e100dc472c8ca3cb0dc8ee2b4d9bf6e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e100dc472c8ca3cb0dc8ee2b4d9bf6e8_JaffaCakes118
Size

4.3MB
MD5

e100dc472c8ca3cb0dc8ee2b4d9bf6e8
SHA1

1d29bc5613020ef2e16848e35c5af439719657b5
SHA256

432b1351fc07722205c2657c07a6c3fa0cc22f6e6d145576ed45e71492fb1f35
SHA512

f2bf7968242978b0eee17afdadfc1e790cf867590ccc544775e577e7862320b22df09324755e0ffe5b3d35426f0cf62c508b1eb0f34816f82be7ab0e9db8536e
SSDEEP

98304:4kT3ul4fCdURd/WRO++Rn1mYCxyuHM1R0sV9UMEGwfT83UihjHJ2qLcsSvv3:4foIkWk++t1mbIusTtVmtIUihjHppSv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
e100dc472c8ca3cb0dc8ee2b4d9bf6e8_JaffaCakes118
unpack001/$PLUGINSDIR/AnimGif.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/messagebox.dll
unpack001/MatroskaSplitter.ax

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_1

Files

e100dc472c8ca3cb0dc8ee2b4d9bf6e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AnimGif.dll
.dll windows:4 windows x86 arch:x86

b4b71331b921e2f441a2b05306cd7dae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
ReadFile
lstrcmpiA
SetFilePointer
CloseHandle
TerminateThread
CreateThread
Sleep
lstrcpyA
GlobalFree

user32

ValidateRect
FillRect
InvalidateRgn
GetDC
ReleaseDC
CallWindowProcA
GetSysColor
FindWindowExA
IsWindowVisible
GetClientRect
IsWindow
GetWindowLongA
SetWindowLongA
RedrawWindow
SetRect

gdi32

FillRgn
CreateDIBitmap
CreateCompatibleDC
CreateSolidBrush
GetPixel
DeleteDC
StretchBlt
CreateRectRgn
SetDIBitsToDevice
DeleteObject
SetRectRgn
CombineRgn
SelectObject

msvcrt

strtoul
strchr
??2@YAPAXI@Z
__dllonexit
_onexit
??3@YAXPAX@Z

Exports

Exports

play
stop

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 382B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KuWoNsis.dll
.dll windows:4 windows x86 arch:x86

d44c16403468dc57c73ebca319ddbe16

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f2:73:62:f7:79:63:4a:44:16:b6:12:7f:06:c5:3a:bb:68:cf:5a:06
Signer

Actual PE Digest

f2:73:62:f7:79:63:4a:44:16:b6:12:7f:06:c5:3a:bb:68:cf:5a:06

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Visual Studio Projects\NsisPlugin\KuWoNsis\Release\KuWoNsis.pdb

Imports

kernel32

GetVersionExA
lstrcpyA
GlobalFree
ExitProcess
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetModuleFileNameA
HeapFree
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
LoadLibraryA
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo

advapi32

GetNamedSecurityInfoA
RegSetValueExA
RegOpenKeyExA
SetNamedSecurityInfoA
SetEntriesInAclA
BuildExplicitAccessWithNameA
RegCloseKey
RegCreateKeyExA

Exports

Exports

AddAccessRights
SetInstallDate

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/messagebox.dll
.dll windows:4 windows x86 arch:x86

c3f3267799760b39c4e2763e70fc3909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
lstrlenA
GetCurrentThreadId
lstrcpyA
GlobalAlloc
LoadLibraryA
FreeLibrary
lstrcpynA
lstrcmpA
GlobalFree

user32

FindWindowA
SetWindowPos
ReleaseDC
MapWindowPoints
GetWindowRect
GetDlgItem
ScreenToClient
SystemParametersInfoA
UnhookWindowsHookEx
GetDC
CallNextHookEx
wsprintfA
MessageBoxIndirectA
SetWindowsHookExA
GetWindowTextA
SendMessageA
CallWindowProcA
SetWindowLongA
SetWindowTextA

gdi32

GetTextExtentPointA
GetTextMetricsA
SelectObject

Exports

Exports

show

Sections

.rdata
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SMSTARTUP/ֺ.exe
.exe windows:4 windows x86 arch:x86

6e9116e001ca2c00f3eb0d8a5dd299be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ab:ed:ae:8b:7b:1e:2c:74:d4:c8:1f:b7:bf:4f:c3:09:42:8b:a0:61
Signer

Actual PE Digest

ab:ed:ae:8b:7b:1e:2c:74:d4:c8:1f:b7:bf:4f:c3:09:42:8b:a0:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\KwProjects\6.1\开机启动优化\autostart\Release\autostart.pdb

Imports

kernel32

CreateProcessA
ExitProcess
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
LoadLibraryA
InterlockedExchange
VirtualQuery
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CloseHandle

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/config.ini
$WINDIR/KwYl.dat
CM.dll
.dll windows:4 windows x86 arch:x86

ba6815b89931d7d7f1bab956c0c4e209

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d4:bf:7e:20:14:4d:a7:fc:f1:10:67:24:a1:01:1d:2a:49:0f:34:97
Signer

Actual PE Digest

d4:bf:7e:20:14:4d:a7:fc:f1:10:67:24:a1:01:1d:2a:49:0f:34:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\CPUMem.pdb

Imports

kernel32

GetTickCount
EnterCriticalSection
LeaveCriticalSection
Process32Next
OpenProcess
CloseHandle
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
GetProcessTimes
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetCurrentThreadId

psapi

GetProcessMemoryInfo

msvcr71

__security_error_handler
_except_handler3
free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit
??2@YAPAXI@Z
_stricmp
??3@YAXPAX@Z

Exports

Exports

??0YL_CPUMem@@QAE@XZ
??1YL_CPUMem@@QAE@XZ
??4YL_CPUMem@@QAEAAV0@ABV0@@Z
?GetCPUUsage@YL_CPUMem@@QAE_NIAAI@Z
?GetCPUUsage@YL_CPUMem@@QAE_NPBDAAI@Z
?GetMemUsage@YL_CPUMem@@QAE_NIAAI@Z
?GetMemUsage@YL_CPUMem@@QAE_NPBDAAI@Z

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Encode.exe
.exe windows:4 windows x86 arch:x86

152777a2577f448ba577c1c2ff3ad648

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

df:f2:34:15:64:72:45:da:70:15:1b:77:09:6f:62:ba:4b:49:89:a6
Signer

Actual PE Digest

df:f2:34:15:64:72:45:da:70:15:1b:77:09:6f:62:ba:4b:49:89:a6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\project\working\2.0\CommonLib\prj\Encode\Release\Encode.pdb

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kernel32

WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
CloseHandle
GetCurrentThreadId
GetTickCount
MultiByteToWideChar
CreateFileA
GetModuleFileNameA
GetSystemDirectoryA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
SetEndOfFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
GetOEMCP
SetFilePointer
GetStartupInfoA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
ReadFile
SetHandleCount
GetStdHandle
GetFileType

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
KwArd.ax
.dll regsvr32 windows:4 windows x86 arch:x86

77ac5a57c05d6f4e9bb8b2588db162e2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f0:1e:e4:90:65:1b:ee:60:d4:3b:8f:75:12:46:89:a3:a6:49:84:6f
Signer

Actual PE Digest

f0:1e:e4:90:65:1b:ee:60:d4:3b:8f:75:12:46:89:a3:a6:49:84:6f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\MusicBox_V2\dev\prj\KwASFReader\Release\KwArd.pdb

Imports

wmvcore

WMCreateReader
WMCreateProfileManager

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
SetEvent
WaitForSingleObject
ResetEvent
GetCurrentThreadId
GetLastError
CreateEventA
CancelWaitableTimer
WaitForMultipleObjects
CloseHandle
SetWaitableTimer
CreateWaitableTimerA
WideCharToMultiByte
Sleep
GetFileType
CreateFileA
ReadFile
ExitProcess
GetFileSize
InterlockedIncrement
InterlockedDecrement
GetProcAddress
GetModuleHandleA
InterlockedExchange
GetTickCount
GetVersionExA
CreateThread
DisableThreadLibraryCalls
lstrlenA
GetModuleFileNameA
FreeLibrary
QueryPerformanceCounter
GetCurrentProcessId
SetFilePointer
GetSystemTimeAsFileTime

user32

DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA

advapi32

RegCloseKey
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA

ole32

CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr71

??3@YAXPAX@Z
_purecall
__CxxFrameHandler
?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
__security_error_handler
_callnewh
malloc
_wtoi
_beginthreadex
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??_V@YAXPAX@Z

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KwFlashHolder.exe
.exe windows:4 windows x86 arch:x86

72314eca20b8f52ae5af44c7368c4bf3

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9e:79:b5:c2:38:10:d3:36:51:24:66:9b:60:50:b8:7c:c1:b9:28:fb
Signer

Actual PE Digest

9e:79:b5:c2:38:10:d3:36:51:24:66:9b:60:50:b8:7c:c1:b9:28:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eidolon\KwFlashHolder\KwFlashHolder\Release\KwFlashHolder.pdb

Imports

kernel32

GetLocaleInfoA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
VirtualProtect
SetStdHandle
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
CreateProcessA
CreateMutexA
GetLastError
HeapSize
CloseHandle
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapAlloc
GetSystemInfo

user32

LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
FindWindowA
DefWindowProcA
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow

advapi32

RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KwInfos.exe
.exe windows:4 windows x86 arch:x86

fa36e5cf9aa098f906c054395b464536

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f0:77:11:9c:d8:13:7d:3c:e7:f5:a5:fa:eb:67:75:32:c6:8f:80:69
Signer

Actual PE Digest

f0:77:11:9c:d8:13:7d:3c:e7:f5:a5:fa:eb:67:75:32:c6:8f:80:69

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z

kernel32

lstrlenA
CloseHandle
CreateMutexA
InterlockedDecrement
GetPrivateProfileStringA
GetCurrentThreadId
GetTickCount
CreateFileA
GetModuleFileNameA
LocalFree
HeapReAlloc
HeapSize
GetProcessHeap
SetEndOfFile
GetLocaleInfoW
LoadLibraryA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
HeapFree
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
GetOEMCP
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
ReadFile
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
GetModuleHandleA
VirtualProtect
DeleteCriticalSection
InitializeCriticalSection
GetLastError
WideCharToMultiByte
RaiseException
MultiByteToWideChar
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
HeapDestroy
HeapAlloc
EnumSystemLocalesA
GetProcAddress
ExitProcess
GetSystemTimeAsFileTime
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc

user32

ShowWindow
SetWindowLongA
GetWindowLongA
UpdateWindow
TranslateAcceleratorA
GetSystemMetrics
GetForegroundWindow
SystemParametersInfoA
InvalidateRect
GetDC
ReleaseDC
EqualRect
GetParent
GetWindowDC
UpdateLayeredWindow
SendMessageA
LoadAcceleratorsA
IsWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
PostQuitMessage
DrawTextA
KillTimer
IsWindowVisible
DestroyWindow
SetWindowPos
SetTimer
PostMessageA
BeginPaint
EndPaint
GetWindowRect
GetClientRect
DefWindowProcA
CreateWindowExA

gdi32

CreateDIBSection
SelectObject
GetDeviceCaps
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

OleUninitialize
OleInitialize
OleDraw
OleRun
CoCreateInstance
OleSetContainedObject
OleCreate

oleaut32

SysAllocString
SysFreeString
GetErrorInfo
VariantClear

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KwLogSvr.dll
.dll windows:4 windows x86 arch:x86

985fc5f29f81f6db29b579d5521f9989

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:2b:d6:58:f3:40:bc:47:17:2d:4d:4f:6b:b6:2b:86:bf:a5:32:04
Signer

Actual PE Digest

63:2b:d6:58:f3:40:bc:47:17:2d:4d:4f:6b:b6:2b:86:bf:a5:32:04

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\prj\KwLogSvr\Release\KwLogSvr4Music.pdb

Imports

http

?Request@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
??0YL_CHTTPRequest@@QAE@XZ
?GetContent@YL_CHTTPRequest@@QAEPAEAAJ@Z
??1YL_CHTTPRequest@@QAE@XZ

zlib

?Compress@YL_CZlibZip@@SA?AW4ZIP_RESULT@1@PAEPAJPBEJ@Z

kernel32

GetVersionExA
GetLastError
InitializeCriticalSection
DeleteCriticalSection
DeleteFileA
CopyFileA
FindClose
FindNextFileA
FindFirstFileA
GetFileAttributesA
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
CreateDirectoryA
GetModuleFileNameA
GetLocalTime
GetCurrentThreadId
CreateThread
SetEvent
CreateEventA
GetPrivateProfileStringA
GetTickCount
RemoveDirectoryA
SetFileAttributesA
GetSystemDirectoryA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
ResetEvent

advapi32

InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
SetSecurityDescriptorDacl

msvcp71

?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Nomemory@std@@YAXXZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?width@ios_base@std@@QBEHXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flags@ios_base@std@@QBEHXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msvcr71

tolower
fgets
_callnewh
memset
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_itoa
_mbsnbicmp
malloc
free
_except_handler3
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
printf
??_V@YAXPAX@Z
vsprintf
_vscprintf
_snprintf
_time64
atoi
fclose
fopen
fwrite
fread
fseek
strstr
_stat64
_mbsnbcpy
_strdup
strtoul

Exports

Exports

?LogFunctionalMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z
?LogUserActMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?SetStartupType@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?UpdateConfig@@YAXXZ
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ConfigVe
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KwMV.exe
.exe windows:4 windows x86 arch:x86

9d890373ab7a22a2c7a9624f85bd908b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

94:53:c2:cc:cc:a7:cc:92:2d:ba:97:05:42:22:72:8f:96:07:53:02
Signer

Actual PE Digest

94:53:c2:cc:cc:a7:cc:92:2d:ba:97:05:42:22:72:8f:96:07:53:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Work\268 mod\DataTransfer2.0\src\p2pclient\Release\p2pclient.pdb

Imports

ws2_32

gethostbyname
inet_addr
WSACreateEvent
ntohl
accept
WSASend
WSARecv
WSAGetOverlappedResult
WSAResetEvent
connect
getsockname
listen
WSASocketA
gethostname
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAGetLastError
WSAEventSelect
getsockopt
WSAStartup
WSACloseEvent
shutdown
closesocket
ioctlsocket
recvfrom
select
sendto
setsockopt
bind
socket
ntohs
htonl
htons

iphlpapi

GetAdaptersInfo

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
?LogUserActMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z

kernel32

Sleep
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
QueryPerformanceCounter
GetStartupInfoA
TerminateThread
ResumeThread
CreateDirectoryA
WriteFile
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
GetFileSize
CreateFileA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetVersionExA
CreateEventA
SetEvent
WaitForSingleObject
ResetEvent
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
GetLastError
GetVersion
TerminateProcess
CreateMutexA
CreateProcessA
GetSystemDirectoryA
ExitProcess
GetFileAttributesExA
SetProcessPriorityBoost
GetModuleHandleA
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
GetTickCount
GetPrivateProfileStringA
DeleteFileA
ReadFile
SetFilePointer
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
GlobalAlloc
GetOverlappedResult

user32

FindWindowA
SendMessageTimeoutA
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
DefWindowProcA
CreateWindowExA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
StartServiceCtrlDispatcherA
CreateServiceA
ChangeServiceConfigA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService
DeleteService
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

shell32

SHGetFolderPathA

msvcr71

__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strtoul
atof
sscanf
_stricmp
fwrite
vsprintf
fflush
ftell
fseek
strncmp
strstr
atoi
ceil
memmove
exit
time
_unlink
??_U@YAPAXI@Z
??_V@YAXPAX@Z
fopen
fread
fclose
??0exception@@QAE@ABV0@@Z
_snprintf
free
malloc
_beginthreadex
_purecall
sprintf
strncpy
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
_except_handler3
memset
_CxxThrowException

msvcp71

?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?close@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@V312@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?clear@ios_base@std@@QAEXH_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
KwMusic.exe
.exe windows:4 windows x86 arch:x86

49391c075a55cc874d392af879ae5db5

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9e:de:05:64:8c:f2:7e:fe:fd:f2:38:f5:b0:b1:ba:d0:6f:fb:c6:7d
Signer

Actual PE Digest

9e:de:05:64:8c:f2:7e:fe:fd:f2:38:f5:b0:b1:ba:d0:6f:fb:c6:7d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\workSpace\Now\KuMusic2820ScanCtrl\MusicBox_V2\dev\bin_r\KwMusic.pdb

Imports

http

?GetHeader@YL_CHTTPRequest@@QAEPAEAAJ@Z
?SendRequest@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
??1YL_CHTTPDownFile@@QAE@XZ
??0YL_CHTTPRequest@@QAE@XZ
??0YL_CHTTPDownFile@@QAE@XZ
?Request@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
?GetRequestTime@YL_CHTTPRequest@@QAEXPAH0@Z
?GetHeaderItem@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetRequestIP@YL_CHTTPRequest@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1YL_CHTTPRequest@@QAE@XZ
?GetCurrentDownloadStatus@YL_CHTTPDownFile@@QAENXZ
?Disconnect@YL_CHTTPRequest@@QAE_NXZ
?GetContent@YL_CHTTPRequest@@QAEPAEAAJ@Z
?DownloadFile@YL_CHTTPDownFile@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAI@Z

zlib

?Compress@YL_CZlibZip@@SA?AW4ZIP_RESULT@1@PAEPAJPBEJ@Z
?UnCompress@YL_CZlibZip@@SA?AW4ZIP_RESULT@1@PAEPAJPBEJ@Z

dotag

?GetTag@YL_CTagDealer@@SA_NPBDPAUMusicTag@1@@Z
?SaveTag@YL_CTagDealer@@SA_NPBDPBUMusicTag@1@@Z

player

?GetMeidaPluginManagerFactory@@YAPAVIMeidaPluginManagerFactory@@XZ
?ReleaseAudioPlayer@@YAXPAVIAudioPlayer@@@Z
?CreateVideoPlayer@@YAPAVIVideoPlayer@@XZ
?CreateAudioPlayer@@YAPAVIAudioPlayer@@XZ
?ReleaseVideoPlayer@@YAXPAVIVideoPlayer@@@Z

pd

StopAll
SetSysMsgWnd
DetachP2PListener
DelRes
AttachP2PListener
StartKWMV
CloseKWMV
StartDown
StopDown
GetResInfo

fzip

?UnCompress@YL_CFileZip@@SA_NPAXIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@_N@Z
?UnCompress@YL_CFileZip@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@_N@Z

reco

?RecoSongByFp@YL_CRecoSong@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAURECO_SONG_INFO@@PAI_N@Z
?SetInfo@YL_CRecoSong@@SAXPBD000@Z
?RecoSongs2@YL_CRecoSong@@SA_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAV?$vector@URECO_SONG_INFO@@V?$allocator@URECO_SONG_INFO@@@std@@@3@PAV?$vector@URECO_RESULT@@V?$allocator@URECO_RESULT@@@std@@@3@@Z
?GetFPTimeAndInfo@YL_CRecoSong@@SAXPAH000PA_N@Z

kwlogsvr

?LogUserActMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetStartupType@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z
?LogFunctionalMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?UpdateConfig@@YAXXZ
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

wininet

InternetGetCookieA
InternetSetCookieA

cm

??0YL_CPUMem@@QAE@XZ
?GetCPUUsage@YL_CPUMem@@QAE_NPBDAAI@Z
?GetMemUsage@YL_CPUMem@@QAE_NPBDAAI@Z
??1YL_CPUMem@@QAE@XZ

mfc71

ord1545
ord4232
ord3164
ord587
ord589
ord330
ord2075
ord4385
ord4400
ord5531
ord2853
ord2942
ord3169
ord468
ord694
ord2787
ord2814
ord3473
ord1279
ord5637
ord2090
ord1637
ord1558
ord4236
ord642
ord6120
ord602
ord347
ord3651
ord2092
ord1641
ord1571
ord4238
ord2958
ord3230
ord658
ord5866
ord4761
ord2873
ord2794
ord3402
ord5871
ord2882
ord326
ord3875
ord1728
ord3680
ord3587
ord4350
ord754
ord2527
ord651
ord1564
ord416
ord1185
ord1198
ord3255
ord5331
ord6297
ord5320
ord6286
ord313
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord5888
ord5727
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord1929
ord3989
ord1482
ord3952
ord3795
ord1565
ord3337
ord1397
ord6266
ord1933
ord1570
ord4237
ord3229
ord657
ord3406
ord4108
ord4100
ord2094
ord3244
ord1955
ord1283
ord3997
ord907
ord5710
ord2292
ord6144
ord2271
ord6179
ord6173
ord3489
ord3163
ord3879
ord4001
ord5641
ord502
ord1192
ord1160
ord4118
ord5833
ord2654
ord3397
ord3576
ord2475
ord2263
ord3287
ord5976
ord1968
ord1161
ord5985
ord3350
ord5622
ord5986
ord3352
ord3302
ord5634
ord2234
ord1071
ord1930
ord1966
ord3339
ord3295
ord530
ord722
ord3503
ord6005
ord5714
ord1118
ord3863
ord4041
ord6062
ord5444
ord751
ord2477
ord1470
ord1595
ord562
ord2938
ord908
ord5529
ord298
ord300
ord2233
ord2469
ord865
ord1092
ord3233
ord423
ord660
ord4063
ord866
ord5466
ord3428
ord590
ord1117
ord331
ord3696
ord6180
ord6174
ord715
ord1643
ord1581
ord3292
ord2164
ord1873
ord3760
ord5419
ord5868
ord2867
ord2370
ord1486
ord5377
ord5869
ord5059
ord4320
ord1024
ord655
ord1443
ord5111
ord421
ord6167
ord2866
ord5873
ord3650
ord3477
ord4298
ord4129
ord4132
ord2008
ord1302
ord4131
ord4961
ord4507
ord4946
ord4649
ord4964
ord753
ord4805
ord4364
ord4710
ord4796
ord4963
ord4377
ord4376
ord4287
ord4794
ord4948
ord4200
ord4516
ord4971
ord4480
ord4529
ord4970
ord4846
ord4501
ord4368
ord4439
ord5049
ord4559
ord4920
ord4520
ord4519
ord4914
ord3740
ord4444
ord4443
ord4790
ord4204
ord4781
ord4389
ord4980
ord4171
ord4178
ord4587
ord4776
ord4386
ord4401
ord4399
ord4381
ord4384
ord4379
ord4863
ord4860
ord3974
ord5914
ord1619
ord5151
ord5206
ord3344
ord1360
ord5166
ord1562
ord2717
ord4273
ord648
ord2419
ord2420
ord2421
ord2418
ord2417
ord496
ord410
ord6282
ord6288
ord1793
ord3088
ord4674
ord4673
ord1308
ord2176
ord1729
ord591
ord2086
ord1483
ord4098
ord2089
ord1547
ord4234
ord3171
ord4752
ord4928
ord2803
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord4019
ord1557
ord3945
ord5148
ord2173
ord1306
ord4277
ord4265
ord5205
ord4342
ord4927
ord3648
ord3466
ord4250
ord5165
ord4450
ord635
ord395
ord4299
ord1151
ord5625
ord383
ord2308
ord5284
ord5287
ord5661
ord996
ord5107
ord2804
ord2159
ord6280
ord4127
ord6205
ord548
ord675
ord442
ord4044
ord378
ord631
ord2280
ord386
ord2751
ord3931
ord2288
ord5346
ord1452
ord1614
ord744
ord5097
ord556
ord6310
ord3389
ord3094
ord795
ord1396
ord3174
ord747
ord559
ord1646
ord1588
ord3312
ord736
ord1875
ord4564
ord2019
ord333
ord5969
ord739
ord1647
ord1589
ord3315
ord1881
ord4211
ord4734
ord2022
ord2943
ord3205
ord391
ord5746
ord427
ord664
ord3591
ord4067
ord870
ord259
ord1580
ord2346
ord262
ord4065
ord868
ord5526
ord662
ord425
ord6138
ord6178
ord3349
ord3348
ord5055
ord2719
ord785
ord308
ord563
ord2131
ord741
ord2368
ord2468
ord911
ord4123
ord3761
ord6168
ord6037
ord5642
ord2264
ord6035
ord620
ord3195
ord2991
ord1554
ord3454
ord1395
ord5731
ord4109
ord5563
ord3204
ord1916
ord2451
ord760
ord572
ord3596
ord3684
ord781
ord384
ord5089
ord629
ord2903
ord1439
ord5323
ord5403
ord2306
ord6017
ord432
ord3331
ord2707
ord5493
ord380
ord1917
ord1123
ord1031
ord3514
ord2322
ord2657
ord5613
ord5491
ord6236
ord1794
ord1892
ord3758
ord6063
ord4735
ord4212
ord3317
ord4240
ord1591
ord2095
ord3441
ord385
ord3056
ord2021
ord3038
ord630
ord265
ord266
ord354
ord3182
ord4262
ord1401
ord5912
ord1551
ord1670
ord1671
ord4890
ord5182
ord6281
ord567
ord327
ord5640
ord758

msvcr71

_mbsstr
fgets
toupper
isxdigit
strtod
strtoul
_strdup
_mbsrev
_mbsnbcpy
strrchr
_stat64
sscanf
vsprintf
_vscprintf
_mbschr
ftell
wcschr
fwrite
strncpy
_access
_atoi64
memmove
fopen
fread
fclose
fseek
fprintf
_beginthread
exit
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
strtok
tolower
strncmp
__RTDynamicCast
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_purecall
time
srand
atoi
_snprintf
rand
strstr
__p___argc
_beginthreadex
wcslen
wcscmp
_mbscmp
_mktime64
__p___argv
__CxxFrameHandler
sprintf
wcscpy
_except_handler3
free
malloc
iswalpha
iswspace
longjmp
_time64
_strlwr
atof
strchr
atol
fflush
rewind
isdigit
_ui64toa
_unlink
strftime
_localtime64
_errno
mbstowcs
_setjmp3
ldexp
floor
tmpfile
_setmbcp
setlocale
_splitpath
_stricmp
_itoa
ceil
_close
_read
_fstat
localtime
realloc
_mbsnbcmp
_mbclen
_mbccpy
_local_unwind2
_strnicmp
getc
_iob
strerror
vfprintf
isspace
memset
??1type_info@@UAE@XZ
__security_error_handler
__dllonexit
_strupr
_putw
_strcmpi
_sopen
_ultoa
memcpy
_CIacos
_finite
_ftol
_CIpow
iswpunct
iswdigit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_mbsncmp
_controlfp

kernel32

EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindNextFileA
FindClose
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GetProcAddress
Sleep
GetModuleFileNameA
GetExitCodeThread
TerminateThread
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WritePrivateProfileStringA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetCommandLineA
LoadLibraryA
FreeLibrary
OpenProcess
LockResource
CreateThread
GetTickCount
SetEvent
lstrcatA
GetPrivateProfileStringA
GetCurrentProcess
TerminateProcess
DuplicateHandle
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateMutexA
ReleaseMutex
CloseHandle
WaitForSingleObject
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime
LockFileEx
GetTempPathW
FormatMessageA
FormatMessageW
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceW
CreateFileW
TlsGetValue
TlsSetValue
TlsAlloc
FileTimeToSystemTime
InterlockedDecrement
ExitProcess
GetStartupInfoA
LoadResource
FindResourceA
CreateProcessA
DeviceIoControl
CreateFileA
GetDriveTypeA
GetLogicalDrives
GlobalFree
GlobalAlloc
MoveFileExA
GetTempPathA
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
CreateDirectoryA
GetLogicalDriveStringsA
GetFileAttributesA
GetSystemDirectoryA
GlobalUnlock
GlobalLock
MapViewOfFile
CreateFileMappingA
lstrcpyA
MulDiv
lstrcpynA
GetWindowsDirectoryA
WinExec
ResetEvent
ResumeThread
FreeResource
HeapFree
GetProcessHeap
GetModuleHandleA
HeapAlloc
GetCurrentDirectoryA
FlushInstructionCache
GetCPInfo
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
GetFileTime
SetFileTime
SystemTimeToFileTime
GetSystemTime
WritePrivateProfileSectionA
GetPrivateProfileSectionA
WriteFile
SetFilePointer
GetFileSize
InterlockedIncrement
WaitForMultipleObjects
CopyFileA
ReadFile
LocalFree
LocalAlloc
IsDBCSLeadByte
GetVolumeInformationA
GetExitCodeProcess
OutputDebugStringA
ExitThread
GetLocalTime
SetThreadPriority
UnmapViewOfFile
InterlockedCompareExchange
AreFileApisANSI
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
GetFileAttributesW
DeleteFileW
HeapDestroy
HeapReAlloc
HeapSize
SetLastError
VirtualProtect
GetSystemInfo
IsProcessorFeaturePresent
CreateEventA
SetProcessWorkingSetSize
QueryPerformanceCounter
LoadLibraryW

user32

UnregisterHotKey
RegisterHotKey
PeekMessageA
PostThreadMessageA
GetWindowRgn
GetAsyncKeyState
wsprintfA
CheckDlgButton
IsDlgButtonChecked
GetWindowTextA
SetCursorPos
mouse_event
ShowCursor
UpdateLayeredWindow
LoadCursorFromFileA
IsClipboardFormatAvailable
wsprintfW
SetActiveWindow
PostQuitMessage
keybd_event
EnumChildWindows
RegisterWindowMessageA
GetDoubleClickTime
GetKeyNameTextA
GetDlgItem
FindWindowExA
MoveWindow
CheckMenuItem
GetMenuItemInfoA
ModifyMenuA
InsertMenuA
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
DeleteMenu
CreatePopupMenu
CreateMenu
DestroyIcon
DrawIconEx
GetIconInfo
CallNextHookEx
SetWindowsHookExA
RegisterClassExA
UnhookWindowsHookEx
IsRectEmpty
CallWindowProcA
MapWindowPoints
GetWindowDC
WindowFromDC
FrameRect
GetSysColorBrush
DrawFrameControl
SetPropA
RemovePropA
GetPropA
SetScrollRange
SetScrollPos
SetScrollInfo
GetScrollRange
GetScrollPos
GetScrollInfo
EnableScrollBar
DrawTextW
GetClassInfoA
SetParent
ShowScrollBar
OffsetRect
GetNextDlgGroupItem
DrawEdge
LoadMenuA
GetSubMenu
DrawFocusRect
TrackMouseEvent
UpdateWindow
GrayStringA
DrawTextExA
TabbedTextOutA
GetCursorPos
GetUpdateRect
FillRect
SetRectEmpty
CopyRect
SetRect
MessageBeep
GetMessagePos
InflateRect
CopyIcon
GetSysColor
RegisterClassA
BeginPaint
EndPaint
DefWindowProcA
WindowFromPoint
GetClassNameA
CreateWindowExA
GetKeyState
DrawTextA
DestroyWindow
GetFocus
SetWindowLongA
SetLayeredWindowAttributes
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
ScreenToClient
EqualRect
FindWindowA
CopyImage
SystemParametersInfoA
SetWindowPos
PtInRect
GetForegroundWindow
AttachThreadInput
BringWindowToTop
GetDesktopWindow
InvalidateRect
ReleaseCapture
SetWindowRgn
GetSystemMetrics
LoadIconA
GetParent
SetCapture
GetCapture
KillTimer
SetTimer
RedrawWindow
ReleaseDC
GetDC
ClientToScreen
IsIconic
GetSystemMenu
SendMessageTimeoutA
IsWindow
PostMessageA
TranslateAcceleratorA
SetForegroundWindow
EnableWindow
LoadImageA
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
LoadAcceleratorsA
SendMessageA
GetWindowThreadProcessId
MessageBoxA
EnableMenuItem
DrawIcon
LoadBitmapA
GetWindowLongA
GetClientRect
IsMenu
GetWindowRect
LoadCursorA
SetCursor
IntersectRect
GetWindow
IsWindowVisible

gdi32

GetTextAlign
SetBitmapDimensionEx
RectInRegion
GetBitmapDimensionEx
GetBkColor
EnumFontFamiliesExA
CreateRoundRectRgn
PtInRegion
MoveToEx
GetTextExtentPoint32W
Ellipse
GetObjectW
GetCharacterPlacementW
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectW
ExtTextOutW
GetBkMode
FrameRgn
OffsetRgn
EqualRgn
CreatePolygonRgn
GetClipBox
SetPixel
Polygon
IntersectClipRect
SetWindowOrgEx
PlayEnhMetaFile
CreatePatternBrush
SetBrushOrgEx
UnrealizeObject
GetTextExtentPointW
CreateRectRgn
CombineRgn
SelectClipRgn
GetPixel
GetCharWidthA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SaveDC
StretchBlt
SetStretchBltMode
RestoreDC
GetTextColor
GetTextExtentPoint32A
GetStockObject
LineTo
SetBkMode
CreateBitmap
SetMapMode
BitBlt
GetTextMetricsA
CreatePen
CreateSolidBrush
GetDeviceCaps
CreateFontIndirectA
SetTextColor
SetBkColor
GetTextExtentPointA
CreateFontA
GetObjectA
CreateICA
ExtCreateRegion
GetDIBits
CreateDIBitmap
CreateDIBSection
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
SelectPalette
DeleteObject
CreatePalette
PatBlt
SetTextAlign
GetCharacterPlacementA

msimg32

TransparentBlt
AlphaBlend

comdlg32

CommDlgExtendedError

advapi32

RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueA

shell32

SHGetFolderPathA
DragQueryFileA
ShellExecuteA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
Shell_NotifyIconA
SHFileOperationA
SHGetSpecialFolderPathA
SHChangeNotify

comctl32

ord17
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIcon
ImageList_Add
ImageList_AddMasked
InitCommonControlsEx
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove

shlwapi

PathFileExistsA
StrStrIA
PathAddBackslashA
HashData

ole32

CoInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantInit
VariantTimeToSystemTime
VariantChangeType
OleLoadPicturePath
VariantClear
SysAllocStringLen
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
OleLoadPicture
SysFreeString

msvcp71

??Bid@locale@std@@QAEIXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Incref@facet@locale@std@@QAEXXZ
?_Register@facet@locale@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?bad@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?exceptions@ios_base@std@@QAEXH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@HH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?unsetf@ios_base@std@@QAEXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
?setf@ios_base@std@@QAEHHH@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??1istrstream@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??7ios_base@std@@QBE_NXZ
??1ostrstream@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1strstreambuf@std@@UAE@XZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?freeze@strstreambuf@std@@QAEX_N@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Init@strstreambuf@std@@IAEXHPAD0H@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?overflow@strstreambuf@std@@MAEHH@Z
?pbackfail@strstreambuf@std@@MAEHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?underflow@strstreambuf@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPADH@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHPBDH@Z
?seekoff@strstreambuf@std@@MAE?AV?$fpos@H@2@JHH@Z
?seekpos@strstreambuf@std@@MAE?AV?$fpos@H@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PADH@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?id@?$ctype@D@std@@2V0locale@2@A
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@V312@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?close@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Bios_base@std@@QBEPAXXZ
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AViterator@12@V312@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@Viterator@12@0PB_W@Z
??_D?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?eof@?$char_traits@_W@std@@SAGXZ
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?width@ios_base@std@@QAEHH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?width@ios_base@std@@QBEHXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
??0_Lockit@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

ex_dll

?RecordExceptionInfo_Release@@YGJPAU_EXCEPTION_POINTERS@@@Z
?SetExit@@YGXXZ

sensapi

IsNetworkAlive

ws2_32

connect
closesocket
gethostbyname
htons
socket
recv
send

localserver

??0CLocalSvrManage@@QAE@XZ
?SendToAllExceptID@CLocalSvrManage@@QAEXPAEHH@Z
?SetActiveID@CLocalSvrManage@@QAEXH@Z
?GetActiveID@CLocalSvrManage@@QAEHXZ
?SendByID@CLocalSvrManage@@QAEXPAEHH@Z
?SendToAll@CLocalSvrManage@@QAEXPAEH@Z
?GetConnectionCount@CLocalSvrManage@@QAEHXZ
?Close@CLocalSvrManage@@QAEXXZ
?RemoveFlashMsgReceiver@CLocalSvrManage@@QAEXPAVIFlashMsgReceiver@@@Z
?AddFlashMsgReceiver@CLocalSvrManage@@QAEXPAVIFlashMsgReceiver@@@Z
?Create@CLocalSvrManage@@QAEHI@Z
??1CLocalSvrManage@@QAE@XZ

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KwUpdate.dll
.dll windows:4 windows x86 arch:x86

f60429c8c7bb5579dedd7f600985727e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ef:c5:8a:aa:c8:44:95:32:d4:36:a4:1b:cc:f3:16:3a:0f:90:74:79
Signer

Actual PE Digest

ef:c5:8a:aa:c8:44:95:32:d4:36:a4:1b:cc:f3:16:3a:0f:90:74:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\prj\KwUpdate\Release\KwUpdate4Music.pdb

Imports

iphlpapi

GetAdaptersInfo

http

??0YL_CHTTPDownFile@@QAE@XZ
?DownloadFile@YL_CHTTPDownFile@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAI@Z
??1YL_CHTTPDownFile@@QAE@XZ
?SelectFastServer@YL_CHTTPRequest@@QAE_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
??0YL_CHTTPRequest@@QAE@XZ
?Request@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
?GetContent@YL_CHTTPRequest@@QAEPAEAAJ@Z
?GetReturnCode@YL_CHTTPRequest@@QAE_NAAJ@Z
??1YL_CHTTPRequest@@QAE@XZ

pd

StartDown
StopDown

kernel32

HeapDestroy
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
ExitProcess
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
GetModuleFileNameA
WaitForSingleObject
SetEvent
QueryPerformanceCounter
CreateMutexA
CreateEventA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
Sleep
GetLocalTime
FindClose
CreateFileA
FindFirstFileA
WritePrivateProfileStringA
CopyFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetUserDefaultLCID
WritePrivateProfileSectionA
GetCurrentProcessId
DeviceIoControl
GetPrivateProfileStringA
CreateProcessA
GetCurrentThreadId
GetTickCount
MoveFileExA
GetTempPathA
DeleteFileA
SetFileAttributesA
CreateDirectoryA
GetSystemDirectoryA
GetSystemTimeAsFileTime
CloseHandle
GetPrivateProfileSectionA

user32

IsWindow
SendMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegQueryValueExA

shell32

SHGetFolderPathA

kwlogsvr

?LogInit@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?LogFunctionalMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ
?UpdateConfig@@YAXXZ

msvcp71

?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?uncaught_exception@std@@YA_NXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z

msvcr71

_mbschr
_mbsrchr
strcpy
_mbsnbcpy
_mbsrev
_strdup
strtoul
fgets
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_strupr
_itoa
malloc
free
_except_handler3
_CxxThrowException
memset
time
_time64
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
??3@YAXPAX@Z
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??_V@YAXPAX@Z
_vscprintf
vsprintf
memcpy
_snprintf
strstr
strrchr
strlen
strcat
_mbsstr
_mbslwr
memmove
fclose
fread
fopen
rename
_unlink
fflush
fprintf
_stat64
_beginthread
atoi
_access
strcmp
sprintf

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

BeginUpdate2
SetHTTPControl

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SHARED
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Local/FirstSearchPath
Local/LastSearchPath
Local/NotSearchPath
LocalServer.dll
.dll windows:4 windows x86 arch:x86

70f69bbcc99a96ca038b6edfac1edb8e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:c0:00:32:a5:a3:64:e7:dc:6e:50:d0:a2:3c:1d:10:e0:63:27:bd
Signer

Actual PE Digest

61:c0:00:32:a5:a3:64:e7:dc:6e:50:d0:a2:3c:1d:10:e0:63:27:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\code\LocalServer\LocalServer\Release\LocalServer.pdb

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
ResetEvent
CloseHandle
SetEvent
Sleep
SetThreadPriority
WaitForSingleObject
CreateThread
WaitForMultipleObjects
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

ws2_32

WSAStartup
getsockname
send
recv
select
accept
WSACleanup
htons
bind
closesocket
WSAGetLastError
listen
socket

msvcp71

?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__security_error_handler
_except_handler3
free
??3@YAXPAX@Z
memmove
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
_CxxThrowException
time
strstr
_stricmp
??_V@YAXPAX@Z
malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit

Exports

Exports

??0CLocalSvrManage@@QAE@XZ
??1CLocalSvrManage@@QAE@XZ
??4CLocalSvrManage@@QAEAAV0@ABV0@@Z
?AddFlashMsgReceiver@CLocalSvrManage@@QAEXPAVIFlashMsgReceiver@@@Z
?BeginMsgThread@CLocalSvrManage@@AAEHXZ
?Close@CLocalSvrManage@@QAEXXZ
?Create@CLocalSvrManage@@QAEHI@Z
?GetActiveID@CLocalSvrManage@@QAEHXZ
?GetConnectionCount@CLocalSvrManage@@QAEHXZ
?IsStoped@CLocalSvrManage@@QAEHXZ
?KillMsgThread@CLocalSvrManage@@AAEXXZ
?MsgThread@CLocalSvrManage@@CAIPAX@Z
?RemoveFlashMsgReceiver@CLocalSvrManage@@QAEXPAVIFlashMsgReceiver@@@Z
?ResetSocket@CLocalSvrManage@@QAEXH@Z
?SendByID@CLocalSvrManage@@QAEXPAEHH@Z
?SendToAll@CLocalSvrManage@@QAEXPAEH@Z
?SendToAllExceptID@CLocalSvrManage@@QAEXPAEHH@Z
?SetActiveID@CLocalSvrManage@@QAEXH@Z

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MFC71.dll
.dll windows:4 windows x86 arch:x86

7397fb8b8633dd76aa9cbc7e2e0c24bd

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

28:8e:f5:38:93:fc:df:e1:26:69:ad:89:d6:ea:b8:06:68:e8:86:5f
Signer

Actual PE Digest

28:8e:f5:38:93:fc:df:e1:26:69:ad:89:d6:ea:b8:06:68:e8:86:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc71.pdb

Imports

msvcr71

__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_itoa
wcsncpy
_ltoa
_ultoa
_ismbcdigit
ceil
swprintf
_mbsnbcmp
_mbsnbicmp
_splitpath
_fullpath
atol
__p___argc
__p___argv
_beginthreadex
_endthreadex
_strdup
_mbsdec
atoi
_expand
strtod
strtol
strtoul
sscanf
abs
labs
_mbctype
_snprintf
__CxxFrameHandler
calloc
_msize
_purecall
_localtime64
_mktime64
realloc
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
abort
memcmp
sprintf
_CxxThrowException
vsprintf
_vscprintf
_mbsrev
_mbslwr
_mbsupr
_mbscspn
_mbsspn
_mbspbrk
_mbsrchr
_mbschr
_mbsstr
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
_ismbcspace
_mbsinc
strlen
memmove
wcslen
memcpy
vswprintf
_vscwprintf
_wcsrev
_wcslwr
_wcsupr
wcscspn
wcsspn
wcspbrk
wcsrchr
wcschr
wcsstr
_wcsicoll
wcscoll
_wcsicmp
wcscmp
iswspace
wcscpy
memset
_except_handler3
_resetstkoflw
free
malloc
strcmp
strcpy

kernel32

GetLastError
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetVersion
lstrcmpiA
lstrlenW
lstrcmpiW
lstrlenA
FormatMessageA
GetEnvironmentVariableA
CompareStringA
CompareStringW
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
lstrcpynA
SetLastError
lstrcmpA
MoveFileA
DeleteFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
CloseHandle
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
CreateFileA
GetShortPathNameA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
RaiseException
LocalAlloc
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
CreateEventA
WaitForMultipleObjects
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
MulDiv
GetProfileIntA
VirtualProtect
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
SearchPathA
GetTempPathA
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
InterlockedIncrement
FindNextFileA
GetTickCount
CopyFileA
lstrcpynW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyW
GetSystemTime
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
InterlockedDecrement

gdi32

IntersectClipRect
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileA
CopyMetaFileA
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
StartDocA
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
EnumFontFamiliesExA
CreateDCA
BitBlt
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutA
DeleteMetaFile
CloseMetaFile
ScaleWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
ExtTextOutA
GetCurrentPositionEx
MoveToEx
CreateFontIndirectA
GetWindowExtEx
GetViewportExtEx
GetTextFaceA
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetCharWidthA
DeleteObject
SelectObject
StretchDIBits
DeleteDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox

user32

UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindow
PtInRect
CopyRect
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
CallWindowProcA
DefWindowProcA
SendMessageA
GetDlgCtrlID
SetWindowPlacement
RegisterClassA
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
LoadIconA
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageA
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
EnableWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
MessageBoxA
ScrollWindow
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageA
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
IsChild
SetFocus
IsWindow
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
LoadAcceleratorsA
TranslateAcceleratorA
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
GetSystemMetrics
LoadMenuA
LoadCursorA
ClientToScreen
SetCapture
WindowFromPoint
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
InflateRect
SetRect
SetTimer
KillTimer
ReleaseDC
GetDC
IsZoomed
IsRectEmpty
DeleteMenu
AppendMenuA
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
DrawTextExA
GrayStringA
UnionRect
GetKeyNameTextA
MapVirtualKeyA
LoadBitmapA
FillRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoA
GetMenuStringA
GetSysColorBrush
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
MoveWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowA
DrawIcon
SetWindowRgn
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
ShowOwnedPopups
InsertMenuA
RegisterClipboardFormatA
SendNotifyMessageA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
wsprintfA
UnregisterClassA
OemToCharA
CharToOemA
CharUpperW
CharUpperA
DestroyMenu
CharLowerA
CharLowerW

shlwapi

UrlUnescapeA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
PathStripToRootA

Sections

.text
Size: 880KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MatroskaSplitter.ax
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MediaInfo.dll
.dll windows:5 windows x86 arch:x86

ef965d0b249e0652567723f69751f7f7

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4b:1e:79:d5:61:b7:fe:41:d9:4e:50:52:0c:cd:fa:77:e9:2f:4f:8e
Signer

Actual PE Digest

4b:1e:79:d5:61:b7:fe:41:d9:4e:50:52:0c:cd:fa:77:e9:2f:4f:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetVersion
GetFileTime
CreateFileW
ReadFile
GetFileSize
CreateThread
ResumeThread
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCPInfo
LCMapStringW
LCMapStringA
GetStringTypeW
HeapAlloc
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
WriteFile
GetModuleHandleA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
GetFullPathNameW
GetFullPathNameA
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
FindFirstFileA
FindClose
FindNextFileA
FindNextFileW

Exports

Exports

MediaInfoA_Close
MediaInfoA_Count_Get
MediaInfoA_Delete
MediaInfoA_Get
MediaInfoA_GetI
MediaInfoA_Inform
MediaInfoA_New
MediaInfoA_New_Quick
MediaInfoA_Open
MediaInfoA_Open_Buffer
MediaInfoA_Open_Buffer_Continue
MediaInfoA_Open_Buffer_Continue_GoTo_Get
MediaInfoA_Open_Buffer_Finalize
MediaInfoA_Open_Buffer_Init
MediaInfoA_Option
MediaInfoA_Save
MediaInfoA_Set
MediaInfoA_SetI
MediaInfoA_State_Get
MediaInfoListA_Close
MediaInfoListA_Count_Get
MediaInfoListA_Count_Get_Files
MediaInfoListA_Delete
MediaInfoListA_Get
MediaInfoListA_GetI
MediaInfoListA_Inform
MediaInfoListA_New
MediaInfoListA_New_Quick
MediaInfoListA_Open
MediaInfoListA_Open_Buffer
MediaInfoListA_Option
MediaInfoListA_Save
MediaInfoListA_Set
MediaInfoListA_SetI
MediaInfoListA_State_Get
MediaInfoList_Close
MediaInfoList_Count_Get
MediaInfoList_Count_Get_Files
MediaInfoList_Delete
MediaInfoList_Get
MediaInfoList_GetI
MediaInfoList_Inform
MediaInfoList_New
MediaInfoList_New_Quick
MediaInfoList_Open
MediaInfoList_Open_Buffer
MediaInfoList_Option
MediaInfoList_Save
MediaInfoList_Set
MediaInfoList_SetI
MediaInfoList_State_Get
MediaInfo_Close
MediaInfo_Count_Get
MediaInfo_Delete
MediaInfo_Get
MediaInfo_GetI
MediaInfo_Info_Version
MediaInfo_Inform
MediaInfo_New
MediaInfo_New_Quick
MediaInfo_Open
MediaInfo_Open_Buffer
MediaInfo_Open_Buffer_Continue
MediaInfo_Open_Buffer_Continue_GoTo_Get
MediaInfo_Open_Buffer_Finalize
MediaInfo_Open_Buffer_Init
MediaInfo_Option
MediaInfo_Save
MediaInfo_Set
MediaInfo_SetI
MediaInfo_State_Get

Sections

.text
Size: 747KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mplayer.dll
.dll windows:4 windows x86 arch:x86

c8fd7e63fa6f103209ce64f8216035e1

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b3:0e:33:5d:8a:0d:29:2a:67:5c:cc:01:c9:d1:28:7c:ed:70:64:10
Signer

Actual PE Digest

b3:0e:33:5d:8a:0d:29:2a:67:5c:cc:01:c9:d1:28:7c:ed:70:64:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\MusicBox_V2\dev\prj\MediaPlayerdll\Release\MediaPlayerDll.pdb

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

mfc71

ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord757
ord3830
ord3605
ord3684
ord3596
ord1614
ord3908
ord5915
ord1620
ord1617
ord3946
ord1402
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord5214
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord5175
ord1964
ord1656
ord1655
ord5200
ord2862
ord2991
ord4486
ord572
ord760
ord1599
ord4761
ord2566
ord1903
ord4125
ord764
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord1201
ord4307
ord1175
ord1177
ord314
ord1209
ord1084
ord1092
ord1167
ord581
ord762
ord2372
ord3683
ord4038
ord4014
ord6278
ord2835
ord2731
ord2537
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801

msvcr71

memmove
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_purecall
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
__security_error_handler
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
memset
_except_handler3
free
malloc

kernel32

GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
GetLastError
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
InterlockedExchange

user32

CopyRect
EnableWindow

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

?CreateMediaAudioPlayer@@YAPAVIMediaAudioPlayer@@XZ
?CreateMediaVideoPlayer@@YAPAVIMediaVideoPlayer@@XZ
?ReleaseMediaAudioPlayer@@YAXPAVIMediaAudioPlayer@@@Z
?ReleaseMediaVideoPlayer@@YAXPAVIMediaVideoPlayer@@@Z

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NowPCfg.ini
Reco.dll
.dll windows:4 windows x86 arch:x86

3e8fc186be4f3ccf60dab8a4d9765b68

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bb:11:15:a0:0f:06:0a:e7:8e:10:0e:e3:c6:91:5c:64:65:2f:67:e0
Signer

Actual PE Digest

bb:11:15:a0:0f:06:0a:e7:8e:10:0e:e3:c6:91:5c:64:65:2f:67:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Xp_Mode_Cvs_KwMusic_WorkSpace\KuMusic2820ScanCtrl\CommonLib\bin_r\RecoSong.pdb

Imports

http

??0YL_CHTTPRequest@@QAE@XZ
?Request@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
?GetContent@YL_CHTTPRequest@@QAEPAEAAJ@Z
?GetRequestTime@YL_CHTTPRequest@@QAEXPAH0@Z
??1YL_CHTTPRequest@@QAE@XZ

dotag

?GetTag@YL_CTagDealer@@SA_NPBDPAUMusicTag@1@@Z

kernel32

WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
GetTempPathA
GetTickCount
CloseHandle
SetPriorityClass
CreateProcessA
GetModuleFileNameA
FindClose
FindFirstFileA

msvcr71

?terminate@@YAXXZ
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
_except_handler3
__security_error_handler
_vscprintf
vsprintf
??2@YAPAXI@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
sprintf
fwrite
strrchr
_snprintf
sscanf
fopen
fread
fclose
fseek
??_U@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
strchr
malloc
free
_stricmp

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

??4YL_CRecoSong@@QAEAAV0@ABV0@@Z
?GetFPTimeAndInfo@YL_CRecoSong@@SAXPAH000PA_N@Z
?RecoSongByFp@YL_CRecoSong@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAURECO_SONG_INFO@@PAI_N@Z
?RecoSongs2@YL_CRecoSong@@SA_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAV?$vector@URECO_SONG_INFO@@V?$allocator@URECO_SONG_INFO@@@std@@@3@PAV?$vector@URECO_RESULT@@V?$allocator@URECO_RESULT@@@std@@@3@@Z
?RecoSongs@YL_CRecoSong@@SA_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAV?$vector@URECO_SONG_INFO@@V?$allocator@URECO_SONG_INFO@@@std@@@3@@Z
?SetInfo@YL_CRecoSong@@SAXPBD000@Z

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Skin/SuperRap/skin.ini
Skin/SuperRap/small.jpg
.jpg
Skin/ĬƤ/LoadingGif.gif
.gif
Skin/ĬƤ/PNG/TopPanelBtnClose.png
.png
Skin/ĬƤ/PNG/TopPanelBtnDownloadNormal-b.png
.png
Skin/ĬƤ/PNG/TopPanelBtnDownloadNormal.png
.png
Skin/ĬƤ/PNG/TopPanelBtnMax.png
.png
Skin/ĬƤ/PNG/TopPanelBtnMin.png
.png
Skin/ĬƤ/PNG/TopPanelBtnMini.png
.png
Skin/ĬƤ/PNG/TopPanelBtnMusicSearchNormal-b.png
.png
Skin/ĬƤ/PNG/TopPanelBtnMusicSearchNormal.png
.png
Skin/ĬƤ/PNG/TopPanelBtnNowPlayNormal-b.png
.png
Skin/ĬƤ/PNG/TopPanelBtnNowPlayNormal.png
.png
Skin/ĬƤ/PNG/TopPanelBtnRestore.png
.png
Skin/ĬƤ/PNG/TopPanelBtnSetting.png
.png
Skin/ĬƤ/PNG/TopPanelBtnSkin.png
.png
Skin/ĬƤ/PNG/TopPanelBtnWangWang.png
.png
Skin/ĬƤ/PNG/TopPanelBtnWebCommendNormal-b.png
.png
Skin/ĬƤ/PNG/TopPanelBtnWebCommendNormal.png
.png
Skin/ĬƤ/PNG/TopPanelLog.png
.png
Skin/ĬƤ/PNG/right.png
.png
Skin/ĬƤ/PNG/yes.png
.png
Skin/ĬƤ/SbujectSkin/1/TopPanelBKLeft.bmp
Skin/ĬƤ/SbujectSkin/1/TopPanelBKMid.bmp
Skin/ĬƤ/SbujectSkin/1/TopPanelBKRight.bmp
Skin/ĬƤ/SbujectSkin/1/conf.ini
Skin/ĬƤ/SbujectSkin/1/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/10/conf.ini
Skin/ĬƤ/SbujectSkin/10/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/11/conf.ini
Skin/ĬƤ/SbujectSkin/11/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/12/conf.ini
Skin/ĬƤ/SbujectSkin/12/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/13/conf.ini
Skin/ĬƤ/SbujectSkin/13/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/14/conf.ini
Skin/ĬƤ/SbujectSkin/14/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/15/conf.ini
Skin/ĬƤ/SbujectSkin/15/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/16/conf.ini
Skin/ĬƤ/SbujectSkin/16/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/17/conf.ini
Skin/ĬƤ/SbujectSkin/17/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/18/conf.ini
Skin/ĬƤ/SbujectSkin/18/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/19/conf.ini
Skin/ĬƤ/SbujectSkin/19/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/2/conf.ini
Skin/ĬƤ/SbujectSkin/2/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/20/conf.ini
Skin/ĬƤ/SbujectSkin/20/small.JPG
.jpg
Skin/ĬƤ/SbujectSkin/21/conf.ini
Skin/ĬƤ/SbujectSkin/21/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/22/conf.ini
Skin/ĬƤ/SbujectSkin/22/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/23/conf.ini
Skin/ĬƤ/SbujectSkin/23/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/24/conf.ini
Skin/ĬƤ/SbujectSkin/24/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/25/conf.ini
Skin/ĬƤ/SbujectSkin/25/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/26/conf.ini
Skin/ĬƤ/SbujectSkin/26/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/27/conf.ini
Skin/ĬƤ/SbujectSkin/27/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/28/conf.ini
Skin/ĬƤ/SbujectSkin/28/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/29/conf.ini
Skin/ĬƤ/SbujectSkin/29/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/3/conf.ini
Skin/ĬƤ/SbujectSkin/3/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/30/conf.ini
Skin/ĬƤ/SbujectSkin/30/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/31/conf.ini
Skin/ĬƤ/SbujectSkin/31/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/33/TopPanelBKLeft.bmp
Skin/ĬƤ/SbujectSkin/33/TopPanelBKMid.bmp
Skin/ĬƤ/SbujectSkin/33/TopPanelBKRight.bmp
Skin/ĬƤ/SbujectSkin/33/conf.ini
Skin/ĬƤ/SbujectSkin/33/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/33/topright.png
.png
Skin/ĬƤ/SbujectSkin/34/conf.ini
Skin/ĬƤ/SbujectSkin/34/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/35/conf.ini
Skin/ĬƤ/SbujectSkin/35/small.bmp
Skin/ĬƤ/SbujectSkin/4/conf.ini
Skin/ĬƤ/SbujectSkin/4/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/5/conf.ini
Skin/ĬƤ/SbujectSkin/5/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/6/conf.ini
Skin/ĬƤ/SbujectSkin/6/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/7/conf.ini
Skin/ĬƤ/SbujectSkin/7/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/8/conf.ini
Skin/ĬƤ/SbujectSkin/8/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/9/conf.ini
Skin/ĬƤ/SbujectSkin/9/small.jpg
.jpg
Skin/ĬƤ/SbujectSkin/ʥ/conf.ini
Skin/ĬƤ/SbujectSkin/ʥ/small.bmp
Skin/ĬƤ/SbujectSkin/Զ/conf.ini
Skin/ĬƤ/SbujectSkin/Զ/small.bmp
Skin/ĬƤ/SbujectSkin/ɰ/conf.ini
Skin/ĬƤ/SbujectSkin/ɰ/small.bmp
Skin/ĬƤ/VoteWait.gif
.gif
Skin/ĬƤ/defaultRichInfoPic.JPG
.jpg
Skin/ĬƤ/down-icon.gif
.gif
Skin/ĬƤ/downnotice.gif
.gif
Skin/ĬƤ/localnotice.gif
.gif
Skin/ĬƤ/panel.xml
.xml
Skin/ĬƤ/skin.ini
Skin/ĬƤ/skin.jpg
.jpg
Skin/ĬƤ/skinpack.pkg
Skin/ĬƤ/small.jpg
.jpg
Skin/ĬƤ/vis.cfg
Skin/ֲƤ/skin.ini
Skin/ֲƤ/small.jpg
.jpg
Skin//skin.ini
Skin//small.jpg
.jpg
Skin/_Ƥ/LoadingGif.gif
.gif
Skin/_Ƥ/down-icon.gif
.gif
Skin/_Ƥ/downnotice.gif
.gif
Skin/_Ƥ/panel.xml
.xml
Skin/_Ƥ/skinpack.pkg
UserMInfo.tem
appendDL.ini
config.ini
dotag.dll
.dll windows:4 windows x86 arch:x86

f9f8da243322a1364c8fe2e0e8e60d40

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

db:64:6c:2d:cb:29:ff:7b:0d:1c:3a:c8:f6:bb:2f:6e:4b:82:99:e4
Signer

Actual PE Digest

db:64:6c:2d:cb:29:ff:7b:0d:1c:3a:c8:f6:bb:2f:6e:4b:82:99:e4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\dotag.pdb

Imports

kernel32

IsDBCSLeadByte
GetLastError
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
CloseHandle
WriteFile
SetFilePointer
CreateFileA
MoveFileA
DeleteFileA
GetTempFileNameA
ReadFile
GetFileSize
MultiByteToWideChar
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetFileTime
SetFileAttributesA
FindClose
FindFirstFileA
SetFileTime
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
HeapDestroy

user32

CharNextA

shell32

SHChangeNotify

msvcp71

?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Nomemory@std@@YAXXZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr71

fread
fclose
fseek
fopen
fwrite
memset
_mbscmp
_vscprintf
vsprintf
memcpy
memmove
_CxxThrowException
??3@YAXPAX@Z
__CxxFrameHandler
free
malloc
memcmp
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_mbschr
??0exception@@QAE@ABV0@@Z
_except_handler3
_callnewh
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
strcpy
strncpy
strcmp
atoi
strlen
strncmp
_stricmp

winmm

mmioSeek
mmioRead
mmioOpenA
mmioClose
mmioDescend

Exports

Exports

??4YL_CTagDealer@@QAEAAV0@ABV0@@Z
?GetTag@YL_CTagDealer@@SA_NPBDPAUMusicTag@1@@Z
?SaveTag@YL_CTagDealer@@SA_NPBDPBUMusicTag@1@@Z

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dump.ax
.dll regsvr32 windows:4 windows x86 arch:x86

43b351b97c09bced69fabc521570c7d9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

69:a0:8b:32:b6:2a:2f:7d:ba:dd:fb:5e:a4:6b:85:61:7d:7d:2d:90
Signer

Actual PE Digest

69:a0:8b:32:b6:2a:2f:7d:ba:dd:fb:5e:a4:6b:85:61:7d:7d:2d:90

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeGetTime

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
__CxxFrameHandler
_iob
fprintf
exit
wcslen
_purecall
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_ftol
malloc
free

kernel32

GetTickCount
GetCurrentThread
GetThreadPriority
SetThreadPriority
lstrcmpiW
GetModuleHandleW
CreateThread
InterlockedExchange
DisableThreadLibraryCalls
GetVersionExW
GetModuleFileNameA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
lstrcpyW
lstrlenW
DeleteCriticalSection
GetLastError
CreateFileW
CloseHandle
WriteFile
lstrcmpW
lstrcpynW
InterlockedIncrement
InterlockedDecrement
CreateEventW
ResetEvent
DuplicateHandle
GetCurrentProcess
GetCurrentThreadId
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
lstrlenA
FreeLibrary
LoadLibraryW
GetProcAddress
MultiByteToWideChar
VirtualFree

user32

DispatchMessageW
GetQueueStatus
RegisterWindowMessageW
PostThreadMessageW
wvsprintfW
MsgWaitForMultipleObjects
PeekMessageW
wsprintfW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegDeleteKeyW

ole32

CoInitialize
StringFromGUID2
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoFreeUnusedLibraries

oleaut32

SysFreeString
SysAllocString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
exreco_dll.dll
.dll windows:4 windows x86 arch:x86

e7f0590d3ed4c680e7f66b95abb85d04

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8b:a6:12:96:b9:11:c8:90:33:22:58:53:4a:72:a5:ad:e4:9e:97:9f
Signer

Actual PE Digest

8b:a6:12:96:b9:11:c8:90:33:22:58:53:4a:72:a5:ad:e4:9e:97:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\recoengine\ReconEngine\ex_dll\Release\ex_dll.pdb

Imports

msvcr71

free
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit

Exports

Exports

?RecordExceptionInfo_RecoEngine@@YGJPAU_EXCEPTION_POINTERS@@@Z

Sections

.text
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
face/KuwoPngSkinMaker.ico
face/KwDownloadLnk.ico
face/KwGame.ico
face/ac3.ico
face/ape.ico
face/back.bmp
face/cda.ico
face/cue.ico
face/default.jpg
.jpg
face/defaultbak/bk2_r1_c1.jpg
.jpg
face/defaultbak/bk4_r1_c1.jpg
.jpg
face/defaultbak/bkground1.jpg
.jpg
face/flac.ico
face/font.bmp
face/hand-close.cur
face/hand-open.cur
face/kwc.img
face/kwpcmd.img
face/kwplog.img
face/left.bmp
face/m4a.ico
face/mid.ico
face/mp3.ico
face/ogg.ico
face/pub.img
face/rigt.bmp
face/tta.ico
face/wav.ico
face/wma.ico
font-bk/FengChe.jpg
.jpg
font-bk/PuGongYing.jpg
.jpg
font-bk/QingTing.jpg
.jpg
font-bk/XuYuan.jpg
.jpg
font-bk/dew.bmp
font-bk/flower.bmp
font-bk/flower2.bmp
font-bk/paw.bmp
font-bk/sand.bmp
font-bk/wheat.bmp
font-bk/.bmp
fzip.dll
.dll windows:4 windows x86 arch:x86

4451c2420522df3bf2a2b730398cb7f4

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b5:70:b6:0d:b8:04:ef:5b:50:35:fd:82:2a:fd:06:89:93:d6:07:79
Signer

Actual PE Digest

b5:70:b6:0d:b8:04:ef:5b:50:35:fd:82:2a:fd:06:89:93:d6:07:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\FileZip.pdb

Imports

kernel32

DeleteFileA
CopyFileA
GetFileAttributesA
GetTempPathA
SetFilePointer
CreateFileA
CloseHandle
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryA
GetCurrentDirectoryA
SetFileTime
WriteFile
RemoveDirectoryA
FindNextFileA
FindClose
FindFirstFileA
GetLastError
SetFileAttributesA
FileTimeToSystemTime
GetFileSize
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
GetLocalTime
UnmapViewOfFile
GetTickCount
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

user32

wsprintfA
GetDesktopWindow

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Nomemory@std@@YAXXZ

msvcr71

??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_mbsstr
calloc
free
malloc
strstr
tolower
_mbsicmp
rand
srand
_callnewh
??1type_info@@UAE@XZ
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
__dllonexit
_onexit

Exports

Exports

??4YL_CFileZip@@QAEAAV0@ABV0@@Z
?Compress@YL_CFileZip@@SA_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?UnCompress@YL_CFileZip@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@_N@Z
?UnCompress@YL_CFileZip@@SA_NPAXIABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@_N@Z

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
hanzi_pinyin.dict
html/404.gif
.gif
html/nomv.htm
.html
html/weberror.htm
.html .js polyglot
http.dll
.dll windows:4 windows x86 arch:x86

b52750666170f2869a567dba4872ceb6

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:0f:c6:d4:de:32:00:17:13:3f:ee:90:9f:45:f7:32:62:d0:99:e8
Signer

Actual PE Digest

5a:0f:c6:d4:de:32:00:17:13:3f:ee:90:9f:45:f7:32:62:d0:99:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\HTTPRequest.pdb

Imports

kernel32

GetTickCount
TerminateThread
WaitForSingleObject
GetExitCodeThread
lstrcpynA
CloseHandle
CreateThread
WaitForMultipleObjects
CreateFileA
WriteFile
SetFilePointer
ResetEvent
SetEvent
FindClose
DeleteFileA
FindFirstFileA
GetLastError
SetFileAttributesA
CreateDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls

msvcp71

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

WSACloseEvent
shutdown
closesocket
WSASend
WSAWaitForMultipleEvents
WSAGetOverlappedResult
WSAResetEvent
connect
WSARecv
bind
listen
inet_addr
gethostbyname
WSASocketA
setsockopt
WSAGetLastError
ioctlsocket
htons
htonl
WSACreateEvent
select
WSACleanup
WSAStartup

wininet

InternetQueryOptionA

msvcr71

strncmp
_onexit
__dllonexit
__CppXcptFilter
_adjust_fdiv
_initterm
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
__security_error_handler
_callnewh
_stat64
strstr
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
malloc
free
realloc
atoi
strncpy
strchr
_CxxThrowException
_snprintf
??_V@YAXPAX@Z
atol
??0exception@@QAE@ABV0@@Z
memmove
sprintf

Exports

Exports

??0YL_CHTTPDownFile@@QAE@ABV0@@Z
??0YL_CHTTPDownFile@@QAE@XZ
??0YL_CHTTPRequest@@QAE@XZ
??1YL_CHTTPDownFile@@QAE@XZ
??1YL_CHTTPRequest@@QAE@XZ
??4YL_CHTTPDownFile@@QAEAAV0@ABV0@@Z
??4YL_CHTTPRequest@@QAEAAV0@ABV0@@Z
?CreateDir@YL_CHTTPDownFile@@AAEXXZ
?Disconnect@YL_CHTTPDownFile@@QAE_NXZ
?Disconnect@YL_CHTTPRequest@@QAE_NXZ
?DownloadFile@YL_CHTTPDownFile@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0PAI@Z
?GetContent@YL_CHTTPRequest@@QAEPAEAAJ@Z
?GetCurrentDownloadStatus@YL_CHTTPDownFile@@QAENXZ
?GetHeader@YL_CHTTPDownFile@@QAEPAEAAJ@Z
?GetHeader@YL_CHTTPRequest@@QAEPAEAAJ@Z
?GetHeaderItem@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetHeaderItem@YL_CHTTPRequest@@QAE_NPBDQADI@Z
?GetNetFileSize@YL_CHTTPDownFile@@AAE_NXZ
?GetRequestIP@YL_CHTTPRequest@@QAEXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetRequestTime@YL_CHTTPRequest@@QAEXPAH0@Z
?GetReturnCode@YL_CHTTPDownFile@@QAE_NAAJ@Z
?GetReturnCode@YL_CHTTPRequest@@QAE_NAAJ@Z
?Request@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
?SelectFastServer@YL_CHTTPRequest@@QAE_NABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@@Z
?SendRequest@YL_CHTTPRequest@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4REQUEST_TYPE@1@JPAEI@Z
?SetProxy@YL_CHTTPDownFile@@QAE_NW4PROXY_TYPE@1@PBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11H@Z
?SetProxy@YL_CHTTPRequest@@QAE_NW4PROXY_TYPE@1@PBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11H@Z

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
instpage.gif
.gif
kuwo-bk/black-grey.jpg
.jpg
kuwo-bk/blue-crystal.jpg
.jpg
kuwo-bk/blue-red.jpg
.jpg
kuwo-bk/green-crystal.jpg
.jpg
kuwo-bk/green-yellow.jpg
.jpg
kuwo-bk/green.jpg
.jpg
kuwo-bk/orange-crystal.jpg
.jpg
kuwo-bk/pink-crystal.jpg
.jpg
kuwo-bk/red-yellow.jpg
.jpg
kuwo-bk/red-yellow2.jpg
.jpg
l3codecx.ax
.dll regsvr32 windows:4 windows x86 arch:x86

d7e8a0cc68dc418d56e7942bed824e2d

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b7:77:07:6e:36:4e:a7:b3:be:18:66:5c:86:20:11:50:2b:2e:42:74
Signer

Actual PE Digest

b7:77:07:6e:36:4e:a7:b3:be:18:66:5c:86:20:11:50:2b:2e:42:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_CIpow
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall

kernel32

InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
GetVersionExA
FreeLibrary
InterlockedDecrement
GetLastError
MulDiv
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
MultiByteToWideChar
lstrlenA
GetModuleFileNameA

advapi32

RegEnumKeyExA
RegSetValueA
RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyA
RegOpenKeyExA

user32

SetDlgItemTextA
wsprintfA
GetSysColor
KillTimer
SetTimer
SetDlgItemInt
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
DestroyWindow
DefWindowProcA
CheckRadioButton
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
GetDlgItem
ShowWindow
EnableWindow

gdi32

DeleteObject
SetTextColor
CreateSolidBrush
SetBkColor

ole32

CoCreateInstance
CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
StringFromGUID2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lidx.dll
.dll windows:4 windows x86 arch:x86

8c845feab240c8462a132f7f50b13ee9

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

10:3d:a1:07:2b:c2:9f:fd:76:e1:4a:0e:77:a4:91:a6:e5:ec:74:d2
Signer

Actual PE Digest

10:3d:a1:07:2b:c2:9f:fd:76:e1:4a:0e:77:a4:91:a6:e5:ec:74:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\project\Cvs\MediaDeliver\src\localIndex\Release\localIndex.pdb

Imports

ws2_32

WSAStartup
inet_addr
gethostbyname
htons
socket
setsockopt
connect
ntohs
inet_ntoa
send
closesocket

kernel32

WideCharToMultiByte
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetFileSize
SetFilePointer
ReadFile
GetLocalTime
LeaveCriticalSection
InterlockedDecrement
CloseHandle
EnterCriticalSection
ReadDirectoryChangesW
GetQueuedCompletionStatus
InitializeCriticalSection
CreateIoCompletionPort
TerminateThread
Sleep
CancelIo
PostQueuedCompletionStatus
InterlockedIncrement
CreateFileA
DeleteCriticalSection

msvcp71

?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msvcr71

__CppXcptFilter
?terminate@@YAXXZ
_stricmp
_adjust_fdiv
_stat
??_V@YAXPAX@Z
??3@YAXPAX@Z
__CxxFrameHandler
_beginthreadex
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@XZ
sprintf
_snprintf
fflush
fwrite
strncmp
fclose
fopen
_unlink
ftell
fseek
fread
_mkdir
malloc
_callnewh
__security_error_handler
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_initterm

Exports

Exports

AddItemToIndex
AddShareDirs
CloseLocalIndexer
QueryItem
RemoveIndexItem
RemoveShareDirs
SetShareDir
SetUID
StartLocalIndexer
UploadAllRes

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
loading/ad/ad.ini
loading/ad/default_xjytualasfd001212123441lsfaoe.gif
.gif
loading/ad/default_xjytualasfd001212123441lsfaoe.htm
.html
loading/ad/index0_loading.htm
.html .js polyglot
lrcCfg.ini
msvcp71.dll
.dll windows:4 windows x86 arch:x86

5e2398adb60a70c7ab04e7cba75a7983

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1f:11:2f:40:98:0d:40:83:d8:e1:24:44:70:cb:24:fa:a6:7e:f3:49
Signer

Actual PE Digest

1f:11:2f:40:98:0d:40:83:d8:e1:24:44:70:cb:24:fa:a6:7e:f3:49

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp71.pdb

Imports

msvcr71

setvbuf
fflush
ungetc
fgetc
fwrite
fputc
_Getdays
_Getmonths
fgetpos
fseek
fsetpos
fclose
__iob_func
fopen
atan2
cos
exp
ldexp
log
pow
sin
sqrt
tan
fgetwc
fputwc
ungetwc
strtol
_errno
_Strftime
strcspn
strtoul
_strtoi64
_strtoui64
sprintf
abort
realloc
setlocale
_CxxThrowException
??0exception@@QAE@XZ
malloc
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
__uncaught_exception
towlower
towupper
strcmp
__pctype_func
___lc_codepage_func
___lc_handle_func
_unlock
_lock
___setlc_active_func
___unguarded_readlc_active_add_func
_except_handler3
_local_unwind2
__crtCompareStringA
___lc_collate_cp_func
__crtLCMapStringA
isupper
islower
__crtGetStringTypeW
__crtLCMapStringW
_callnewh
__crtCompareStringW
strtod
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__security_error_handler
__dllonexit
_onexit
_initterm
_adjust_fdiv
__CppXcptFilter
??0bad_cast@@QAE@PBD@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@ABV0@@Z
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
___mb_cur_max_func
??_V@YAXPAX@Z
??3@YAXPAX@Z
_Gettnames
localeconv
free
memset
memchr
strlen
memcmp
wcslen
memmove
??1exception@@UAE@XZ
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLocaleInfoA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
DisableThreadLibraryCalls

Exports

Exports

??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAE@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAC@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAD@Z
??$?5DU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@PAE@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAG@Z
??$?5GU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@PAG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?5MDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5MGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@M@0@@Z
??$?5NDU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5NGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@N@0@@Z
??$?5ODU?$char_traits@D@std@@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5OGU?$char_traits@G@std@@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$complex@O@0@@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AA_W@Z
??$?5_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@PA_W@Z
??$?5_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@G@Z
??$?6GU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@PBG@Z
??$?6GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?6MDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6MGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6M_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@M@0@@Z
??$?6NDU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6NGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6N_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@N@0@@Z
??$?6ODU?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6OGU?$char_traits@G@std@@@std@@YAAAV?$basic_ostream@GU?$char_traits@G@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6O_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$complex@O@0@@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@C@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@E@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBC@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBE@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@PB_W@Z
??$?6_WU?$char_traits@_W@std@@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@_W@Z
??$?6_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@0@AAV10@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?8M@std@@YA_NABMABV?$complex@M@0@@Z
??$?8M@std@@YA_NABV?$complex@M@0@0@Z
??$?8M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?8N@std@@YA_NABNABV?$complex@N@0@@Z
??$?8N@std@@YA_NABV?$complex@N@0@0@Z
??$?8N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?8O@std@@YA_NABOABV?$complex@O@0@@Z
??$?8O@std@@YA_NABV?$complex@O@0@0@Z
??$?8O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?9M@std@@YA_NABMABV?$complex@M@0@@Z
??$?9M@std@@YA_NABV?$complex@M@0@0@Z
??$?9M@std@@YA_NABV?$complex@M@0@ABM@Z
??$?9N@std@@YA_NABNABV?$complex@N@0@@Z
??$?9N@std@@YA_NABV?$complex@N@0@0@Z
??$?9N@std@@YA_NABV?$complex@N@0@ABN@Z
??$?9O@std@@YA_NABOABV?$complex@O@0@@Z
??$?9O@std@@YA_NABV?$complex@O@0@0@Z
??$?9O@std@@YA_NABV?$complex@O@0@ABO@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?DM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?DN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?DN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?DO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?DO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?GM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?GM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?GN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?GN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?GO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?GO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@D@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@DABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@0@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@G@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@ABV10@PBG@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@GABV10@@Z
??$?HGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBGABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@@Z
??$?HM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?HN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@@Z
??$?HN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?HO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@@Z
??$?HO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_WABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$?KM@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$?KN@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$?KN@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$?KO@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$?KO@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?MGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?NDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?NGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?N_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?ODU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?OGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?O_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?PDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@0@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
??$?PGU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NPBGABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??$?P_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NPB_WABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$_Fabs@M@std@@YAMABV?$complex@M@0@PAH@Z
??$_Fabs@N@std@@YANABV?$complex@N@0@PAH@Z
??$_Fabs@O@std@@YAOABV?$complex@O@0@PAH@Z
??$abs@M@std@@YAMABV?$complex@M@0@@Z
??$abs@N@std@@YANABV?$complex@N@0@@Z
??$abs@O@std@@YAOABV?$complex@O@0@@Z
??$arg@M@std@@YAMABV?$complex@M@0@@Z
??$arg@N@std@@YANABV?$complex@N@0@@Z
??$arg@O@std@@YAOABV?$complex@O@0@@Z
??$conj@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$conj@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$conj@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cos@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cos@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cos@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$cosh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$cosh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$cosh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$exp@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$exp@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$exp@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@D@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
??$getline@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@G@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@@Z
??$getline@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@YAAAV?$basic_istream@_WU?$char_traits@_W@std@@@0@AAV10@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@_W@Z
??$imag@M@std@@YAMABV?$complex@M@0@@Z
??$imag@N@std@@YANABV?$complex@N@0@@Z
??$imag@O@std@@YAOABV?$complex@O@0@@Z
??$log10@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log10@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log10@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$log@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$log@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$log@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$norm@M@std@@YAMABV?$complex@M@0@@Z
??$norm@N@std@@YANABV?$complex@N@0@@Z
??$norm@O@std@@YAOABV?$complex@O@0@@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM0@Z
??$polar@M@std@@YA?AV?$complex@M@0@ABM@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN0@Z
??$polar@N@std@@YA?AV?$complex@N@0@ABN@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO0@Z
??$polar@O@std@@YA?AV?$complex@O@0@ABO@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABMABV10@@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@0@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@ABM@Z
??$pow@M@std@@YA?AV?$complex@M@0@ABV10@H@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABNABV10@@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@0@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@ABN@Z
??$pow@N@std@@YA?AV?$complex@N@0@ABV10@H@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABOABV10@@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@0@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@ABO@Z
??$pow@O@std@@YA?AV?$complex@O@0@ABV10@H@Z
??$real@M@std@@YAMABV?$complex@M@0@@Z
??$real@N@std@@YANABV?$complex@N@0@@Z
??$real@O@std@@YAOABV?$complex@O@0@@Z
??$sin@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sin@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sin@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sinh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sinh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sinh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$sqrt@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$sqrt@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$sqrt@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tan@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tan@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tan@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??$tanh@M@std@@YA?AV?$complex@M@0@ABV10@@Z
??$tanh@N@std@@YA?AV?$complex@N@0@ABV10@@Z
??$tanh@O@std@@YA?AV?$complex@O@0@ABV10@@Z
??0?$_Complex_base@MU_C_float_complex@@@std@@QAE@ABM0@Z
??0?$_Complex_base@NU_C_double_complex@@@std@@QAE@ABN0@Z
??0?$_Complex_base@OU_C_ldouble_complex@@@std@@QAE@ABO0@Z
??0?$_Mpunct@D@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@D@std@@QAE@I_N@Z
??0?$_Mpunct@G@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@G@std@@QAE@I_N@Z
??0?$_Mpunct@_W@std@@QAE@ABV_Locinfo@1@I_N@Z
??0?$_Mpunct@_W@std@@QAE@I_N@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
??0?$_String_val@DV?$allocator@D@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@IAE@V?$allocator@G@1@@Z
??0?$_String_val@GV?$allocator@G@std@@@std@@QAE@ABV01@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
??0?$_String_val@_WV?$allocator@_W@std@@@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@ABV01@@Z
??0?$allocator@X@std@@QAE@XZ
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_filebuf@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_fstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ifstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_istringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_istringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@GU?$char_traits@G@std@@@std@@QAE@XZ
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@PBDHH@Z
??0?$basic_ofstream@_WU?$char_traits@_W@std@@@std@@QAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_ostringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@IIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@IDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDIABV?$allocator@D@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@IIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBGIABV?$allocator@G@1@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@IIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WIABV?$allocator@_W@1@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@Vconst_iterator@01@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringbuf@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringbuf@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@1@H@Z
??0?$basic_stringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@1@H@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$collate@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@D@std@@QAE@I@Z
??0?$collate@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@G@std@@QAE@I@Z
??0?$collate@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$collate@_W@std@@QAE@I@Z
??0?$complex@M@std@@QAE@ABM0@Z
??0?$complex@M@std@@QAE@ABU_C_float_complex@@@Z
??0?$complex@M@std@@QAE@ABV?$complex@N@1@@Z
??0?$complex@M@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@N@std@@QAE@ABN0@Z
??0?$complex@N@std@@QAE@ABU_C_double_complex@@@Z
??0?$complex@N@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@N@std@@QAE@ABV?$complex@O@1@@Z
??0?$complex@O@std@@QAE@ABO0@Z
??0?$complex@O@std@@QAE@ABU_C_ldouble_complex@@@Z
??0?$complex@O@std@@QAE@ABV?$complex@M@1@@Z
??0?$complex@O@std@@QAE@ABV?$complex@N@1@@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$messages@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@D@std@@QAE@I@Z
??0?$messages@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@G@std@@QAE@I@Z
??0?$messages@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$messages@_W@std@@QAE@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$money_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$moneypunct@D$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$00@std@@QAE@I@Z
??0?$moneypunct@D$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@D$0A@@std@@QAE@I@Z
??0?$moneypunct@G$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$00@std@@QAE@I@Z
??0?$moneypunct@G$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@G$0A@@std@@QAE@I@Z
??0?$moneypunct@_W$00@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$00@std@@QAE@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$moneypunct@_W$0A@@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$numpunct@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@D@std@@QAE@I@Z
??0?$numpunct@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@G@std@@QAE@I@Z
??0?$numpunct@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$numpunct@_W@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Mutex@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0ios_base@std@@QAE@ABV01@@Z
??0locale@std@@AAE@PAV_Locimp@01@@Z
??0locale@std@@QAE@ABV01@0H@Z
??0locale@std@@QAE@ABV01@@Z
??0locale@std@@QAE@ABV01@PBDH@Z
??0locale@std@@QAE@PBDH@Z

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr71.dll
.dll windows:4 windows x86 arch:x86

7acc8c379c768a1ecd81ec502ff5f33e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:bb:cc:f6:32:62:76:b4:13:a1:ec:ed:1b:f7:84:2a:6d:1d:da:07
Signer

Actual PE Digest

33:bb:cc:f6:32:62:76:b4:13:a1:ec:ed:1b:f7:84:2a:6d:1d:da:07

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr71.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCurrentThreadId
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
HeapFree
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
InitializeCriticalSection
RtlUnwind
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
HeapSize
VirtualProtect
GetSystemInfo
FlushFileBuffers
SetFilePointer
SetStdHandle
CompareStringA
CompareStringW
Sleep
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadCodePtr
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
IsDBCSLeadByteEx
GetConsoleCP
ReadConsoleW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_cast@@QAE@PBD@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QAEXXZ
??_Fbad_typeid@@QAEXXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPAGIPBGPAD@Z
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CppXcptFilter
__CxxCallUnwindDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__buffer_overrun
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__security_error_handler
__set_app_type
__set_buffer_overrun_handler
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_realloc
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_cgetws
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_cputws
_creat
_cscanf
_ctime64
_cwait
_cwprintf
_cwscanf
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime64
_ftol
_fullpath
_futime
_futime64
_gcvt
_get_heap_handle
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_global_unwind2
_gmtime64
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_localtime64
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_mktime64
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osplatform
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putwch
_putws
_pwctype
_read
_resetstkoflw
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_scprintf
_scwprintf
_searchenv
_seh_longjmp_unwind
_set_SSE2_enable
_set_error_mode
_set_purecall_handler
_set_sbh_threshold
_set_security_error_handler
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snscanf
_snwprintf
_snwscanf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp

Sections

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pd.dll
.dll windows:4 windows x86 arch:x86

9edee3d94c6960b410f3c6af06e34dca

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e6:e2:d8:b2:0c:8a:83:fd:2d:be:30:31:db:20:21:01:30:d5:e4:0b
Signer

Actual PE Digest

e6:e2:d8:b2:0c:8a:83:fd:2d:be:30:31:db:20:21:01:30:d5:e4:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\pd.pdb

Imports

ws2_32

accept
WSACloseEvent
shutdown
closesocket
WSASend
WSARecv
WSAWaitForMultipleEvents
WSAGetOverlappedResult
WSAResetEvent
connect
getsockname
select
bind
listen
WSASocketA
setsockopt
WSAGetLastError
ioctlsocket
htons
inet_addr
gethostbyname
htonl
WSAStartup
WSACreateEvent

kwlogsvr

?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kernel32

Process32Next
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetCurrentThreadId
ResetEvent
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
CreateEventA
GetModuleHandleA
SetEvent
Sleep
CreateNamedPipeA
ReadFile
GetOverlappedResult
GetTickCount
CreateWaitableTimerA
SetWaitableTimer
WaitForMultipleObjects
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
TerminateProcess
OpenProcess
CloseHandle
Process32First
CreateToolhelp32Snapshot
GetLastError
CreateProcessA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetProcessWorkingSetSize
GetCurrentProcess

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
DestroyWindow
FindWindowA
SendMessageTimeoutA
PostMessageA

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?_Nomemory@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z

msvcr71

??1exception@@UAE@XZ
??0exception@@QAE@XZ
??3@YAXPAX@Z
_purecall
strncpy
strstr
strtoul
sprintf
time
strrchr
atoi
_snprintf
_beginthreadex
atof
??_V@YAXPAX@Z
free
memmove
malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
__security_error_handler
_except_handler3
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_CxxThrowException

Exports

Exports

AttachP2PListener
CloseKWMV
DelRes
DetachP2PListener
GetResInfo
SetSysMsgWnd
StartDown
StartKWMV
StopAll
StopDown

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
player.dll
.dll windows:4 windows x86 arch:x86

8cfd50fcffbdf8858ad68d5a023ab813

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a4:97:2d:28:79:2c:08:19:ed:ca:ab:27:af:b2:80:64:0a:10:3d:ee
Signer

Actual PE Digest

a4:97:2d:28:79:2c:08:19:ed:ca:ab:27:af:b2:80:64:0a:10:3d:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\MusicBox_V2\dev\prj\Player\Release\Player.pdb

Imports

kwlogsvr

?LogRealMsg@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0_NPAPAEPAI@Z
?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

winmm

timeEndPeriod
timeKillEvent
timeSetEvent
timeGetDevCaps
timeBeginPeriod

mplayer

?CreateMediaVideoPlayer@@YAPAVIMediaVideoPlayer@@XZ
?ReleaseMediaVideoPlayer@@YAXPAVIMediaVideoPlayer@@@Z

mfc71

ord910
ord581
ord1167
ord1092
ord1084
ord1209
ord314
ord1177
ord1175
ord1201
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord764
ord578
ord1486
ord5563
ord304
ord762
ord266
ord265
ord1482
ord765

msvcr71

_stricmp
_mbsnbcpy
_mbsstr
_mbslwr
_except_handler3
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
_purecall
__RTDynamicCast
free
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memmove
atoi
iswspace
sprintf
strstr
malloc
_snprintf
_mbsrchr
toupper
memset
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
__CppXcptFilter
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_onexit

kernel32

GetLocaleInfoA
GetACP
FindNextFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
LocalAlloc
LocalFree
lstrcpyA
lstrcatA
CreateProcessA
GetWindowsDirectoryA
FindFirstFileA
GetThreadLocale
FindClose
CreateFileA
GetModuleFileNameA
GetTickCount
TerminateThread
Sleep
MultiByteToWideChar
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentThreadId
CreateThread
CloseHandle
CreateEventA
ResetEvent
EnterCriticalSection
LeaveCriticalSection
SetEvent
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
InterlockedExchange

user32

CopyRect
GetClientRect
RegisterClassA
CreateWindowExA
GetMessageA
DispatchMessageA
TranslateMessage
PostMessageA
DefWindowProcA
SetTimer
KillTimer
DestroyWindow
SetParent
PostQuitMessage

gdi32

GetStockObject

shlwapi

PathFileExistsA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
VariantInit

msvcp71

?uncaught_exception@std@@YA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Unlock@_Mutex@std@@QAEXXZ
?_Lock@_Mutex@std@@QAEXXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

Exports

Exports

?CreateAudioPlayer@@YAPAVIAudioPlayer@@XZ
?CreateVideoPlayer@@YAPAVIVideoPlayer@@XZ
?GetMeidaPluginManagerFactory@@YAPAVIMeidaPluginManagerFactory@@XZ
?ReleaseAudioPlayer@@YAXPAVIAudioPlayer@@@Z
?ReleaseVideoPlayer@@YAXPAVIVideoPlayer@@@Z

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/EQ_KWEQ.dll
.dll windows:4 windows x86 arch:x86

5e99ac0b5f6a9ca09cf315796f21211b

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:12:60:86:53:4d:40:c9:eb:03:20:bf:05:82:f2:c5:76:74:8b:41
Signer

Actual PE Digest

6a:12:60:86:53:4d:40:c9:eb:03:20:bf:05:82:f2:c5:76:74:8b:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71

ord2835
ord4307
ord2714
ord2838
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4481
ord4261
ord3333
ord566
ord757
ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord1201
ord1175
ord1177
ord314
ord1209
ord1084
ord1092
ord1167
ord581
ord764
ord762
ord3683
ord4038
ord4014
ord6278
ord3801
ord2731
ord2537
ord3830
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276

msvcr71

_CIpow
_except_handler3
__dllonexit
free
malloc
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
__CppXcptFilter
__security_error_handler
??1type_info@@UAE@XZ
memset
realloc
__CxxFrameHandler
calloc
rand
abort

kernel32

LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
GetVersionExA

msvcp71

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

winampEQGetHeader2

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/in_mpg123.dll
.dll windows:4 windows x86 arch:x86

497d5e185b8a5c4c7a71b88974583455

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e1:2c:13:50:43:b9:0b:c1:3a:74:98:59:67:30:41:28:8f:a2:74:e0
Signer

Actual PE Digest

e1:2c:13:50:43:b9:0b:c1:3a:74:98:59:67:30:41:28:8f:a2:74:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\cvswork\MusicBox_AE3\MusicBox_V2\dev\bin_r\plugin\in_mpg123.pdb

Imports

winmm

mmioOpenA
mmioClose
mmioDescend
mmioSeek
timeGetTime

kernel32

ConvertDefaultLocale
GetCurrentThread
GetCurrentProcessId
SuspendThread
GetModuleFileNameW
InterlockedDecrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
InterlockedIncrement
FindResourceExA
GlobalFlags
GetCPInfo
GetOEMCP
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
HeapReAlloc
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
EnumResourceLanguagesA
RtlUnwind
SetStdHandle
GetFileType
ExitProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetACP
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetLocaleInfoA
lstrcmpA
GetFileTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
FreeResource
GetModuleHandleA
VirtualProtect
GlobalFree
FormatMessageA
LocalFree
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
DeleteCriticalSection
LockResource
LoadLibraryA
ResetEvent
EnterCriticalSection
GetProcAddress
GlobalUnlock
GetSystemDirectoryA
GetFileAttributesA
LeaveCriticalSection
SizeofResource
Sleep
GlobalAlloc
InitializeCriticalSection
WriteFile
GlobalLock
LoadResource
FreeLibrary
FindResourceA
ResumeThread
WaitForMultipleObjects
SetThreadPriority
CreateEventA
TerminateThread
SetEvent
WaitForSingleObject
MulDiv
GetVersion
CloseHandle
CompareStringA
SetLastError
GetLastError
InterlockedExchange
MultiByteToWideChar
CompareStringW
ReadFile
WideCharToMultiByte
lstrlenA
SetFilePointer
GetFileSize
CreateFileA
RaiseException

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
DestroyMenu
SetCursor
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetClientRect
GetMenu
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDesktopWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextLengthA
GetWindowTextA
GetWindow
GetCapture
GetActiveWindow
SetActiveWindow
MapDialogRect
SetWindowPos
ShowWindow
GetAsyncKeyState
GetFocus
SetFocus
GetWindowRect
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuState
GetMenuItemID
GetMenuItemCount
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetClassInfoExA
GetSubMenu
GetMessageA
CloseClipboard
RegisterClassExA
PostQuitMessage
TranslateMessage
MessageBoxA
UnregisterClassA
CreateWindowExA
PeekMessageA
EmptyClipboard
DefWindowProcA
PostMessageA
DispatchMessageA
OpenClipboard
SetClipboardData
GetParent
SendMessageA
EnableWindow
CharUpperA
IsWindow
GetPropA

gdi32

ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
TextOutA
EnumFontFamiliesExA
DeleteObject
RectVisible
PtVisible
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteExA

shlwapi

UrlUnescapeA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

ws2_32

WSAStartup
WSAGetLastError
WSACleanup
connect
sendto
recvfrom
WSAAsyncSelect
send
recv
closesocket
accept
socket
bind
select
gethostbyname
htonl
htons
inet_addr
WSASetLastError

wininet

HttpQueryInfoA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
HttpSendRequestA
InternetConnectA
HttpOpenRequestA
InternetQueryDataAvailable
InternetSetOptionExA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetReadFile

Exports

Exports

winampGetExtendedFileInfo
winampGetInModule2

Sections

.text
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/in_wma.dll
.dll windows:4 windows x86 arch:x86

2a72791c1f9538bb8dcaf34e1b9ea9cf

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

23:71:1b:be:e6:ff:2e:8c:fd:ec:57:1f:1d:5f:31:23:f0:aa:95:9c
Signer

Actual PE Digest

23:71:1b:be:e6:ff:2e:8c:fd:ec:57:1f:1d:5f:31:23:f0:aa:95:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\MusicBox_V2\dev\prj\In_wma\Release\In_Wma.pdb

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

wmvcore

WMCreateReader

kernel32

DisableThreadLibraryCalls
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedIncrement
ResetEvent
SetEvent
WaitForSingleObject
DeleteCriticalSection
CloseHandle
GetLastError
InitializeCriticalSection
CreateEventA
Sleep
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
InterlockedDecrement
CreateThread
GetProcAddress
LoadLibraryA
GetFileType
CreateFileW
ReadFile
SetFilePointer
GetFileSize
TerminateThread
GetCurrentThreadId
MultiByteToWideChar
GetTickCount
ExitProcess

user32

MessageBoxA
PostMessageA

ole32

CoInitialize
CoUninitialize

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Nomemory@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

msvcr71

__security_error_handler
?terminate@@YAXXZ
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??_V@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
wcslen
malloc
_callnewh
??1type_info@@UAE@XZ
_except_handler3
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
__CppXcptFilter

Exports

Exports

winampGetInModule2

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/out_kw_ds.dll
.dll windows:4 windows x86 arch:x86

c5e33814a6b18fcb8716feac2a04d2ba

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:b0:ad:ee:be:09:e6:40:20:24:6c:b8:1e:3b:c1:4d:4f:62:67:47
Signer

Actual PE Digest

f6:b0:ad:ee:be:09:e6:40:20:24:6c:b8:1e:3b:c1:4d:4f:62:67:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

dsound

ord1

kernel32

VirtualProtect
GetModuleFileNameA
WaitForMultipleObjects
DeleteCriticalSection
CloseHandle
WaitForSingleObject
SetEvent
Sleep
LeaveCriticalSection
EnterCriticalSection
ResetEvent
InitializeCriticalSection
SetThreadPriority
CreateThread
CreateEventA
GetTickCount
GetCurrentThreadId
RtlUnwind
RaiseException
GetCommandLineA
GetVersionExA
HeapAlloc
GetProcAddress
GetModuleHandleA
HeapFree
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetSystemInfo
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
DisableThreadLibraryCalls
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InterlockedExchange
VirtualQuery
LoadLibraryA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA

Exports

Exports

winampGetOutModule

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugin/vis_classic.dll
.dll windows:4 windows x86 arch:x86

8c498c89f71c634f98861724759e0efe

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c4:c7:79:56:8d:3b:d0:a7:b1:e0:b3:0a:d2:e6:77:5a:ed:73:61:bd
Signer

Actual PE Digest

c4:c7:79:56:8d:3b:d0:a7:b1:e0:b3:0a:d2:e6:77:5a:ed:73:61:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\MusicBox_V2\dev\prj\vis_classic\Release\vis_classic.pdb

Imports

msvcr71

_adjust_fdiv
_initterm
_onexit
__dllonexit
??1type_info@@UAE@XZ
__security_error_handler
??0exception@@QAE@XZ
?terminate@@YAXXZ
__CppXcptFilter
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memset
_except_handler3
free
malloc
??_U@YAPAXI@Z
??_V@YAXPAX@Z
iswctype
atoi
??2@YAPAXI@Z
??1exception@@UAE@XZ

msvcp71

??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?clear@ios_base@std@@QAEXH_N@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?uncaught_exception@std@@YA_NXZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

mfc71

ord765
ord315
ord1037
ord1206
ord1208
ord1098
ord371
ord1120
ord1201
ord1175
ord1177
ord314
ord1209
ord1084
ord1092
ord1167
ord581
ord2306
ord1917
ord1123
ord6017
ord3331
ord2707
ord5493
ord380
ord1031
ord3514
ord2367

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
GlobalUnlock
GlobalFree
GetVersionExA

user32

IsIconic
GetClientRect
GetWindowDC
GetWindowLongA
FillRect
LoadImageA

gdi32

StretchDIBits
SelectObject
CreatePalette
DeleteObject
SelectPalette
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreateSolidBrush

Exports

Exports

winampVisGetHeader

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
readme.txt
recoEngine.exe
.exe windows:4 windows x86 arch:x86

fd1d584fc1929266c74ad93b8a7fe33e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1e:99:5a:45:84:e9:ad:e7:63:b9:e2:ca:71:5e:4c:62:a1:45:2b:8a
Signer

Actual PE Digest

1e:99:5a:45:84:e9:ad:e7:63:b9:e2:ca:71:5e:4c:62:a1:45:2b:8a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\cvswork\MusicBox_3002\MusicBox_V2\dev\prj\ReconEngine_3.0.0_WangLei_V2\Release\ReconEngine.pdb

Imports

kwlogsvr

?YL_Log@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H0PBDZZ

kernel32

HeapCreate
InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
CreateEventA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetExitCodeThread
TerminateThread
CreateThread
DeleteFileA
SetEvent
SetEndOfFile
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualQuery
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
HeapSize
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetStdHandle
CreateFileA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW

shlwapi

PathFileExistsA

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
res/PanesData.xml
.xml
res/WikiEntryDefault.html
.html
res/artists.xml
res/coverflow/001.jpg
.jpg
res/coverflow/1.JPG
.jpg
res/coverflow/2.JPG
.jpg
res/coverflow/3.JPG
.jpg
res/coverflow/4.JPG
.jpg
res/coverflow/5.JPG
.jpg
res/coverflow/6.JPG
.jpg
res/coverflow/7.JPG
.jpg
res/coverflow/8.jpg
.jpg
res/hot_singer.xml
res/mblistcount.xml
res/msg/bk.gif
.gif
res/msg/bt1.gif
.gif
res/msg/bt2.gif
.gif
res/msg/msg.htm
.html .js polyglot
res/oumei_singer.xml
res/ranks/ȸ.xml
res/rihan_singer.xml
res/search/11.sng
res/search/12.sng
res/starmenu2.0.xml
run.exe
.exe windows:4 windows x86 arch:x86

6e9116e001ca2c00f3eb0d8a5dd299be

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ab:ed:ae:8b:7b:1e:2c:74:d4:c8:1f:b7:bf:4f:c3:09:42:8b:a0:61
Signer

Actual PE Digest

ab:ed:ae:8b:7b:1e:2c:74:d4:c8:1f:b7:bf:4f:c3:09:42:8b:a0:61

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\KwProjects\6.1\开机启动优化\autostart\Release\autostart.pdb

Imports

kernel32

CreateProcessA
ExitProcess
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
LoadLibraryA
InterlockedExchange
VirtualQuery
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
VirtualProtect
GetSystemInfo
CloseHandle

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup.xml
.xml
swf/MvComplete.swf
swf/MvMiniComplete.swf
swf/coverflow.swf
swf/directx.swf
swf/enjoy.swf
swf/initplay.swf
swf/load.swf
swf/mvstop.swf
swf/neterror.swf
swf/netload.swf
swf/no.swf
swf/nomtv.swf
swf/nomv.swf
swf/nores.swf
swf/picexception.swf
swf/serverbusy.swf
zlib.dll
.dll windows:4 windows x86 arch:x86

6ca5129cf676bf086156341822a28d95

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

02/12/2009, 00:00

Not After

02/12/2011, 23:59

Subject

CN=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=BEIJING KUWO TECHNOLOGY CO.\,LTD.\ ,L=BEIJING,ST=BEIJING,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f8:1f:7f:9a:cb:f3:fc:d0:74:f1:f2:42:11:6c:89:28:c1:e0:c2:25
Signer

Actual PE Digest

f8:1f:7f:9a:cb:f3:fc:d0:74:f1:f2:42:11:6c:89:28:c1:e0:c2:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\project\working\2.0\CommonLib\bin_r\Zlib.pdb

Imports

msvcr71

__CppXcptFilter
_onexit
_adjust_fdiv
_initterm
_except_handler3
__security_error_handler
free
__dllonexit
malloc

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess
GetSystemTimeAsFileTime

Exports

Exports

??4YL_CZlibZip@@QAEAAV0@ABV0@@Z
?Compress@YL_CZlibZip@@SA?AW4ZIP_RESULT@1@PAEPAJPBEJ@Z
?UnCompress@YL_CZlibZip@@SA?AW4ZIP_RESULT@1@PAEPAJPBEJ@Z

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 290KB

.ndata Size: - Virtual size: 416KB

.rsrc Size: 32KB - Virtual size: 36KB

b4b71331b921e2f441a2b05306cd7dae

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 224B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 382B

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

d44c16403468dc57c73ebca319ddbe16

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02Certificate

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 290KB

.ndata
Size: - Virtual size: 416KB

.rsrc
Size: 32KB - Virtual size: 36KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 224B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 382B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

f2:73:62:f7:79:63:4a:44:16:b6:12:7f:06:c5:3a:bb:68:cf:5a:06
Signer

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 494B

.rdata
Size: 1024B - Virtual size: 998B

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 444B

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

27:44:c0:b5:76:7c:8e:59:14:a9:ec:be:07:49:c7:02
Certificate

ab:ed:ae:8b:7b:1e:2c:74:d4:c8:1f:b7:bf:4f:c3:09:42:8b:a0:61
Signer

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 30KB