f4db6a125e3d059b2f0b52533ae18a43_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4db6a125e3d059b2f0b52533ae18a43_JaffaCakes118
Size

15.0MB
MD5

f4db6a125e3d059b2f0b52533ae18a43
SHA1

ca73d8155ec8e3e6a1df55b4c375c8882c799470
SHA256

1821d19dc59274e2ce3d5e9b3bdf330aa245502ebb247f421577565ffc3440ba
SHA512

c3cbb4010b52089f1676bd093cb59d56163bf102a0dc70164c6c372cc82eb41e20c93c104d1e5a18888f5b014e9e037335ffccf5557db8bdfdafeede4fe1caca
SSDEEP

196608:yjlFoWLV3ji0yu6Y5e3xPW4bIUmpfxtTrEt/lQPhkUbqIXakPXIMYOBf8OAlEDAd:ynRV3e0yHiT4kUxZlQPhGVwbYcPDASvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/InstallOptions.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/UserInfo.dll
unpack002/amf-component-vce-windesktop32.dll
unpack002/amf-component-vce-windesktop64.dll
unpack002/amf-core-windesktop32.dll
unpack002/amf-core-windesktop64.dll
unpack001/Bandicam/keymaker.exe

Files

f4db6a125e3d059b2f0b52533ae18a43_JaffaCakes118
.rar
Bandicam/bandicam.exe
.exe windows:5 windows x86 arch:x86

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 628KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/D3DCompiler_43.dll
.dll windows:6 windows x86 arch:x86

6ba7b0e4e74a8eea96dca4fffc88b859

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a0:dc:fd:f1:04:c6:f9:25:f4:de:ed:83:b3:1b:1c:9e:4a:d1:be:fb
Signer

Actual PE Digest

a0:dc:fd:f1:04:c6:f9:25:f4:de:ed:83:b3:1b:1c:9e:4a:d1:be:fb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_43.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
_initterm
_XcptFilter
_CxxThrowException
memset
memcpy
isxdigit
atof
setlocale
_strdup
_mbstrlen
modf
isalnum
_isnan
ceil
_finite
strrchr
_clearfp
_controlfp
_strnicmp
_fpclass
_purecall
strncmp
isspace
strstr
getenv
_stricmp
memmove
qsort
isalpha
toupper
atoi
isdigit
tolower
free
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_vsnprintf
_errno
__CxxFrameHandler
floor
_CIfmod
_CItanh
_CItan
_CIsinh
_CIsin
_CIlog
_CIpow
_CIexp
_CIsqrt
_CIcosh
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos

gdi32

DeleteObject

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
UnmapViewOfFile
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
GetLastError
SetUnhandledExceptionFilter
WideCharToMultiByte
GetFullPathNameA
HeapCreate
OutputDebugStringA
LoadLibraryA
GetModuleHandleA
lstrcmpiA
TlsFree
TlsGetValue
HeapDestroy
TlsSetValue
InterlockedExchange
TlsAlloc
Sleep
InterlockedCompareExchange
FreeLibrary
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
GetVersion

Exports

Exports

D3DAssemble
D3DCompile
D3DCompressShaders
D3DCreateBlob
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocess
D3DReflect
D3DReturnFailure1
D3DStripShader
DebugSetMute

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/d3dx11_43.dll
.dll windows:6 windows x86 arch:x86

a21b4a7ea49a55d76ec8ead5ff32f73d

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:02

Not After

25-07-2013 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

3e:ac:fb:b6:70:f6:65:34:9c:0a:21:69:7e:23:e4:07:49:b9:c0:4e
Signer

Actual PE Digest

3e:ac:fb:b6:70:f6:65:34:9c:0a:21:69:7e:23:e4:07:49:b9:c0:4e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx11_43.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
memmove
_amsg_exit
_initterm
_XcptFilter
malloc
_callnewh
free
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
_CxxThrowException
_isnan
_controlfp
floor
memset
_purecall
_CIsqrt
memcpy
_vsnwprintf
__CxxFrameHandler

kernel32

WideCharToMultiByte
WriteFile
LockResource
FindResourceW
SizeofResource
FindResourceA
GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
InterlockedExchange
OutputDebugStringA
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileA
GetCurrentProcess
GetProcessAffinityMask
CreateThread
InterlockedIncrement
Sleep
WaitForSingleObject
InterlockedDecrement
DebugBreak
WaitForMultipleObjects
ReleaseSemaphore
ReleaseMutex
CreateSemaphoreA
CreateMutexA
CreateFileW
CloseHandle
GetFileSizeEx
ReadFile
MultiByteToWideChar
GetFullPathNameW
GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
LoadResource

ole32

CreateStreamOnHGlobal

gdi32

DeleteObject

Exports

Exports

D3DX11CheckVersion
D3DX11CompileFromFileA
D3DX11CompileFromFileW
D3DX11CompileFromMemory
D3DX11CompileFromResourceA
D3DX11CompileFromResourceW
D3DX11ComputeNormalMap
D3DX11CreateAsyncCompilerProcessor
D3DX11CreateAsyncFileLoaderA
D3DX11CreateAsyncFileLoaderW
D3DX11CreateAsyncMemoryLoader
D3DX11CreateAsyncResourceLoaderA
D3DX11CreateAsyncResourceLoaderW
D3DX11CreateAsyncShaderPreprocessProcessor
D3DX11CreateAsyncShaderResourceViewProcessor
D3DX11CreateAsyncTextureInfoProcessor
D3DX11CreateAsyncTextureProcessor
D3DX11CreateShaderResourceViewFromFileA
D3DX11CreateShaderResourceViewFromFileW
D3DX11CreateShaderResourceViewFromMemory
D3DX11CreateShaderResourceViewFromResourceA
D3DX11CreateShaderResourceViewFromResourceW
D3DX11CreateTextureFromFileA
D3DX11CreateTextureFromFileW
D3DX11CreateTextureFromMemory
D3DX11CreateTextureFromResourceA
D3DX11CreateTextureFromResourceW
D3DX11CreateThreadPump
D3DX11FilterTexture
D3DX11GetImageInfoFromFileA
D3DX11GetImageInfoFromFileW
D3DX11GetImageInfoFromMemory
D3DX11GetImageInfoFromResourceA
D3DX11GetImageInfoFromResourceW
D3DX11LoadTextureFromTexture
D3DX11PreprocessShaderFromFileA
D3DX11PreprocessShaderFromFileW
D3DX11PreprocessShaderFromMemory
D3DX11PreprocessShaderFromResourceA
D3DX11PreprocessShaderFromResourceW
D3DX11SHProjectCubeMap
D3DX11SaveTextureToFileA
D3DX11SaveTextureToFileW
D3DX11SaveTextureToMemory

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/vcomp140.dll
.dll windows:6 windows x86 arch:x86

4e2bdf3570f0309d9d2a75b473cb9395

Code Sign

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

20-03-2015 17:32

Not After

20-06-2016 17:32

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04-06-2015 17:42

Not After

04-09-2016 17:42

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-10-2014 18:11

Not After

01-01-2016 18:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:86:bb:12:47:e6:c0:8a:13:b7:f5:c4:bc:fc:f5:f4:3d:4c:4c:4f:7a:62:43:e2:58:a8:d0:7b:b4:90:5c:6a
Signer

Actual PE Digest

c2:86:bb:12:47:e6:c0:8a:13:b7:f5:c4:bc:fc:f5:f4:3d:4c:4c:4f:7a:62:43:e2:58:a8:d0:7b:b4:90:5c:6a

Digest Algorithm

sha256

PE Digest Matches

true

25:68:3e:e2:be:11:b4:c6:59:5c:0b:ad:83:1b:a3:da:6e:88:4f:11
Signer

Actual PE Digest

25:68:3e:e2:be:11:b4:c6:59:5c:0b:ad:83:1b:a3:da:6e:88:4f:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

vcomp140.i386.pdb

Imports

kernel32

FormatMessageW
OutputDebugStringW
LocalAlloc
LocalFree
GetConsoleWindow
GetConsoleScreenBufferInfo
WriteConsoleW
WideCharToMultiByte
WriteFile
GetLastError
GetCurrentThreadId
HeapFree
GetProcessHeap
UnhandledExceptionFilter
CloseHandle
WaitForSingleObjectEx
SetEvent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapAlloc
TryEnterCriticalSection
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetTickCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
Sleep
SwitchToThread
ExitProcess
GetStdHandle
CreateThread
QueueUserWorkItem
CreateEventW
GetNativeSystemInfo
QueryPerformanceFrequency
GetSystemTimeAdjustment
GetEnvironmentVariableW
lstrlenW
lstrcmpiW
GetStringTypeExW
ResetEvent
LoadLibraryExW
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
GetUserDefaultUILanguage
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameW
FindResourceExW
LoadResource
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
MultiByteToWideChar
GetACP
SetLastError
GetStringTypeW
GetCPInfo
IsValidCodePage
GetOEMCP
FreeLibrary
LCMapStringW
SetStdHandle
GetModuleHandleExW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
RaiseException
CreateFileW
RtlUnwind

user32

MessageBoxW

Exports

Exports

C2VectParallel
_vcomp_atomic_add_i1
_vcomp_atomic_add_i2
_vcomp_atomic_add_i4
_vcomp_atomic_add_i8
_vcomp_atomic_add_r4
_vcomp_atomic_add_r8
_vcomp_atomic_and_i1
_vcomp_atomic_and_i2
_vcomp_atomic_and_i4
_vcomp_atomic_and_i8
_vcomp_atomic_div_i1
_vcomp_atomic_div_i2
_vcomp_atomic_div_i4
_vcomp_atomic_div_i8
_vcomp_atomic_div_r4
_vcomp_atomic_div_r8
_vcomp_atomic_div_ui1
_vcomp_atomic_div_ui2
_vcomp_atomic_div_ui4
_vcomp_atomic_div_ui8
_vcomp_atomic_mul_i1
_vcomp_atomic_mul_i2
_vcomp_atomic_mul_i4
_vcomp_atomic_mul_i8
_vcomp_atomic_mul_r4
_vcomp_atomic_mul_r8
_vcomp_atomic_or_i1
_vcomp_atomic_or_i2
_vcomp_atomic_or_i4
_vcomp_atomic_or_i8
_vcomp_atomic_shl_i1
_vcomp_atomic_shl_i2
_vcomp_atomic_shl_i4
_vcomp_atomic_shl_i8
_vcomp_atomic_shr_i1
_vcomp_atomic_shr_i2
_vcomp_atomic_shr_i4
_vcomp_atomic_shr_i8
_vcomp_atomic_shr_ui1
_vcomp_atomic_shr_ui2
_vcomp_atomic_shr_ui4
_vcomp_atomic_shr_ui8
_vcomp_atomic_sub_i1
_vcomp_atomic_sub_i2
_vcomp_atomic_sub_i4
_vcomp_atomic_sub_i8
_vcomp_atomic_sub_r4
_vcomp_atomic_sub_r8
_vcomp_atomic_xor_i1
_vcomp_atomic_xor_i2
_vcomp_atomic_xor_i4
_vcomp_atomic_xor_i8
_vcomp_barrier
_vcomp_copyprivate_broadcast
_vcomp_copyprivate_receive
_vcomp_enter_critsect
_vcomp_flush
_vcomp_for_dynamic_init
_vcomp_for_dynamic_init_i8
_vcomp_for_dynamic_next
_vcomp_for_dynamic_next_i8
_vcomp_for_static_end
_vcomp_for_static_init
_vcomp_for_static_init_i8
_vcomp_for_static_simple_init
_vcomp_for_static_simple_init_i8
_vcomp_fork
_vcomp_get_thread_num
_vcomp_leave_critsect
_vcomp_master_barrier
_vcomp_master_begin
_vcomp_master_end
_vcomp_ordered_begin
_vcomp_ordered_end
_vcomp_ordered_loop_end
_vcomp_reduction_i1
_vcomp_reduction_i2
_vcomp_reduction_i4
_vcomp_reduction_i8
_vcomp_reduction_r4
_vcomp_reduction_r8
_vcomp_reduction_u1
_vcomp_reduction_u2
_vcomp_reduction_u4
_vcomp_reduction_u8
_vcomp_sections_init
_vcomp_sections_next
_vcomp_set_num_threads
_vcomp_single_begin
_vcomp_single_end
omp_destroy_lock
omp_destroy_nest_lock
omp_get_dynamic
omp_get_max_threads
omp_get_nested
omp_get_num_procs
omp_get_num_threads
omp_get_thread_num
omp_get_wtick
omp_get_wtime
omp_in_parallel
omp_init_lock
omp_init_nest_lock
omp_set_dynamic
omp_set_lock
omp_set_nest_lock
omp_set_nested
omp_set_num_threads
omp_test_lock
omp_test_nest_lock
omp_unset_lock
omp_unset_nest_lock

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/BDMPEG1SETUP.EXE
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 580KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:5 windows x86 arch:x86

45d25ca52c312b2254c60dbcb30342d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynW
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameW
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 753B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/bdmjpeg.dll
.dll windows:5 windows x86 arch:x86

8950e1a0317525f0385b9af601337740

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmjpeg.pdb

Imports

kernel32

GetTickCount
QueryPerformanceCounter
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
FreeLibrary
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCurrentThreadId
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

msvcr90

_onexit
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_lock
__dllonexit
_unlock
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_encode_pointer
memset
free
calloc
memmove_s
memcpy_s
wcscpy_s
??2@YAPAXI@Z
??3@YAXPAX@Z
_CxxThrowException
memcpy
_decode_pointer
__CxxFrameHandler3

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 870B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/bdmjpeg64.dll
.dll windows:5 windows x64 arch:x64

04208dfcd9f4d104fd3657338692098d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmjpeg64.pdb

Imports

kernel32

GetTickCount
QueryPerformanceCounter
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
FreeLibrary
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

msvcr90

__crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_amsg_exit
_decode_pointer
_encoded_null
_initterm_e
_malloc_crt
_encode_pointer
__C_specific_handler
memset
free
calloc
memmove_s
memcpy_s
wcscpy_s
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_CxxThrowException
memcpy
_initterm
__CxxFrameHandler3

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/bdmpega.acm
.dll windows:5 windows x86 arch:x86

a59629a50eafc3a20d9d62c5f0118409

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmpega.pdb

Imports

kernel32

GetLastError
WideCharToMultiByte
lstrcpyW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
LCMapStringW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/bdmpega64.acm
.dll windows:5 windows x64 arch:x64

3259065632343fd95fdf829cba05685c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmpega64.pdb

Imports

kernel32

GetLastError
WideCharToMultiByte
lstrcpyW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
LCMapStringW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RtlUnwindEx
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlPcToFileHeader
HeapSetInformation
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/bdmpegv.dll
.dll windows:5 windows x86 arch:x86

bf6c7259ffaa7b3eb59b7d97edcbb647

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmpegv.pdb

Imports

kernel32

GetLastError
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
FreeLibrary
DisableThreadLibraryCalls
LCMapStringW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
VirtualAlloc
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/bdmpegv64.dll
.dll windows:5 windows x64 arch:x64

1c3318cf9e21cee7c0d17aa9a319a3c6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdmpegv64.pdb

Imports

kernel32

GetLastError
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
LoadLibraryW
FreeLibrary
DisableThreadLibraryCalls
LCMapStringW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RtlUnwindEx
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlPcToFileHeader
HeapSetInformation
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA

user32

MessageBoxW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/bdfilters.dll
.dll regsvr32 windows:5 windows x86 arch:x86

27f07fb2c76df7e3ac5b98f25b3ec3e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdfilters.pdb

Imports

comctl32

ord17

kernel32

lstrcmpW
CreateEventA
CloseHandle
WaitForSingleObject
CreateThread
SetEvent
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentThreadId
GetTickCount
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetLastError
lstrcpynW
GetVersionExA
GetSystemInfo
VirtualAlloc
VirtualFree
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
MultiByteToWideChar
lstrlenA
DisableThreadLibraryCalls
GetCurrentProcess
GetModuleFileNameA
LoadLibraryA
VirtualQuery
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
WriteFile
GetCurrentProcessId
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
HeapAlloc
HeapFree
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleHandleW
TlsGetValue
SetLastError

user32

DestroyWindow
DefWindowProcA
wsprintfA
ShowWindow
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
LoadStringA
GetDesktopWindow
GetWindowRect
LoadStringW
InvalidateRect

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA

shell32

ShellExecuteA

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

CreateAudioDecoder
CreateVideoDecoder
CreateVideoDecoder_mjpeg
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 297KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bdfilters.dll
.dll regsvr32 windows:5 windows x86 arch:x86

27f07fb2c76df7e3ac5b98f25b3ec3e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdfilters.pdb

Imports

comctl32

ord17

kernel32

lstrcmpW
CreateEventA
CloseHandle
WaitForSingleObject
CreateThread
SetEvent
GetProcAddress
GetModuleHandleA
WideCharToMultiByte
GetACP
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentThreadId
GetTickCount
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetLastError
lstrcpynW
GetVersionExA
GetSystemInfo
VirtualAlloc
VirtualFree
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
MultiByteToWideChar
lstrlenA
DisableThreadLibraryCalls
GetCurrentProcess
GetModuleFileNameA
LoadLibraryA
VirtualQuery
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
WriteFile
GetCurrentProcessId
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
HeapAlloc
HeapFree
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleHandleW
TlsGetValue
SetLastError

user32

DestroyWindow
DefWindowProcA
wsprintfA
ShowWindow
GetWindowLongA
SetWindowLongA
CreateDialogParamA
MoveWindow
LoadStringA
GetDesktopWindow
GetWindowRect
LoadStringW
InvalidateRect

advapi32

RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA

shell32

ShellExecuteA

ole32

StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

CreateAudioDecoder
CreateVideoDecoder
CreateVideoDecoder_mjpeg
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 297KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bdfilters64.dll
.dll regsvr32 windows:5 windows x64 arch:x64

03c1aad04c80a2e0fd5bd4c160a3d1d1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:33:3f:db:3f:66:aa:8e:3e:41:ee:9b:0d:9c:a3:90
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-11-2012 00:00

Not After

15-11-2013 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

e:\w\devel\CAP\bandifilters\bin\bdfilters64.pdb

Imports

comctl32

ord17

kernel32

lstrcmpW
CreateEventA
CloseHandle
WaitForSingleObject
CreateThread
SetEvent
GetProcAddress
WideCharToMultiByte
GetACP
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrlenW
GetCurrentThreadId
GetTickCount
FreeLibrary
LoadLibraryA
lstrcpynW
GetLastError
GetSystemInfo
GetVersionExA
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapReAlloc
HeapSize
IsValidCodePage
GetOEMCP
GetCPInfo
WriteFile
GetCurrentProcessId
HeapDestroy
HeapCreate
HeapSetInformation
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
lstrlenA
DisableThreadLibraryCalls
GetModuleFileNameA
GetStringTypeW
GetCurrentProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
GetStartupInfoA
GetFileType
GetStdHandle
WriteConsoleA
SetStdHandle
SetHandleCount
ExitProcess
GetModuleHandleW
FlsAlloc
SetLastError
FlsFree
FlsGetValue
Sleep
QueryPerformanceCounter
GetSystemTimeAsFileTime
FlsSetValue
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
HeapFree
ExitThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
RaiseException
RtlPcToFileHeader
EncodePointer
DecodePointer

user32

wsprintfA
GetDesktopWindow
GetWindowRect
LoadStringW
LoadStringA
DefWindowProcA
GetWindowLongA
SetWindowLongA
DestroyWindow
ShowWindow
InvalidateRect
MoveWindow
CreateDialogParamA
SetWindowLongPtrA
GetWindowLongPtrA

advapi32

RegCreateKeyA
RegSetValueA
RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA

ole32

CoInitialize
StringFromGUID2
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

Exports

Exports

CreateAudioDecoder
CreateVideoDecoder
CreateVideoDecoder_mjpeg
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe.nsis
amf-component-vce-windesktop32.dll
.dll windows:5 windows x86 arch:x86

e9c51331dcc7bf5953bf4c147a84ddfe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dev\mmsdk\MediaSDK-1.1.25\bin\msvs10\Release\win32\amf-component-vce-windesktop32.pdb

Imports

kernel32

GetVersionExW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
EncodePointer
DecodePointer
InterlockedExchange
Sleep
LocalFree
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedCompareExchange

amf-core-windesktop32

?GetPropertyAt@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@IPA_WIPAUAMFVariantStruct@2@@Z
?QueryInterface@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
?GetPrivateProperty@AMFPropertyStorageExImpl@amf@@IBE?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?amf_string_format@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WZZ
?AMFGetResultText@amf@@YGPB_WW4AMF_RESULT@@@Z
??1AMFLock@amf@@QAE@XZ
??0AMFLock@amf@@QAE@PAVAMFSyncBase@1@K@Z
?amf_string_formatVA@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WPAD@Z
AMFCreateComponent
?AMFTextureArrayIndexGUID@amf@@YGABU_GUID@@XZ
??1AMFCriticalSection@amf@@UAE@XZ
?SetInputFormat@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetOutputFormat@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetFormat@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WHHW4AMF_SURFACE_FORMAT@2@@Z
?EnableDump@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAPAVAMFDataStream@2@PB_W_N@Z
?Dump@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PBXI@Z
?DumpInput@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PBXI@Z
?DumpOutput@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PBXI@Z
?DumpSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFSurface@2@@Z
?DumpBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFBuffer@2@@Z
?DumpData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFData@2@@Z
?DumpInputSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFSurface@2@@Z
?DumpOutputSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFSurface@2@@Z
?Clear@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?DumpOutputBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFBuffer@2@@Z
?DumpInputData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFData@2@@Z
?DumpOutputData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFData@2@@Z
?IsPerSessionDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?EnablePerSessionDump@AMFDumpImpl@amf@@UAEX_N@Z
?GetDumpBasePath@AMFDumpImpl@amf@@UBEPB_WXZ
?IsOutputDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?SetDumpBasePath@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@PB_W@Z
?EnableInputDump@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@_N@Z
?IsInputDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?EnableOutputDump@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@_N@Z
??1AMFDumpImpl@amf@@UAE@XZ
?Get@AMFPerformanceMonitor@amf@@SGAAV12@XZ
??1AMFPropertyInfoImpl@amf@@UAE@XZ
??0AMFCriticalSection@amf@@QAE@XZ
??0AMFDumpImpl@amf@@IAE@XZ
AMFVariantAssignBool
AMFVariantAssignRate
??0AMFPropertyInfoImpl@amf@@QAE@ABV01@@Z
amf_get_os_version
??4AMFPropertyInfoImpl@amf@@QAEAAV01@ABV01@@Z
??0AMFPropertyInfoImpl@amf@@QAE@XZ
??0AMFPropertyInfoImpl@amf@@QAE@PB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22_NPBUAMFEnumDescriptionEntry@1@@Z
?AddTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?HasProperty@AMFPropertyStorageImpl@amf@@UBG_NPB_W@Z
?GetProperty@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?GetPropertyCount@AMFPropertyStorageImpl@amf@@UBGIXZ
??1AMFPropertyStorageImpl@amf@@UAE@XZ
?CopyTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
?SetProperty@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?OnPropertyChanged@AMFPropertyStorageImpl@amf@@UAGXPB_W@Z
?RemoveObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
??0AMFPropertyStorageImpl@amf@@QAE@XZ
?IID@AMFPropertyStorageEx@amf@@SA?BUAMFGuid@2@XZ
?GetPropertiesInfoCount@AMFPropertyStorageExImpl@amf@@UBGIXZ
?SetProperty@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAPBUAMFPropertyInfo@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@IPAPBUAMFPropertyInfo@2@@Z
?GetPropertyAt@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@IPA_WIPAUAMFVariantStruct@2@@Z
?HasProperty@AMFPropertyStorageExImpl@amf@@UBG_NPB_W@Z
?Clear@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?AddTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?GetPropertyCount@AMFPropertyStorageExImpl@amf@@UBGIXZ
?CopyTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
??_7AMFPropertyStorageEx@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageEx@amf@@6BAMFPropertyStorage@1@@
?OnPropertyChanged@AMFPropertyStorageExImpl@amf@@UAGXPB_W@Z
?RegisterProperties@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PAVAMFPropertyInfoImpl@2@I@Z
?RemoveObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
??0AMFPropertyStorageExImpl@amf@@QAE@XZ
?SetPrivateProperty@AMFPropertyStorageExImpl@amf@@IAE?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
??0AMFPropertyStorageEx@amf@@QAE@XZ
_amf_atomic_dec@4
_amf_atomic_inc@4
AMFTraceW
?GetProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?ValidateProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@PAU42@@Z
??1AMFPropertyStorageExImpl@amf@@UAE@XZ
_amf_high_precision_clock@0
??1AMFPropertyStorageEx@amf@@UAE@XZ
AMFVariantChangeType
AMFVariantClear
AMFVariantAssignInterface
AMFVariantAssignSize
AMFVariantAssignInt64
AMFVariantCopy
AMFVariantInit
?SetResolution@AMFIOCapsImpl@amf@@IAEXHHHH@Z
?SetVertAlign@AMFIOCapsImpl@amf@@IAEXH@Z
?PopulateSurfaceFormats@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_SURFACE_FORMAT@2@_N@Z
?PopulateMemoryTypes@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_MEMORY_TYPE@2@_N@Z
?Release@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?Acquire@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?QueryInterface@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
?RefCount@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?IsInterlacedSupported@AMFIOCapsImpl@amf@@UBG_NXZ
?GetMemoryTypeAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_MEMORY_TYPE@2@PA_N@Z
?GetNumOfMemoryTypes@AMFIOCapsImpl@amf@@UBGHXZ
?GetFormatAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_SURFACE_FORMAT@2@PA_N@Z
?GetNumOfFormats@AMFIOCapsImpl@amf@@UBGHXZ
?GetVertAlign@AMFIOCapsImpl@amf@@UBGHXZ
?GetHeightRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
?GetWidthRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
??0AMFIOCapsImpl@amf@@IAE@XZ
??1AMFIOCapsImpl@amf@@UAE@XZ
_amf_alloc@4
_amf_free@4
?DumpInputBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFBuffer@2@@Z

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

calloc
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_except_handler4_common
_onexit
_lock
??3@YAXPAX@Z
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
free
__dllonexit
printf
wcschr
wcsncpy
swscanf
_vswprintf_c_l
memset
memmove
memcpy
_purecall
__CxxFrameHandler3
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z

Exports

Exports

AMFCreateComponentInt

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
amf-component-vce-windesktop64.dll
.dll windows:5 windows x64 arch:x64

a143a61992492f4b79124b93ec75ab70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\dev\mmsdk\MediaSDK-1.1.25\bin\msvs10\Release\win64\amf-component-vce-windesktop64.pdb

Imports

kernel32

GetVersionExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
Sleep
TerminateProcess
LocalFree
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetCurrentProcess

amf-core-windesktop64

?SetProperty@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
?QueryInterface@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@AEBUAMFGuid@2@PEAPEAX@Z
?GetPrivateProperty@AMFPropertyStorageExImpl@amf@@IEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
?amf_string_format@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WZZ
?AMFGetResultText@amf@@YAPEB_WW4AMF_RESULT@@@Z
??1AMFLock@amf@@QEAA@XZ
??0AMFLock@amf@@QEAA@PEAVAMFSyncBase@1@K@Z
?amf_string_formatVA@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WPEAD@Z
AMFCreateComponent
?AMFTextureArrayIndexGUID@amf@@YAAEBU_GUID@@XZ
??1AMFCriticalSection@amf@@UEAA@XZ
?SetInputFormat@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetOutputFormat@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetFormat@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WHHW4AMF_SURFACE_FORMAT@2@@Z
?EnableDump@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAPEAVAMFDataStream@2@PEB_W_N@Z
?Dump@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEBX_K@Z
?DumpInput@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEBX_K@Z
?DumpOutput@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEBX_K@Z
?DumpSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFSurface@2@@Z
?DumpBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFBuffer@2@@Z
?DumpData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFData@2@@Z
?DumpInputSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFSurface@2@@Z
?DumpOutputSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFSurface@2@@Z
?GetPropertyAt@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEA_W0PEAUAMFVariantStruct@2@@Z
?DumpOutputBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFBuffer@2@@Z
?DumpInputData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFData@2@@Z
?DumpOutputData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFData@2@@Z
?GetDumpBasePath@AMFDumpImpl@amf@@UEBAPEB_WXZ
?IsOutputDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?SetDumpBasePath@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_W@Z
?EnableInputDump@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@_N@Z
?IsInputDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?EnableOutputDump@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@_N@Z
?IsPerSessionDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?EnablePerSessionDump@AMFDumpImpl@amf@@UEAAX_N@Z
??1AMFDumpImpl@amf@@UEAA@XZ
?Get@AMFPerformanceMonitor@amf@@SAAEAV12@XZ
??1AMFPropertyInfoImpl@amf@@UEAA@XZ
??0AMFCriticalSection@amf@@QEAA@XZ
??0AMFDumpImpl@amf@@IEAA@XZ
AMFVariantAssignBool
AMFVariantAssignRate
??0AMFPropertyInfoImpl@amf@@QEAA@AEBV01@@Z
amf_get_os_version
??4AMFPropertyInfoImpl@amf@@QEAAAEAV01@AEBV01@@Z
??0AMFPropertyInfoImpl@amf@@QEAA@XZ
??0AMFPropertyInfoImpl@amf@@QEAA@PEB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22_NPEBUAMFEnumDescriptionEntry@1@@Z
?Clear@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@XZ
?AddTo@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N1@Z
?HasProperty@AMFPropertyStorageImpl@amf@@UEBA_NPEB_W@Z
?GetProperty@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
??1AMFPropertyStorageImpl@amf@@UEAA@XZ
?GetPropertyCount@AMFPropertyStorageImpl@amf@@UEBA_KXZ
?CopyTo@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N@Z
?OnPropertyChanged@AMFPropertyStorageImpl@amf@@UEAAXPEB_W@Z
?RemoveObserver@AMFPropertyStorageImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
??0AMFPropertyStorageImpl@amf@@QEAA@XZ
?IID@AMFPropertyStorageEx@amf@@SA?BUAMFGuid@2@XZ
?GetPropertiesInfoCount@AMFPropertyStorageExImpl@amf@@UEBA_KXZ
?SetProperty@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAPEBUAMFPropertyInfo@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEAPEBUAMFPropertyInfo@2@@Z
?GetPropertyAt@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEA_W0PEAUAMFVariantStruct@2@@Z
?HasProperty@AMFPropertyStorageExImpl@amf@@UEBA_NPEB_W@Z
?Clear@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@XZ
?AddTo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N1@Z
?GetPropertyCount@AMFPropertyStorageExImpl@amf@@UEBA_KXZ
?CopyTo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N@Z
??_7AMFPropertyStorageEx@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageEx@amf@@6BAMFPropertyStorage@1@@
?OnPropertyChanged@AMFPropertyStorageExImpl@amf@@UEAAXPEB_W@Z
?RegisterProperties@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@PEAVAMFPropertyInfoImpl@2@_K@Z
?RemoveObserver@AMFPropertyStorageExImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageExImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
??0AMFPropertyStorageExImpl@amf@@QEAA@XZ
?SetPrivateProperty@AMFPropertyStorageExImpl@amf@@IEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
??0AMFPropertyStorageEx@amf@@QEAA@XZ
amf_atomic_dec
amf_atomic_inc
AMFTraceW
?GetProperty@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
?ValidateProperty@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@PEAU42@@Z
??1AMFPropertyStorageExImpl@amf@@UEAA@XZ
amf_high_precision_clock
??1AMFPropertyStorageEx@amf@@UEAA@XZ
AMFVariantChangeType
AMFVariantClear
AMFVariantAssignInterface
AMFVariantAssignSize
AMFVariantAssignInt64
AMFVariantCopy
AMFVariantInit
?SetResolution@AMFIOCapsImpl@amf@@IEAAXHHHH@Z
?SetVertAlign@AMFIOCapsImpl@amf@@IEAAXH@Z
?PopulateSurfaceFormats@AMFIOCapsImpl@amf@@IEAAXHPEBW4AMF_SURFACE_FORMAT@2@_N@Z
?PopulateMemoryTypes@AMFIOCapsImpl@amf@@IEAAXHPEBW4AMF_MEMORY_TYPE@2@_N@Z
?Acquire@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?QueryInterface@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAA?AW4AMF_RESULT@@AEBUAMFGuid@2@PEAPEAX@Z
?Release@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?RefCount@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?IsInterlacedSupported@AMFIOCapsImpl@amf@@UEBA_NXZ
?GetMemoryTypeAt@AMFIOCapsImpl@amf@@UEBA?AW4AMF_RESULT@@HPEAW4AMF_MEMORY_TYPE@2@PEA_N@Z
?GetNumOfMemoryTypes@AMFIOCapsImpl@amf@@UEBAHXZ
?GetFormatAt@AMFIOCapsImpl@amf@@UEBA?AW4AMF_RESULT@@HPEAW4AMF_SURFACE_FORMAT@2@PEA_N@Z
?GetNumOfFormats@AMFIOCapsImpl@amf@@UEBAHXZ
?GetVertAlign@AMFIOCapsImpl@amf@@UEBAHXZ
?GetHeightRange@AMFIOCapsImpl@amf@@UEBAXPEAH0@Z
?GetWidthRange@AMFIOCapsImpl@amf@@UEBAXPEAH0@Z
??0AMFIOCapsImpl@amf@@IEAA@XZ
??1AMFIOCapsImpl@amf@@UEAA@XZ
amf_alloc
amf_free
?DumpInputBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFBuffer@2@@Z

msvcp100

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

msvcr100

calloc
??0exception@std@@QEAA@AEBQEBD@Z
?what@exception@std@@UEBAPEBDXZ
??1exception@std@@UEAA@XZ
_onexit
_lock
__dllonexit
??3@YAXPEAX@Z
__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
free
_unlock
printf
wcschr
wcsncpy
swscanf
_vswprintf_c_l
memset
memmove
memcpy
_purecall
__CxxFrameHandler3
??0exception@std@@QEAA@AEBV01@@Z
_CxxThrowException
??2@YAPEAX_K@Z

Exports

Exports

AMFCreateComponentInt

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
amf-core-windesktop32.dll
.dll windows:5 windows x86 arch:x86

643a60eb62917b6b37bbd846f6dbd4fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dev\mmsdk\MediaSDK-1.1.25\bin\msvs10\Release\win32\amf-core-windesktop32.pdb

Imports

kernel32

VerSetConditionMask
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
CreateMutexW
OpenMutexW
ReleaseMutex
CreateSemaphoreW
ReleaseSemaphore
Sleep
VirtualAlloc
VirtualFree
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
VerifyVersionInfoW
OutputDebugStringW
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
RemoveDirectoryW
GetCurrentProcessId
DisableThreadLibraryCalls
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetVersionExW
GetLocalTime
GetModuleHandleW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentThreadId
GetModuleFileNameW
GetSystemTimeAsFileTime

user32

ReleaseDC
GetClientRect
GetDC
GetDesktopWindow

gdi32

ChoosePixelFormat
SetPixelFormat
CreateDCW
SwapBuffers
DeleteDC

msvcp100

??0_Lockit@std@@QAE@H@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?tolower@?$ctype@D@std@@QBEDD@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?toupper@?$ctype@D@std@@QBEDD@Z
?toupper@?$ctype@_W@std@@QBE_W_W@Z
_Getcoll
??0facet@locale@std@@IAE@I@Z
_Wcscoll
_Wcsxfrm
??1facet@locale@std@@UAE@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?id@?$collate@_W@std@@2V0locale@2@A
?_Orphan_all@_Container_base0@std@@QAEXXZ
??1_Lockit@std@@QAE@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Init@locale@std@@CAPAV_Locimp@12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Incref@facet@locale@std@@QAEXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Id_cnt@id@locale@std@@0HA
?id@?$ctype@D@std@@2V0locale@2@A

msvcr100

??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
memchr
_close
_read
_write
_lseeki64
_telli64
?what@exception@std@@UBEPBDXZ
_localtime64
_time64
fclose
fputws
__iob_func
fwrite
fflush
_beginthread
strstr
memset
_vsnprintf_s
sprintf
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
wcstombs
mbstowcs
sscanf
_snprintf
strtol
_vsnwprintf
_vscwprintf
_vscprintf
_endthread
_vswprintf_c_l
malloc
free
strncpy
wcsncpy
_wgetenv
wcsnlen
_wfopen
_aligned_malloc
_aligned_free
_ftime64
wcscpy_s
_wstat64
_findclose
_wfindnext64
_wfindfirst64
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_vsnprintf
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
memmove
memcpy
_CxxThrowException
??2@YAPAXI@Z
__CxxFrameHandler3
??_V@YAXPAX@Z
_purecall
??3@YAXPAX@Z
_configthreadlocale
?_wsopen@@YAHPB_WHHH@Z

d3d11

D3D11CreateDevice

d3d9

Direct3DCreate9Ex

opengl32

glBindTexture
glGenTextures
glGetIntegerv
glGetTexImage
wglMakeCurrent
wglGetCurrentDC
wglGetCurrentContext
glGetTexLevelParameteriv
wglCreateContext
glTexImage2D
glGetError
glTexParameteri
glDeleteTextures
wglDeleteContext

glu32

gluErrorString

dxgi

CreateDXGIFactory

Exports

Exports

??0?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@QAE@XZ
??0?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@QAE@XZ
??0AMFCriticalSection@amf@@QAE@XZ
??0AMFDumpImpl@amf@@IAE@XZ
??0AMFEvent@amf@@QAE@_N0PB_W@Z
??0AMFIOCapsImpl@amf@@IAE@HHHHH_NHPBW4AMF_SURFACE_FORMAT@1@H1HPBW4AMF_MEMORY_TYPE@1@H2@Z
??0AMFIOCapsImpl@amf@@IAE@XZ
??0AMFLock@amf@@QAE@PAVAMFSyncBase@1@K@Z
??0AMFMutex@amf@@QAE@_NPB_W0@Z
??0AMFPropertyInfoImpl@amf@@QAE@ABV01@@Z
??0AMFPropertyInfoImpl@amf@@QAE@PB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22W4AMF_PROPERTY_ACCESS_TYPE@1@PBUAMFEnumDescriptionEntry@1@@Z
??0AMFPropertyInfoImpl@amf@@QAE@PB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22_NPBUAMFEnumDescriptionEntry@1@@Z
??0AMFPropertyInfoImpl@amf@@QAE@XZ
??0AMFPropertyStorageEx@amf@@QAE@XZ
??0AMFPropertyStorageExImpl@amf@@QAE@XZ
??0AMFPropertyStorageImpl@amf@@QAE@XZ
??0AMFSemaphore@amf@@QAE@JJPB_W@Z
??0AMFSurfaceEx@amf@@QAE@XZ
??0AMFSyncBase@amf@@QAE@ABV01@@Z
??0AMFSyncBase@amf@@QAE@XZ
??0AMFThread@amf@@QAE@XZ
??1?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@MAE@XZ
??1?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UAE@XZ
??1AMFCriticalSection@amf@@UAE@XZ
??1AMFDumpImpl@amf@@UAE@XZ
??1AMFEvent@amf@@UAE@XZ
??1AMFIOCapsImpl@amf@@UAE@XZ
??1AMFLock@amf@@QAE@XZ
??1AMFMutex@amf@@UAE@XZ
??1AMFPropertyInfoImpl@amf@@UAE@XZ
??1AMFPropertyStorageEx@amf@@UAE@XZ
??1AMFPropertyStorageExImpl@amf@@UAE@XZ
??1AMFPropertyStorageImpl@amf@@UAE@XZ
??1AMFSemaphore@amf@@UAE@XZ
??1AMFSurfaceEx@amf@@UAE@XZ
??1AMFSyncBase@amf@@UAE@XZ
??1AMFThread@amf@@UAE@XZ
??4AMFPropertyInfoImpl@amf@@QAEAAV01@ABV01@@Z
??4AMFSyncBase@amf@@QAEAAV01@ABV01@@Z
??_7?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@6BAMFIOCaps@1@@
??_7?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@6BAMFInterface@1@@
??_7?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@6B@
??_7AMFCriticalSection@amf@@6B@
??_7AMFDumpImpl@amf@@6B@
??_7AMFDumpImpl@amf@@6BAMFDump@1@@
??_7AMFDumpImpl@amf@@6BAMFInterface@1@@
??_7AMFEvent@amf@@6B@
??_7AMFIOCapsImpl@amf@@6BAMFIOCaps@1@@
??_7AMFIOCapsImpl@amf@@6BAMFInterface@1@@
??_7AMFMutex@amf@@6B@
??_7AMFPropertyInfoImpl@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageEx@amf@@6BAMFPropertyStorage@1@@
??_7AMFPropertyStorageExImpl@amf@@6B?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFPropertyStorage@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFPropertyStorageEx@1@@
??_7AMFPropertyStorageImpl@amf@@6B@
??_7AMFPropertyStorageImpl@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageImpl@amf@@6BAMFPropertyStorage@1@@
??_7AMFSemaphore@amf@@6B@
??_7AMFSurfaceEx@amf@@6B@
??_7AMFSurfaceEx@amf@@6BAMFData@1@@
??_7AMFSurfaceEx@amf@@6BAMFInterface@1@@
??_7AMFSurfaceEx@amf@@6BAMFPropertyStorage@1@@
??_7AMFSurfaceEx@amf@@6BAMFSurface@1@@
??_7AMFSyncBase@amf@@6B@
??_7AMFThread@amf@@6B@
??_8?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@7B@
??_8AMFDumpImpl@amf@@7B01@@
??_8AMFDumpImpl@amf@@7BAMFDump@1@@
??_8AMFIOCapsImpl@amf@@7B@
??_8AMFPropertyStorageEx@amf@@7B01@@
??_8AMFPropertyStorageEx@amf@@7BAMFPropertyStorage@1@@
??_8AMFPropertyStorageExImpl@amf@@7B@
??_8AMFPropertyStorageExImpl@amf@@7BAMFPropertyStorage@1@@
??_8AMFPropertyStorageExImpl@amf@@7BAMFPropertyStorageEx@1@@
??_8AMFPropertyStorageImpl@amf@@7B01@@
??_8AMFPropertyStorageImpl@amf@@7BAMFPropertyStorage@1@@
??_8AMFSurfaceEx@amf@@7B01@@
??_8AMFSurfaceEx@amf@@7BAMFData@1@@
??_8AMFSurfaceEx@amf@@7BAMFPropertyStorage@1@@
??_8AMFSurfaceEx@amf@@7BAMFSurface@1@@
??_D?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@IAEXXZ
??_DAMFDumpImpl@amf@@QAEXXZ
??_DAMFIOCapsImpl@amf@@QAEXXZ
??_DAMFPropertyStorageEx@amf@@QAEXXZ
??_DAMFPropertyStorageExImpl@amf@@QAEXXZ
??_DAMFPropertyStorageImpl@amf@@QAEXXZ
??_DAMFSurfaceEx@amf@@QAEXXZ
??_FAMFEvent@amf@@QAEXXZ
??_FAMFMutex@amf@@QAEXXZ
?AMFCreateMemoryDataStream@amf@@YG?AW4AMF_RESULT@@W4AMF_STREAM_OPEN@1@W4AMF_FILE_SHARE@1@PAPAVAMFDataStream@1@@Z
?AMFCreateRenderTargetSurfacePool@amf@@YG?AW4AMF_RESULT@@W4AMF_SURFACE_FORMAT@1@HHW4AMF_MEMORY_TYPE@1@1PAVAMFContextEx@1@PAPAVAMFSurfacePool@1@@Z
?AMFGetCodecIDName@amf@@YGQB_WW4AMF_CODEC_ID@1@@Z
?AMFGetMemoryTypeByName@amf@@YG?AW4AMF_MEMORY_TYPE@1@PB_W@Z
?AMFGetMemoryTypeName@amf@@YGQB_WW4AMF_MEMORY_TYPE@1@@Z
?AMFGetResultText@amf@@YGPB_WW4AMF_RESULT@@@Z
?AMFOpenDataStream@amf@@YG?AW4AMF_RESULT@@PB_WW4AMF_STREAM_OPEN@1@W4AMF_FILE_SHARE@1@PAPAVAMFDataStream@1@@Z
?AMFSharedHandleGUID@amf@@3U_GUID@@A
?AMFSurfaceGetComponentCount@amf@@YGIW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetComponentDescription@amf@@YGPBUAMFSurfaceComponentDesc@1@W4AMF_SURFACE_FORMAT@1@W4AMF_SURFACE_COMPONENT_ENUM@1@@Z
?AMFSurfaceGetFormatByName@amf@@YG?AW4AMF_SURFACE_FORMAT@1@PB_W@Z
?AMFSurfaceGetFormatDescription@amf@@YGPBUAMFSurfaceFormatDescription@1@W4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetFormatName@amf@@YGPB_WW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetNumberOfPlanes@amf@@YGIW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetPlaneHPitch@amf@@YGHW4AMF_SURFACE_FORMAT@1@HI@Z
?AMFSurfaceGetPlaneHeight@amf@@YGHW4AMF_SURFACE_FORMAT@1@HI@Z
?AMFSurfaceGetPlaneIndex@amf@@YGIW4AMF_SURFACE_FORMAT@1@W4AMF_PLANE_TYPE@1@@Z
?AMFSurfaceGetPlanePixelSizeInBytes@amf@@YGHW4AMF_SURFACE_FORMAT@1@I@Z
?AMFSurfaceGetPlaneSubsamplingRegion@amf@@YGXW4AMF_SURFACE_FORMAT@1@IPAH1@Z
?AMFSurfaceGetPlaneType@amf@@YG?AW4AMF_PLANE_TYPE@1@W4AMF_SURFACE_FORMAT@1@I@Z
?AMFSurfaceGetPlaneWidth@amf@@YGHW4AMF_SURFACE_FORMAT@1@HI@Z
?AMFTextureArrayIndexGUID@amf@@YGABU_GUID@@XZ
?AMF_SAMPLE_FORMAT_ENUM_DESCRIPTION@amf@@3QBUAMFEnumDescriptionEntry@1@B
?AMF_SURFACE_FORMAT_ENUM_DESCRIPTION@amf@@3QBUAMFEnumDescriptionEntry@1@B
?Acquire@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?AddObserver@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?AddTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?AddTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N1@Z
?Clear@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?Clear@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@XZ
?ClearObservers@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@IAGXXZ
?CopyTo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
?CopyTo@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PAVAMFPropertyStorage@2@_N@Z
?Create@AMFSemaphore@amf@@UAE_NJJPB_W@Z
?Dump@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PBXI@Z
?DumpBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFBuffer@2@@Z
?DumpData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFData@2@@Z
?DumpInput@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PBXI@Z
?DumpInputBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFBuffer@2@@Z
?DumpInputData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFData@2@@Z
?DumpInputSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFSurface@2@@Z
?DumpOutput@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PBXI@Z
?DumpOutputBuffer@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFBuffer@2@@Z
?DumpOutputData@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFData@2@@Z
?DumpOutputSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFSurface@2@@Z
?DumpSurface@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAVAMFDataStream@2@PAVAMFSurface@2@@Z
?EnableDump@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@PAPAVAMFDataStream@2@PB_W_N@Z
?EnableInputDump@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@_N@Z
?EnableOutputDump@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@_N@Z
?EnablePerSessionDump@AMFDumpImpl@amf@@UAEX_N@Z
?ExitThread@amf@@YAXXZ
?FormatToString@AMFDumpImpl@amf@@KA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?Get@AMFPerformanceMonitor@amf@@SGAAV12@XZ
?Get@AMFPerformanceMonitorLogger@amf@@SGAAV12@XZ
?Get@AMFProgramsCompute@amf@@SGAAV12@XZ
?GetDumpBasePath@AMFDumpImpl@amf@@UBEPB_WXZ
?GetDumpPath@AMFDumpImpl@amf@@IBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?GetFormatAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_SURFACE_FORMAT@2@PA_N@Z
?GetHeightRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
?GetMemoryTypeAt@AMFIOCapsImpl@amf@@UBG?AW4AMF_RESULT@@HPAW4AMF_MEMORY_TYPE@2@PA_N@Z
?GetNumOfFormats@AMFIOCapsImpl@amf@@UBGHXZ
?GetNumOfMemoryTypes@AMFIOCapsImpl@amf@@UBGHXZ
?GetPrivateProperty@AMFPropertyStorageExImpl@amf@@IBE?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?GetPropertiesInfoCount@AMFPropertyStorageExImpl@amf@@UBGIXZ
?GetProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?GetProperty@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAUAMFVariantStruct@2@@Z
?GetPropertyAt@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@IPA_WIPAUAMFVariantStruct@2@@Z
?GetPropertyAt@AMFPropertyStorageImpl@amf@@UBG?AW4AMF_RESULT@@IPA_WIPAUAMFVariantStruct@2@@Z
?GetPropertyCount@AMFPropertyStorageExImpl@amf@@UBGIXZ
?GetPropertyCount@AMFPropertyStorageImpl@amf@@UBGIXZ
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@IPAPBUAMFPropertyInfo@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WPAPBUAMFPropertyInfo@2@@Z
?GetVertAlign@AMFIOCapsImpl@amf@@UBGHXZ
?GetWidthRange@AMFIOCapsImpl@amf@@UBGXPAH0@Z
?HasPrivateProperty@AMFPropertyStorageExImpl@amf@@IBE_NPB_W@Z
?HasProperty@AMFPropertyStorageExImpl@amf@@UBG_NPB_W@Z
?HasProperty@AMFPropertyStorageImpl@amf@@UBG_NPB_W@Z
?IID@AMFPropertyStorageEx@amf@@SA?BUAMFGuid@2@XZ
?IID@AMFSurfaceEx@amf@@SA?BUAMFGuid@2@XZ
?Init@AMFPropertyInfoImpl@amf@@AAEXPB_W0W4AMF_VARIANT_TYPE@2@IUAMFVariantStruct@2@22W4AMF_PROPERTY_ACCESS_TYPE@2@PBUAMFEnumDescriptionEntry@2@@Z
?Init@AMFThread@amf@@UAE_NXZ
?IsInputDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?IsInterlacedSupported@AMFIOCapsImpl@amf@@UBG_NXZ
?IsLocked@AMFLock@amf@@QAE_NXZ
?IsOutputDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?IsPerSessionDumpEnabled@AMFDumpImpl@amf@@UBE_NXZ
?IsValid@AMFMutex@amf@@QAE_NXZ
?Lock@AMFCriticalSection@amf@@UAE_NK@Z
?Lock@AMFEvent@amf@@UAE_NK@Z
?Lock@AMFLock@amf@@QAE_NK@Z
?Lock@AMFMutex@amf@@UAE_NK@Z
?Lock@AMFSemaphore@amf@@UAE_NK@Z
?LockTimeout@AMFEvent@amf@@UAE_NK@Z
?NotifyObservers@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@IAGXP8AMFPropertyStorageObserver@2@AGXXZ@Z
?OnPropertyChanged@AMFPropertyStorageExImpl@amf@@UAGXPB_W@Z
?OnPropertyChanged@AMFPropertyStorageImpl@amf@@UAGXPB_W@Z
?PopulateMemoryTypes@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_MEMORY_TYPE@2@_N@Z
?PopulateSurfaceFormats@AMFIOCapsImpl@amf@@IAEXHPBW4AMF_SURFACE_FORMAT@2@_N@Z
?PreparePath@AMFDumpImpl@amf@@IAE_NXZ
?QueryInterface@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
?QueryInterface@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@ABUAMFGuid@2@PAPAX@Z
?RefCount@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?RegisterProperties@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PAVAMFPropertyInfoImpl@2@I@Z
?Release@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UAGJXZ
?RemoveObserver@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?RemoveObserver@AMFPropertyStorageExImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?RemoveObserver@AMFPropertyStorageImpl@amf@@UAGXPAVAMFPropertyStorageObserver@2@@Z
?RequestStop@AMFThread@amf@@UAE_NXZ
?ResetEvent@AMFEvent@amf@@QAE_NXZ
?SetAccessType@AMFPropertyStorageExImpl@amf@@IAE?AW4AMF_RESULT@@PB_WW4AMF_PROPERTY_ACCESS_TYPE@2@@Z
?SetDumpBasePath@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@PB_W@Z
?SetEvent@AMFEvent@amf@@QAE_NXZ
?SetFormat@AMFDumpImpl@amf@@MAE?AW4AMF_RESULT@@AAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WHHW4AMF_SURFACE_FORMAT@2@@Z
?SetInputFormat@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetInterlacedSupport@AMFIOCapsImpl@amf@@IAEX_N@Z
?SetOutputFormat@AMFDumpImpl@amf@@UAE?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetPrivateProperty@AMFPropertyStorageExImpl@amf@@IAE?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?SetProperty@AMFPropertyStorageExImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?SetProperty@AMFPropertyStorageImpl@amf@@UAG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@@Z
?SetResolution@AMFIOCapsImpl@amf@@IAEXHHHH@Z
?SetVertAlign@AMFIOCapsImpl@amf@@IAEXH@Z
?Start@AMFThread@amf@@UAE_NXZ
?StopRequested@AMFThread@amf@@UAE_NXZ
?Terminate@AMFThread@amf@@UAE_NXZ
?Unlock@AMFCriticalSection@amf@@UAE_NXZ
?Unlock@AMFEvent@amf@@UAE_NXZ
?Unlock@AMFLock@amf@@QAE_NXZ
?Unlock@AMFMutex@amf@@UAE_NXZ
?Unlock@AMFSemaphore@amf@@UAE_NXZ
?ValidateProperty@AMFPropertyStorageExImpl@amf@@UBG?AW4AMF_RESULT@@PB_WUAMFVariantStruct@2@PAU42@@Z
?WaitForStop@AMFThread@amf@@UAE_NXZ
?amf_convert_path_to_os_accepted_path@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV23@@Z
?amf_convert_path_to_url_accepted_path@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV23@@Z
?amf_delete_dir@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@_N@Z
?amf_delete_file@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_dir_exists@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_enumerate_directory@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AAV?$amf_vector@Uamf_file_item_descriptor@amf@@@1@@Z
?amf_file_stat@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PAU_stat64@@@Z
?amf_from_hex_string_to_string@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV23@@Z
?amf_from_multibyte_to_unicode@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_from_string_to_hex_string@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV23@@Z
?amf_from_unicode_to_multibyte@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@@Z
?amf_from_unicode_to_url_utf8@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@_N@Z
?amf_from_unicode_to_utf8@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@@Z
?amf_from_url_utf8_to_unicode@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_from_utf8_to_unicode@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_get_application_data_path@amf@@YG_NPA_WI@Z
?amf_get_canonic_path@amf@@YG_NPB_WPA_W@Z
?amf_get_current_folder@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_current_path@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_process_folder@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_process_path@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_relative_path_to@amf@@YG_NPB_W0PA_W@Z
?amf_get_sample_format_name@amf@@YGQB_WW4AMF_AUDIO_FORMAT@1@@Z
?amf_make_dir@amf@@YG_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_path_fix_os_slashes@amf@@YGXPA_W@Z
?amf_path_is_absolute@amf@@YG_NPB_W@Z
?amf_string_ci_compare@amf@@YGHABV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@0@Z
?amf_string_ci_compare@amf@@YGHABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0@Z
?amf_string_ci_find@amf@@YGIABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0I@Z
?amf_string_ci_rfind@amf@@YGIABV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0I@Z
?amf_string_format@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@PBDZZ
?amf_string_format@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WZZ
?amf_string_formatVA@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@PBDPAD@Z
?amf_string_formatVA@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PB_WPAD@Z
?amf_string_to_lower@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV23@@Z
?amf_string_to_lower@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV23@@Z
?amf_string_to_upper@amf@@YG?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@ABV23@@Z
?amf_string_to_upper@amf@@YG?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@ABV23@@Z
?m_StartTime@AMFDumpImpl@amf@@0V?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@A
?ms_csMaps@AMFPropertyStorageExImpl@amf@@1VAMFCriticalSection@2@A
AMFAssertsEnable
AMFAssertsEnabled
AMFCreateCapsManager
AMFCreateComponent
AMFCreateContext
AMFDebugGetEventsCount
AMFDebugHitEvent
AMFEnablePerformanceMonitor
AMFEnumerateVideoAdapters
AMFGetCacheFolder
AMFOptimizeComponent
AMFPerformanceMonitorEnabled
AMFSetCacheFolder
AMFTestEvent
AMFTestEventRegisterObserver
AMFTestEventUnregisterObserver
AMFTraceEnableAsync
AMFTraceEnableWriter
AMFTraceEnterScope
AMFTraceExitScope
AMFTraceFlush
AMFTraceGetGlobalLevel
AMFTraceGetPath
AMFTraceGetWriterLevel
AMFTraceGetWriterLevelForScope
AMFTraceRegisterWriter
AMFTraceSetGlobalLevel
AMFTraceSetPath
AMFTraceSetWriterLevel
AMFTraceSetWriterLevelForScope
AMFTraceUnregisterWriter
AMFTraceW
AMFTraceWriterEnabled
AMFVariantAssignBool
AMFVariantAssignColor
AMFVariantAssignDouble
AMFVariantAssignInt64
AMFVariantAssignInterface
AMFVariantAssignPoint
AMFVariantAssignRate
AMFVariantAssignRatio
AMFVariantAssignRect
AMFVariantAssignSize
AMFVariantAssignString
AMFVariantAssignWString
AMFVariantChangeType
AMFVariantClear
AMFVariantCompare
AMFVariantCopy
AMFVariantDuplicateString
AMFVariantDuplicateWString
AMFVariantFreeString
AMFVariantFreeWString
AMFVariantInit
_amf_aligned_alloc@8
_amf_aligned_free@4
_amf_alloc@4
_amf_atomic_dec@4
_amf_atomic_inc@4
_amf_clock@0
_amf_create_critical_section@0
_amf_create_event@12
_amf_create_mutex@8
_amf_create_semaphore@12
_amf_debug_trace@4
_amf_delete_critical_section@4
_amf_delete_event@4
_amf_delete_mutex@4
_amf_delete_semaphore@4
_amf_enter_critical_section@4
_amf_file_open@8
_amf_free@4
_amf_free_library@4
_amf_get_current_utc_time@0
_amf_get_proc_address@8
_amf_high_precision_clock@0
_amf_increase_timer_precision@0
_amf_leave_critical_section@4
_amf_load_library@4
_amf_open_mutex@4
_amf_release_mutex@4
_amf_release_semaphore@12
_amf_reset_event@4
_amf_set_event@4
_amf_sleep@4
_amf_virtual_alloc@4
_amf_virtual_free@4
_amf_wait_for_event@8
_amf_wait_for_event_timeout@8
_amf_wait_for_mutex@8
_amf_wait_for_semaphore@8
_get_current_thread_id@0
_get_time_in_seconds_with_fraction@0
amf_get_os_version

Sections

.text
Size: 433KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
amf-core-windesktop64.dll
.dll windows:5 windows x64 arch:x64

acebbeddf7526b925291a4da4aa03192

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\dev\mmsdk\MediaSDK-1.1.25\bin\msvs10\Release\win64\amf-core-windesktop64.pdb

Imports

kernel32

VerSetConditionMask
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
CreateMutexW
OpenMutexW
ReleaseMutex
CreateSemaphoreW
ReleaseSemaphore
Sleep
VirtualAlloc
VirtualFree
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
VerifyVersionInfoW
OutputDebugStringW
LoadLibraryW
GetProcAddress
FreeLibrary
DeleteFileW
CreateDirectoryW
GetCurrentDirectoryW
RemoveDirectoryW
GetCurrentProcessId
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetVersionExW
GetLocalTime
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
GetCurrentThreadId
GetModuleFileNameW
GetSystemTimeAsFileTime

user32

ReleaseDC
GetClientRect
GetDC
GetDesktopWindow

gdi32

ChoosePixelFormat
SetPixelFormat
CreateDCW
SwapBuffers
DeleteDC

msvcp100

?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QEAA@H@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?toupper@?$ctype@D@std@@QEBADD@Z
?toupper@?$ctype@_W@std@@QEBA_W_W@Z
_Getcoll
??0facet@locale@std@@IEAA@_K@Z
_Wcscoll
_Wcsxfrm
??1facet@locale@std@@UEAA@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?id@?$collate@_W@std@@2V0locale@2@A
??1_Lockit@std@@QEAA@XZ
?_Decref@facet@locale@std@@QEAAPEAV123@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Incref@facet@locale@std@@QEAAXXZ
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bid@locale@std@@QEAA_KXZ

msvcr100

??1exception@std@@UEAA@XZ
??0exception@std@@QEAA@AEBV01@@Z
memcmp
memchr
_close
_read
_write
_lseeki64
?what@exception@std@@UEBAPEBDXZ
_wsopen
_localtime64
_time64
fclose
fputws
__iob_func
fwrite
fflush
_beginthread
strstr
memset
_vsnprintf_s
sprintf
??0bad_cast@std@@QEAA@PEBD@Z
??1bad_cast@std@@UEAA@XZ
??0bad_cast@std@@QEAA@AEBV01@@Z
??0exception@std@@QEAA@AEBQEBD@Z
wcstombs
mbstowcs
sscanf
_snprintf
strtol
_vsnwprintf
_vscwprintf
_vscprintf
_endthread
_vswprintf_c_l
malloc
free
strncpy
wcsncpy
_wgetenv
wcsnlen
_wfopen
_aligned_malloc
_aligned_free
_ftime64
wcscpy_s
_wstat64
_findclose
_wfindnext64
_wfindfirst64
?terminate@@YAXXZ
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
_vsnprintf
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__CppXcptFilter
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__clean_type_info_names_internal
memmove
memcpy
_CxxThrowException
??2@YAPEAX_K@Z
__CxxFrameHandler3
??_V@YAXPEAX@Z
_purecall
??3@YAXPEAX@Z
_configthreadlocale
_telli64

d3d11

D3D11CreateDevice

d3d9

Direct3DCreate9Ex

opengl32

glBindTexture
glGenTextures
glGetIntegerv
glGetTexImage
wglMakeCurrent
wglGetCurrentDC
wglGetCurrentContext
glGetTexLevelParameteriv
wglCreateContext
glTexImage2D
glGetError
glTexParameteri
glDeleteTextures
wglDeleteContext

glu32

gluErrorString

dxgi

CreateDXGIFactory

Exports

Exports

??0?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@QEAA@XZ
??0?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@QEAA@XZ
??0AMFCriticalSection@amf@@QEAA@XZ
??0AMFDumpImpl@amf@@IEAA@XZ
??0AMFEvent@amf@@QEAA@_N0PEB_W@Z
??0AMFIOCapsImpl@amf@@IEAA@HHHHH_NHPEBW4AMF_SURFACE_FORMAT@1@H1HPEBW4AMF_MEMORY_TYPE@1@H2@Z
??0AMFIOCapsImpl@amf@@IEAA@XZ
??0AMFLock@amf@@QEAA@PEAVAMFSyncBase@1@K@Z
??0AMFMutex@amf@@QEAA@_NPEB_W0@Z
??0AMFPropertyInfoImpl@amf@@QEAA@AEBV01@@Z
??0AMFPropertyInfoImpl@amf@@QEAA@PEB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22W4AMF_PROPERTY_ACCESS_TYPE@1@PEBUAMFEnumDescriptionEntry@1@@Z
??0AMFPropertyInfoImpl@amf@@QEAA@PEB_W0W4AMF_VARIANT_TYPE@1@IUAMFVariantStruct@1@22_NPEBUAMFEnumDescriptionEntry@1@@Z
??0AMFPropertyInfoImpl@amf@@QEAA@XZ
??0AMFPropertyStorageEx@amf@@QEAA@XZ
??0AMFPropertyStorageExImpl@amf@@QEAA@XZ
??0AMFPropertyStorageImpl@amf@@QEAA@XZ
??0AMFSemaphore@amf@@QEAA@JJPEB_W@Z
??0AMFSurfaceEx@amf@@QEAA@XZ
??0AMFSyncBase@amf@@QEAA@AEBV01@@Z
??0AMFSyncBase@amf@@QEAA@XZ
??0AMFThread@amf@@QEAA@XZ
??1?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@MEAA@XZ
??1?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UEAA@XZ
??1AMFCriticalSection@amf@@UEAA@XZ
??1AMFDumpImpl@amf@@UEAA@XZ
??1AMFEvent@amf@@UEAA@XZ
??1AMFIOCapsImpl@amf@@UEAA@XZ
??1AMFLock@amf@@QEAA@XZ
??1AMFMutex@amf@@UEAA@XZ
??1AMFPropertyInfoImpl@amf@@UEAA@XZ
??1AMFPropertyStorageEx@amf@@UEAA@XZ
??1AMFPropertyStorageExImpl@amf@@UEAA@XZ
??1AMFPropertyStorageImpl@amf@@UEAA@XZ
??1AMFSemaphore@amf@@UEAA@XZ
??1AMFSurfaceEx@amf@@UEAA@XZ
??1AMFSyncBase@amf@@UEAA@XZ
??1AMFThread@amf@@UEAA@XZ
??4AMFPropertyInfoImpl@amf@@QEAAAEAV01@AEBV01@@Z
??4AMFSyncBase@amf@@QEAAAEAV01@AEBV01@@Z
??_7?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@6BAMFIOCaps@1@@
??_7?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@6BAMFInterface@1@@
??_7?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@6B@
??_7AMFCriticalSection@amf@@6B@
??_7AMFDumpImpl@amf@@6B@
??_7AMFDumpImpl@amf@@6BAMFDump@1@@
??_7AMFDumpImpl@amf@@6BAMFInterface@1@@
??_7AMFEvent@amf@@6B@
??_7AMFIOCapsImpl@amf@@6BAMFIOCaps@1@@
??_7AMFIOCapsImpl@amf@@6BAMFInterface@1@@
??_7AMFMutex@amf@@6B@
??_7AMFPropertyInfoImpl@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6B@
??_7AMFPropertyStorageEx@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageEx@amf@@6BAMFPropertyStorage@1@@
??_7AMFPropertyStorageExImpl@amf@@6B?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFPropertyStorage@1@@
??_7AMFPropertyStorageExImpl@amf@@6BAMFPropertyStorageEx@1@@
??_7AMFPropertyStorageImpl@amf@@6B@
??_7AMFPropertyStorageImpl@amf@@6BAMFInterface@1@@
??_7AMFPropertyStorageImpl@amf@@6BAMFPropertyStorage@1@@
??_7AMFSemaphore@amf@@6B@
??_7AMFSurfaceEx@amf@@6B@
??_7AMFSurfaceEx@amf@@6BAMFData@1@@
??_7AMFSurfaceEx@amf@@6BAMFInterface@1@@
??_7AMFSurfaceEx@amf@@6BAMFPropertyStorage@1@@
??_7AMFSurfaceEx@amf@@6BAMFSurface@1@@
??_7AMFSyncBase@amf@@6B@
??_7AMFThread@amf@@6B@
??_8?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@7B@
??_8AMFDumpImpl@amf@@7B01@@
??_8AMFDumpImpl@amf@@7BAMFDump@1@@
??_8AMFIOCapsImpl@amf@@7B@
??_8AMFPropertyStorageEx@amf@@7B01@@
??_8AMFPropertyStorageEx@amf@@7BAMFPropertyStorage@1@@
??_8AMFPropertyStorageExImpl@amf@@7B@
??_8AMFPropertyStorageExImpl@amf@@7BAMFPropertyStorage@1@@
??_8AMFPropertyStorageExImpl@amf@@7BAMFPropertyStorageEx@1@@
??_8AMFPropertyStorageImpl@amf@@7B01@@
??_8AMFPropertyStorageImpl@amf@@7BAMFPropertyStorage@1@@
??_8AMFSurfaceEx@amf@@7B01@@
??_8AMFSurfaceEx@amf@@7BAMFData@1@@
??_8AMFSurfaceEx@amf@@7BAMFPropertyStorage@1@@
??_8AMFSurfaceEx@amf@@7BAMFSurface@1@@
??_D?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@IEAAXXZ
??_DAMFDumpImpl@amf@@QEAAXXZ
??_DAMFIOCapsImpl@amf@@QEAAXXZ
??_DAMFPropertyStorageEx@amf@@QEAAXXZ
??_DAMFPropertyStorageExImpl@amf@@QEAAXXZ
??_DAMFPropertyStorageImpl@amf@@QEAAXXZ
??_DAMFSurfaceEx@amf@@QEAAXXZ
??_FAMFEvent@amf@@QEAAXXZ
??_FAMFMutex@amf@@QEAAXXZ
?AMFCreateMemoryDataStream@amf@@YA?AW4AMF_RESULT@@W4AMF_STREAM_OPEN@1@W4AMF_FILE_SHARE@1@PEAPEAVAMFDataStream@1@@Z
?AMFCreateRenderTargetSurfacePool@amf@@YA?AW4AMF_RESULT@@W4AMF_SURFACE_FORMAT@1@HHW4AMF_MEMORY_TYPE@1@1PEAVAMFContextEx@1@PEAPEAVAMFSurfacePool@1@@Z
?AMFGetCodecIDName@amf@@YAQEB_WW4AMF_CODEC_ID@1@@Z
?AMFGetMemoryTypeByName@amf@@YA?AW4AMF_MEMORY_TYPE@1@PEB_W@Z
?AMFGetMemoryTypeName@amf@@YAQEB_WW4AMF_MEMORY_TYPE@1@@Z
?AMFGetResultText@amf@@YAPEB_WW4AMF_RESULT@@@Z
?AMFOpenDataStream@amf@@YA?AW4AMF_RESULT@@PEB_WW4AMF_STREAM_OPEN@1@W4AMF_FILE_SHARE@1@PEAPEAVAMFDataStream@1@@Z
?AMFSharedHandleGUID@amf@@3U_GUID@@A
?AMFSurfaceGetComponentCount@amf@@YA_KW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetComponentDescription@amf@@YAPEBUAMFSurfaceComponentDesc@1@W4AMF_SURFACE_FORMAT@1@W4AMF_SURFACE_COMPONENT_ENUM@1@@Z
?AMFSurfaceGetFormatByName@amf@@YA?AW4AMF_SURFACE_FORMAT@1@PEB_W@Z
?AMFSurfaceGetFormatDescription@amf@@YAPEBUAMFSurfaceFormatDescription@1@W4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetFormatName@amf@@YAPEB_WW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetNumberOfPlanes@amf@@YA_KW4AMF_SURFACE_FORMAT@1@@Z
?AMFSurfaceGetPlaneHPitch@amf@@YAHW4AMF_SURFACE_FORMAT@1@H_K@Z
?AMFSurfaceGetPlaneHeight@amf@@YAHW4AMF_SURFACE_FORMAT@1@H_K@Z
?AMFSurfaceGetPlaneIndex@amf@@YA_KW4AMF_SURFACE_FORMAT@1@W4AMF_PLANE_TYPE@1@@Z
?AMFSurfaceGetPlanePixelSizeInBytes@amf@@YAHW4AMF_SURFACE_FORMAT@1@_K@Z
?AMFSurfaceGetPlaneSubsamplingRegion@amf@@YAXW4AMF_SURFACE_FORMAT@1@_KPEAH2@Z
?AMFSurfaceGetPlaneType@amf@@YA?AW4AMF_PLANE_TYPE@1@W4AMF_SURFACE_FORMAT@1@_K@Z
?AMFSurfaceGetPlaneWidth@amf@@YAHW4AMF_SURFACE_FORMAT@1@H_K@Z
?AMFTextureArrayIndexGUID@amf@@YAAEBU_GUID@@XZ
?AMF_SAMPLE_FORMAT_ENUM_DESCRIPTION@amf@@3QBUAMFEnumDescriptionEntry@1@B
?AMF_SURFACE_FORMAT_ENUM_DESCRIPTION@amf@@3QBUAMFEnumDescriptionEntry@1@B
?Acquire@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?AddObserver@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageExImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?AddObserver@AMFPropertyStorageImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?AddTo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N1@Z
?AddTo@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N1@Z
?Clear@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@XZ
?Clear@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@XZ
?ClearObservers@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@IEAAXXZ
?CopyTo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N@Z
?CopyTo@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEAVAMFPropertyStorage@2@_N@Z
?Create@AMFSemaphore@amf@@UEAA_NJJPEB_W@Z
?Dump@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEBX_K@Z
?DumpBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFBuffer@2@@Z
?DumpData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFData@2@@Z
?DumpInput@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEBX_K@Z
?DumpInputBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFBuffer@2@@Z
?DumpInputData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFData@2@@Z
?DumpInputSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFSurface@2@@Z
?DumpOutput@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEBX_K@Z
?DumpOutputBuffer@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFBuffer@2@@Z
?DumpOutputData@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFData@2@@Z
?DumpOutputSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFSurface@2@@Z
?DumpSurface@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAVAMFDataStream@2@PEAVAMFSurface@2@@Z
?EnableDump@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@PEAPEAVAMFDataStream@2@PEB_W_N@Z
?EnableInputDump@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@_N@Z
?EnableOutputDump@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@_N@Z
?EnablePerSessionDump@AMFDumpImpl@amf@@UEAAX_N@Z
?ExitThread@amf@@YAXXZ
?FormatToString@AMFDumpImpl@amf@@KA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?Get@AMFPerformanceMonitor@amf@@SAAEAV12@XZ
?Get@AMFPerformanceMonitorLogger@amf@@SAAEAV12@XZ
?Get@AMFProgramsCompute@amf@@SAAEAV12@XZ
?GetDumpBasePath@AMFDumpImpl@amf@@UEBAPEB_WXZ
?GetDumpPath@AMFDumpImpl@amf@@IEBA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?GetFormatAt@AMFIOCapsImpl@amf@@UEBA?AW4AMF_RESULT@@HPEAW4AMF_SURFACE_FORMAT@2@PEA_N@Z
?GetHeightRange@AMFIOCapsImpl@amf@@UEBAXPEAH0@Z
?GetMemoryTypeAt@AMFIOCapsImpl@amf@@UEBA?AW4AMF_RESULT@@HPEAW4AMF_MEMORY_TYPE@2@PEA_N@Z
?GetNumOfFormats@AMFIOCapsImpl@amf@@UEBAHXZ
?GetNumOfMemoryTypes@AMFIOCapsImpl@amf@@UEBAHXZ
?GetPrivateProperty@AMFPropertyStorageExImpl@amf@@IEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
?GetPropertiesInfoCount@AMFPropertyStorageExImpl@amf@@UEBA_KXZ
?GetProperty@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
?GetProperty@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAUAMFVariantStruct@2@@Z
?GetPropertyAt@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEA_W0PEAUAMFVariantStruct@2@@Z
?GetPropertyAt@AMFPropertyStorageImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEA_W0PEAUAMFVariantStruct@2@@Z
?GetPropertyCount@AMFPropertyStorageExImpl@amf@@UEBA_KXZ
?GetPropertyCount@AMFPropertyStorageImpl@amf@@UEBA_KXZ
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WPEAPEBUAMFPropertyInfo@2@@Z
?GetPropertyInfo@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@_KPEAPEBUAMFPropertyInfo@2@@Z
?GetVertAlign@AMFIOCapsImpl@amf@@UEBAHXZ
?GetWidthRange@AMFIOCapsImpl@amf@@UEBAXPEAH0@Z
?HasPrivateProperty@AMFPropertyStorageExImpl@amf@@IEBA_NPEB_W@Z
?HasProperty@AMFPropertyStorageExImpl@amf@@UEBA_NPEB_W@Z
?HasProperty@AMFPropertyStorageImpl@amf@@UEBA_NPEB_W@Z
?IID@AMFPropertyStorageEx@amf@@SA?BUAMFGuid@2@XZ
?IID@AMFSurfaceEx@amf@@SA?BUAMFGuid@2@XZ
?Init@AMFPropertyInfoImpl@amf@@AEAAXPEB_W0W4AMF_VARIANT_TYPE@2@IUAMFVariantStruct@2@22W4AMF_PROPERTY_ACCESS_TYPE@2@PEBUAMFEnumDescriptionEntry@2@@Z
?Init@AMFThread@amf@@UEAA_NXZ
?IsInputDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?IsInterlacedSupported@AMFIOCapsImpl@amf@@UEBA_NXZ
?IsLocked@AMFLock@amf@@QEAA_NXZ
?IsOutputDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?IsPerSessionDumpEnabled@AMFDumpImpl@amf@@UEBA_NXZ
?IsValid@AMFMutex@amf@@QEAA_NXZ
?Lock@AMFCriticalSection@amf@@UEAA_NK@Z
?Lock@AMFEvent@amf@@UEAA_NK@Z
?Lock@AMFLock@amf@@QEAA_NK@Z
?Lock@AMFMutex@amf@@UEAA_NK@Z
?Lock@AMFSemaphore@amf@@UEAA_NK@Z
?LockTimeout@AMFEvent@amf@@UEAA_NK@Z
?NotifyObservers@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@IEAAXP8AMFPropertyStorageObserver@2@EAAXXZ@Z
?OnPropertyChanged@AMFPropertyStorageExImpl@amf@@UEAAXPEB_W@Z
?OnPropertyChanged@AMFPropertyStorageImpl@amf@@UEAAXPEB_W@Z
?PopulateMemoryTypes@AMFIOCapsImpl@amf@@IEAAXHPEBW4AMF_MEMORY_TYPE@2@_N@Z
?PopulateSurfaceFormats@AMFIOCapsImpl@amf@@IEAAXHPEBW4AMF_SURFACE_FORMAT@2@_N@Z
?PreparePath@AMFDumpImpl@amf@@IEAA_NXZ
?QueryInterface@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAA?AW4AMF_RESULT@@AEBUAMFGuid@2@PEAPEAX@Z
?QueryInterface@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@AEBUAMFGuid@2@PEAPEAX@Z
?RefCount@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?RegisterProperties@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@PEAVAMFPropertyInfoImpl@2@_K@Z
?Release@?$AMFInterfaceImpl@VAMFIOCaps@amf@@@amf@@UEAAJXZ
?RemoveObserver@?$AMFObservableImpl@VAMFPropertyStorageObserver@amf@@@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?RemoveObserver@AMFPropertyStorageExImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?RemoveObserver@AMFPropertyStorageImpl@amf@@UEAAXPEAVAMFPropertyStorageObserver@2@@Z
?RequestStop@AMFThread@amf@@UEAA_NXZ
?ResetEvent@AMFEvent@amf@@QEAA_NXZ
?SetAccessType@AMFPropertyStorageExImpl@amf@@IEAA?AW4AMF_RESULT@@PEB_WW4AMF_PROPERTY_ACCESS_TYPE@2@@Z
?SetDumpBasePath@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_W@Z
?SetEvent@AMFEvent@amf@@QEAA_NXZ
?SetFormat@AMFDumpImpl@amf@@MEAA?AW4AMF_RESULT@@AEAV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WHHW4AMF_SURFACE_FORMAT@2@@Z
?SetInputFormat@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetInterlacedSupport@AMFIOCapsImpl@amf@@IEAAX_N@Z
?SetOutputFormat@AMFDumpImpl@amf@@UEAA?AW4AMF_RESULT@@HHW4AMF_SURFACE_FORMAT@2@@Z
?SetPrivateProperty@AMFPropertyStorageExImpl@amf@@IEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
?SetProperty@AMFPropertyStorageExImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
?SetProperty@AMFPropertyStorageImpl@amf@@UEAA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@@Z
?SetResolution@AMFIOCapsImpl@amf@@IEAAXHHHH@Z
?SetVertAlign@AMFIOCapsImpl@amf@@IEAAXH@Z
?Start@AMFThread@amf@@UEAA_NXZ
?StopRequested@AMFThread@amf@@UEAA_NXZ
?Terminate@AMFThread@amf@@UEAA_NXZ
?Unlock@AMFCriticalSection@amf@@UEAA_NXZ
?Unlock@AMFEvent@amf@@UEAA_NXZ
?Unlock@AMFLock@amf@@QEAA_NXZ
?Unlock@AMFMutex@amf@@UEAA_NXZ
?Unlock@AMFSemaphore@amf@@UEAA_NXZ
?ValidateProperty@AMFPropertyStorageExImpl@amf@@UEBA?AW4AMF_RESULT@@PEB_WUAMFVariantStruct@2@PEAU42@@Z
?WaitForStop@AMFThread@amf@@UEAA_NXZ
?amf_convert_path_to_os_accepted_path@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV23@@Z
?amf_convert_path_to_url_accepted_path@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV23@@Z
?amf_delete_dir@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@_N@Z
?amf_delete_file@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_dir_exists@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_enumerate_directory@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEAV?$amf_vector@Uamf_file_item_descriptor@amf@@@1@@Z
?amf_file_stat@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEAU_stat64@@@Z
?amf_from_hex_string_to_string@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV23@@Z
?amf_from_multibyte_to_unicode@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_from_string_to_hex_string@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV23@@Z
?amf_from_unicode_to_multibyte@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@@Z
?amf_from_unicode_to_url_utf8@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@_N@Z
?amf_from_unicode_to_utf8@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@3@@Z
?amf_from_url_utf8_to_unicode@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_from_utf8_to_unicode@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@3@@Z
?amf_get_application_data_path@amf@@YA_NPEA_W_K@Z
?amf_get_canonic_path@amf@@YA_NPEB_WPEA_W@Z
?amf_get_current_folder@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_current_path@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_process_folder@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_process_path@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@XZ
?amf_get_relative_path_to@amf@@YA_NPEB_W0PEA_W@Z
?amf_get_sample_format_name@amf@@YAQEB_WW4AMF_AUDIO_FORMAT@1@@Z
?amf_make_dir@amf@@YA_NAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@@Z
?amf_path_fix_os_slashes@amf@@YAXPEA_W@Z
?amf_path_is_absolute@amf@@YA_NPEB_W@Z
?amf_string_ci_compare@amf@@YAHAEBV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@0@Z
?amf_string_ci_compare@amf@@YAHAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0@Z
?amf_string_ci_find@amf@@YA_KAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0_K@Z
?amf_string_ci_rfind@amf@@YA_KAEBV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@0_K@Z
?amf_string_format@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@PEBDZZ
?amf_string_format@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WZZ
?amf_string_formatVA@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@PEBDPEAD@Z
?amf_string_formatVA@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@PEB_WPEAD@Z
?amf_string_to_lower@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV23@@Z
?amf_string_to_lower@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV23@@Z
?amf_string_to_upper@amf@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$amf_allocator@D@amf@@@std@@AEBV23@@Z
?amf_string_to_upper@amf@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@AEBV23@@Z
?m_StartTime@AMFDumpImpl@amf@@0V?$basic_string@_WU?$char_traits@_W@std@@V?$amf_allocator@_W@amf@@@std@@A
?ms_csMaps@AMFPropertyStorageExImpl@amf@@1VAMFCriticalSection@2@A
AMFAssertsEnable
AMFAssertsEnabled
AMFCreateCapsManager
AMFCreateComponent
AMFCreateContext
AMFDebugGetEventsCount
AMFDebugHitEvent
AMFEnablePerformanceMonitor
AMFEnumerateVideoAdapters
AMFGetCacheFolder
AMFOptimizeComponent
AMFPerformanceMonitorEnabled
AMFSetCacheFolder
AMFTestEvent
AMFTestEventRegisterObserver
AMFTestEventUnregisterObserver
AMFTraceEnableAsync
AMFTraceEnableWriter
AMFTraceEnterScope
AMFTraceExitScope
AMFTraceFlush
AMFTraceGetGlobalLevel
AMFTraceGetPath
AMFTraceGetWriterLevel
AMFTraceGetWriterLevelForScope
AMFTraceRegisterWriter
AMFTraceSetGlobalLevel
AMFTraceSetPath
AMFTraceSetWriterLevel
AMFTraceSetWriterLevelForScope
AMFTraceUnregisterWriter
AMFTraceW
AMFTraceWriterEnabled
AMFVariantAssignBool
AMFVariantAssignColor
AMFVariantAssignDouble
AMFVariantAssignInt64
AMFVariantAssignInterface
AMFVariantAssignPoint
AMFVariantAssignRate
AMFVariantAssignRatio
AMFVariantAssignRect
AMFVariantAssignSize
AMFVariantAssignString
AMFVariantAssignWString
AMFVariantChangeType
AMFVariantClear
AMFVariantCompare
AMFVariantCopy
AMFVariantDuplicateString
AMFVariantDuplicateWString
AMFVariantFreeString
AMFVariantFreeWString
AMFVariantInit
amf_aligned_alloc
amf_aligned_free
amf_alloc
amf_atomic_dec
amf_atomic_inc
amf_clock
amf_create_critical_section
amf_create_event
amf_create_mutex
amf_create_semaphore
amf_debug_trace
amf_delete_critical_section
amf_delete_event
amf_delete_mutex
amf_delete_semaphore
amf_enter_critical_section
amf_file_open
amf_free
amf_free_library
amf_get_current_utc_time
amf_get_os_version
amf_get_proc_address
amf_high_precision_clock
amf_increase_timer_precision
amf_leave_critical_section
amf_load_library
amf_open_mutex
amf_release_mutex
amf_release_semaphore
amf_reset_event
amf_set_event
amf_sleep
amf_virtual_alloc
amf_virtual_free
amf_wait_for_event
amf_wait_for_event_timeout
amf_wait_for_mutex
amf_wait_for_semaphore
get_current_thread_id
get_time_in_seconds_with_fraction

Sections

.text
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bandicam.ini
bdcam.dll
.dll windows:6 windows x86 arch:x86

8aa4e734b4be26aab588811049354144

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdcam.dll.pdb

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
TerminateProcess
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
VirtualProtect
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetLocalTime
FreeLibraryAndExitThread
CreateThread
Sleep
DisableThreadLibraryCalls
InitializeCriticalSectionEx
RaiseException
DecodePointer
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeW
GetFileType
GetStdHandle
GetACP
LCMapStringW
GetLastError
ExitProcess
GetModuleHandleExW
ExitThread
InterlockedFlushSList
RtlUnwind
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetSystemDirectoryW
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
ReleaseMutex
EncodePointer
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent

user32

FindWindowW
WindowFromDC
GetClientRect
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetWindowsHookExW
CallNextHookEx
PostMessageW
wsprintfW
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetParent
IsWindow
GetWindowLongW

gdi32

DeleteObject
CreateSolidBrush

advapi32

SystemFunction036
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdcam.exe
.exe windows:6 windows x86 arch:x86

10eb1b11a0fde69077eca26d0030773c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
VerSetConditionMask
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetDriveTypeW
ReadConsoleW
GetConsoleCP
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetACP
GetStdHandle
GetFileType
SetStdHandle
VirtualQuery
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
LoadLibraryExA
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
SearchPathW
GetProfileIntW
VerifyVersionInfoW
GetFileAttributesExW
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
FileTimeToLocalFileTime
InitializeCriticalSectionAndSpinCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
ResumeThread
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameW
lstrcmpA
GetThreadLocale
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GlobalDeleteAtom
GetModuleHandleA
FreeResource
EncodePointer
CopyFileW
FormatMessageW
DuplicateHandle
lstrcmpiW
WaitForMultipleObjects
GetThreadPriority
SwitchToThread
LoadLibraryExW
GetModuleHandleExW
SetErrorMode
DecodePointer
CreateThread
ReadDirectoryChangesW
SleepEx
CompareStringW
GetLocalTime
GetUserDefaultLCID
LCIDToLocaleName
GetSystemDefaultLangID
GetUserDefaultLangID
RaiseException
GetCurrentThreadId
InitializeCriticalSectionEx
CreateFileMappingW
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateMutexW
VirtualFree
VirtualAlloc
GlobalSize
GlobalUnlock
GlobalLock
FlushFileBuffers
ExitProcess
SetUnhandledExceptionFilter
ResetEvent
SetEvent
CreateEventW
GetWindowsDirectoryW
lstrlenA
GetTickCount64
FindResourceExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
MulDiv
QueryPerformanceFrequency
GetTickCount
QueryPerformanceCounter
lstrcmpW
WriteFile
SetThreadPriority
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
GetSystemInfo
TerminateProcess
OpenProcess
Process32NextW
GetCurrentProcessId
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
CreateProcessW
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
LocalFree
GetFileSizeEx
GetFileSize
GetFileAttributesW
DeleteFileW
GetTempFileNameW
GetTempPathW
GetCurrentDirectoryW
GetSystemDirectoryW
GetDiskFreeSpaceW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetCurrentThread
GetModuleHandleW
GetVolumeInformationW
SetLastError
FindClose
FindNextFileW
lstrcpyW
FindFirstFileW
lstrcpynW
SystemTimeToTzSpecificLocalTime
FreeLibrary
GetTimeZoneInformation
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
lstrlenW
CloseHandle
GetLastError
GetModuleFileNameW
GetProcAddress
FindResourceW
LoadResource
LockResource
SizeofResource
LoadLibraryW
GetConsoleMode
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetScrollRange
GetScrollPos
ScrollWindow
ValidateRect
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
IsChild
IsMenu
GetMessageTime
GetMessagePos
RemoveMenu
InsertMenuW
GetMenuState
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageW
UpdateLayeredWindow
InvalidateRgn
SetMenuDefaultItem
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetLayeredWindowAttributes
GetDesktopWindow
SetParent
EnableMenuItem
GetWindow
WindowFromPoint
FillRect
AppendMenuW
CreatePopupMenu
CheckMenuItem
DeleteMenu
CheckMenuRadioItem
DrawIconEx
LoadImageW
SetClassLongW
GetDoubleClickTime
GetAsyncKeyState
TranslateAcceleratorW
DrawIcon
IsIconic
LoadAcceleratorsW
LoadIconW
GetClassInfoW
EnumDisplayDevicesW
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
GetFocus
ShowScrollBar
RegisterClassW
TrackPopupMenuEx
DestroyMenu
LoadMenuW
TrackMouseEvent
UnionRect
SetTimer
KillTimer
SetWindowRgn
GetClassInfoExW
RegisterClassExW
UnregisterClassW
SetFocus
InflateRect
GetCursorPos
GetWindowDC
SetScrollInfo
SetScrollRange
SetScrollPos
CreateWindowExW
MapDialogRect
GetMessageW
ShowOwnedPopups
EndPaint
BeginPaint
SendDlgItemMessageA
GetKeyNameTextW
SendMessageW
GetSystemMetrics
GetSysColor
DefWindowProcW
GetKeyState
DestroyWindow
IsClipboardFormatAvailable
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IntersectRect
ShowWindow
CallWindowProcW
RemovePropW
IsWindowVisible
GetPropW
SetPropW
GetSubMenu
GetMenuItemInfoW
ModifyMenuW
GetMenuItemID
GetMenuStringW
GetMenuItemCount
EnumChildWindows
FindWindowExW
MapWindowPoints
SetWindowTextW
GetDlgCtrlID
AdjustWindowRectEx
GetTopWindow
GetLastActivePopup
GetScrollInfo
WinHelpW
MonitorFromWindow
CheckDlgButton
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
GetSysColorBrush
InvalidateRect
LoadBitmapW
DrawTextExW
GrayStringW
TabbedTextOutW
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetActiveWindow
CharUpperW
PostQuitMessage
IsWindowEnabled
SystemParametersInfoW
GetWindowRect
MonitorFromRect
GetMonitorInfoW
CopyRect
MonitorFromPoint
OffsetRect
EqualRect
MoveWindow
GetWindowLongW
SetWindowPos
ScreenToClient
ClientToScreen
PeekMessageW
TranslateMessage
DispatchMessageW
IsWindow
GetParent
GetWindowPlacement
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
RegisterWindowMessageW
DestroyIcon
DrawTextW
ExitWindowsEx
PostMessageW
wsprintfW
IsRectEmpty
GetClassNameW
GetClassLongW
SetRectEmpty
SetRect
EnableWindow
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
SetWindowLongW
MapVirtualKeyW
CopyImage
RealChildWindowFromPoint
LoadCursorW
SetCursor
CharNextW
CopyAcceleratorTableW
GetNextDlgGroupItem
MessageBeep
GetMenuDefaultItem
RegisterClipboardFormatW
DrawFocusRect
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
EnumDisplayMonitors
DrawStateW
DrawEdge
DrawFrameControl
IsZoomed
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
InsertMenuItemW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
CharUpperBuffW
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
SetWindowContextHelpId

gdi32

CopyMetaFileW
CreateBitmap
CreateHatchBrush
CreatePatternBrush
Escape
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
FillRgn
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetBkColor
GetTextColor
GetRgnBox
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
GetTextCharsetInfo
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
RoundRect
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
StretchDIBits
CreateRectRgnIndirect
SetStretchBltMode
CreateDCW
CreatePen
CreateSolidBrush
ExtCreateRegion
LineTo
MoveToEx
CombineRgn
OffsetRgn
CreateRectRgn
ExcludeClipRect
SetWindowOrgEx
StretchBlt
BitBlt
CreateDIBSection
GetDeviceCaps
CreateFontIndirectW
SelectObject
SetTextColor
SetBkMode
CreateCompatibleDC
DeleteDC
CreateFontW
DeleteObject
ExtTextOutW
SetBkColor
EnumFontFamiliesW
GetObjectW
GetStockObject
GetTextMetricsW
ScaleWindowExtEx
GetTextExtentPoint32W
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SystemFunction036
RegQueryValueW
RegEnumKeyW
RegEnumValueW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shell32

SHBrowseForFolderW
ord190
SHOpenFolderAndSelectItems
ord155
ShellExecuteW
Shell_NotifyIconW
ExtractIconExW
SHGetFileInfoW
SHAppBarMessage
DragFinish
DragQueryFileW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW

comctl32

InitCommonControlsEx

shlwapi

StrStrW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW
PathIsDirectoryW

uxtheme

IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
GetThemePartSize
GetThemeSysColor

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
CoCreateGuid
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
PropVariantClear
CoTaskMemFree
CoCreateInstance
OleSetContainedObject
CoUninitialize
CoLockObjectExternal
OleCreate

oleaut32

SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysStringLen
SysFreeString
VariantInit
VariantClear
SysAllocString
OleCreatePropertyFrame
VariantChangeType

oledlg

OleUIBusyW

urlmon

CoInternetCombineUrl

gdiplus

GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateFromHDC
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipDrawRectangleI
GdipDeleteGraphics
GdipSetSmoothingMode
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenStartCap
GdipSetPenEndCap
GdipDrawLineI

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

wininet

InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoW
InternetSetOptionW
InternetOpenW
InternetCanonicalizeUrlW
HttpSendRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetSetCookieW
HttpAddRequestHeadersW
InternetOpenUrlW

winmm

timeEndPeriod
timeBeginPeriod
timeKillEvent
PlaySoundW
timeSetEvent

msvfw32

ICGetInfo
ICInfo
ICOpen
ICSendMessage
ICClose

dsound

ord8

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Exports

Exports

�e��?�f�3m^h� Q��a��8�wV�xvj4ۤlZz�@�۟�{AoA��^�G�Ɏ�5Ł��5�As��ejZ;�J�' J��p�;˪2�cؿ�{��>sX��^<�c�K��|��-�]J�/O�� >3dLJ�g��!��ˣ=l{�6��HwS��M��*��N�z��f5�(l��P�:v��cE��\D�t]Ǭ��I�� -��9��E�Ӻ��5�� =+��E�~�\��^e0�I*��[пyV/V�ۉ-��K�P8��=��'|Fs�H�}�;9��<l��\y� )DZNpt�Z.�] �a��m-��@��o@ ��i��3͢��hfd��^��j�yK��Ȥ��}I `t:+!��.+){;�cɅN~-t?�*�3X!jԇOI��2 [��e�̀��ˈ�X�PA��G��%��OU]�1+��2��(�j�H�x��Ϝ��B��*�P��}��~��W��h$�V�vg�MM�� C#�Uye�#��C��I"�!tÑg�rv��,_�Fᴔ6%435��c_1�0��Gԯ�"qć��|�Ht�㰉� U��X%��cEL��J%�{�:�z��Ab]G5'QT��(��9y�7��c��5�,�;�g�u��W��Y��<"c��߆[�[x��p%ۖ��)c�j�5��1��n�M�e��N��&�8�;:�P��=��͹��˒G��t�0��Ô�#�}��)0u&5h�c�$@�CJ�0KTHK�� >&Hv5A�Z|H��cX��h/V�/7��ȱ��w�^]\3UAƮ�ݚxL��\�\��&��hia2�)Mk�Q��|�^:#��$�g� s�̕o��i��u��d�gzs��pG��r�w.�)^R ��M6��+J��i�o��GLjϐUjv9�Ɖ�b�O�}�Z��Q,��#X�G��i8��e"�!y��;��+�3��%��Q�g9�._йκC�{��5z'&XU�-e��M!��l��~��.�WEV��s��>��ϯ6�S�lmd��q)��*t��)��H�i�H� �y��N�U��ٴ��y��e��[��x��T��O�r�K�ve1=��Lz �S�h�Y`.�<[q�2�7��~Ck�P��!�la�so(�W+h�n;�8*+7��S�j��P&�D��L��T9;�j3��h�m\��V��ҍ�y��;��tE3%��͝0mXX!Ӿ(��SZ��pjGu�v�N��Z5��.ӵ �]��q��)@��v��:�6��P��n$��\�nV��ߤU�=�Ͳ��b�o�|li��"_��8��w�<�x#9{��Uj�`40F��/�*��)��=Rj�/�h��$��j��{$�y �z�1��3�o�z�uxGP��!-@.��ΥB7x��jÑ8��$on\ʤ��)\v�ۜ��q�� @=�S��/��g�I�}�@H�)4��j�Z��|fU�4ܼ*p��'5�� 0��oI��N��hjBӯE\��Ym��*ب��+To�R�"�#��:��W��h5�RPf?⼾:��%�y��#y�q�N{��f��v�̽��)(�&2�;��~5��_��Ŷ��EZOP�C�0�kM��c�Q�Np��dN�?l�[��,m$d��h7I^�y�x�1�d��;��+��θ�9��(�u�ci3�o�Y+e�� B8'� +ܹ�TDu�5o��~�Po�m�20^|f��'1j��.Uݏ�5j+Ϛ�兀�b:��CZ�8J[��m��ߞ�qy&/n�~OD�X��ɤ��X��U�芎5c�8��ˢ�Y��3��=H��r8+��+��Y��rZ��5@ٴ��1Ul��G:}�1�@��I�]$�-t�n~�ʟ��T�(�5�\Z�teq�h6 �CL2߈)�Pa�/��3!��ab}tS�>��=:��d�e8"��:�xr�#�f>��s��f��Z�G*a�8B~��}ѓljgC/��vjGD�RWJ��L�ƫE4�I�WUy��a߰ާ7��h��Ä��Ng��/5�gV<+�&��6��^<��O;�>v@vs`jfmP, �#¾HM� N�4ܙ- wX@��V��+��ɓ�9n =m��v,�k��&b��*�h��KDɊ)�B`�s��Gs��W�~g��h��̝�:�'��2ŭT?p��;�LA��pa�nRk��D�zj!�`o v9ڵD�5��6X�"p��{Q��f�8��I`��!Vl�u[?�ڪ��}��s,��3i��w��0§��O�N��G�� iq�:9��Rὄ?�AX�C�rmh�U��-��]"��U��?Qo1�Oظ��#4=<��W]*VvO�\}�"��#�h�7�S�8kQ��p(Y�q�8wۨ�9��Z�W~Wu[��К��7d��}��,BJ��< ��r͓�G��E��Dp��#զ��鑕|��L��m9��>Yew��A8��p"*`��U�~��y��;o��C-��N�3h7�� t�x�*��FD*�x�,;Q-�9��Bf颖P}тhV�B��`�Ċ��Ӯ��X�݊��r��{�3�� ܇��L>{=;�K�m�jU� ��o��@F�#��R�d��"��(A]�l�CW��o�9��o��k��V�hY��7|��3��6��A�>&��ñj`c�/`��!g��7c�o�៞��D�a�i~@��&��_'��e��L��"s� eZ�+�/�@�>Vͼ�H#��J�mg�k}X?_4��4/�"pl�e�/�0d�iQ�d�jsTό��m��#��5xx��f��

Sections

.text
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDISH
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BANDI1
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 587KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdcam64.bin
.exe windows:6 windows x64 arch:x64

3302bbff9943ec9a17f72a6a22f6b050

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

bdcam64

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

kernel32

GetStartupInfoW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
IsDebuggerPresent
GetACP
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
ExitProcess
RtlUnwindEx
RtlPcToFileHeader
InitializeSListHead
QueryPerformanceCounter
ResetEvent
GetLastError
CloseHandle
lstrlenW
OutputDebugStringW
OutputDebugStringA
CreateFileW
SetFilePointer
ReadFile
SizeofResource
LockResource
LoadResource
FindResourceW
GetFileTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
FindFirstFileW
lstrcpyW
FindNextFileW
FindClose
SetLastError
GetVolumeInformationW
GetModuleHandleW
GetProcAddress
LoadLibraryW
FreeLibrary
GetCurrentThread
GetCurrentProcess
GlobalAlloc
GlobalFree
GetModuleFileNameW
GetSystemDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetTempFileNameW
DeleteFileW
GetFileAttributesW
GetFileSize
GetFileSizeEx
LocalFree
CreateDirectoryW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
VirtualProtect
lstrcmpiW
DuplicateHandle
WriteFile
UnlockFile
WideCharToMultiByte
SetEndOfFile
LockFile
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GetModuleHandleExW
FreeResource
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
SetEvent
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
CopyFileW
FormatMessageW
GlobalUnlock
GlobalLock
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
GetUserDefaultLangID
GetTickCount
MulDiv
lstrcmpW
GetVersionExW
GetSystemInfo
TerminateProcess
GetCurrentProcessId
WaitForSingleObject
MultiByteToWideChar
WaitForSingleObjectEx
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

UpdateLayeredWindow
LockWindowUpdate
SetRect
DrawIcon
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowRgn
SetClassLongPtrW
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
NotifyWinEvent
InvertRect
HideCaret
EnableScrollBar
MessageBeep
GetIconInfo
DrawIconEx
DrawFocusRect
GetNextDlgGroupItem
SetParent
GetSystemMenu
UnionRect
MapVirtualKeyW
GetKeyNameTextW
TrackMouseEvent
ReuseDDElParam
UnpackDDElParam
LoadImageW
IntersectRect
InsertMenuItemW
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
MapDialogRect
GetAsyncKeyState
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
SendDlgItemMessageA
InflateRect
DestroyMenu
CharUpperW
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
InvalidateRect
KillTimer
GetComboBoxInfo
RealChildWindowFromPoint
DeleteMenu
CopyImage
GetDesktopWindow
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
GetSysColorBrush
IsDialogMessageW
CheckDlgButton
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetWindow
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
PtInRect
GetSysColor
AdjustWindowRectEx
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessageW
IsWindowVisible
GetClientRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgItem
IsIconic
EndDeferWindowPos
PostThreadMessageW
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetMenuDefaultItem
GetDoubleClickTime
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
DeferWindowPos
BeginDeferWindowPos
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
SetTimer
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetLastActivePopup
GetMessagePos
GetMessageTime
CallWindowProcW
GetClassInfoW
GetClassInfoExW
SendMessageW
CreateWindowExW
GetSystemMetrics
SystemParametersInfoW
GetWindowRect
GetMonitorInfoW
CopyRect
MonitorFromPoint
OffsetRect
EqualRect
MoveWindow
GetWindowLongW
SetWindowPos
ScreenToClient
ClientToScreen
PeekMessageW
TranslateMessage
DispatchMessageW
IsWindow
GetParent
GetWindowPlacement
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
BringWindowToTop
GetDC
ReleaseDC
RegisterWindowMessageW
DestroyIcon
DrawTextW
wsprintfW
GetDlgCtrlID
SetWindowTextW
MapWindowPoints
GetClassNameW
FindWindowExW
SetWindowLongW
GetMenuItemCount
IsMenu
IsChild
GetMenuStringW
GetMenuItemID
ModifyMenuW
GetMenuItemInfoW
GetSubMenu
IsRectEmpty
ShowWindow
DefWindowProcW
DestroyWindow
SetWindowPlacement
EnableMenuItem
CheckMenuItem
GetFocus
PostQuitMessage
UnhookWindowsHookEx
LoadIconW
LoadCursorW
RegisterClassW
PostMessageW
EnableWindow
UnregisterClassW
GetMenuState
InsertMenuW
AppendMenuW
RemoveMenu
SetMenuItemBitmaps

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateCompatibleBitmap
CombineRgn
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
GetTextExtentPoint32W
GetTextMetricsW
GetStockObject
GetObjectW
EnumFontFamiliesW
SetBkColor
ExtTextOutW
DeleteObject
GetDeviceCaps
DeleteDC
CopyMetaFileW
CreateDCW
CreateBitmap
SetTextColor
BitBlt
CreateCompatibleDC
CreateHatchBrush

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegDeleteKeyW
SystemFunction036
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shell32

SHGetDesktopFolder
SHBrowseForFolderW
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

DrawThemeText
DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeParentBackground
OpenThemeData
CloseThemeData
GetThemeColor
GetCurrentThemeName
GetThemePartSize
IsAppThemed
GetWindowTheme
GetThemeSysColor

ole32

CoUninitialize
CoCreateInstance
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoDisconnectObject
CoInitialize
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
LoadTypeLi
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantChangeType
VariantCopy
VarBstrFromDate
SysFreeString
SysAllocString
VariantInit
VariantClear

gdiplus

GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

&��s�n��˾�m!e*�OS~{�<ܠc�G��Zr1�Yɡ�(,��U%�q��G��Ng6�\ �uA��5��i:Wv��z�� @��,,��.&@��a(�%4�u��_�i��X��Q̜;��\��g��-&�$ �u�.��վ8�c��^&ӧ��.�=��|k/��q�3(NqJ1�~��;��Jo�̨��|��vz��6��9��3�!��xk[×��2��9O�cE;�gN;�s�ͣ�b�>�TC��6엝��!Z��M��v��l�� 7�<N�iWu�2t[9&��t4�q7��g��{؂��]�[��+/��)��*}e/{�� 0B�o�.7��2�}��i��<O@ �/�#��N��dG04��d��4aKW�n�X�\w�Ӷ��U Z6ɕ�_��7��o_��Ӏ��Ń��z�t��W�E�S�o��L` *�[��"њ��M��¹�W��gJ�K��}��K5��~��W�R��_N&�=��ЕB��r{��t[N�Gs��$��4��{u.��47�@j{��X�s�b �.��ĸ�2;f�B0c�Vi�� zd��R�J��'��N݂)j�&�M�>�;�$=9Ow�I�3�⫾ɂ6�E��pF�Iԑ�k��!$��=�i8�!��ZB��{%� o�:�^V��Zr��oi��n��u E�ϡz�:��@K]@٨�4>tKF�Q�h�7n�gv$tm�Ɠ��򸣎�@��Q��)YE��6+�~>Qg�)�)�,�Ў�F�!/�5�(8��&��H�-��Q��J��Wd�W�B��s��v9L��6>E(��α׵�1cp��@��Þ&��#�!�#1}��Y��Ѵ�d?�^L��:�.��yټA�ip�n�ڙ�]��U�&F��,?��'u�Z��d��!\O,��Y��Ъ� �&)&`|�g}'��a�LW`�@g��/��I��>΋m��}�29��|��D;Z�X��NU(�^�I�␆E3k��ذ��<�=?��*?��m�a��i��8/��I��!��,j��'ԁ�>��%�I�[�g�k+�@�5�0��.�ه �!�,��Xf1~�/��kuCW�Zd�~m�2ǝGp6V �~[�I�ѥ��mM;��O\f��3�� <Uj��0]��dgk��K�n�`�㹓)�T\�v�O�x �J�R�nZ"��5��M4ԺQȭ?Ya9��pP��<*�u3Î��R{��iRf��}Z�� ^��H�-�g\�t(7rf-H��8��S��)ׁ��b�AY-]K��frT�(݉b�'#oHߢ�`-��h�7�UAf�D}�(�Y��1[Ti�{��:�3��h}��|Y��L�D2W�"P:BZRem��J��N�%kb��X%�*�8�Ϙ��u��%F qv?�A��p+��$ʜe��WM��k�Ƿ[9�FP��~T��>��-�Ɩ�i�!ơO�W�.��Èb��$̤^��'A,v�� ost@[�� e+N�\��ȼ��S,�颿iq��8>/;%I�ܾt�X��0�B�v/C�pn~R6�= �HH�[�,h��e`�zK��Z\��X,?M1��x��a��(jR��o��Д]4�M�;2��j꽐"(�NX��1d�S�v��R��ɛwQ ��Sס)�d��һ��g�J�q��݆��a�p�V"��UPmc*:�8�o.��6��|9�n��c#�p��U��x56]�єG�F��D��)\ȓ��0�:�:c(��IW�Lr�R��<��7u��G{��}+��ؘ0ш��f��>��/\�*�?`|��q��5(�@1��PV\��(�O�&��ܛn�{J_d^Oޣ�"9��_c�ek�T��l�"#�j�E9I��,m�7�̉�U�*mG��$cR�nU��/y?ޏ�W�fLx�L��ݖǾ��uL�^鹤�/j�w��d9�H+�N��Y��̍��V�� e@��R�u��mc��'�C�`��_�.p^��U�ި��_��VU�`=j]wJ��6��Iq�(n��c'��׮jƍ!��.�z�D6��W�,��J:1��j�w�R�&ڹ�@�h�m/��sV#"8� ��=��!��UdQψ��w��\��nsbGf��,��S��ݎ03�Hܮ��r�mg��Wa2j�j��#�J\ ��~�~$��1��˭n��A��?��n��P��r�~�j�Ǽb}j��E �Z�� Qr��jr��C�x��}�-�qeXcƭ5� dÐ�oH��ϸ��X��:��i]��YΞzN뜉�I �*IV7̡G��Ə P]�-)�U]��a��d��i��M�KR"�mCw��R��x�vp��C�-<��_�H�:i;��&5r�"'Y��\�fF(�cI��p%w�U�vt*)�űOB��e��H�@)��5Ctz�h2�&~~LF�;҇Ĺ�6><5_!�� 8a~�؊� ��9��,�!�q"Aү`NĄP/�� ayu{|�Ϻ��>U�%��d�{�@K��Gd��0H��8:�W�t�Ժ�QO��Ј�z\Ṇ�?uDN-z�^��@!��e��Co�eh��=<G[��tN Ե��\�۬h��!��!�5��c��$N�xѾz2��va��E �}��`��m��JZ��]��*-,�R�E�q��b��G樛b��Ϩ��˧@�!p�i��˳�[(��z��?��=��{�)5��t� ͼ�ldBA��

Sections

.text
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 669KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDISH
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.BANDI1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdcam64.dll
.dll windows:6 windows x64 arch:x64

d2b444635628c1b52d69b3bb10a0f03e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdcam64.dll.pdb

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
TerminateProcess
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetLocalTime
FreeLibraryAndExitThread
CreateThread
Sleep
DisableThreadLibraryCalls
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
GetStringTypeW
GetFileType
GetStdHandle
GetACP
LCMapStringW
GetLastError
ExitProcess
GetModuleHandleExW
ExitThread
InterlockedFlushSList
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwindEx
GetSystemDirectoryW
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetProcAddress
SetLastError
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
ReleaseMutex
EncodePointer
RtlPcToFileHeader
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
IsDebuggerPresent

user32

FindWindowW
WindowFromDC
GetClientRect
FillRect
UnhookWindowsHookEx
GetDesktopWindow
SetWindowsHookExW
CallNextHookEx
PostMessageW
wsprintfW
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetParent
IsWindow
GetWindowLongW

gdi32

DeleteObject
CreateSolidBrush

advapi32

SystemFunction036
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdcamih.dll
.dll windows:6 windows x86 arch:x86

6ac836ef506e7cc9eaefe56396fdbf03

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdcamih.pdb

Imports

kernel32

GetProcAddress
FreeLibrary
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
LoadLibraryW
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
HeapReAlloc
CreateFileW
WriteConsoleW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
SetLastError
RtlUnwind
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
GetFileType
GetCommandLineA
GetCommandLineW
GetStringTypeW
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DisableThreadLibraryCalls

user32

UnhookWindowsHookEx
CallNextHookEx
PostMessageW

advapi32

SystemFunction036

Exports

Exports

Bdcamih_Initialize
Bdcamih_Uninitialize

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ihkshar
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bdcap32.dll
.dll windows:6 windows x86 arch:x86

07563059a9fcc58956360db5d7cbd00f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdcap32.pdb

Imports

dsound

ord7
ord6

kernel32

GetCurrentProcess
GetSystemDirectoryA
DeleteFileA
GetFileSize
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
TerminateProcess
GetSystemInfo
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
DeleteCriticalSection
CreateFileW
WriteFile
CreateMutexA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
SetThreadPriority
Sleep
MulDiv
DisableThreadLibraryCalls
GetSystemTime
GetDiskFreeSpaceExA
GetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
VirtualProtect
WaitForSingleObjectEx
CreateThread
WaitForMultipleObjectsEx
FlushFileBuffers
GetFileAttributesExA
SwitchToThread
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetModuleFileNameW
SetErrorMode
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
WaitForMultipleObjects
SetEndOfFile
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetConsoleCP
ReadConsoleW
GetConsoleMode
HeapQueryInformation
GetCPInfo
GetStringTypeW
GetFileType
GetStdHandle
GetACP
LCMapStringW
ExitProcess
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
EncodePointer
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
GetModuleHandleA
GetModuleHandleW
GetVolumeInformationA
SetLastError
FindClose
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileA
lstrlenA
CloseHandle
GetLastError
GetModuleFileNameA
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetProcAddress
LoadLibraryA
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualQuery

user32

FillRect
CopyRect
WindowFromDC
EqualRect
ScreenToClient
ClientToScreen
PeekMessageA
OffsetRect
DispatchMessageA
GetForegroundWindow
GetDC
ReleaseDC
RegisterWindowMessageA
GetCursorInfo
GetIconInfo
DrawIconEx
MsgWaitForMultipleObjects
EnumDisplayDevicesA
GetWindowRect
GetSystemMetrics
IntersectRect
OpenInputDesktop
GetClientRect
SetThreadDesktop
CloseDesktop
GetCursorPos
SetRect
GetAsyncKeyState
TranslateMessage
PtInRect

gdi32

CreateSolidBrush
GetDIBits
CreateCompatibleBitmap
CreateDCA
StretchBlt
SetStretchBltMode
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
GetObjectA

advapi32

SystemFunction036
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
PropVariantCopy
PropVariantClear

vcomp140

omp_get_thread_num
omp_unset_lock
omp_set_lock
omp_init_lock
omp_set_dynamic
omp_get_num_threads
omp_destroy_lock
_vcomp_fork
_vcomp_master_begin
_vcomp_master_end
_vcomp_set_num_threads

winmm

mmioOpenW
timeBeginPeriod
mixerGetControlDetailsA
mixerSetControlDetails
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetID
waveInMessage
waveInGetErrorTextA
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInStart
waveInPrepareHeader
waveInGetDevCapsA
waveInGetNumDevs
waveInAddBuffer
mmioWrite
mmioCreateChunk
mmioClose
mmioSeek
mmioAscend
waveInOpen

msvfw32

ICSendMessage
ICOpen
ICGetInfo
ICClose
ICCompress

Exports

Exports

CreateBandiCapture

Sections

.text
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 819KB - Virtual size: 819KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 425KB - Virtual size: 530KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IPPDATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BANDI0
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdcap64.dll
.dll windows:6 windows x64 arch:x64

cf24cb0da9f9b84850253a61b2e0eecd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdcap64.pdb

Imports

dsound

ord7
ord6

kernel32

GetSystemDirectoryA
DeleteFileA
GetFileSize
MultiByteToWideChar
WaitForSingleObject
GetCurrentProcessId
TerminateProcess
GetSystemInfo
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount
QueryPerformanceFrequency
CreateEventA
SetEvent
ResetEvent
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
CreateFileW
WriteFile
CreateMutexA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
SetThreadPriority
Sleep
MulDiv
DisableThreadLibraryCalls
GetSystemTime
GetDiskFreeSpaceExA
GetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
RaiseException
VirtualProtect
WaitForSingleObjectEx
CreateThread
WaitForMultipleObjectsEx
FlushFileBuffers
GetFileAttributesExA
SwitchToThread
FindFirstFileW
FindNextFileW
GetFileAttributesW
GetModuleFileNameW
SetErrorMode
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
WaitForMultipleObjects
SetEndOfFile
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetConsoleCP
ReadConsoleW
GetConsoleMode
HeapQueryInformation
GetCPInfo
GetStringTypeW
GetFileType
GetStdHandle
GetACP
LCMapStringW
ExitProcess
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwindEx
EncodePointer
RtlPcToFileHeader
InitializeSListHead
GetCurrentThreadId
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleW
GetVolumeInformationA
SetLastError
FindClose
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileA
lstrlenA
CloseHandle
GetLastError
GetModuleFileNameA
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetProcAddress
LoadLibraryA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualQuery

user32

GetSystemMetrics
GetWindowRect
CopyRect
OffsetRect
EqualRect
ScreenToClient
ClientToScreen
PeekMessageA
TranslateMessage
DispatchMessageA
GetClientRect
GetDC
ReleaseDC
RegisterWindowMessageA
PtInRect
FillRect
WindowFromDC
GetCursorPos
CloseDesktop
SetThreadDesktop
GetCursorInfo
GetIconInfo
DrawIconEx
MsgWaitForMultipleObjects
OpenInputDesktop
SetRect
GetAsyncKeyState
GetForegroundWindow
EnumDisplayDevicesA
IntersectRect

gdi32

CreateSolidBrush
GetDIBits
CreateCompatibleBitmap
CreateDCA
StretchBlt
SetStretchBltMode
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
GetObjectA

advapi32

SystemFunction036
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

shell32

SHGetFolderPathW

ole32

PropVariantCopy
PropVariantClear
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize

vcomp140

omp_destroy_lock
omp_get_num_threads
_vcomp_set_num_threads
omp_set_dynamic
omp_init_lock
omp_set_lock
omp_unset_lock
omp_get_thread_num
_vcomp_fork
_vcomp_master_begin
_vcomp_master_end

winmm

mmioClose
waveInAddBuffer
mmioSeek
mmioAscend
mmioWrite
mmioCreateChunk
waveInMessage
mmioOpenW
timeBeginPeriod
mixerGetControlDetailsA
mixerSetControlDetails
mixerClose
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetDevCapsA
mixerOpen
mixerGetID
waveInGetNumDevs
waveInGetErrorTextA
waveInReset
waveInStop
waveInClose
waveInUnprepareHeader
waveInStart
waveInPrepareHeader
waveInOpen
waveInGetDevCapsA

msvfw32

ICOpen
ICGetInfo
ICClose
ICCompress
ICSendMessage

Exports

Exports

CreateBandiCapture

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IPPCODE
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 476KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IPPDATA
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.BANDI0
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bdfix.exe
.exe windows:6 windows x86 arch:x86

9f6f69d32274bdc8775c5da2cbf64e0f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27-09-2013 00:00

Not After

26-12-2016 23:59

Subject

CN=Bandisoft,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Bandisoft,L=Yeongdeungpogu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\w\devel\CAP2\bandicam\bin\bdfix.pdb

Imports

kernel32

GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
GetACP
ExitProcess
GetStdHandle
GetFileType
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
WaitForSingleObjectEx
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SearchPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
FindResourceExW
lstrcpyW
GetWindowsDirectoryW
GetTickCount
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
VirtualProtect
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
LoadLibraryA
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
GetModuleHandleA
OutputDebugStringA
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
FreeResource
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetCurrentThreadId
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalUnlock
GlobalLock
GlobalSize
GetProcessHeap
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
ResetEvent
SetEvent
CreateEventW
WriteFile
TerminateProcess
GetCurrentProcessId
WaitForSingleObject
DeleteFileW
GetFileAttributesW
GetTempFileNameW
GetTempPathW
GetCurrentDirectoryW
GetSystemDirectoryW
GetModuleFileNameW
GlobalFree
GlobalAlloc
GetCurrentProcess
GetCurrentThread
GetModuleHandleW
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
SetLastError
FindClose
FindNextFileW
FindFirstFileW
GetSystemTimeAsFileTime
GetFileTime
CreateFileW
OutputDebugStringW
WideCharToMultiByte
GetFileSize
GetLastError
SetFilePointer
ReadFile
CloseHandle
InitializeCriticalSection
CreateFileA
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetStdHandle

user32

GetNextDlgGroupItem
IsRectEmpty
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
ReleaseCapture
SetCapture
CharNextW
InvalidateRect
KillTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
LoadCursorW
GetSysColorBrush
IsDialogMessageW
SetWindowTextW
CheckDlgButton
SetDlgItemTextW
ShowWindow
FillRect
ReleaseDC
GetWindowDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
InflateRect
GetSysColor
GetMenuItemInfoW
DestroyMenu
UnhookWindowsHookEx
GetLastActivePopup
MessageBoxW
SetCursor
ShowOwnedPopups
MessageBeep
SendDlgItemMessageA
SetRectEmpty
CallNextHookEx
SetWindowsHookExW
GetCursorPos
IsCharLowerW
MapVirtualKeyExW
LoadIconW
GetSystemMenu
AppendMenuW
ValidateRect
GetKeyState
IsWindowVisible
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
GetDesktopWindow
SetActiveWindow
IsWindowEnabled
GetActiveWindow
GetNextDlgTabItem
GetDlgItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
MapDialogRect
CharUpperW
GetAsyncKeyState
RegisterClipboardFormatW
CreatePopupMenu
GetMenuDefaultItem
TrackMouseEvent
LoadImageW
PostThreadMessageW
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
GetWindow
SetWindowContextHelpId
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
SetWindowRgn
SetParent
SendMessageW
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
PostMessageW
EnableWindow
SystemParametersInfoW
GetMonitorInfoW
CopyRect
MonitorFromPoint
OffsetRect
GetWindowRect
EqualRect
MoveWindow
GetWindowLongW
SetWindowPos
ScreenToClient
ClientToScreen
PeekMessageW
TranslateMessage
DispatchMessageW
IsWindow
GetParent
GetWindowPlacement
GetForegroundWindow
GetWindowThreadProcessId
SetForegroundWindow
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetKeyboardLayout
UnregisterClassW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
PostQuitMessage
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
WaitMessage
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
UpdateLayeredWindow
UnionRect
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
OpenClipboard
CloseClipboard

gdi32

GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
CombineRgn
GetMapMode
GetObjectType
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
SetTextColor
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
GetDeviceCaps
CreateDCW
CopyMetaFileW
DeleteDC
ExtTextOutW
SetBkColor
GetObjectW
GetStockObject
GetTextMetricsW
PatBlt
BitBlt
GetTextExtentPoint32W

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
SystemFunction036
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

DragQueryFileW
DragFinish
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetWindowTheme
GetThemePartSize
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
IsAppThemed

ole32

OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoInitializeEx
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
StgOpenStorageOnILockBytes

oleaut32

OleCreateFontIndirect
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
LoadTypeLi
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC

winmm

PlaySoundW

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/camera.wav
data/effects.dat
data/language.dat
data/sample.png
.png
data/skin.dat
.zip
___webcam_screen.png
.png
bdcam_icon.png
.png
body_bg.png
.png
body_bg2.png
.png
bottom_bg.png
.png
btn_capture.png
.png
btn_capture_2.png
.png
btn_check.png
.png
btn_click.png
.png
btn_close.png
.png
btn_device.png
.png
btn_device_2.png
.png
btn_directx.png
.png
btn_directx_2.png
.png
btn_fps_check.png
.png
btn_fps_uncheck.png
.png
btn_help.png
.png
btn_key.png
.png
btn_minimize.png
.png
btn_open.png
.png
btn_pause.png
.png
btn_pause_2.png
.png
btn_record.png
.png
btn_record_2.png
.png
btn_rectangle.png
.png
btn_rectangle_2.png
.png
btn_setting.png
.png
btn_setting_2.png
.png
btn_settingmenu.png
.png
btn_sort.png
.png
btn_tab.png
.png
btn_tips.png
.png
btn_tray.png
.png
btn_uncheck.png
.png
device/btn_close.png
.png
device/btn_img_start.png
.png
device/btn_img_stop.png
.png
device/btn_menu.png
.png
device/btn_rec_pause.png
.png
device/btn_rec_paused.png
.png
device/btn_rec_start.png
.png
device/btn_rec_stop.png
.png
device/btn_settings.png
.png
device/btn_volume_0.png
.png
device/btn_volume_1.png
.png
device/btn_volume_2.png
.png
device/btn_volume_3.png
.png
device/client.png
.png
device/client2.png
.png
device/device.xml
device/device_connect.png
.png
device/device_intro.png
.png
device/video.xml
device/volume_knob.png
.png
device/volume_slider_off.png
.png
device/volume_slider_on.png
.png
folder.png
.png
fps_bg.png
.png
info_bg.png
.png
leftside_bg.png
.png
logo.png
.png
page_about.xml
page_fps.xml
page_general.xml
page_image.xml
page_outputs.xml
page_video.xml
prog_volume.png
.png
prog_volume_bg.png
.png
rightside_bg.png
.png
setting_background.png
.png
setting_bg.png
.png
setting_tab_bg.png
.png
skin.xml
slider_bkgnd_tile.png
.png
slider_var_knob.png
.png
target/btn_close.png
.png
target/btn_findwindow.png
.png
target/btn_fullscreen.png
.png
target/btn_img_start.png
.png
target/btn_img_stop.png
.png
target/btn_menu.png
.png
target/btn_minimize.png
.png
target/btn_pen_start.png
.png
target/btn_pen_stop.png
.png
target/btn_rec_pause.png
.png
target/btn_rec_paused.png
.png
target/btn_rec_start.png
.png
target/btn_rec_stop.png
.png
target/btn_restore.png
.png
target/btn_sel_color.png
.png
target/btn_sel_line.png
.png
target/btn_targetsize.png
.png
target/btn_tools_box.png
.png
target/btn_tools_eraser.png
.png
target/btn_tools_eraser_2.png
.png
target/btn_tools_exit.png
.png
target/btn_tools_pen.png
.png
target/btn_tools_pen_hl.png
.png
target/btn_tools_redo.png
.png
target/btn_tools_undo.png
.png
target/client.png
.png
target/client2.png
.png
target/drawing_tools.xml
target/rect.xml
target/tool_bg.png
.png
target/tool_bg2.png
.png
tips_bg.png
.png
webcam_screen.png
.png
lang/Arabic.ini
lang/Armenian.ini
lang/Azerbaijani.ini
lang/Bosnian.ini
lang/Bulgarian.ini
lang/Croatian.ini
lang/Czech.ini
lang/Danish.ini
lang/Dutch.ini
lang/English.ini
lang/Farsi.ini
lang/Finnish.ini
lang/French.ini
lang/Georgian.ini
lang/German.ini
lang/Greek.ini
lang/Hebrew.ini
lang/Hungarian.ini
lang/Indonesian.ini
lang/Italian.ini
lang/Japanese.ini
.ps1
lang/Kurdish.ini
lang/Latvian.ini
lang/Lithuanian.ini
lang/Malay.ini
lang/Norwegian.ini
lang/Polish.ini
lang/Portuguese(BR).ini
lang/Portuguese.ini
lang/Romanian.ini
lang/Russian.ini
lang/Serbian(Cyrillic).ini
lang/Serbian.ini
lang/Simplified_Chinese.ini
lang/Slovak.ini
lang/Slovenian.ini
lang/Spanish.ini
lang/Swedish.ini
lang/Thai.ini
lang/Traditional_Chinese.ini
lang/Turkish.ini
lang/Ukrainian.ini
lang/Urdu.ini
lang/Uzbek.ini
lang/Vietnamese.ini
translators.txt
Bandicam/file_id.diz
Bandicam/keymaker.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.wkt0
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wkt0
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wkt0
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wkt0
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Bandicam/maze.nfo

Sharing

General

Malware Config

Signatures

Files

bf95d1fc1d10de18b32654b123ad5e1f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 409KB

.ndata Size: - Virtual size: 628KB

.rsrc Size: 58KB - Virtual size: 58KB

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

6ba7b0e4e74a8eea96dca4fffc88b859

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:01:cf:3e:00:00:00:00:00:0fCertificate

Extended Key Usages

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

1a:08:e4:25:dd:db:b3:4e:1e:26:d6:e7:85:6e:9f:b8
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 409KB

.ndata
Size: - Virtual size: 628KB

.rsrc
Size: 58KB - Virtual size: 58KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:05:a2:30:00:00:00:00:00:08
Certificate

a0:dc:fd:f1:04:c6:f9:25:f4:de:ed:83:b3:1b:1c:9e:4a:d1:be:fb
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 16KB - Virtual size: 31KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 56KB - Virtual size: 55KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:06:94:2d:00:00:00:00:00:09
Certificate

3e:ac:fb:b6:70:f6:65:34:9c:0a:21:69:7e:23:e4:07:49:b9:c0:4e
Signer

.text
Size: 205KB - Virtual size: 205KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 9KB - Virtual size: 8KB

33:00:00:00:71:b3:2e:8a:6b:82:aa:1f:4e:00:00:00:00:00:71
Certificate

33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0a
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:38:8d:23:6d:16:27:a3:26:e0:00:00:00:00:00:38
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

c2:86:bb:12:47:e6:c0:8a:13:b7:f5:c4:bc:fc:f5:f4:3d:4c:4c:4f:7a:62:43:e2:58:a8:d0:7b:b4:90:5c:6a
Signer