType@CRoomInfo@@QAEXH@Z
?SetID@CRoomInfo@@QAEXPBD@Z
?SetIntroduce@CRoomInfo@@QAEXPBD@Z
?SetLevel@CRoomInfo@@QAEXH@Z
?SetLimitNumber@CRoomInfo@@QAEXH@Z
?SetMasterID@CRoomInfo@@QAEXABVCString@@@Z
?SetName@CRoomInfo@@QAEXPBD@Z
?SetOther@CRoomInfo@@QAEXVCString@@@Z
?SetPassword@CRoomInfo@@QAEXPBD@Z
?SetPort@CRoomInfo@@QAEXH@Z
?SetRoomLevel@CRoomInfo@@QAEXH@Z
?SetSort@CRoomInfo@@QAEXH@Z
?SetStatus@CRoomInfo@@QAEXH@Z
?SetType@CRoomInfo@@QAEXH@Z
?SetVipRoom@CRoomInfo@@QAEX_N@Z
CreateKTV
GetDllIndex

Sections

.text
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NetworkOpt.dll
.dll windows:4 windows x86 arch:x86

813ab7b0fcbd4081d9d11ddd9c3cb7d7

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e2:17:d9:16:4d:a1:cc:bf:98:b7:d6:21:75:5e:70:99:a1:38:d0:2f
Signer

Actual PE Digest

e2:17:d9:16:4d:a1:cc:bf:98:b7:d6:21:75:5e:70:99:a1:38:d0:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

?SetNeedHandCursor@CColorStatic@@QAEX_N@Z
?SetColor@CColorStatic@@QAEXKKK@Z
?SetFontUnline@CColorStatic@@QAEX_N@Z
??0CColorStatic@@QAE@XZ
??1CColorStatic@@UAE@XZ
?GetComponentSkinConf@CSkinConfContext@@QAEHIW4COMPONETTYPE@@VCString@@PAX@Z
?SetHaveText@CUINoRegularButtonTemplate@@QAEX_NI@Z
?SetToolTipText@CUINoRegularButtonTemplate@@QAEXPBD@Z
?SetBtnTextColor@CUINoRegularButtonTemplate@@QAEXK@Z
??0CUINoRegularButtonTemplate@@QAE@XZ
??1CUINoRegularButtonTemplate@@UAE@XZ

mfc42

ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3574
ord825
ord609
ord800
ord823
ord567
ord540
ord692
ord535
ord537
ord858
ord4299
ord6199
ord6241
ord924
ord5890
ord939
ord2818
ord4202
ord5875
ord3089
ord4476
ord6215
ord3803
ord2937
ord755
ord2567
ord470
ord3663
ord860
ord4278
ord3092
ord1768
ord2086
ord1168
ord3571
ord2574
ord3572
ord556
ord3626
ord809
ord2414
ord1793
ord4275
ord2379
ord640
ord2405
ord1641
ord5785
ord1640
ord323
ord2859
ord6197
ord1146
ord6172
ord5873
ord3706
ord1848
ord3370
ord3640
ord2582
ord4402
ord693
ord4243
ord3577
ord6696
ord2864
ord3293
ord6762
ord2124
ord2754
ord4133
ord4297
ord5788
ord472
ord6453
ord6242
ord501
ord6907
ord3998
ord4284
ord2764
ord5572
ord3302
ord2915
ord1083
ord5600
ord6467
ord1187
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord3352
ord2725
ord641
ord324
ord4234
ord2078
ord4710
ord6605
ord3619
ord2452
ord2645
ord4853
ord4376
ord2860
ord2116
ord2302
ord3692
ord3698
ord765
ord816
ord562
ord5791
ord613
ord289
ord3630
ord682
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord2380
ord5789
ord4400
ord4397
ord2576
ord4217
ord2024
ord2413
ord6366
ord1771
ord4644
ord3597
ord4425
ord5280
ord4407
ord1775
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4396
ord1776
ord4078
ord6055
ord3301
ord2575
ord6052
ord2514
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord4998
ord5265
ord3996
ord3953

msvcrt

_CxxThrowException
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
_ftol
_purecall
atoi
__CxxFrameHandler
_mbscmp

kernel32

GetLastError
LocalAlloc
LocalFree
GlobalMemoryStatus
GlobalAlloc
GlobalFree
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
lstrlenA

user32

IsRectEmpty
InflateRect
TabbedTextOutA
DrawTextA
GrayStringA
BeginPaint
GetClientRect
SendMessageA
EnableWindow
SetCursor
GetWindowDC
LoadBitmapA
LoadImageA
InvalidateRect
EndPaint
LoadCursorA
SetTimer
ReleaseDC
SetWindowRgn
GetWindowRect
PtInRect
GetParent
UpdateWindow
KillTimer
PostMessageA
GetKeyState
GetSysColor

gdi32

GetDIBColorTable
CreatePalette
GetDeviceCaps
RealizePalette
CreateHalftonePalette
CreateFontA
SelectObject
StretchBlt
SetBkColor
SetTextColor
CreateFontIndirectA
Escape
ExtTextOutA
TextOutA
RectVisible
GetStockObject
BitBlt
GetPixel
CreateBitmap
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
CreatePen
DeleteObject
DeleteDC
PtVisible

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

ole32

CoInitialize
CoCreateInstance
OleRun

oleaut32

SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
VariantClear
GetErrorInfo

publictool

??0CHash@@QAE@K@Z
?InitParam@CHash@@QAEHXZ
?DeleteItem@CHash@@QAEPAXJ@Z
?FindFirst@CHash@@QAEXH@Z
?InsertItem@CHash@@QAEHJPAX@Z
?FindNext@CHash@@QAEPAXXZ
??1CHash@@UAE@XZ

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

pdh

PdhCollectQueryData
PdhAddCounterA
PdhOpenQueryA
PdhCloseQuery
PdhGetFormattedCounterValue

Exports

Exports

CreateNetworkOpt

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OnlineUpdate.exe
.exe windows:4 windows x86 arch:x86

00e758ae377d7ea08fbbacc17a5e0a5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord2725
ord6055
ord1776
ord5290
ord3402
ord3698
ord765
ord773
ord1146
ord1168
ord567
ord501
ord2135
ord3626
ord795
ord2414
ord818
ord2302
ord3092
ord4224
ord4160
ord2863
ord6199
ord2379
ord755
ord470
ord798
ord939
ord533
ord1083
ord4277
ord2764
ord4202
ord690
ord1988
ord5207
ord389
ord6059
ord1929
ord4275
ord3721
ord3619
ord5875
ord1641
ord2860
ord3797
ord3874
ord3089
ord5572
ord2915
ord1949
ord4034
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord6385
ord354
ord5186
ord665
ord3318
ord5442
ord1979
ord535
ord823
ord1200
ord3663
ord537
ord5683
ord4278
ord941
ord858
ord2818
ord825
ord540
ord860
ord4234
ord800
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__CxxFrameHandler
atoi
_mbscmp
sprintf
_setmbcp
_CxxThrowException
wcslen
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_controlfp

kernel32

InterlockedDecrement
FormatMessageA
lstrlenA
LocalAlloc
LocalFree
GetModuleFileNameA
InterlockedIncrement
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetModuleHandleA
GetStartupInfoA
CreateThread
GetTempPathA
Sleep
WinExec
GetExitCodeThread
CreateDirectoryA
GetSystemDirectoryA
CopyFileA
FreeLibrary
TerminateThread
GetLastError
MultiByteToWideChar
WideCharToMultiByte

user32

CopyIcon
SetCursor
GetClientRect
LoadCursorA
DrawIcon
GetSystemMetrics
IsIconic
KillTimer
PostMessageA
GetSystemMenu
AppendMenuA
SendMessageA
SetTimer
LoadIconA
MessageBoxA
wsprintfA
EnableWindow
InvalidateRect

gdi32

CreateFontIndirectA
GetStockObject
GetObjectA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

ole32

CoCreateInstance
OleRun
CoInitialize

oleaut32

SysAllocString
GetErrorInfo
SysFreeString
VariantClear

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProcessAddr.xml
.xml
ProxyID.ini
SealModule.dll
.dll windows:4 windows x86 arch:x86

e967237b9b8444ea2be3fc8bdd9b9663

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

67:b4:bb:98:e3:f4:86:31:ab:66:18:1b:cd:c1:f2:1f:c3:dd:f8:ce
Signer

Actual PE Digest

67:b4:bb:98:e3:f4:86:31:ab:66:18:1b:cd:c1:f2:1f:c3:dd:f8:ce

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mvuilib

?DelAllItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXXZ
?DelItemStamp@CUIOtherdrawListCtrlTemplate@@QAEXH@Z
?AddItemStamp@CUIOtherdrawListCtrlTemplate@@QAEHHPAX@Z
??0CUIButtonTemplate@@QAE@XZ
??1CUIButtonTemplate@@UAE@XZ
??0CSkinComboBox@@QAE@XZ
??0CColorStatic@@QAE@XZ
??1CSkinComboBox@@UAE@XZ
??1CColorStatic@@UAE@XZ

mfc42

ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord3571
ord809
ord800
ord641
ord823
ord556
ord540
ord324
ord825
ord3663
ord3626
ord2414
ord4234
ord1088
ord2122
ord4299
ord6901
ord6241
ord2864
ord4710
ord858
ord6905
ord2862
ord537
ord6007
ord6907
ord535
ord1641
ord922
ord2818
ord924
ord2639
ord2096
ord384
ord3286
ord755
ord2754
ord470
ord6358
ord6877
ord5280
ord860
ord665
ord354
ord4278
ord1979
ord5442
ord3318
ord5186
ord2575
ord3574
ord2574
ord6055
ord1776
ord4396
ord5290
ord3402
ord4424
ord3572
ord609
ord567
ord1793
ord4275
ord2379
ord640
ord2405
ord5875
ord5785
ord1640
ord323
ord2859
ord6197
ord1146
ord1168
ord3706
ord2055
ord4402
ord3640
ord3081
ord3910
ord3719
ord793
ord1768
ord6215
ord2078
ord6605
ord3619
ord2452
ord2645
ord773
ord501
ord804
ord686
ord5621
ord2302
ord1083
ord6785
ord2086
ord4284
ord5683
ord1187
ord1200
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord2648
ord5307
ord5289
ord5714
ord3953
ord4622
ord3738
ord561
ord815
ord3370
ord693
ord398
ord700
ord4243
ord955
ord4189
ord3021
ord913
ord5594
ord5632
ord4538
ord2587
ord4406
ord3394
ord3729
ord4267
ord3693
ord4133
ord4297
ord3920
ord5788
ord2753
ord3573
ord5787
ord4317
ord5572
ord2915
ord6880
ord2642
ord4441
ord4837
ord3798
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord3293
ord6376
ord2514
ord4998
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826
ord269
ord4853
ord4376
ord5265
ord2582
ord4698

msvcrt

_CxxThrowException
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
malloc
_purecall
atoi
_mbscmp
__CxxFrameHandler

kernel32

GetLastError
LocalAlloc
LocalFree
lstrcpynA
GetModuleFileNameA
GetProcAddress
FreeLibrary
GetModuleHandleA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
lstrlenA

user32

GetCursorPos
OffsetRect
InflateRect
ScreenToClient
SendMessageA
GetClientRect
GetParent
ReleaseDC
GetDC
PostMessageA
EnableWindow
SetCursor
GetWindowDC
LoadImageA
InvalidateRect
SetWindowRgn
KillTimer
SetTimer
ReleaseCapture
SetCapture
PtInRect
LoadCursorA
GetWindowRect

gdi32

CreatePen
CreateFontA
SetDIBits
SetBkColor
SetTextColor
DeleteDC
GetDIBits
FillPath
SelectObject
CreateSolidBrush
BeginPath
Ellipse
CreateDIBitmap
BitBlt
GetPixel
CreateBitmap
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
CreateRectRgn
StretchBlt
DeleteObject
EndPath

comctl32

ImageList_AddMasked
ImageList_Draw
_TrackMouseEvent

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysFreeString
GetErrorInfo
VariantClear

publictool

?InitParam@CHash@@QAEHXZ
?QueryItem@CHash@@QAEPAXJ@Z
??0CxImageEx@@QAE@K@Z
??1CHash@@UAE@XZ
?GetDIB@CxImageEx@@QBEPAXXZ
?GetBits@CxImageEx@@QAEPAEK@Z
?InsertItem@CHash@@QAEHJPAX@Z
??1CxImageEx@@UAE@XZ
?FindNext@CHash@@QAEPAXXZ
?FindFirst@CHash@@QAEXH@Z
?Load@CxImageEx@@QAE_NPBDK@Z
??0CHash@@QAE@K@Z

Exports

Exports

CreatePublic

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SetupSuccHint.exe
.exe windows:4 windows x86 arch:x86

be571ecb04a358bd4f61f22c65836002

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:ff:9c:00:ca:78:2e:c7:78:bd:92:c5:b9:25:bc:8e:d1:f2:ab:98
Signer

Actual PE Digest

1e:ff:9c:00:ca:78:2e:c7:78:bd:92:c5:b9:25:bc:8e:d1:f2:ab:98

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord540
ord561
ord825
ord800
ord2514
ord2621
ord1134
ord858
ord4278
ord5683
ord537
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord3825
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord860
ord1146
ord1168
ord4299
ord4287
ord4160
ord2863
ord665
ord1979
ord2764
ord5442
ord3318
ord5186
ord354
ord924
ord2379
ord755
ord640
ord2405
ord1640
ord323
ord470
ord2818
ord535
ord1949
ord4275
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord2124
ord4673
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_setmbcp
__CxxFrameHandler
_mbscmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_controlfp

kernel32

LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetModuleFileNameA
LoadLibraryA
OutputDebugStringA
LoadResource
CloseHandle
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetStartupInfoA
SizeofResource
GetLastError
FindResourceA
GetCurrentProcess
GetProcAddress
GetVersionExA
FreeLibrary
GetModuleHandleA

user32

GetWindowLongA
DrawIcon
GetClientRect
IsIconic
OffsetRect
ClientToScreen
GetWindow
FindWindowExA
FindWindowA
GetWindowThreadProcessId
InvalidateRect
SetCursor
SetWindowLongA
EnableWindow
GetSystemMenu
AppendMenuA
SendMessageA
PostMessageA
GetSystemMetrics
SetTimer
LoadIconA
LoadCursorA
PtInRect

gdi32

CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteObject

ole32

CreateStreamOnHGlobal

gdiplus

GdiplusStartup
GdiplusShutdown
GdipDeleteGraphics
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDrawImageRectI
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipAlloc
GdipFree
GdipDisposeImage
GdipCloneImage

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SetupSuccHint.txt
SockClient.dll
.dll windows:4 windows x86 arch:x86

9f0d86c61cd491ae861e936989186545

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6b:4c:25:00:fb:80:e4:b6:aa:cb:7b:26:e3:89:ed:00:c5:fc:76:55
Signer

Actual PE Digest

6b:4c:25:00:fb:80:e4:b6:aa:cb:7b:26:e3:89:ed:00:c5:fc:76:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

recv
select
__WSAFDIsSet
getsockopt
WSAGetLastError
send
htons
inet_addr
connect
socket
closesocket
WSACleanup
ioctlsocket
WSAStartup

mfc42

ord342
ord823
ord1182
ord540
ord800
ord537
ord860
ord2818
ord858
ord4278
ord5683
ord1253
ord5607
ord1083
ord5621
ord773
ord803
ord825
ord543
ord501
ord3584
ord1168

msvcrt

_adjust_fdiv
malloc
_initterm
free
__dllonexit
?terminate@@YAXXZ
_except_handler3
_mbsrchr
_purecall
__CxxFrameHandler
_onexit

kernel32

GetLocalTime
GetLastError
OutputDebugStringA
SetEvent
GetExitCodeThread
TerminateThread
WaitForSingleObject
Sleep
CreateEventA
CreateThread
WriteFile
IsBadWritePtr
VirtualQuery
GetModuleHandleA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FormatMessageA
GetModuleFileNameA
SetUnhandledExceptionFilter
WinExec
CloseHandle
SetFilePointer
InitializeCriticalSection
CreateFileA

user32

wvsprintfA
PostMessageA

publictool

??0CBuffer@@QAE@ABV0@@Z
??1CBuffer@@UAE@XZ
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?SetPos@CBuffer@@QAEXKK@Z
?GetRealBuffer@CBuffer@@QAEPBEXZ
?GetBufferLen@CBuffer@@QAEKXZ
??0CBuffer@@QAE@K@Z
?GetRealLen@CBuffer@@QAEKXZ

Exports

Exports

CreateClientSock

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TenAVModule.xml
.xml
TmpConfig4WeiBo.ini
UpdateConfig.xml
VideoHelper.dll
.dll windows:4 windows x86 arch:x86

7f8f634f0a28fd72a5cb4f1c9a49c26a

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:a2:b8:49:7d:48:3a:3b:81:98:c1:72:dc:bd:10:38:7c:e0:d7:78
Signer

Actual PE Digest

4b:a2:b8:49:7d:48:3a:3b:81:98:c1:72:dc:bd:10:38:7c:e0:d7:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance

oleaut32

OleCreatePropertyFrame
SysFreeString
VariantClear

kernel32

HeapCreate
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LocalFree
RtlUnwind
GetCommandLineA
GetVersion
RaiseException
HeapFree
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualFree
WriteFile
HeapReAlloc
HeapSize
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Exports

Exports

VH_Adjustment
VH_ChangeDevice
VH_Close
VH_CreateObject
VH_GetDeviceCount
VH_GetDeviceName
VH_Init

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vote.dll
.dll windows:4 windows x86 arch:x86

204f16de4061d2b0a5f196845b60450c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:7e:af:44:31:52:ec:d8:0f:01:41:b1:38:41:77:46:d7:23:0c:41
Signer

Actual PE Digest

70:7e:af:44:31:52:ec:d8:0f:01:41:b1:38:41:77:46:d7:23:0c:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord609
ord567
ord825
ord3663
ord3626
ord2414
ord1793
ord4275
ord2379
ord800
ord540
ord640
ord2405
ord1641
ord5785
ord1640
ord323
ord823
ord2859
ord6197
ord1168
ord3706
ord537
ord3721
ord4407
ord3742
ord818
ord795
ord6453
ord2818
ord6215
ord6442
ord858
ord3005
ord2135
ord4465
ord1601
ord4123
ord2642
ord535
ord861
ord4299
ord2688
ord860
ord3089
ord2864
ord4278
ord924
ord3021
ord6605
ord2754
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord561
ord3953
ord5683
ord2725
ord755
ord470
ord2078
ord1768
ord1187
ord1949
ord4034
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord269
ord826
ord600
ord1578
ord6467
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4396
ord1776
ord4078
ord6055
ord3571
ord3574
ord1233
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord2575

msvcrt

malloc
_adjust_fdiv
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
exit
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_ftol
_purecall
wcslen
rand
_mbsrchr
wcscpy
__CxxFrameHandler

kernel32

lstrlenA
OutputDebugStringA
Sleep
GetModuleFileNameA
GetLastError
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
LocalAlloc
MultiByteToWideChar

user32

SetCursor
SendMessageA
GetClientRect
GetWindowDC
GetWindowLongA
LoadImageA
InvalidateRect
ReleaseDC
SetWindowRgn
GetWindowRect
EnableWindow
SetWindowPos
RegisterClassExA
DefWindowProcA
CopyRect
SetTimer
KillTimer
GetParent
IsIconic
SetWindowLongA
GetClassInfoExA
UnregisterClassA
SetRectEmpty
IsWindowVisible
GetCursorPos
PostMessageA
GetDC
LoadCursorA
PtInRect

gdi32

DeleteDC
CreateRoundRectRgn
DeleteObject
CreateRectRgn
CombineRgn
SelectObject
CreateCompatibleDC
GetObjectA
GetPixel
BitBlt
StretchBlt
CreateDIBSection

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

oleaut32

VariantClear
SysFreeString
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
VariantInit
SafeArrayGetUBound
SafeArrayGetLBound

gdiplus

GdipDrawImageRectI
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipCreateFontFamilyFromName
GdipCloneBrush
GdipCreateFromHDC
GdipDrawImageI
GdipDrawImageRectRectI
GdipCreateSolidFill
GdipCreateFont
GdipDeleteFontFamily
GdipDrawString
GdipReleaseDC
GdipDeleteFont
GdipDeleteBrush
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage
GdipFree
GdipAlloc
GdipLoadImageFromFile
GdipDeleteStringFormat

msvcp60

??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_7out_of_range@std@@6B@
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??0logic_error@std@@QAE@ABV01@@Z

shlwapi

PathFileExistsW

Exports

Exports

CreateVoteManage

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
active.ini
broadcastchat.xml
.xml
car.xml
.xml
car_in.txt
chat.xml
.xml
chatQK.xml
.xml
client.xml
face/0.gif
.gif
face/1.gif
.gif
face/10.gif
.gif
face/11.gif
.gif
face/12.gif
.gif
face/13.gif
.gif
face/14.gif
.gif
face/15.gif
.gif
face/16.gif
.gif
face/17.gif
.gif
face/18.gif
.gif
face/19.gif
.gif
face/2.gif
.gif
face/20.gif
.gif
face/21.gif
.gif
face/22.gif
.gif
face/23.gif
.gif
face/24.gif
.gif
face/25.gif
.gif
face/26.gif
.gif
face/27.gif
.gif
face/28.gif
.gif
face/29.gif
.gif
face/3.gif
.gif
face/30.gif
.gif
face/31.gif
.gif
face/32.gif
.gif
face/33.gif
.gif
face/34.gif
.gif
face/35.gif
.gif
face/36.gif
.gif
face/37.gif
.gif
face/38.gif
.gif
face/39.gif
.gif
face/4.gif
.gif
face/40.gif
.gif
face/41.gif
.gif
face/42.gif
.gif
face/43.gif
.gif
face/44.gif
.gif
face/45.gif
.gif
face/46.gif
.gif
face/47.gif
.gif
face/48.gif
.gif
face/49.gif
.gif
face/5.gif
.gif
face/50.gif
.gif
face/51.gif
.gif
face/52.gif
.gif
face/53.gif
.gif
face/54.gif
.gif
face/55.gif
.gif
face/56.gif
.gif
face/57.gif
.gif
face/58.gif
.gif
face/59.gif
.gif
face/6.gif
.gif
face/60.gif
.gif
face/61.gif
.gif
face/62.gif
.gif
face/63.gif
.gif
face/7.gif
.gif
face/8.gif
.gif
face/9.gif
.gif
face/faceconfig.xml
.xml
file.txt
filnick.xml
.xml
filter.xml
.xml
help.xml
.xml
item/1000.bmp
item/1000_1.gif
.gif
item/1000_3.gif
.gif
item/1000_r_121820.png
.png
item/1000_t_121817.png
.png
item/1001_t_12916.png
.png
item/100_1.bmp
item/100_t_5916.gif
.gif
item/2_6.gif
.gif
item/2_s_121915.png
.png
item/300_3.gif
.gif
item/300_s_122010.png
.png
item/38_s_122010.png
.png
item/38_t_112316.gif
.gif
item/401.bmp
item/401_t_121511.gif
.gif
item/54.bmp
item/54_t_122013.gif
.gif
item/67_s_122010.png
.png
item/67_t_72516.gif
.gif
item/72_a_579.gif
.gif
item/72_r_579.gif
.gif
item/72_s_52515.png
.png
item/72_t_52515.gif
.gif
item/advanced.png
.png
item/common.png
.png
item/itemconfig.xml
itembox/1000.bmp
lobby.ini
p2pClient.dll
.dll windows:4 windows x86 arch:x86

1d6a36d175c1f9c345da06b41ae8449d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ad:97:ed:03:78:76:b0:92:02:b2:ba:30:19:05:4e:b0:f1:bc:67:a4
Signer

Actual PE Digest

ad:97:ed:03:78:76:b0:92:02:b2:ba:30:19:05:4e:b0:f1:bc:67:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
GetVersion
SetLastError
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
GetProcAddress
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
LoadLibraryA
GetProcessVersion
LocalFree
GetCurrentProcess
FlushFileBuffers
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetCommandLineA
HeapAlloc
HeapFree
TerminateProcess
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalAlloc
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
CreateProcessA
ExitProcess
VirtualAlloc
VirtualFree
QueryPerformanceCounter
QueryPerformanceFrequency
GetTimeZoneInformation
SetLocalTime
SetSystemTime
GetLocalTime
GetSystemTime
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
CreateEventA
GetTickCount
Sleep
CreateThread
GetLastError
WaitForSingleObject
TerminateThread
WriteFile
IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
CreateFileA
SetFilePointer
CloseHandle
SetUnhandledExceptionFilter
GetModuleFileNameA

user32

TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
wvsprintfA
CallNextHookEx

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom

oleaut32

SysAllocString

ws2_32

recv
send
connect
shutdown
recvfrom
sendto
ntohs
inet_ntoa
__WSAFDIsSet
select
accept
listen
WSAStartup
socket
WSAGetLastError
htons
bind
setsockopt
ioctlsocket
getsockname
closesocket
htonl

comctl32

ord17

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
RestoreDC
ScaleViewportExtEx
DeleteObject
DeleteDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SaveDC
SetTextColor
SetBkColor
GetStockObject
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateBitmap
GetDeviceCaps
SelectObject

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

??0CVSP2PClientInterface@@QAE@ABV0@@Z
??0CVSP2PClientInterface@@QAE@XZ
??0IClientInterface@@QAE@ABV0@@Z
??0IClientInterface@@QAE@XZ
??4CVSP2PClientInterface@@QAEAAV0@ABV0@@Z
??4IClientInterface@@QAEAAV0@ABV0@@Z
??_7CVSP2PClientInterface@@6B@
??_7IClientInterface@@6B@
?FreeVSP2PClient@@YAXPAVCVSP2PClientInterface@@@Z
?NewVSP2PClient@@YAPAVCVSP2PClientInterface@@XZ

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
public.dll
.dll windows:4 windows x86 arch:x86

9f3b9ff37838ca1bb43c071576956c78

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e6:c4:1e:f5:43:27:fe:f7:fa:3a:a9:49:60:0c:c2:c4:12:f9:14:0e
Signer

Actual PE Digest

e6:c4:1e:f5:43:27:fe:f7:fa:3a:a9:49:60:0c:c2:c4:12:f9:14:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord5834
ord6394
ord3626
ord2452
ord2859
ord1175
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord1988
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord6383
ord4622
ord4424
ord3738
ord561
ord815
ord1187
ord826
ord600
ord269
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord690
ord537
ord1577
ord1168
ord924
ord1083
ord5861
ord4129
ord5710
ord926
ord2915
ord5572
ord5621
ord6143
ord803
ord541
ord501
ord543
ord860
ord5683
ord5440
ord5450
ord384
ord2096
ord1641
ord2414
ord3903
ord2107
ord2044
ord3571
ord2448
ord2841
ord2408
ord3318
ord5442
ord940
ord3663
ord4204
ord6663
ord859
ord2784
ord923
ord922
ord354
ord5186
ord6385
ord1979
ord665
ord925
ord6877
ord4202
ord941
ord6648
ord6779
ord535
ord2764
ord2818
ord389
ord6059
ord5207
ord4080
ord939
ord4278
ord858
ord1116
ord1176
ord1575
ord801
ord773
ord3584
ord540
ord823
ord800
ord3262
ord825

msvcrt

wcslen
_CxxThrowException
??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
free
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_mbsrchr
fscanf
fgets
getc
fputc
fflush
ftell
fseek
fwrite
fread
fopen
fclose
_ftol
rand
printf
_mbsicmp
_mbsstr
strstr
_mbscmp
_purecall
__CxxFrameHandler
atoi

kernel32

GetLastError
LocalAlloc
LocalFree
IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
GetLocalTime
SetFilePointer
SetUnhandledExceptionFilter
GlobalAlloc
GlobalLock
CreateFileA
WriteFile
GlobalUnlock
GlobalFree
lstrlenW
InterlockedIncrement
InterlockedDecrement
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcpyA
lstrcatA
WinExec
GetSystemDefaultLangID
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
LeaveCriticalSection
lstrlenA
EnterCriticalSection
CreateThread
Sleep
GetExitCodeThread
TerminateThread
CloseHandle
GetPrivateProfileStringA
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA

user32

wvsprintfA
PostMessageA
GetDC
LoadImageA
ReleaseDC

gdi32

CreateDCA
DeleteObject
StretchDIBits
SetStretchBltMode
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
BitBlt
DeleteDC
CreateDIBitmap
SetBitmapBits
GetBitmapBits
GetObjectA
GetDIBits
RealizePalette
SelectObject
GetStockObject
SelectPalette

advapi32

RegQueryValueA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_AddMasked

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

CreateErrorInfo
VariantChangeType
SetErrorInfo
GetErrorInfo
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantCopy
VariantInit
SysAllocStringLen
SysStringLen
SysAllocString

publictool

?MakeBitmap@CxImageEx@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?MakeBitmap@CxImage@@QAEPAUHBITMAP__@@PAUHDC__@@@Z
?Flush@CxMemFile@@UAE_NXZ
?GetHeight@CxImageEx@@QBEKXZ
?GetWidth@CxImageEx@@QBEKXZ
??0CxImage@@QAE@ABV0@_N11@Z
?Error@CxMemFile@@UAEJXZ
?PutC@CxMemFile@@UAE_NE@Z
?GetC@CxMemFile@@UAEJXZ
?GetS@CxMemFile@@UAEPADPADH@Z
?Scanf@CxMemFile@@UAEJPBDPAX@Z
??0CxImageEx@@QAE@K@Z
?Load@CxImageEx@@QAE_NPBDK@Z
??0CxImage@@QAE@K@Z
?DestroyFrames@CxImage@@QAE_NXZ
??1CxMemFile@@UAE@XZ
?Destroy@CxImage@@QAE_NXZ
??0CxMemFile@@QAE@PAEK@Z
?Close@CxMemFile@@UAE_NXZ
?Read@CxMemFile@@UAEIPAXII@Z
?Write@CxMemFile@@UAEIPBXII@Z
?Seek@CxMemFile@@UAE_NJH@Z
?Tell@CxMemFile@@UAEJXZ
?Eof@CxMemFile@@UAE_NXZ
?Size@CxMemFile@@UAEJXZ
??1CxImageEx@@UAE@XZ
?GetDIB@CxImageEx@@QBEPAXXZ
?GetBits@CxImageEx@@QAEPAEK@Z
?base64_encode@CBase64@@SAHPADI0@Z
?Resample@CxImageEx@@QAE_NJJHPAVCxImage@@@Z

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z
CreatePublic

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
publictool.dll
.dll windows:4 windows x86 arch:x86

4b673255e8776f5b0c0c44260f45b40b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

22:41:b3:24:1e:66:0e:3a:10:55:20:f7:4d:95:43:75:d7:dc:50:65
Signer

Actual PE Digest

22:41:b3:24:1e:66:0e:3a:10:55:20:f7:4d:95:43:75:d7:dc:50:65

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1176
ord1575
ord1168
ord1577
ord1182
ord269
ord826
ord600
ord1578
ord6467
ord1255
ord1253
ord1570
ord1197
ord1243
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord3953
ord5714
ord5289
ord5307
ord1116
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord342
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord5683
ord4278
ord858
ord540
ord2818
ord823
ord537
ord825
ord535
ord800

msvcrt

_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
atan2
fabs
sqrt
log
exp
strtok
vfprintf
strtod
getenv
_snprintf
puts
gmtime
atof
atoi
tmpfile
strstr
perror
fgetc
_getcwd
_errno
strchr
sscanf
_lseek
_write
_read
_setmode
_unlink
_open
putc
_stricmp
strrchr
fputs
__mb_cur_max
_isctype
_pctype
abort
vsprintf
tmpnam
pow
memset
memcpy
strlen
strcpy
_iob
fprintf
exit
_swab
_CxxThrowException
strncmp
isprint
printf
__CxxLongjmpUnwind
_setjmp3
longjmp
ceil
_cabs
rand
qsort
_CIacos
ldiv
sprintf
calloc
strncpy
_CIpow
_CIfmod
_strnicmp
_ftol
floor
realloc
malloc
free
fscanf
fgets
getc
fputc
fflush
ftell
fseek
fwrite
fread
fopen
fclose
_purecall
_mbsrchr
memmove
__CxxFrameHandler
mktime
_close

kernel32

LocalAlloc
LocalFree
GetTickCount
ResumeThread
WaitForSingleObject
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
SizeofResource
LoadResource
LockResource
WriteFile
IsBadWritePtr
VirtualQuery
GetModuleHandleA
FormatMessageA
GetLocalTime
CreateFileA
SetFilePointer
CloseHandle
WinExec
SetUnhandledExceptionFilter
GetModuleFileNameA

user32

wvsprintfA
ReleaseDC
GetDC
GetIconInfo
GetSysColor
DrawTextA

gdi32

GetEnhMetaFileHeader
SetWinMetaFileBits
GetDeviceCaps
DeleteEnhMetaFile
ExtTextOutA
GetEnhMetaFilePaletteEntries
CreatePalette
SelectPalette
PlayEnhMetaFile
CreateRectRgn
CombineRgn
CreateFontIndirectA
GetStockObject
SetTextColor
SetBkMode
StretchDIBits
RectVisible
CreateCompatibleBitmap
CreateBitmap
SetBkColor
StretchBlt
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
DeleteObject
PatBlt
SelectObject
SetBrushOrgEx
CreateDIBPatternBrushPt
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetDIBits
RealizePalette
GetObjectA
RestoreDC
BitBlt
SetDIBitsToDevice
SetStretchBltMode
SetEnhMetaFileBits

ws2_32

ntohs
htonl
ntohl
htons

Exports

Exports

??0CBase64@@QAE@XZ
??0CBuffer@@QAE@ABV0@@Z
??0CBuffer@@QAE@K@Z
??0CBuffer@@QAE@PAEK@Z
??0CBuffer@@QAE@XZ
??0CHash@@QAE@ABV0@@Z
??0CHash@@QAE@K@Z
??0CHash@@QAE@XZ
??0CZip@@QAE@ABV0@@Z
??0CZip@@QAE@XZ
??0CxExifInfo@CxImageJPG@@QAE@PAUtag_ExifInfo@1@@Z
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxImage@@QAE@ABV0@_N11@Z
??0CxImage@@QAE@K@Z
??0CxImage@@QAE@KKKK@Z
??0CxImage@@QAE@PAEKK@Z
??0CxImage@@QAE@PAU_iobuf@@K@Z
??0CxImage@@QAE@PAVCxFile@@K@Z
??0CxImage@@QAE@PBDK@Z
??0CxImageEx@@QAE@ABV0@@Z
??0CxImageEx@@QAE@ABVCxImage@@_N11@Z
??0CxImageEx@@QAE@K@Z
??0CxImageEx@@QAE@KKKK@Z
??0CxImageEx@@QAE@PAEKK@Z
??0CxImageEx@@QAE@PAU_iobuf@@K@Z
??0CxImageEx@@QAE@PBDK@Z
??0CxImageGIF@@QAE@ABV0@@Z
??0CxImageGIF@@QAE@XZ
??0CxImageJPG@@QAE@ABV0@@Z
??0CxImageJPG@@QAE@XZ
??0CxImageTIF@@QAE@ABV0@@Z
??0CxImageTIF@@QAE@XZ
??0CxMemFile@@QAE@ABV0@@Z
??0CxMemFile@@QAE@PAEK@Z
??0CxPoint2@@QAE@ABV0@@Z
??0CxPoint2@@QAE@MM@Z
??0CxPoint2@@QAE@XZ
??0CxRect2@@QAE@ABV0@@Z
??0CxRect2@@QAE@MMMM@Z
??0CxRect2@@QAE@XZ
??1CBuffer@@UAE@XZ
??1CHash@@UAE@XZ
??1CZip@@UAE@XZ
??1CxExifInfo@CxImageJPG@@QAE@XZ
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??1CxImageEx@@UAE@XZ
??1CxImageGIF@@UAE@XZ
??1CxImageJPG@@UAE@XZ
??1CxImageTIF@@UAE@XZ
??1CxMemFile@@UAE@XZ
??4CBase64@@QAEAAV0@ABV0@@Z
??4CBuffer@@QAEAAV0@ABV0@@Z
??4CEasySecret@@QAEAAV0@ABV0@@Z
??4CHash@@QAEAAV0@ABV0@@Z
??4CZip@@QAEAAV0@ABV0@@Z
??4CxExifInfo@CxImageJPG@@QAEAAV01@ABV01@@Z
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxImage@@QAEAAV0@ABV0@@Z
??4CxImageEx@@QAEAAV0@ABV0@@Z
??4CxImageGIF@@QAEAAV0@ABV0@@Z
??4CxImageJPG@@QAEAAV0@ABV0@@Z
??4CxImageTIF@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??4CxPoint2@@QAEAAV0@ABV0@@Z
??4CxRect2@@QAEAAV0@ABV0@@Z
??_7CBuffer@@6B@
??_7CHash@@6B@
??_7CZip@@6B@
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxImageEx@@6B@
??_7CxImageGIF@@6B@
??_7CxImageJPG@@6B@
??_7CxImageTIF@@6B@
??_7CxMemFile@@6B@
??_FCxExifInfo@CxImageJPG@@QAEXXZ
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxImageEx@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXABV0@@Z
?AdaptiveThreshold@CxImage@@QAE_NJJPAV1@JM@Z
?AdaptiveThreshold@CxImageEx@@QAE_NJJPAVCxImage@@JM@Z
?AddAveragingCont@CxImage@@IAEXABUtagRGBQUAD@@MAAM111@Z
?AddBuffer@CBuffer@@QAEHPAEH@Z
?Alloc@CxMemFile@@IAE_NK@Z
?AlphaClear@CxImage@@QAEXXZ
?AlphaClear@CxImageEx@@QAEXXZ
?AlphaCopy@CxImage@@QAE_NAAV1@@Z
?AlphaCopy@CxImageEx@@QAE_NAAVCxImage@@@Z
?AlphaCreate@CxImage@@QAE_NXZ
?AlphaCreate@CxImageEx@@QAE_NXZ
?AlphaDelete@CxImage@@QAEXXZ
?AlphaDelete@CxImageEx@@QAEXXZ
?AlphaFlip@CxImage@@QAE_NXZ
?AlphaFlip@CxImageEx@@QAE_NXZ
?AlphaFromTransparency@CxImage@@QAE_NXZ
?AlphaFromTransparency@CxImageEx@@QAE_NXZ
?AlphaGet@CxImage@@QAEEJJ@Z
?AlphaGet@CxImageEx@@QAEEJJ@Z
?AlphaGetMax@CxImage@@QBEEXZ
?AlphaGetMax@CxImageEx@@QBEEXZ
?AlphaGetPointer@CxImage@@QAEPAEJJ@Z
?AlphaGetPointer@CxImageEx@@QAEPAEJJ@Z
?AlphaInvert@CxImage@@QAEXXZ
?AlphaInvert@CxImageEx@@QAEXXZ
?AlphaIsValid@CxImage@@QAE_NXZ
?AlphaIsValid@CxImageEx@@QAE_NXZ
?AlphaMirror@CxImage@@QAE_NXZ
?AlphaMirror@CxImageEx@@QAE_NXZ
?AlphaPaletteClear@CxImage@@QAEXXZ
?AlphaPaletteClear@CxImageEx@@QAEXXZ
?AlphaPaletteEnable@CxImage@@QAEX_N@Z
?AlphaPaletteEnable@CxImageEx@@QAEX_N@Z
?AlphaPaletteIsEnabled@CxImage@@QAE_NXZ
?AlphaPaletteIsEnabled@CxImageEx@@QAE_NXZ
?AlphaPaletteIsValid@CxImage@@QAE_NXZ
?AlphaPaletteIsValid@CxImageEx@@QAE_NXZ
?AlphaPaletteSplit@CxImage@@QAE_NPAV1@@Z
?AlphaPaletteSplit@CxImageEx@@QAE_NPAVCxImage@@@Z
?AlphaSet@CxImage@@QAEXE@Z
?AlphaSet@CxImage@@QAEXJJE@Z
?AlphaSet@CxImage@@QAE_NAAV1@@Z
?AlphaSet@CxImageEx@@QAEXE@Z
?AlphaSet@CxImageEx@@QAEXJJE@Z
?AlphaSet@CxImageEx@@QAE_NAAVCxImage@@@Z
?AlphaSetMax@CxImage@@QAEXE@Z
?AlphaSetMax@CxImageEx@@QAEXE@Z
?AlphaSplit@CxImage@@QAE_NPAV1@@Z
?AlphaSplit@CxImageEx@@QAE_NPAVCxImage@@@Z
?AlphaStrip@CxImage@@QAEXXZ
?AlphaStrip@CxImageEx@@QAEXXZ
?Attach@CBuffer@@QAEXPAEK@Z
?BASE64_DECODE_TABLE@CBase64@@2QBIB
?BASE64_ENCODE_TABLE@CBase64@@2QBDB
?Bitfield2RGB@CxImage@@IAEXPAEKKKE@Z
?BlendPalette@CxImage@@QAEXKJ@Z
?BlendPalette@CxImageEx@@QAEXKJ@Z
?BlendPixelColor@CxImage@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlendPixelColor@CxImageEx@@QAEXJJUtagRGBQUAD@@M_N@Z
?BlindAlphaGet@CxImage@@IAEEJJ@Z
?BlindGetPixelColor@CxImage@@IAE?AUtagRGBQUAD@@JJ_N@Z
?BlindGetPixelIndex@CxImage@@IAEEJJ@Z
?BlindGetPixelPointer@CxImage@@IAEPAXJJ@Z
?BlindSelectionGet@CxImage@@IAEEJJ@Z
?BlindSelectionIsInside@CxImage@@IAE_NJJ@Z
?BlindSetPixelColor@CxImage@@IAEXJJUtagRGBQUAD@@_N@Z
?BlindSetPixelIndex@CxImage@@IAEXJJE@Z
?Blt@CxImage@@QAEJPAUHDC__@@JJ@Z
?Blt@CxImageEx@@QAEJPAUHDC__@@JJ@Z
?BufferCpy@CBuffer@@QAEXPAEKK@Z
?Center@CxRect2@@QBE?AVCxPoint2@@XZ
?CheckFormat@CxImage@@QAE_NPAEKK@Z
?CheckFormat@CxImage@@QAE_NPAVCxFile@@K@Z
?CheckFormat@CxImageEx@@QAE_NPAEKK@Z
?CircleTransform@CxImage@@QAE_NHJM@Z
?CircleTransform@CxImageEx@@QAE_NHJM@Z
?Clear@CxImage@@QAEXE@Z
?Clear@CxImageEx@@QAEXE@Z
?Close@CxIOFile@@UAE_NXZ
?Close@CxMemFile@@UAE_NXZ
?Colorize@CxImage@@QAE_NEEM@Z
?Colorize@CxImageEx@@QAE_NEEM@Z
?Combine@CxImage@@QAE_NPAV1@000J@Z
?Combine@CxImageEx@@QAE_NPAVCxImage@@000J@Z
?CompareColors@CxImage@@KAHPBX0@Z
?CompressNetData@CZip@@SA_NPAEPAKPBEK@Z
?Contour@CxImage@@QAE_NXZ
?Contour@CxImageEx@@QAE_NXZ
?ConvertAnyFormat@CxExifInfo@CxImageJPG@@IAENPAXH@Z
?ConvertColorSpace@CxImage@@QAE_NJJ@Z
?ConvertColorSpace@CxImageEx@@QAE_NJJ@Z
?Copy@CxImage@@QAEXABV1@_N11@Z
?Copy@CxImageEx@@QAEXABVCxImage@@_N11@Z
?CopyInfo@CxImage@@IAEXABV1@@Z
?CopyToHandle@CxImage@@QAEPAXXZ
?CopyToHandle@CxImageEx@@QAEPAXXZ
?Create@CxImage@@QAEPAXKKKK@Z
?Create@CxImageEx@@QAEPAXKKKK@Z
?CreateFromArray@CxImage@@QAE_NPAEKKKK_N@Z
?CreateFromArray@CxImageEx@@QAE_NPAEKKKK_N@Z
?CreateFromHANDLE@CxImage@@QAE_NPAX@Z
?CreateFromHANDLE@CxImageEx@@QAE_NPAX@Z
?CreateFromHBITMAP@CxImage@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHBITMAP@CxImageEx@@QAE_NPAUHBITMAP__@@PAUHPALETTE__@@@Z
?CreateFromHICON@CxImage@@QAE_NPAUHICON__@@@Z
?CreateFromHICON@CxImageEx@@QAE_NPAUHICON__@@@Z
?CreateFromMatrix@CxImage@@QAE_NPAPAEKKKK_N@Z
?CreateFromMatrix@CxImageEx@@QAE_NPAPAEKKKK_N@Z
?Crop@CxImage@@QAE_NABUtagRECT@@PAV1@@Z
?Crop@CxImage@@QAE_NJJJJPAV1@@Z
?Crop@CxImageEx@@QAE_NABUtagRECT@@PAVCxImage@@@Z
?Crop@CxImageEx@@QAE_NJJJJPAVCxImage@@@Z
?CropRotatedRectangle@CxImage@@QAE_NJJJJMPAV1@@Z
?CropRotatedRectangle@CxImageEx@@QAE_NJJJJMPAVCxImage@@@Z
?CrossSection@CxRect2@@QBE?AV1@ABV1@@Z
?DFT@CxImage@@IAE_NHJPAN000@Z
?Decode@CxImage@@QAE_NPAEKK@Z
?Decode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
?Decode@CxImageEx@@QAE_NPAEKK@Z
?Decode@CxImageEx@@QAE_NPAU_iobuf@@K@Z
?Decode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Decode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Decode@CxImageTIF@@QAE_NPAU_iobuf@@@Z
?Decode@CxImageTIF@@QAE_NPAVCxFile@@@Z
?DecodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@H@Z
?DecodeExif@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?DecodeExif@CxImageJPG@@QAE_NPAVCxFile@@@Z
?DecodeExtension@CxImageGIF@@IAE_NPAVCxFile@@@Z
?DecreaseBpp@CxImage@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?DecreaseBpp@CxImageEx@@QAE_NK_NPAUtagRGBQUAD@@K@Z
?Decrypt@CEasySecret@@SA?AVCString@@V2@@Z
?DeleteItem@CHash@@QAEPAXJ@Z
?DeleteItem@CHash@@QAEPAXPBD@Z
?Destroy@CHash@@QAEXXZ
?Destroy@CxImage@@QAE_NXZ
?Destroy@CxImageEx@@QAE_NXZ
?DestroyFrames@CxImage@@QAE_NXZ
?DestroyFrames@CxImageEx@@QAE_NXZ
?Dilate@CxImage@@QAE_NJ@Z
?Dilate@CxImageEx@@QAE_NJ@Z
?DiscardAllButExif@CxExifInfo@CxImageJPG@@QAEXXZ
?Distance@CxPoint2@@QAEMMM@Z
?Distance@CxPoint2@@QAEMV1@@Z
?Dither@CxImage@@QAE_NJ@Z
?Dither@CxImageEx@@QAE_NJ@Z
?Draw2@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImage@@QAEJPAUHDC__@@JJJJ@Z
?Draw2@CxImageEx@@QAEJPAUHDC__@@ABUtagRECT@@@Z
?Draw2@CxImageEx@@QAEJPAUHDC__@@JJJJ@Z
?Draw@CxImage@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?Draw@CxImageEx@@QAEJPAUHDC__@@ABUtagRECT@@PAU3@_N@Z
?Draw@CxImageEx@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?DrawLine@CxImage@@QAEXHHHHK@Z
?DrawLine@CxImage@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawLine@CxImageEx@@QAEXHHHHK@Z
?DrawLine@CxImageEx@@QAEXHHHHUtagRGBQUAD@@_N@Z
?DrawString@CxImage@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawString@CxImageEx@@QAEJPAUHDC__@@JJPBDUtagRGBQUAD@@1JJEE_N@Z
?DrawStringEx@CxImage@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?DrawStringEx@CxImageEx@@QAEJPAUHDC__@@JJPAUtagCxTextInfo@1@_N@Z
?Dump@CxImage@@QAEKPAE@Z
?Dump@CxImageEx@@QAEKPAE@Z
?DumpSize@CxImage@@QAEKXZ
?DumpSize@CxImageEx@@QAEKXZ
?Edge@CxImage@@QAE_NJ@Z
?Edge@CxImageEx@@QAE_NJ@Z
?Enable@CxImage@@QAEX_N@Z
?Enable@CxImageEx@@QAEX_N@Z
?Encode2RGBA@CxImage@@QAE_NAAPAEAAJ_N@Z
?Encode2RGBA@CxImage@@QAE_NPAVCxFile@@_N@Z
?Encode2RGBA@CxImageEx@@QAE_NAAPAEAAJ_N@Z
?Encode@CxImage@@QAE_NAAPAEAAJK@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImage@@QAE_NPAU_iobuf@@PAPAV1@HK@Z
?Encode@CxImage@@QAE_NPAVCxFile@@K@Z
?Encode@CxImage@@QAE_NPAVCxFile@@PAPAV1@HK@Z
?Encode@CxImageEx@@QAE_NAAPAEAAJK@Z
?Encode@CxImageEx@@QAE_NPAU_iobuf@@K@Z
?Encode@CxImageEx@@QAE_NPAU_iobuf@@PAPAVCxImage@@HK@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageGIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H_N@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@@Z
?Encode@CxImageGIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H_N2@Z
?Encode@CxImageJPG@@QAE_NPAU_iobuf@@@Z
?Encode@CxImageJPG@@QAE_NPAVCxFile@@@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAU_iobuf@@_N@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@PAPAVCxImage@@H@Z
?Encode@CxImageTIF@@QAE_NPAVCxFile@@_N@Z
?EncodeBody@CxImageGIF@@IAEXPAVCxFile@@_N@Z
?EncodeBody@CxImageTIF@@IAE_NPAUtiff@@_NHH@Z
?EncodeComment@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeExif@CxExifInfo@CxImageJPG@@QAE_NPAVCxFile@@@Z
?EncodeExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeHeader@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeLoopExtension@CxImageGIF@@IAEXPAVCxFile@@@Z
?EncodeRGB@CxImageGIF@@IAE_NPAVCxFile@@@Z
?EncodeSafeCheck@CxImage@@IAE_NPAVCxFile@@@Z
?Encrypt@CEasySecret@@SA?AVCString@@V2@@Z
?Eof@CxIOFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Erode@CxImage@@QAE_NJ@Z
?Erode@CxImageEx@@QAE_NJ@Z
?Error@CxIOFile@@UAEJXZ
?Error@CxMemFile@@UAEJXZ
?Expand@CxImage@@QAE_NJJJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImage@@QAE_NJJUtagRGBQUAD@@PAV1@@Z
?Expand@CxImageEx@@QAE_NJJJJUtagRGBQUAD@@PAVCxImage@@@Z
?Expand@CxImageEx@@QAE_NJJUtagRGBQUAD@@PAVCxImage@@@Z
?FFT2@CxImage@@QAE_NPAV1@000J_N1@Z
?FFT2@CxImageEx@@QAE_NPAVCxImage@@000J_N1@Z
?FFT@CxImage@@IAE_NHHPAN0@Z
?Filter@CxImage@@QAE_NPAJJJJ@Z
?Filter@CxImageEx@@QAE_NPAJJJJ@Z
?FindFirst@CHash@@QAEXH@Z
?FindNext@CHash@@QAEPAXPAPAD@Z
?FindNext@CHash@@QAEPAXXZ
?FindSection@CxExifInfo@CxImageJPG@@IAEPAXH@Z
?Flip@CxImage@@QAE_N_N0@Z
?Flip@CxImageEx@@QAE_N_N0@Z
?FloodFill@CxImage@@QAE_NJJUtagRGBQUAD@@EE_NE@Z
?FloodFill@CxImageEx@@QAE_NJJUtagRGBQUAD@@EE_NE@Z
?Flush@CxIOFile@@UAE_NXZ
?Flush@CxMemFile@@UAE_NXZ
?Free@CxMemFile@@IAEXXZ
?FreeMemory@CxImage@@QAEXPAX@Z
?FreeMemory@CxImageEx@@QAEXPAX@Z
?Gamma@CxImage@@QAE_NM@Z
?Gamma@CxImageEx@@QAE_NM@Z
?GammaRGB@CxImage@@QAE_NMMM@Z
?GammaRGB@CxImageEx@@QAE_NMMM@Z
?GaussianBlur@CxImage@@QAE_NMPAV1@@Z
?GaussianBlur@CxImageEx@@QAE_NMPAVCxImage@@@Z
?Get16m@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get16u@CxExifInfo@CxImageJPG@@IAEHPAX@Z
?Get32s@CxExifInfo@CxImageJPG@@IAEJPAX@Z
?Get32u@CxExifInfo@CxImageJPG@@IAEKPAX@Z
?GetAreaColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetAreaColorInterpolated@CxImageEx@@QAE?AUtagRGBQUAD@@MMMMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetBits@CxImage@@QAEPAEK@Z
?GetBits@CxImageEx@@QAEPAEK@Z
?GetBpp@CxImage@@QBEGXZ
?GetBpp@CxImageEx@@QBEGXZ
?GetBuffer@CBuffer@@QAEPAEXZ
?GetBuffer@CxMemFile@@QAEPAE_N@Z
?GetBufferLen@CBuffer@@QAEKXZ
?GetC@CxIOFile@@UAEJXZ
?GetC@CxMemFile@@UAEJXZ
?GetClrImportant@CxImage@@QBEKXZ
?GetClrImportant@CxImageEx@@QBEKXZ
?GetCodecOption@CxImage@@QAEKK@Z
?GetCodecOption@CxImageEx@@QAEKK@Z
?GetColorType@CxImage@@QAEEXZ
?GetColorType@CxImageEx@@QAEEXZ
?GetComment@CxImageGIF@@QAEXPAD@Z
?GetCurrentPos@CHash@@QAEHXZ
?GetDIB@CxImage@@QBEPAXXZ
?GetDIB@CxImageEx@@QBEPAXXZ
?GetDisposalMethod@CxImage@@QBEEXZ
?GetDisposalMethod@CxImageEx@@QBEEXZ
?GetEffWidth@CxImage@@QBEKXZ
?GetEffWidth@CxImageEx@@QBEKXZ
?GetEscape@CxImage@@QBEJXZ
?GetEscape@CxImageEx@@QBEJXZ
?GetFirst@CHash@@QAEPAXH@Z
?GetFirst@CHash@@QAEPAXHAAHH@Z
?GetFlags@CxImage@@QBEKXZ
?GetFlags@CxImageEx@@QBEKXZ
?GetFrame@CxImage@@QBEJXZ
?GetFrame@CxImage@@QBEPAV1@J@Z
?GetFrame@CxImageEx@@QBEJXZ
?GetFrame@CxImageEx@@QBEPAVCxImage@@J@Z
?GetFrameDelay@CxImage@@QBEKXZ
?GetFrameDelay@CxImageEx@@QBEKXZ
?GetHashArrayNum@CHash@@QAEKXZ
?GetHashItemNum@CHash@@QAEHXZ
?GetHeight@CxImage@@QBEKXZ
?GetHeight@CxImageEx@@QBEKXZ
?GetJpegQuality@CxImage@@QBEEXZ
?GetJpegQuality@CxImageEx@@QBEEXZ
?GetJpegQualityF@CxImage@@QBEMXZ
?GetJpegQualityF@CxImageEx@@QBEMXZ
?GetJpegScale@CxImage@@QBEEXZ
?GetJpegScale@CxImageEx@@QBEEXZ
?GetLastError@CxImage@@QAEPBDXZ
?GetLastError@CxImageEx@@QAEPBDXZ
?GetLayer@CxImage@@QAEPAV1@J@Z
?GetLayer@CxImageEx@@QAEPAVCxImage@@J@Z
?GetLoops@CxImageGIF@@QAEJXZ
?GetNearestIndex@CxImage@@QAEEUtagRGBQUAD@@@Z
?GetNearestIndex@CxImageEx@@QAEEUtagRGBQUAD@@@Z
?GetNext@CHash@@QAEPAXPAPAXAAHH@Z
?GetNumColors@CxImage@@QBEKXZ
?GetNumColors@CxImageEx@@QBEKXZ
?GetNumFrames@CxImage@@QBEJXZ
?GetNumFrames@CxImageEx@@QBEJXZ
?GetNumLayers@CxImage@@QBEJXZ
?GetNumLayers@CxImageEx@@QBEJXZ
?GetNumTypes@CxImage@@SAKXZ
?GetNumTypes@CxImageEx@@QAEKXZ
?GetOffset@CxImage@@QAEXPAJ0@Z
?GetOffset@CxImageEx@@QAEXPAJ0@Z
?GetPalette@CxImage@@QBEPAUtagRGBQUAD@@XZ
?GetPalette@CxImageEx@@QBEPAUtagRGBQUAD@@XZ
?GetPaletteColor@CxImage@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImage@@QAE_NEPAE00@Z
?GetPaletteColor@CxImageEx@@QAE?AUtagRGBQUAD@@E@Z
?GetPaletteColor@CxImageEx@@QAE_NEPAE00@Z
?GetPaletteSize@CxImage@@QAEKXZ
?GetPaletteSize@CxImageEx@@QAEKXZ
?GetParent@CxImage@@QBEPAV1@XZ
?GetParent@CxImageEx@@QBEPAVCxImage@@XZ
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColor@CxImageEx@@QAE?AUtagRGBQUAD@@JJ_N@Z
?GetPixelColorInterpolated@CxImage@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorInterpolated@CxImageEx@@QAE?AUtagRGBQUAD@@MMW4InterpolationMethod@1@W4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImage@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@QAU2@@Z
?GetPixelColorWithOverflow@CxImageEx@@QAE?AUtagRGBQUAD@@JJW4OverflowMethod@1@PAU2@@Z
?GetPixelGray@CxImage@@QAEEJJ@Z
?GetPixelGray@CxImageEx@@QAEEJJ@Z
?GetPixelIndex@CxImage@@QAEEJJ@Z
?GetPixelIndex@CxImageEx@@QAEEJJ@Z
?GetProgress@CxImage@@QBEJXZ
?GetProgress@CxImageEx@@QBEJXZ
?GetRealBuffer@CBuffer@@QAEPBEXZ
?GetRealLen@CBuffer@@QAEKXZ
?GetRetreiveAllFrames@CxImage@@QBE_NXZ
?GetRetreiveAllFrames@CxImageEx@@QBE_NXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?GetS@CxMemFile@@UAEPADPADH@Z
?GetSize@CxImage@@QAEJXZ
?GetSize@CxImageEx@@QAEJXZ
?GetTransColor@CxImage@@QAE?AUtagRGBQUAD@@XZ
?GetTransColor@CxImageEx@@QAE?AUtagRGBQUAD@@XZ
?GetTransIndex@CxImage@@QBEJXZ
?GetTransIndex@CxImageEx@@QBEJXZ
?GetTransparentMask@CxImage@@QAE_NPAV1@@Z
?GetTransparentMask@CxImageEx@@QAE_NPAVCxImage@@@Z
?GetType@CxImage@@QBEKXZ
?GetType@CxImageEx@@QBEKXZ
?GetTypeIdFromIndex@CxImage@@SAKK@Z
?GetTypeIdFromIndex@CxImageEx@@QAEKK@Z
?GetTypeIdFromName@CxImage@@SAKPBD@Z
?GetTypeIdFromName@CxImageEx@@QAEKPBD@Z
?GetTypeIndexFromId@CxImage@@SAKK@Z
?GetTypeIndexFromId@CxImageEx@@QAEKK@Z
?GetVersion@CxImage@@SAPBDXZ
?GetVersion@CxImageEx@@QAEPBDXZ
?GetVersionNumber@CxImage@@SA?BMXZ
?GetVersionNumber@CxImageEx@@QAE?BMXZ
?GetWidth@CxImage@@QBEKXZ
?GetWidth@CxImageEx@@QBEKXZ
?GetXDPI@CxImage@@QBEJXZ
?GetXDPI@CxImageEx@@QBEJXZ
?GetYDPI@CxImage@@QBEJXZ
?GetYDPI@CxImageEx@@QBEJXZ
?Ghost@CxImage@@IAEXPBV1@@Z
?GifMix@CxImageGIF@@IAEXAAVCxImage@@AAUtag_image@1@@Z
?GifNextPixel@CxImageGIF@@IAEHXZ
?GrayScale@CxImage@@QAE_NXZ
?GrayScale@CxImageEx@@QAE_NXZ
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CxImage@@SA?AUtagRGBQUAD@@U2@@Z
?HSLtoRGB@CxImageEx@@QAE?AUtagRGBQUAD@@K@Z
?HSLtoRGB@CxImageEx@@QAE?AUtagRGBQUAD@@U2@@Z
?HashFun@CHash@@IAEKJAAK@Z
?HashFun@CHash@@IAEKPBDAAK@Z
?Height@CxRect2@@QBEMXZ
?Histogram@CxImage@@QAEJPAJ000J@Z
?Histogram@CxImageEx@@QAEJPAJ000J@Z
?HistogramEqualize@CxImage@@QAE_NXZ
?HistogramEqualize@CxImageEx@@QAE_NXZ
?HistogramLog@CxImage@@QAE_NXZ
?HistogramLog@CxImageEx@@QAE_NXZ
?HistogramNormalize@CxImage@@QAE_NXZ
?HistogramNormalize@CxImageEx@@QAE_NXZ
?HistogramRoot@CxImage@@QAE_NXZ
?HistogramRoot@CxImageEx@@QAE_NXZ
?HistogramStretch@CxImage@@QAE_NJN@Z
?HistogramStretch@CxImageEx@@QAE_NJN@Z
?HuePalette@CxImage@@QAEXM@Z
?HuePalette@CxImageEx@@QAEXM@Z
?HueToRGB@CxImage@@KAMMMM@Z
?IncreaseBpp@CxImage@@QAE_NK@Z
?IncreaseBpp@CxImageEx@@QAE_NK@Z
?InitParam@CHash@@QAEHXZ
?InitTextInfo@CxImage@@QAEXPAUtagCxTextInfo@1@@Z
?InitTextInfo@CxImageEx@@QAEXPAUtagCxTextInfo@1@@Z
?InsertItem@CHash@@QAEHJPAX@Z
?InsertItem@CHash@@QAEHPBDPAX@Z
?IsEnabled@CxImage@@QBE_NXZ
?IsEnabled@CxImageEx@@QBE_NXZ
?IsGrayScale@CxImage@@QAE_NXZ
?IsGrayScale@CxImageEx@@QAE_NXZ
?IsIndexed@CxImage@@QBE_NXZ
?IsIndexed@CxImageEx@@QBE_NXZ
?IsInside@CxImage@@QAE_NJJ@Z
?IsInside@CxImageEx@@QAE_NJJ@Z
?IsPowerof2@CxImage@@IAE_NJ@Z
?IsSamePalette@CxImage@@QAE_NAAV1@_N@Z
?IsSamePalette@CxImageEx@@QAE_NAAVCxImage@@_N@Z
?IsTransparent@CxImage@@QAE_NJJ@Z
?IsTransparent@CxImage@@QBE_NXZ
?IsTransparent@CxImageEx@@QAE_NJJ@Z
?IsTransparent@CxImageEx@@QBE_NXZ
?IsValid@CxImage@@QBE_NXZ
?IsValid@CxImageEx@@QBE_NXZ
?Jitter@CxImage@@QAE_NJ@Z

Sections

.text
Size: 1024KB - Virtual size: 1022KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
regedit.xml
seal/1.bmp
seal/itemconfig.xml
serverlist.txt
sysmessage.xml
.xml
tui.ini
uninst.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

69:ec:40:56:b0:78:61:5e:d2:92:de:cd:8c:2e:6e:60:8f:09:59:e2
Signer

Actual PE Digest

69:ec:40:56:b0:78:61:5e:d2:92:de:cd:8c:2e:6e:60:8f:09:59:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
updateitem.dll
.dll windows:4 windows x86 arch:x86

19d65e9e38d95d951d3623cbfe5f57ac

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/05/2012, 00:00

Not After

27/08/2015, 23:59

Subject

CN=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=JINHUA 9158 NETWORK SCIENCE AND TECHNOLOGY CO.\,LTD.,L=Jinhua,ST=Zhejiang,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:1f:33:7f:32:1a:4b:bc:7a:52:36:f4:c9:ce:4b:70:c0:26:b3:0c
Signer

Actual PE Digest

bd:1f:33:7f:32:1a:4b:bc:7a:52:36:f4:c9:ce:4b:70:c0:26:b3:0c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

mfc42

ord6385
ord3584
ord773
ord543
ord501
ord803
ord5621
ord1175
ord924
ord922
ord2764
ord5186
ord2393
ord1988
ord690
ord5207
ord389
ord1083
ord939
ord1168
ord1253
ord342
ord1182
ord1979
ord4278
ord858
ord535
ord537
ord354
ord540
ord800
ord665
ord823
ord825
ord3663
ord5683

msvcrt

_adjust_fdiv
malloc
_initterm
free
_onexit
??1type_info@@UAE@XZ
_purecall
_mbscmp
__CxxFrameHandler
__dllonexit
_CxxThrowException

kernel32

LocalFree
lstrlenA
InitializeCriticalSection
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
GetModuleFileNameA
Sleep
LeaveCriticalSection
CreateThread
GetExitCodeThread
GetLastError
CloseHandle
TerminateThread
WaitForSingleObject
DeleteCriticalSection

user32

PostMessageA

ole32

OleRun
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
GetErrorInfo

Exports

Exports

CreateItem

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ver.txt

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 76KB

.rsrc Size: 282KB - Virtual size: 281KB

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

50:23:a2:22:db:4d:97:b9:a7:9e:af:90:e0:06:d8:b3Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

18:6d:e5:16:fa:a2:e2:18:6a:76:f9:3f:70:36:ae:18:56:8d:78:b2Signer

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 628KB

UPX1 Size: 252KB - Virtual size: 252KB

UPX2 Size: 7KB - Virtual size: 8KB

358ab9a7300cd53b64442a050c793e4b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4cCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

c2:49:3b:c3:49:c7:ae:8e:d6:3a:d5:22:bb:14:1f:4d:cf:56:75:23Signer

Headers

File Characteristics

Imports

version

wininet

mvuilib

msimg32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 76KB

.rsrc
Size: 282KB - Virtual size: 281KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

50:23:a2:22:db:4d:97:b9:a7:9e:af:90:e0:06:d8:b3
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

18:6d:e5:16:fa:a2:e2:18:6a:76:f9:3f:70:36:ae:18:56:8d:78:b2
Signer

UPX0
Size: - Virtual size: 628KB

UPX1
Size: 252KB - Virtual size: 252KB

UPX2
Size: 7KB - Virtual size: 8KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

c2:49:3b:c3:49:c7:ae:8e:d6:3a:d5:22:bb:14:1f:4d:cf:56:75:23
Signer

.text
Size: 880KB - Virtual size: 879KB

.rdata
Size: 184KB - Virtual size: 182KB

.data
Size: 52KB - Virtual size: 62KB

.rsrc
Size: 860KB - Virtual size: 858KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

a0:77:b7:6a:af:d3:5a:9f:c8:07:39:c6:c7:60:5b:43:35:c8:bc:6d
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 11KB - Virtual size: 11KB

.rodata
Size: 512B - Virtual size: 64B

.bss
Size: - Virtual size: 279KB

.edata
Size: 17KB - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 35KB - Virtual size: 35KB

79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:f5:86:d6:64:d4:ad:1f:05:52:4f:d9:b3:bc:e3:4c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

77:40:6f:d6:6d:b3:c4:4d:29:9d:e4:ed:d8:95:43:e4:2c:5b:3b:ae
Signer