e17f4354166d5b2c0a019eace66ceee245428f6deaa75f18324f4adbdefeaea6N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

e17f4354166d5b2c0a019eace66ceee245428f6deaa75f18324f4adbdefeaea6N.exe
Size

4.1MB
MD5

12879552dd1b30c0f12a7304eda454b0
SHA1

f51c3530c0e47c3afb540b294b59be0b9aa9ecf4
SHA256

e17f4354166d5b2c0a019eace66ceee245428f6deaa75f18324f4adbdefeaea6
SHA512

fd7f71ca36c2943a5e2dec01746561cf9fd1ea9ec36c5335e2bd20bed5a8935c0ce62dcff24835db7b9535c96ceef5c2eeccefd4a64d4d8fa2edd0c64fe57d9c
SSDEEP

98304:RpVccJ5phhlN20TEoAvvAfqXFcEI9Z04Pf7y+7DsJEOFeU5RkAe:u25phB200vvtXFcH9Z0417Ds1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
e17f4354166d5b2c0a019eace66ceee245428f6deaa75f18324f4adbdefeaea6N.exe
unpack001/$PLUGINSDIR/insthelper.dll
unpack001/7z.dll
unpack001/libeay32.dll

Files

e17f4354166d5b2c0a019eace66ceee245428f6deaa75f18324f4adbdefeaea6N.exe
.exe windows:5 windows x86 arch:x86

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 932KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:ac:3c:38:0a:c6:b3:9f:aa:aa:aa:67:b6:98:b3:b5:e3:3b:a1:7c:90:59:79:a5:c0:fb:98:c4:6b:63:8e:12
Signer

Actual PE Digest

51:ac:3c:38:0a:c6:b3:9f:aa:aa:aa:67:b6:98:b3:b5:e3:3b:a1:7c:90:59:79:a5:c0:fb:98:c4:6b:63:8e:12

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/insthelper.dll
.dll windows:5 windows x86 arch:x86

d6ed743c1613db95ce8ec2ee5d7a28c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\xgzip\xgzip\setup\InstallScript\Res\insthelper.pdb

Imports

kernel32

QueryDosDeviceW
GetSystemTime
GetVolumeInformationW
GetThreadTimes
lstrlenA
GetFileSizeEx
GetTimeFormatW
GetFileAttributesA
SizeofResource
GetPrivateProfileStringW
LoadResource
FindResourceW
LoadLibraryA
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
SetErrorMode
DeviceIoControl
SetEnvironmentVariableA
GetFullPathNameA
WriteConsoleW
SetStdHandle
ReadConsoleW
HeapQueryInformation
SetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetConsoleMode
GetConsoleCP
FindResourceExW
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
GetTimeZoneInformation
SetConsoleCtrlHandler
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
CreateSemaphoreW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FatalAppExitA
GetDriveTypeW
GetFileAttributesExW
SystemTimeToTzSpecificLocalTime
SetFileTime
ExitThread
CreateThread
GetFullPathNameW
IsDebuggerPresent
GetCommandLineA
AreFileApisANSI
ExitProcess
EncodePointer
GetSystemTimeAsFileTime
GetStringTypeW
CreateFileA
GetDiskFreeSpaceW
GlobalMemoryStatusEx
GetThreadPriority
CreatePipe
SetEndOfFile
FreeResource
GetTempFileNameW
GetDateFormatW
IsDBCSLeadByte
FormatMessageW
GetCPInfo
GetFileTime
ReadFile
GetFileAttributesW
CreateDirectoryW
lstrcpynA
SetFilePointer
GetFileSize
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryW
GetSystemInfo
GetComputerNameW
FreeLibrary
SetFileAttributesW
GetWindowsDirectoryW
DeleteCriticalSection
DecodePointer
RemoveDirectoryW
HeapSize
GetCurrentDirectoryW
RaiseException
GlobalUnlock
CreateFileW
HeapDestroy
CopyFileW
InitializeCriticalSectionAndSpinCount
WriteFile
GetProcessHeap
GlobalLock
HeapFree
MoveFileExW
HeapAlloc
HeapReAlloc
DeleteFileW
FindNextFileW
FindClose
GetTempPathW
lstrlenW
GetSystemDirectoryW
GetTickCount
FindFirstFileW
SetProcessWorkingSetSize
OpenThread
SetThreadPriorityBoost
GetStartupInfoW
SetThreadPriority
Thread32Next
GetExitCodeProcess
ReadProcessMemory
Thread32First
GetPriorityClass
SetProcessPriorityBoost
GetCurrentThread
GetProcessPriorityBoost
SetPriorityClass
GetThreadIOPendingFlag
IsWow64Process
SystemTimeToFileTime
VerifyVersionInfoW
VerSetConditionMask
MoveFileW
LocalFree
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
QueryPerformanceCounter
ResetEvent
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
GetPrivateProfileIntW
GetModuleHandleExW
IsProcessorFeaturePresent
LocalAlloc
LocalLock
LocalUnlock
LoadLibraryExW
CreateFileMappingW
GlobalReAlloc
MulDiv
OutputDebugStringA
GetCurrentThreadId
OpenEventW
OpenFileMappingW
GetModuleFileNameA
EnterCriticalSection
SetLastError
LeaveCriticalSection
InitializeCriticalSection
OutputDebugStringW
SetEvent
VirtualQuery
UnmapViewOfFile
MapViewOfFile
FileTimeToLocalFileTime
LockResource
GetLocalTime
FindFirstFileExW
CreateProcessW
GetVersionExW
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
GetModuleHandleW
GetProcAddress
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleFileNameW
lstrcpynW
lstrcmpiW
CloseHandle
GetLastError
TerminateProcess
GetCurrentProcessId
GetCurrentProcess
OpenProcess
GlobalAlloc
Sleep
InterlockedCompareExchange
InterlockedExchange
lstrcpyW
FlushFileBuffers
GlobalFree

user32

DestroyMenu
GetClassInfoW
CreateWindowExW
DefWindowProcW
MapWindowPoints
GetWindow
PeekMessageW
DrawFocusRect
SendMessageW
GetParent
GetCaretPos
InflateRect
GetSystemMenu
GetWindowTextW
SetWindowLongW
RedrawWindow
GetActiveWindow
SetWindowRgn
IsZoomed
SystemParametersInfoW
GetAncestor
EnableWindow
CallNextHookEx
RegisterClassExW
GetSubMenu
DestroyIcon
PrivateExtractIconsW
LoadStringW
SetWindowsHookExW
UnhookWindowsHookEx
DrawTextW
GetMenuItemInfoW
MessageBoxA
FillRect
GetWindowThreadProcessId
MonitorFromPoint
SetRectEmpty
EqualRect
GetMenuState
DrawIconEx
GetClassInfoExW
GetClassNameW
GetFocus
GetMonitorInfoW
GetMenuItemCount
SetMenuItemInfoW
IsMenu
SetMenuInfo
GetMenuInfo
GetSysColor
IsWindow
MoveWindow
GetWindowRect
LoadCursorW
PostMessageW
ShowWindow
GetDlgItem
FindWindowExW
CharUpperBuffW
EnumWindows
GetIconInfo
GetForegroundWindow
EnumChildWindows
GetShellWindow
SetDlgItemTextW
CallWindowProcW
DestroyWindow
SetWindowPos
SetWindowTextW
PostQuitMessage
GetDlgItemTextW
GetSystemMetrics
UpdateWindow
SetRect
GetDesktopWindow
LoadImageW
ExitWindowsEx
SetClipboardData
OpenClipboard
EmptyClipboard
UnregisterClassW
CloseClipboard
DispatchMessageW
TranslateMessage
GetMessageW
FindWindowA
SendMessageTimeoutW
PtInRect
OffsetRect
IntersectRect
ReleaseDC
GetDC
SetCapture
ReleaseCapture
GetCapture
GetKeyState
SetTimer
KillTimer
GetWindowLongW
RegisterWindowMessageW
GetClientRect
UnionRect
InvalidateRect
IsRectEmpty
BeginPaint
EndPaint
UpdateLayeredWindow
IsWindowVisible
CreateCaret
ShowCaret
HideCaret
SetCaretPos
SetCursor
SetFocus
ScreenToClient
GetCursorPos
ClientToScreen
WindowFromPoint
TrackMouseEvent
GetUserObjectInformationW
IsHungAppWindow
GetThreadDesktop
DeleteMenu

gdi32

GetCurrentObject
GetTextExtentExPointW
TextOutW
PatBlt
LPtoDP
CreateBitmap
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
DPtoLP
Polyline
RectVisible
ExtCreatePen
GetBkMode
CreatePenIndirect
SaveDC
SetStretchBltMode
GetStretchBltMode
GetTextColor
RestoreDC
CreatePatternBrush
CreateSolidBrush
GetDIBits
RealizePalette
SelectPalette
CreateDCW
GetTextExtentPoint32W
GetObjectA
CombineRgn
ExtCreateRegion
StretchBlt
SetTextColor
SetViewportOrgEx
Rectangle
LineTo
MoveToEx
ExtTextOutW
SetBkColor
GetTextMetricsW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
CreateRectRgn
ExcludeClipRect
BitBlt
CreateCompatibleBitmap
GetClipBox
RoundRect
CreatePen
SetBkMode
GetStockObject
SelectObject
CreateDIBSection
DeleteDC
CreateCompatibleDC
DeleteObject
CreateDCA

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
GetUserNameW
RegQueryValueExW
GetLengthSid
FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
GetSecurityDescriptorSacl
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
GetAce
GetSidLengthRequired
InitializeSid
AddAce
GetFileSecurityW
DuplicateToken
MapGenericMask
AccessCheck
GetSecurityDescriptorDacl
GetAclInformation
LookupAccountSidW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptDecrypt
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
CryptEncrypt
RegGetKeySecurity
RegSetKeySecurity
ConvertStringSidToSidW
RegEnumKeyW
RegOpenKeyW
RegQueryInfoKeyW
CloseServiceHandle
DeleteService
OpenSCManagerW
EnumDependentServicesW
OpenServiceW
QueryServiceConfig2W
ChangeServiceConfig2W
StartServiceW
ChangeServiceConfigW
QueryServiceStatusEx
ControlService
QueryServiceConfigW
CryptAcquireContextA
CryptGenRandom
SetEntriesInAclW
CreateServiceW
QueryServiceStatus
GetTokenInformation
ConvertSidToStringSidW
CryptGetHashParam
CryptImportKey
CryptSetKeyParam

shell32

SHChangeNotify
ord51
SHGetDesktopFolder
SHGetFileInfoW
ExtractIconExW
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteExW
SHCreateDirectoryExW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetFolderPathW
ord165
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW

ole32

CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoInitialize
IIDFromString
StringFromIID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateGuid

oleaut32

CreateErrorInfo
SysAllocString
VariantClear
SysAllocStringByteLen
VariantInit
VarBstrCmp
SysStringByteLen
VariantChangeType
GetErrorInfo
SafeArrayGetUBound
SafeArrayGetElement
VariantTimeToSystemTime
SetErrorInfo
SafeArrayGetLBound
SysFreeString
SysAllocStringLen
SysStringLen
OleCreatePictureIndirect

shlwapi

PathStripToRootW
wnsprintfW
StrTrimW
StrCmpNIA
StrStrIA
StrChrA
PathRemoveBackslashW
PathStripPathW
StrStrW
PathFindFileNameW
UrlIsW
SHDeleteKeyW
StrRChrW
StrCpyNW
PathAddBackslashW
PathIsDirectoryW
StrRChrIW
PathFileExistsW
PathAppendW
PathRemoveFileSpecW

version

GetFileVersionInfoW
GetFileVersionInfoA
VerQueryValueW
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoSizeW

psapi

EnumProcessModules
GetModuleFileNameExW
GetProcessMemoryInfo
GetModuleBaseNameW
EnumProcesses

msimg32

AlphaBlend

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext

gdiplus

GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipFillPath
GdipFillPieI
GdipDrawPath
GdipDrawArcI
GdipDrawLineI
GdipSetInterpolationMode
GdipAddPathString
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipSetStringFormatTrimming
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetPenDashArray
GdipLoadImageFromStreamICM
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImagePointsI
GdipDrawImageRectI
GdipLoadImageFromFileICM
GdipDrawString
GdipGetImageGraphicsContext
GdipDisposeImage
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdiplusShutdown
GdiplusStartup
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipGetImageWidth
GdipFillRectangleI
GdipDrawRectangleI
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipLoadImageFromStream
GdipGetImageRawFormat
GdipSetStringFormatLineAlign
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdipSetTextRenderingHint
GdipMeasureString
GdipGetImageThumbnail
GdipCreateBitmapFromHBITMAP
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGraphicsClear
GdipLoadImageFromFile
GdipGetPropertyItem
GdipSetPenWidth
GdipSetWorldTransform

ntdll

NtClose
NtQuerySystemInformation
NtQueryInformationProcess
NtSuspendProcess
NtSetSystemInformation
RtlUnwind
RtlNtPathNameToDosPathName
RtlInitUnicodeString
NtCreatePagingFile
NtDuplicateObject
NtUnlockVirtualMemory
NtOpenProcess
NtLockVirtualMemory
NtSetInformationProcess
NtResumeProcess
NtTerminateProcess
RtlNtStatusToDosError

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

ws2_32

__WSAFDIsSet
getpeername
WSAIoctl
connect
WSAGetLastError
htons
select
getsockname
setsockopt
getsockopt
WSAStartup
WSAEventSelect
WSACleanup
ioctlsocket
send
freeaddrinfo
getaddrinfo
htonl
ntohl
ntohs
WSASetLastError
socket
bind
recv
closesocket

dbghelp

MiniDumpWriteDump

netapi32

Netbios
NetWkstaTransportEnum
NetApiBufferFree

wininet

GetUrlCacheEntryInfoExW

Exports

Exports

AbortInstall
CreateInstallWnd
DirLeave
DoUnAdData
ExitWork
GeProtectStartState
GetAppdataLocalLow
GetAutoStartState
GetCheckBoxStatus
GetInstallSvrState
GetTNFromPackageName
HideWindow
InitInstallHelper
InitUnInstallHelper
KillProcess
NewNsisWndProc
NotifyHostSetupStatus
NotifyInstallStatus
RegisterExt
ReportSilentInstall
UnRegisterExt
UninitInstallHelper
UninstallWebAdapter
WriteMustRebootTag

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 427KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/res/skin/ask_icon.png
.png
$PLUGINSDIR/res/skin/btn_blue_90_30.png
.png
$PLUGINSDIR/res/skin/btn_close.png
.png
$PLUGINSDIR/res/skin/btn_push.png
.png
$PLUGINSDIR/res/skin/btn_white_90_30.png
.png
$PLUGINSDIR/res/skin/checkbox.png
.png
$PLUGINSDIR/res/skin/checkout.png
.png
$PLUGINSDIR/res/skin/done.png
.png
$PLUGINSDIR/res/skin/dot_down.png
.png
$PLUGINSDIR/res/skin/dot_up.png
.png
$PLUGINSDIR/res/skin/error.png
.png
$PLUGINSDIR/res/skin/ic_info_46.png
.png
$PLUGINSDIR/res/skin/slogen.png
.png
$PLUGINSDIR/res/skin/title_icon_image.png
.png
$PLUGINSDIR/res/skin/triangle.png
.png
7z.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtInstaller.dll
.dll windows:5 windows x86 arch:x86

13d0861774274493f6336ac0d1b3ab01

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:01:a7:82:bf:fe:70:95:ce:ad:d6:18:62:86:fe:dd:06:22:9d:6e:37:de:45:5e:cb:f7:dc:7f:7e:67:50:49
Signer

Actual PE Digest

15:01:a7:82:bf:fe:70:95:ce:ad:d6:18:62:86:fe:dd:06:22:9d:6e:37:de:45:5e:cb:f7:dc:7f:7e:67:50:49

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\xgzip\yyds\Bin\Release\ExtInstaller.pdb

Imports

bcrypt

BCryptCloseAlgorithmProvider
BCryptGetProperty
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptDestroyHash
BCryptOpenAlgorithmProvider

shlwapi

PathFileExistsW

kernel32

EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetLastError
GetFileSize
ReadFile
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
CreateDirectoryW
GetModuleHandleW
WriteFile
GetModuleFileNameW
GetProcAddress
LocalFree
SetLastError
GetLocalTime
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetFileAttributesW
UnmapViewOfFile
GetStdHandle
HeapReAlloc
Sleep
HeapDestroy
RaiseException
HeapSize
DecodePointer
DeleteCriticalSection
VirtualQuery
InterlockedCompareExchange
OutputDebugStringW
InitializeCriticalSection
LeaveCriticalSection
InterlockedExchange
EnterCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetFileType
CompareStringW
IsValidCodePage
GetTimeZoneInformation
LoadLibraryExW
SetStdHandle
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableA
GetTimeFormatW
GetDateFormatW
GetStartupInfoW
TlsFree
QueryPerformanceCounter
ReadConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
TlsSetValue
TlsGetValue
AreFileApisANSI
GetModuleHandleExW
ExitProcess
GetOEMCP
GetSystemTimeAsFileTime
EncodePointer
GetStringTypeW
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
GetACP

user32

FindWindowA
SendMessageTimeoutW

advapi32

GetUserNameW
RegCloseKey
ConvertSidToStringSidW
RegOpenKeyExW
RegOpenKeyExA
LookupAccountNameW
RegQueryValueExW
RegQueryValueExA

shell32

SHGetSpecialFolderPathW

ole32

CoCreateGuid

Exports

Exports

AppendFavor
InstallHome
getHome

Sections

.text
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FM.dll
.dll windows:5 windows x86 arch:x86

85613badc7d8c32fd0a8ee3dc87d2ad6

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

34:4b:bb:c6:6a:91:4d:74:f1:0e:62:95:8b:2d:47:3f:73:a5:8c:4f:8f:47:e6:f6:95:88:50:3a:65:2a:0a:37
Signer

Actual PE Digest

34:4b:bb:c6:6a:91:4d:74:f1:0e:62:95:8b:2d:47:3f:73:a5:8c:4f:8f:47:e6:f6:95:88:50:3a:65:2a:0a:37

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\FM.pdb

Imports

comctl32

ImageList_ReplaceIcon
CreateStatusWindowW
CreateToolbarEx
InitCommonControlsEx
ord17
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
PropertySheetW

mpr

WNetAddConnection2W
WNetEnumResourceW
WNetCloseEnum
WNetGetResourceParentW
WNetGetResourceInformationW
WNetOpenEnumW

kernel32

GetCurrentProcessId
GetCurrentThreadId
SetLastError
SetFileTime
GetTempPathW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
CreateFileW
SetFileAttributesW
DeleteFileW
MoveFileW
FindClose
GetLogicalDriveStringsW
GetModuleHandleA
GetFileAttributesW
FindFirstFileW
FindNextFileW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileSize
WriteFile
ReadFile
DeviceIoControl
SetEndOfFile
SetFilePointer
GetFileInformationByHandle
GetDriveTypeW
GetDiskFreeSpaceW
GetVolumeInformationW
GlobalAlloc
GlobalReAlloc
GlobalFree
GetCurrentProcess
CreateProcessW
CompareFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapAlloc
HeapFree
GetProcessHeap
GlobalMemoryStatus
GetProcessAffinityMask
GetSystemInfo
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
AreFileApisANSI
InterlockedIncrement
FormatMessageW
FindNextChangeNotification
Sleep
InterlockedExchange
InterlockedCompareExchange
GetCompressedFileSizeW
CopyFileW
GetSystemDefaultLangID
GetUserDefaultLangID
GlobalSize
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetPriorityClass
ExpandEnvironmentStringsW
HeapReAlloc
VirtualQuery
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
HeapSize
GetLocalTime
DecodePointer
GetModuleFileNameA
OpenFileMappingW
OpenEventW
OutputDebugStringA
FindResourceExW
FindResourceW
LoadResource
SizeofResource
LockResource
GetModuleHandleExW
IsWow64Process
VirtualAlloc
VirtualFree
GetVersionExW
GetProcAddress
lstrcatW
lstrlenW
LoadLibraryExW
GetModuleHandleW
GetSystemDirectoryW
GetLastError
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
FreeResource
WaitForSingleObject
CloseHandle
CreateEventW
CreateSemaphoreW
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalUnlock
LocalFree
GetModuleFileNameW
LoadLibraryW
InterlockedDecrement
FreeLibrary
MoveFileExW
GetPrivateProfileStringW
GetFileAttributesA
lstrcpynW
GetTimeFormatW
GetFileSizeEx
GetFileTime
GetTempFileNameW
GetDateFormatW
GetDiskFreeSpaceExW
GetComputerNameW
QueryPerformanceCounter
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent

user32

CharUpperW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
SendMessageW
ShowWindow
MoveWindow
UnregisterClassW
SendMessageTimeoutW
FindWindowA
DestroyIcon
SetCursor
KillTimer
GetClassInfoExW
RegisterClassExW
ClientToScreen
GetMenuItemCount
GetCursorPos
TrackPopupMenuEx
ChildWindowFromPointEx
WindowFromPoint
IsWindowEnabled
RegisterClipboardFormatW
UpdateWindow
SetTimer
MapVirtualKeyW
CheckMenuRadioItem
RemoveMenu
AppendMenuW
GetSubMenu
EnableMenuItem
CheckMenuItem
DrawMenuBar
SetMenu
GetMenu
LoadMenuW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
LoadIconW
GetClientRect
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
SetCapture
GetCapture
IsZoomed
SetWindowPlacement
GetWindowPlacement
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
IsWindow
GetParent
MessageBoxW
SetWindowTextW
InvalidateRect
GetKeyState
GetFocus
PostMessageW
EnableWindow
SetFocus
DestroyWindow
SetDlgItemTextW
EndDialog
LoadBitmapW
DestroyMenu
CreatePopupMenu
GetWindowTextLengthW
GetWindowTextW
LoadStringW
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
LoadCursorW
GetClassInfoW
RegisterClassW
DefWindowProcW
CreateWindowExW
CallWindowProcW
SystemParametersInfoW
MapDialogRect
SetWindowLongW
GetWindowLongW
ScreenToClient
GetWindowRect
GetDialogBaseUnits
GetDlgItem
DialogBoxParamW
CreateDialogParamW

gdi32

DeleteObject

comdlg32

GetOpenFileNameW
CommDlgExtendedError

advapi32

LsaClose
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
GetSecurityDescriptorDacl
ConvertStringSidToSidW
RegSetKeySecurity
RegGetKeySecurity
GetFileSecurityW
SetFileSecurityW
LsaAddAccountRights
LsaOpenPolicy
LookupAccountNameW
GetUserNameW
OpenProcessToken

shell32

SHGetSpecialFolderPathW
DragQueryFileW
ord51
SHGetFolderPathW
ord165
SHChangeNotify
ExtractIconExW
SHGetSpecialFolderLocation
SHFileOperationW
SHGetDesktopFolder
ShellExecuteExW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
DragFinish

ole32

OleInitialize
CoTaskMemAlloc
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
CoUninitialize
OleUninitialize
CoTaskMemFree
CoInitialize
DoDragDrop
CoCreateInstance

oleaut32

SysStringByteLen
SysFreeString
VariantCopy
VariantClear
SysAllocStringLen
SysAllocString
SysStringLen

msvcr120

fwprintf
_wrename
toupper
_wfullpath
_vsnwprintf
_lock_file
setvbuf
fsetpos
fgetc
_fseeki64
fgetpos
ungetc
wcsnlen
??0exception@std@@QAE@ABV01@@Z
__clean_type_info_names_internal
_initterm_e
_initterm
_recalloc
_wcsnicmp
wcsncat_s
wcsncmp
wcschr
fputc
towlower
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
_malloc_crt
_amsg_exit
__CppXcptFilter
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
free
malloc
_beginthreadex
??_V@YAXPAX@Z
??_U@YAPAXI@Z
__CxxFrameHandler3
memcpy
memmove
strstr
wcsstr
_CxxThrowException
rand
srand
memset
_purecall
realloc
memcmp
_snwprintf_s
?terminate@@YAXXZ
_snwprintf
_hypot
_vscwprintf
vsprintf
_unlock_file
_snprintf_s
_vsnprintf_s
strchr
memchr
fflush
vswprintf_s
fopen_s
vsprintf_s
_vswprintf_c_l
fopen
fprintf
fwrite
strrchr
iswspace
_memicmp
_vsnwprintf_s
_vscprintf
fclose
strncpy_s
memmove_s
sprintf
wcsncpy_s
wmemcpy_s
memcpy_s
wcscpy_s
_waccess_s
_wcsicmp
wcsrchr
_except_handler4_common
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess

msvcp120

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_BADOFF@std@@3_JB
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Syserror_map@std@@YAPBDH@Z
??0id@locale@std@@QAE@I@Z
?_Xbad_function_call@std@@YAXXZ
?_Release@_Pad@std@@QAEXXZ
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
??1_Pad@std@@QAE@XZ
??0_Pad@std@@QAE@XZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_detach
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?eof@ios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ

shlwapi

PathIsDirectoryW
PathStripToRootW
wnsprintfW
PathRemoveFileSpecW
PathFileExistsW
PathAppendW
PathAddBackslashW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Exports

Exports

FmWinMain

Sections

.text
Size: 575KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SMYIpc.dll
.dll windows:5 windows x86 arch:x86

3428185b7dec7999e2373ffc92c7dad7

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c2:55:5d:fb:fe:48:6d:66:2d:e5:1a:dc:86:52:28:4a:a8:d5:75:89:23:bc:fd:86:24:42:43:2e:ba:4c:69:e5
Signer

Actual PE Digest

c2:55:5d:fb:fe:48:6d:66:2d:e5:1a:dc:86:52:28:4a:a8:d5:75:89:23:bc:fd:86:24:42:43:2e:ba:4c:69:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\xgzip\basic\Bin\Release\SMYIpc.pdb

Imports

kernel32

DecodePointer
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
CreateMutexW
InterlockedExchange
GetSystemInfo
CreateFileW
ReadFile
WaitNamedPipeW
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
WaitForMultipleObjects
GetOverlappedResult
GetTickCount
WriteFile
DisableThreadLibraryCalls
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GetCurrentProcessId
GetModuleFileNameA
Sleep
InterlockedCompareExchange
SetEvent
CreateEventW
WaitForSingleObject
GetCurrentThreadId
InterlockedExchangeAdd
UnhandledExceptionFilter
CloseHandle
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
ResetEvent
FormatMessageW
UnmapViewOfFile
VirtualQuery
CreateDirectoryW
OutputDebugStringW
WideCharToMultiByte
GetFileAttributesW
GetLocalTime
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
ReleaseMutex
LocalFree
InterlockedDecrement
InterlockedIncrement

user32

DestroyWindow
RegisterClassExW
RegisterWindowMessageW
SetWindowLongW
CreateWindowExW
DefWindowProcW
FindWindowA
SendMessageTimeoutW
PostMessageW
GetWindowLongW

advapi32

SetSecurityDescriptorDacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
InitializeSecurityDescriptor

oleaut32

SysAllocStringLen

msvcp120

?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

__crtTerminateProcess
__CxxFrameHandler3
_crt_debugger_hook
?terminate@@YAXXZ
_except_handler4_common
__clean_type_info_names_internal
__crtUnhandledException
strchr
??_V@YAXPAX@Z
??3@YAXPAX@Z
memcpy
memset
memmove
wcslen
??2@YAPAXI@Z
free
_purecall
memcpy_s
wmemcpy_s
memmove_s
memcmp
wcscmp
_vscwprintf
vswprintf_s
strlen
_beginthreadex
_snprintf_s
_vsnprintf_s
_CxxThrowException
memchr
fflush
fopen_s
_vswprintf_c_l
fwrite
strrchr
fclose
strncpy_s
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e

Exports

Exports

GetSMYApcDispatcher
GetSMYIpcManager

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogGui.exe
.exe windows:5 windows x86 arch:x86

622645d6192150dd73b876ae5a91398c

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:8e:99:d3:5b:15:7b:d7:50:f1:d2:21:73:e6:ec:6e:e4:c4:16:c0:70:fd:4f:fd:be:68:a8:60:db:2b:4c:94
Signer

Actual PE Digest

cd:8e:99:d3:5b:15:7b:d7:50:f1:d2:21:73:e6:ec:6e:e4:c4:16:c0:70:fd:4f:fd:be:68:a8:60:db:2b:4c:94

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogGui.pdb

Imports

kernel32

ReadProcessMemory
GetExitCodeProcess
TerminateProcess
Thread32Next
SetThreadPriority
GetStartupInfoW
SetThreadPriorityBoost
OpenThread
SetProcessWorkingSetSize
CreatePipe
GetThreadPriority
CreateToolhelp32Snapshot
GlobalMemoryStatusEx
Thread32First
LoadLibraryA
QueryDosDeviceW
GetProcessPriorityBoost
EncodePointer
IsDebuggerPresent
GetComputerNameW
GetCPInfo
lstrlenA
IsDBCSLeadByte
VerSetConditionMask
SleepEx
VerifyVersionInfoW
OpenProcess
GetPriorityClass
SetProcessPriorityBoost
SystemTimeToFileTime
GetCurrentThread
ExpandEnvironmentStringsA
FormatMessageA
SetErrorMode
Process32FirstW
Process32NextW
GetThreadTimes
GetThreadIOPendingFlag
QueryPerformanceFrequency
QueryPerformanceCounter
GetPrivateProfileIntW
InterlockedIncrement
InterlockedDecrement
CreateProcessW
IsWow64Process
GetModuleHandleExW
GetDiskFreeSpaceExW
GetFileTime
GetFileSizeEx
GetTimeFormatW
GetFileAttributesA
CopyFileW
GetPrivateProfileStringW
MoveFileExW
GetTempFileNameW
GetDateFormatW
CreateFileA
FindResourceExW
ExpandEnvironmentStringsW
LocalAlloc
LocalLock
LocalUnlock
MulDiv
CreateFileMappingW
SizeofResource
LockResource
FreeResource
LoadResource
FindResourceW
lstrcpynW
OutputDebugStringA
GetModuleFileNameA
GetLocalTime
OutputDebugStringW
VirtualQuery
DecodePointer
HeapSize
RaiseException
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
SetUnhandledExceptionFilter
GetCommandLineW
InterlockedCompareExchange
InterlockedExchange
SetPriorityClass
WaitForMultipleObjects
GetUserDefaultLangID
GetSystemDefaultLangID
Sleep
AreFileApisANSI
IsProcessorFeaturePresent
GetProcessTimes
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetProcessAffinityMask
OpenEventW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
GetModuleHandleW
DosDateTimeToFileTime
GlobalMemoryStatus
GetSystemInfo
GetProcessAffinityMask
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
GetCurrentProcess
GlobalReAlloc
GlobalFree
GlobalAlloc
GetDiskFreeSpaceW
GetDriveTypeW
GetVolumeInformationW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
DeviceIoControl
GetLogicalDriveStringsW
FindFirstChangeNotificationW
FindCloseChangeNotification
GetFileAttributesW
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindClose
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetTempPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
SetFileTime
CreateFileW
GetWindowsDirectoryW
LocalFree
FormatMessageW
GetModuleFileNameW
LoadLibraryW
FreeLibrary
GlobalUnlock
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
CreateEventW
CreateSemaphoreW
ResetEvent
GetLastError
ReleaseSemaphore
InitializeCriticalSection
SetEvent
WaitForSingleObject
lstrcatW
lstrlenW
GetSystemDirectoryW
LoadLibraryExW
GetVersionExW
VirtualAlloc
GetProcAddress
VirtualFree
GetSystemTime

user32

DrawTextW
CharUpperW
OpenClipboard
CloseClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
SendMessageW
GetWindowRect
ScreenToClient
MoveWindow
ShowWindow
SetWindowLongW
GetWindowLongW
GetDlgItem
MapDialogRect
SystemParametersInfoW
GetDialogBaseUnits
CreateDialogParamW
DialogBoxParamW
CreateWindowExW
CallWindowProcW
LoadStringW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
InvalidateRect
SetFocus
PostMessageW
EnableWindow
GetKeyState
SetDlgItemTextW
EndDialog
MessageBoxW
GetFocus
IsWindow
CheckDlgButton
IsDlgButtonChecked
GetParent
DestroyWindow
SetTimer
KillTimer
GetClassInfoExW
RegisterClassExW
DefWindowProcW
LoadIconW
LoadCursorW
SetCursor
IsWindowEnabled
UnregisterClassW
FindWindowA
SendMessageTimeoutW
SetRect
RegisterWindowMessageW
GetClientRect
UnionRect
IntersectRect
IsRectEmpty
BeginPaint
EndPaint
UpdateLayeredWindow
FindWindowExW
IsWindowVisible
CreateCaret
ShowCaret
HideCaret
SetCaretPos
GetCursorPos
ClientToScreen
WindowFromPoint
TrackMouseEvent
GetClassNameW
GetSystemMetrics
DrawIconEx
GetMenuState
GetSystemMenu
PtInRect
RedrawWindow
GetActiveWindow
GetDC
ReleaseDC
OffsetRect
SetWindowRgn
IsZoomed
GetDesktopWindow
GetSysColor
GetCaretPos
CharUpperBuffW
GetAncestor
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
CallNextHookEx
SetWindowPos
SetWindowsHookExW
UnhookWindowsHookEx
DestroyMenu
GetClassInfoW
LoadImageW
GetThreadDesktop
IsHungAppWindow
GetUserObjectInformationW
EnumWindows
GetIconInfo
GetForegroundWindow
EnumChildWindows
GetShellWindow
EqualRect
SetRectEmpty
PrivateExtractIconsW
DestroyIcon
FillRect
GetSubMenu
DeleteMenu
GetMenuInfo
SetMenuInfo
IsMenu
SetMenuItemInfoW
GetMenuItemCount
MapWindowPoints
GetWindow
PeekMessageW
InflateRect
DrawFocusRect
GetMonitorInfoW
MonitorFromPoint
GetWindowThreadProcessId
GetCapture
GetMenuItemInfoW
UpdateWindow
SetCapture
ReleaseCapture

gdi32

TextOutW
GetTextMetricsW
GetCurrentObject
CreateDCA
LPtoDP
GetTextExtentExPointW
PatBlt
CreateBitmap
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
DPtoLP
Polyline
RectVisible
ExtCreatePen
GetBkMode
SaveDC
GetStretchBltMode
GetTextColor
RestoreDC
GetDIBits
RealizePalette
SelectPalette
GetDeviceCaps
DeleteObject
CreateFontIndirectW
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
CreateDIBSection
ExcludeClipRect
SetBkMode
CreateRectRgn
SetViewportOrgEx
Rectangle
SetTextColor
GetStockObject
CreatePen
RoundRect
SetBkColor
ExtTextOutW
MoveToEx
LineTo
GetObjectW
StretchBlt
ExtCreateRegion
CombineRgn
CreatePatternBrush
CreateSolidBrush
GetObjectA
GetTextExtentPoint32W
SetStretchBltMode
CreatePenIndirect
ExtSelectClipRgn
GetClipRgn
CreateDCW

comdlg32

GetOpenFileNameW
CommDlgExtendedError

advapi32

GetUserNameW
CryptReleaseContext
CryptGenRandom
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
CreateServiceW
QueryServiceConfigW
ControlService
QueryServiceStatusEx
ChangeServiceConfigW
StartServiceW
ChangeServiceConfig2W
QueryServiceConfig2W
OpenServiceW
EnumDependentServicesW
OpenSCManagerW
DeleteService
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA
RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
GetSecurityDescriptorDacl
QueryServiceStatus
GetTokenInformation
ConvertSidToStringSidW
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptDecrypt
CryptSetKeyParam
AllocateAndInitializeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
FreeSid
GetNamedSecurityInfoW
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
GetAce
GetSidLengthRequired
InitializeAcl
InitializeSid
AddAce
DuplicateToken
MapGenericMask
AccessCheck
GetAclInformation
LookupAccountSidW
CryptDeriveKey
CryptAcquireContextA
ConvertStringSidToSidW
RegSetKeySecurity
RegGetKeySecurity
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegSetValueExW
CryptAcquireContextW
RegDeleteValueW
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHGetPathFromIDListW
ord51
SHGetFolderPathW
ord165
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteExW
SHGetDesktopFolder
ExtractIconExW
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteW
SHChangeNotify
SHBrowseForFolderW
DragFinish
DragQueryFileW
SHGetMalloc

ole32

CoInitializeSecurity
CoSetProxyBlanket
IIDFromString
StringFromIID
OleUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
OleInitialize
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
CoInitializeEx

oleaut32

SysFreeString
SafeArrayGetElement
SysAllocString
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
VariantInit
VarBstrCmp
SafeArrayGetUBound
SafeArrayGetLBound
VariantTimeToSystemTime
SysStringByteLen
CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
VariantCopy
VariantClear

msvcr120

_snwprintf_s
wcsncmp
wcstol
wcsncpy_s
_wcsicmp
wcsncpy
_wcslwr_s
isdigit
_wtoi
towlower
??8type_info@@QBE_NABV0@@Z
memcpy_s
wcstoul
isspace
_wcsnicmp
isalnum
rand
_vsnwprintf
_itow_s
_vsnprintf
srand
swscanf_s
wcsspn
wcscspn
_time64
strtod
sprintf_s
_strtoui64
_strtoi64
strtol
wcschr
strtoul
memmove_s
sprintf
wmemcpy_s
toupper
wcsncat
_ftime64
wcstok_s
fputc
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
_unlock_file
wcsnlen
ungetc
fgetpos
_fseeki64
fgetc
fsetpos
setvbuf
_lock_file
_wfullpath
_wrename
swprintf_s
wcscpy_s
_waccess_s
_wsplitpath_s
_wmkdir
_wstat64
_strnicmp
iswalpha
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
__CxxFrameHandler3
tolower
wcsrchr
strncpy_s
fclose
_vscprintf
_vsnwprintf_s
_memicmp
iswspace
strrchr
fwrite
fprintf
fopen
_vswprintf_c_l
vsprintf_s
fopen_s
vswprintf_s
fflush
memchr
strchr
_vsnprintf_s
_snprintf_s
fwprintf
vsprintf
_vscwprintf
_hypot
__iob_func
_fileno
_isatty
realloc
_purecall
wcsstr
strstr
memmove
??_U@YAPAXI@Z
??_V@YAXPAX@Z
_beginthreadex
malloc
free
floor
ceil
_local_unwind4
_except_handler3
_stricmp
_write
_read
_strdup
_except1
__clean_type_info_names_internal
clock
_libm_sse2_pow_precise
_libm_sse2_log_precise
wcstombs_s
mbstowcs_s
_invalid_parameter_noinfo_noreturn
__RTDynamicCast
??0exception@std@@QAE@ABQBDH@Z
_aligned_malloc
_aligned_free
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??9type_info@@QBE_NABV0@@Z
_CxxThrowException
_findclose
_wfindnext64i32
_wfindfirst64i32
_wcslwr
_waccess
_itoa_s
_localtime64_s
_mktime64
_wtoi64
_ultow_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
memcpy
_gmtime64
__sys_nerr
strerror
getenv
fgets
strtoll
fputs
qsort
fseek
ftell
_errno
isxdigit
strpbrk
isalpha
strncpy
sscanf
fread
_stat64
_wcsdup
calloc
_free_locale
__pctype_func
isprint
_create_locale
_isctype_l
strncmp
_strupr_s
iswprint
_wcsupr_s
_strlwr_s
wcsncat_s
memset
isupper
_recalloc
memcmp

shlwapi

PathIsDirectoryW
PathStripToRootW
wnsprintfW
UrlIsW
StrTrimW
SHDeleteKeyW
StrStrW
PathStripPathW
PathRemoveBackslashW
StrChrA
PathFileExistsW
PathAddBackslashW
PathRemoveFileSpecW
PathAppendW
StrCmpNIA
PathFindFileNameW
StrStrIA

msvcp120

?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?setf@ios_base@std@@QAEHHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setf@ios_base@std@@QAEHH@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??Bios_base@std@@QBE_NXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
_Xtime_get_ticks
??0_Container_base12@std@@QAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
??0id@locale@std@@QAE@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_Xbad_alloc@std@@YAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?eof@ios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

AlphaBlend

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawString
GdipMeasureString
GdiplusStartup
GdiplusShutdown
GdipFree
GdipAlloc
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImagePointsI
GdipDrawImageRectI
GdipBitmapGetPixel
GdipCreateBitmapFromHBITMAP
GdipGetImageThumbnail
GdipGetImageRawFormat
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipLoadImageFromStream
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipFillPath
GdipFillPieI
GdipDrawPath
GdipDrawArcI
GdipDrawLineI
GdipAddPathString
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipSetPenDashArray
GdipSetPenWidth
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipCreatePen1
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipDrawImageRectRect
GdipSetInterpolationMode
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipGraphicsClear
GdipSetWorldTransform
GdipGetImageGraphicsContext
GdipDisposeImage
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipDeleteStringFormat
GdipGetImageWidth
GdipDrawRectangleI
GdipFillRectangleI
GdipCreateStringFormat

ntdll

NtSetSystemInformation
NtTerminateProcess
NtQuerySystemInformation
NtQueryInformationProcess
RtlNtStatusToDosError
NtClose
NtResumeProcess
NtSetInformationProcess
NtLockVirtualMemory
NtOpenProcess
RtlNtPathNameToDosPathName
RtlInitUnicodeString
NtUnlockVirtualMemory
NtDuplicateObject
NtCreatePagingFile
NtSuspendProcess

psapi

GetProcessMemoryInfo
GetModuleFileNameExW

ws2_32

socket
WSASetLastError
recv
getsockopt
WSAStartup
WSACleanup
closesocket
bind
getsockname
connect
WSAIoctl
WSAGetLastError
__WSAFDIsSet
select
send
ioctlsocket
freeaddrinfo
getaddrinfo
htonl
ntohl
ntohs
htons
setsockopt
getpeername
WSAEventSelect

dbghelp

MiniDumpWriteDump

mpr

WNetCloseEnum
WNetOpenEnumW
WNetEnumResourceW

netapi32

Netbios
NetWkstaTransportEnum
NetApiBufferFree

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetContext

wininet

GetUrlCacheEntryInfoExW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogZCoreAssist.dll
.dll windows:5 windows x86 arch:x86

667dd67adb34b47b8cd5c2c1803df11d

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:ae:96:aa:2e:19:5d:11:79:fb:86:b0:4e:a1:3b:ee:16:1e:4e:da:45:8a:8a:ec:0d:53:22:86:cb:66:da:d7
Signer

Actual PE Digest

30:ae:96:aa:2e:19:5d:11:79:fb:86:b0:4e:a1:3b:ee:16:1e:4e:da:45:8a:8a:ec:0d:53:22:86:cb:66:da:d7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogZCoreAssist.pdb

Imports

kernel32

lstrlenA
IsDebuggerPresent
EncodePointer
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
WriteFile
GetPrivateProfileStringW
MoveFileExW
MultiByteToWideChar
GetCurrentThreadId
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
SetLastError
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
OutputDebugStringW
VirtualQuery
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
WaitForMultipleObjects
GetPrivateProfileIntW
GetModuleHandleExW
SetErrorMode
VerifyVersionInfoW
VerSetConditionMask
QueryPerformanceCounter
ExpandEnvironmentStringsW
LocalFree
LocalAlloc
DeleteFileW
GetTempPathW
FindClose
lstrlenW
CreateFileW
ReadFile
GetFileAttributesW
CreateDirectoryW
SetFilePointer
FindFirstFileW
GetFileSize
GetModuleFileNameW
LoadLibraryW
CreateToolhelp32Snapshot
lstrcmpiW
Process32NextW
Process32FirstW
GetProcAddress
GetExitCodeProcess
GetVersionExW
GetSystemDirectoryW
OpenProcess
GetCurrentProcess
FreeLibrary
DeleteCriticalSection
DecodePointer
HeapSize
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
SetEvent
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectW
GetModuleHandleW
WideCharToMultiByte
GetTickCount
InterlockedCompareExchange
InterlockedExchange
GetLastError
CreateProcessW
CloseHandle
ResetEvent
CreateEventW
Sleep
CopyFileW
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
DeviceIoControl

user32

SendMessageTimeoutW
SetRect
CreateWindowExW
SetWindowLongW
GetWindowLongW
PostMessageW
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
PeekMessageW
CloseDesktop
OpenDesktopW
GetWindowRect
GetForegroundWindow
GetDesktopWindow
GetShellWindow
IsWindow
FindWindowA
DefWindowProcW
DestroyWindow
UnhookWindowsHookEx

gdi32

DeleteObject

advapi32

CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CryptDeriveKey
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptSetKeyParam

shell32

ord165
SHGetSpecialFolderPathW

ole32

CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SafeArrayGetLBound
VariantTimeToSystemTime
SafeArrayGetElement
SafeArrayGetUBound
VariantClear
SysAllocString
SysFreeString
VariantInit

shlwapi

StrChrA
StrStrIA
StrCmpNIA
PathAddBackslashW

msvcp120

?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
_Xtime_get_ticks
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
_Thrd_detach
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
??1_Pad@std@@QAE@XZ
?_Release@_Pad@std@@QAEXXZ
??0_Pad@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
??Bid@locale@std@@QAEIXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Container_base12@std@@QAE@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

msvcr120

memcmp
_isctype_l
_create_locale
isprint
__pctype_func
_free_locale
calloc
_wcsdup
_stat64
__iob_func
fread
strstr
strncpy
isxdigit
_errno
fseek
??3@YAXPAX@Z
free
??2@YAPAXI@Z
_time64
srand
rand
?terminate@@YAXXZ
tolower
_vsnwprintf
memmove
memchr
_purecall
wcscpy_s
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
toupper
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
wcsncpy_s
wcsncat_s
_wcsicmp
_snprintf_s
_snwprintf_s
swscanf_s
_vsnprintf_s
_vsnwprintf_s
strncpy_s
_vscwprintf
malloc
strchr
fflush
vswprintf_s
fopen_s
_vswprintf_c_l
fopen
fwrite
strrchr
_vscprintf
fclose
strtod
sprintf_s
??8type_info@@QBE_NABV0@@Z
_strtoi64
strtol
isupper
strtoul
wcschr
fputc
wcsrchr
memcpy_s
sprintf
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
strpbrk
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
sscanf
swprintf_s
_ultow_s
_wtoi64
_mktime64
_localtime64_s
_wcsnicmp
isalnum
isspace
_waccess
_beginthreadex
_strnicmp
??9type_info@@QBE_NABV0@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
_aligned_free
_aligned_malloc
??0exception@std@@QAE@ABQBDH@Z
__RTDynamicCast
isalpha
strncmp
_wsplitpath_s
_wmkdir
_wstat64
realloc
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
_except1
_except_handler4_common
qsort
fputs
strtoll
fgets
_stricmp
wcsncpy
isdigit
getenv
strerror
__sys_nerr
_strdup
_gmtime64

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdiplusStartup

ws2_32

closesocket
socket
ntohs
WSAStartup
WSACleanup
getsockopt
WSASetLastError
getsockname
bind
recv
WSAGetLastError
connect
WSAIoctl
getpeername
__WSAFDIsSet
select
send
ioctlsocket
freeaddrinfo
getaddrinfo
setsockopt
WSAEventSelect
htons

netapi32

Netbios

Exports

Exports

CreateCoreAssist
DestroyCore

Sections

.text
Size: 561KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogZProxy.exe
.exe windows:5 windows x86 arch:x86

ce61bce57bdc752f70b050ef76d3d5c5

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:48:ef:ff:0b:9b:bf:57:9c:4c:65:2b:97:9c:50:6d:e3:23:9f:91:a8:20:58:90:f3:27:40:65:21:3c:24:3e
Signer

Actual PE Digest

0a:48:ef:ff:0b:9b:bf:57:9c:4c:65:2b:97:9c:50:6d:e3:23:9f:91:a8:20:58:90:f3:27:40:65:21:3c:24:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogZProxy.pdb

Imports

kernel32

GetModuleHandleExW
QueryPerformanceCounter
VerSetConditionMask
VerifyVersionInfoW
ExpandEnvironmentStringsW
GetPrivateProfileIntW
CreateEventW
WaitForMultipleObjects
ResetEvent
QueryPerformanceFrequency
SetFilePointer
GetCurrentProcessId
InterlockedDecrement
TerminateProcess
lstrlenA
GetCurrentProcess
OpenProcess
GetTickCount
WaitForSingleObject
InterlockedIncrement
DeleteFileW
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
DeviceIoControl
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
EncodePointer
IsDebuggerPresent
FindClose
GetTempPathW
lstrlenW
CreateFileW
ReadFile
CopyFileW
WriteFile
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
SetErrorMode
VirtualProtect
LoadLibraryA
VirtualAlloc
IsBadReadPtr
VirtualFree
GetNativeSystemInfo
GetPrivateProfileStringW
MoveFileExW
FindFirstFileW
GetFileSize
MultiByteToWideChar
GetCurrentThreadId
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
GetFileAttributesW
LeaveCriticalSection
InitializeCriticalSection
OutputDebugStringW
SetEvent
CreateDirectoryW
VirtualQuery
UnmapViewOfFile
GetWindowsDirectoryW
GetModuleFileNameW
LoadLibraryW
GetSystemDirectoryW
WideCharToMultiByte
DeleteCriticalSection
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetProcAddress
FreeLibrary
GetModuleHandleW
Sleep
InterlockedCompareExchange
InterlockedExchange
GetCommandLineW
CloseHandle
GetLastError
CreateMutexW
SetLastError
LocalAlloc
LocalFree
GetVersionExW
SetUnhandledExceptionFilter

user32

GetMessageW
TranslateMessage
DispatchMessageW
SendMessageTimeoutW
FindWindowA
GetDesktopWindow
KillTimer
DefWindowProcW
PostMessageW
SetTimer
CreateWindowExW
IsWindow
SendMessageW
GetWindowLongW
SetWindowLongW
FindWindowExW
DestroyWindow
CloseDesktop
OpenDesktopW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
FreeSid
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
SetEntriesInAclW
AllocateAndInitializeSid
InitializeSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptDeriveKey
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptSetKeyParam

shell32

ord165
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance

oleaut32

SysFreeString
SafeArrayGetElement
VariantTimeToSystemTime
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
VariantClear
SysAllocString

msvcp120

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
_Xtime_get_ticks
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
??0id@locale@std@@QAE@I@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_Xbad_function_call@std@@YAXXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Container_base12@std@@QAE@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

shlwapi

PathFileExistsW
StrCmpNIA
StrStrIA
StrChrA
PathAddBackslashW

msvcr120

_fmode
_stricmp
_strdup
_localtime64_s
_ultow_s
_gmtime64
__sys_nerr
strerror
isdigit
fgets
strtoll
fputs
fseek
_errno
isxdigit
strncpy
strstr
fread
_stat64
_wcsdup
calloc
_free_locale
__pctype_func
isprint
_create_locale
_isctype_l
wcsncat_s
_controlfp_s
??3@YAXPAX@Z
??2@YAPAXI@Z
memmove
_purecall
??_V@YAXPAX@Z
_vsnwprintf
memcpy_s
wmemcpy_s
memmove_s
_vsnwprintf_s
wcschr
fputc
fwprintf
strncmp
fputwc
_wgetenv
__iob_func
strchr
wcsncmp
getenv
free
toupper
tolower
memchr
_vscwprintf
_snprintf_s
_vsnprintf_s
malloc
fflush
vswprintf_s
fopen_s
_vswprintf_c_l
fopen
fwrite
strrchr
_vscprintf
fclose
strncpy_s
strtod
sprintf_s
??8type_info@@QBE_NABV0@@Z
_strtoi64
strtol
isupper
strtoul
_wcsicmp
wcsncpy_s
??0exception@std@@QAE@ABV01@@Z
wcsnlen
wcsrchr
_snwprintf_s
wcsncpy
_beginthreadex
sprintf
rand
srand
_time64
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
qsort
_wcsnicmp
bsearch
realloc
strpbrk
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
sscanf
swprintf_s
_waccess
swscanf_s
isalnum
isspace
_strnicmp
??9type_info@@QBE_NABV0@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
_aligned_free
_aligned_malloc
??0exception@std@@QAE@ABQBDH@Z
__RTDynamicCast
isalpha
_wsplitpath_s
_wmkdir
_wstat64
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
?terminate@@YAXXZ
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
memcmp
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except1
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ioctlsocket
send
select
__WSAFDIsSet
getpeername
WSAIoctl
connect
freeaddrinfo
getaddrinfo
htons
ntohs
getsockname
setsockopt
recv
bind
socket
WSASetLastError
closesocket
getsockopt
WSAStartup
WSACleanup
WSAGetLastError
WSAEventSelect

dbghelp

MiniDumpWriteDump

netapi32

Netbios

Sections

.text
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogZSvr.exe
.exe windows:5 windows x86 arch:x86

95a2b449b64a54745174889eef87a880

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:b6:11:4a:41:4f:94:65:13:3c:e2:4c:3a:88:6e:ee:8e:a2:01:8a:81:62:4c:7f:cf:62:1a:66:b3:25:b2:99
Signer

Actual PE Digest

c5:b6:11:4a:41:4f:94:65:13:3c:e2:4c:3a:88:6e:ee:8e:a2:01:8a:81:62:4c:7f:cf:62:1a:66:b3:25:b2:99

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogZSvr.pdb

Imports

kernel32

SetErrorMode
CreateProcessW
ProcessIdToSessionId
OpenProcess
ExpandEnvironmentStringsW
FreeLibrary
GetModuleHandleExW
InterlockedDecrement
GetProcAddress
GetCurrentProcessId
SetFilePointer
GetCurrentProcess
VerifyVersionInfoW
VerSetConditionMask
lstrlenA
QueryPerformanceCounter
LoadLibraryW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MultiByteToWideChar
DeleteFileW
QueryPerformanceFrequency
ResetEvent
WaitForMultipleObjects
CreateEventW
GetPrivateProfileIntW
DeviceIoControl
FindClose
GetTempPathW
lstrlenW
CreateFileW
ReadFile
CopyFileW
WriteFile
GetPrivateProfileStringW
MoveFileExW
FindFirstFileW
GetFileSize
SetCurrentDirectoryW
SetConsoleCtrlHandler
GetTickCount
WaitForSingleObject
InterlockedIncrement
GetCurrentThreadId
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
GetFileAttributesW
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
OutputDebugStringW
SetEvent
CreateDirectoryW
VirtualQuery
UnmapViewOfFile
GetModuleHandleW
CreateMutexW
Sleep
InterlockedCompareExchange
GetVersionExW
SetLastError
CloseHandle
InterlockedExchange
LocalFree
LocalAlloc
SetUnhandledExceptionFilter
GetCommandLineW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetModuleFileNameW
DecodePointer
DeleteCriticalSection
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
InitializeCriticalSectionAndSpinCount
GetLastError
GetSystemDirectoryW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
EncodePointer
IsDebuggerPresent

user32

IsWindow
PostMessageW
SendMessageW
GetWindowLongW
SetWindowLongW
CreateWindowExW
DefWindowProcW
SetTimer
KillTimer
FindWindowA
SendMessageTimeoutW
DispatchMessageW
TranslateMessage
GetMessageW
DestroyWindow
PeekMessageW

advapi32

CryptGetHashParam
RegFlushKey
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
CreateProcessAsUserW
DuplicateTokenEx
GetTokenInformation
LookupPrivilegeValueW
OpenProcessToken
ControlService
QueryServiceStatusEx
SetServiceStatus
QueryServiceStatus
StartServiceW
ChangeServiceConfig2W
RegisterServiceCtrlHandlerExW
OpenServiceW
StartServiceCtrlDispatcherW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
FreeSid
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
SetEntriesInAclW
AllocateAndInitializeSid
InitializeSecurityDescriptor
CryptCreateHash
CryptDestroyHash
CryptHashData
CryptDeriveKey
CryptGenRandom
RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextW
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptReleaseContext
CryptDecrypt
CryptSetKeyParam

shell32

ord165
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoInitialize
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoInitializeEx
CoSetProxyBlanket

oleaut32

SafeArrayGetUBound
SafeArrayGetElement
VariantTimeToSystemTime
SafeArrayGetLBound
VariantClear
SysAllocString
SysFreeString
VariantInit

msvcp120

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
_Xtime_get_ticks
?_Xbad_function_call@std@@YAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z

shlwapi

StrCmpNIA
StrStrIA
StrChrA
StrCmpNIW
PathRemoveFileSpecW
PathFileExistsW
PathAddBackslashW

ntdll

RtlGetVersion

msvcr120

wcsncat_s
_CxxThrowException
strncmp
_isctype_l
_create_locale
??3@YAXPAX@Z
free
_wcsicmp
??2@YAPAXI@Z
memmove
_vsnwprintf_s
_purecall
_vsnwprintf
isprint
_snprintf_s
_vsnprintf_s
malloc
strchr
memchr
fflush
vswprintf_s
fopen_s
_vswprintf_c_l
fopen
??_V@YAXPAX@Z
fwrite
strrchr
_vscprintf
fclose
strncpy_s
wcsncpy
_beginthreadex
wcschr
fputc
wcsncpy_s
??0exception@std@@QAE@ABV01@@Z
_snwprintf_s
memcpy_s
strtod
sprintf_s
??8type_info@@QBE_NABV0@@Z
_strtoi64
strtol
tolower
isupper
strtoul
sprintf
swprintf_s
_waccess
swscanf_s
_time64
_wcsnicmp
isalnum
isspace
_wsplitpath_s
_wmkdir
_wstat64
memset
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
?terminate@@YAXXZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
__CxxFrameHandler3
__pctype_func
_free_locale
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
strpbrk
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
sscanf
_stricmp
_ultow_s
_localtime64_s
_strnicmp
isalpha
_except1
isdigit
calloc
realloc
_wcsdup
_stat64
__iob_func
fread
strstr
strncpy
memcpy
??9type_info@@QBE_NABV0@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
_aligned_free
_aligned_malloc
??0exception@std@@QAE@ABQBDH@Z
_vscwprintf
isxdigit
_errno
fseek
qsort
fputs
strtoll
fgets
getenv
strerror
__sys_nerr
_gmtime64
_strdup
__RTDynamicCast

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

dbghelp

MiniDumpWriteDump

netapi32

Netbios

ws2_32

connect
WSAIoctl
htons
ntohs
getsockname
setsockopt
getpeername
WSAEventSelect
recv
WSAGetLastError
bind
getaddrinfo
freeaddrinfo
ioctlsocket
send
select
socket
__WSAFDIsSet
WSASetLastError
closesocket
getsockopt
WSAStartup
WSACleanup

Sections

.text
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogZTips.exe
.exe windows:5 windows x86 arch:x86

530922dd638b4147a15b95bf1322f75b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e7:11:ab:76:56:79:fc:3e:75:2f:c0:8c:e7:45:bc:09:bf:08:bf:ef:4f:15:ea:4a:be:8f:fe:c3:bb:b5:ef:4b
Signer

Actual PE Digest

e7:11:ab:76:56:79:fc:3e:75:2f:c0:8c:e7:45:bc:09:bf:08:bf:ef:4f:15:ea:4a:be:8f:fe:c3:bb:b5:ef:4b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogZTips.pdb

Imports

kernel32

ReadFile
GetFileAttributesW
CreateDirectoryW
SetFilePointer
GetFileSize
ExpandEnvironmentStringsW
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
DeviceIoControl
GetSystemTimeAsFileTime
EncodePointer
IsDebuggerPresent
MapViewOfFile
SetFileAttributesW
DeleteFileW
UnmapViewOfFile
VirtualQuery
SetEvent
FindClose
GlobalUnlock
lstrcpynW
CopyFileW
GlobalAlloc
WriteFile
GlobalLock
GetCurrentProcess
MoveFileExW
FindFirstFileW
lstrlenW
CreateFileW
GetWindowsDirectoryW
LoadLibraryW
GetSystemDirectoryW
LockResource
SizeofResource
LoadResource
FindResourceW
FindResourceExW
MultiByteToWideChar
LocalFree
CloseHandle
LocalAlloc
GetProcAddress
SetLastError
GetVersionExW
FreeLibrary
CreateMutexW
GetCommandLineW
SetUnhandledExceptionFilter
GetTickCount
DeleteCriticalSection
DecodePointer
HeapSize
GetLastError
InterlockedExchange
RaiseException
GetModuleFileNameW
HeapDestroy
Sleep
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetProcessHeap
GetModuleHandleW
InterlockedCompareExchange
HeapFree
HeapAlloc
SetErrorMode
OutputDebugStringW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
GetModuleFileNameA
GetCurrentThreadId
FreeResource
lstrlenA
IsProcessorFeaturePresent
CreateFileMappingW
GlobalReAlloc
GetCurrentProcessId
InterlockedIncrement
InterlockedDecrement
QueryPerformanceFrequency
ResetEvent
WaitForMultipleObjects
CreateEventW
GetPrivateProfileIntW
VerifyVersionInfoW
VerSetConditionMask
QueryPerformanceCounter
GetModuleHandleExW
WaitForSingleObject
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
GlobalFree
CreateFileA
GetTempPathW
GetPrivateProfileStringW
HeapReAlloc

user32

IsIconic
MoveWindow
SetParent
GetMonitorInfoW
MonitorFromPoint
GetSubMenu
GetMenuInfo
UnionRect
GetMenuItemInfoW
SetRect
RegisterWindowMessageW
GetWindow
IntersectRect
InvalidateRect
DrawTextW
UnhookWindowsHookEx
SetWindowsHookExW
GetClassInfoW
IsMenu
SetMenuItemInfoW
GetMenuItemCount
MapWindowPoints
BeginPaint
EndPaint
UpdateLayeredWindow
IsWindowVisible
GetSystemMetrics
FindWindowExW
IsWindow
SetCursor
SetFocus
WindowFromPoint
ShowWindow
SetWindowPos
ReleaseDC
TrackMouseEvent
GetFocus
GetMenuState
GetSystemMenu
GetWindowTextW
PtInRect
OffsetRect
SetWindowRgn
IsZoomed
EnableWindow
SetCapture
ReleaseCapture
GetCapture
GetKeyState
FillRect
GetClassNameW
SystemParametersInfoW
GetDC
FindWindowW
KillTimer
PostMessageW
PostQuitMessage
GetWindowRect
SetTimer
DestroyWindow
DestroyIcon
DispatchMessageW
GetDesktopWindow
TranslateMessage
GetMessageW
SendMessageW
GetClientRect
LoadCursorW
ClientToScreen
DefWindowProcW
CreateWindowExW
SetWindowLongW
GetWindowLongW
UpdateWindow
BringWindowToTop
SetForegroundWindow
LoadImageW
SetWindowTextW
CopyIcon
RegisterClassExW
GetClassInfoExW
FindWindowA
SendMessageTimeoutW
GetCursorPos
GetParent
ScreenToClient
IsRectEmpty
GetWindowThreadProcessId
GetActiveWindow
GetAncestor
CallNextHookEx
GetIconInfo
CallWindowProcW
PeekMessageW
CloseDesktop
OpenDesktopW
DrawIconEx

gdi32

CreatePenIndirect
ExtTextOutW
SetBkColor
GetTextExtentPoint32W
LineTo
MoveToEx
GetObjectA
CombineRgn
ExtCreateRegion
CreateRectRgn
ExcludeClipRect
SetTextColor
SetBkMode
Rectangle
SetViewportOrgEx
BitBlt
DeleteDC
CreateDIBSection
DeleteObject
CreateSolidBrush
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
CreatePen
GetStockObject
CreateFontIndirectW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AllocateAndInitializeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetEntriesInAclW
FreeSid
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetFileSecurityW
InitializeAcl
AddAccessAllowedAce
GetLengthSid
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExA
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
CloseServiceHandle
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CryptDeriveKey
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptImportKey
CryptSetKeyParam
RegQueryValueExA
CryptReleaseContext
CryptGenRandom

shell32

ShellExecuteW
SHCreateDirectoryExW
Shell_NotifyIconW
ExtractIconExW
SHGetFolderPathW
SHGetSpecialFolderPathW
ord165
CommandLineToArgvW

ole32

CoSetProxyBlanket
CoInitializeEx
CoInitializeSecurity
CoGetClassObject
CreateStreamOnHGlobal
CoCreateInstance
OleInitialize
CoUninitialize

oleaut32

SysStringLen
VariantClear
SysFreeString
SysAllocString
SafeArrayGetLBound
VariantTimeToSystemTime
SafeArrayGetElement
SafeArrayGetUBound
SysAllocStringByteLen
VariantInit
VarBstrCmp
SysStringByteLen

msvcp120

_Xtime_get_ticks
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0_Container_base12@std@@QAE@XZ
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xbad_function_call@std@@YAXXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
?_Release@_Pad@std@@QAEXXZ
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
??1_Pad@std@@QAE@XZ
??0_Pad@std@@QAE@XZ
_Thrd_detach
?_BADOFF@std@@3_JB
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ

shlwapi

StrChrA
StrStrIA
StrCmpNIA
PathFindFileNameW
UrlIsW
PathAddBackslashW
PathFileExistsW

msvcr120

_except_handler4_common
_stricmp
_strdup
_gmtime64
__sys_nerr
strerror
getenv
fgets
strtoll
qsort
fseek
_errno
isxdigit
strncpy
strstr
fread
_stat64
_wcsdup
calloc
_free_locale
__pctype_func
isprint
_create_locale
_isctype_l
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
memcmp
_except1
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
realloc
wcstol
wcsncmp
wcsncpy
_wstat64
_wmkdir
_wsplitpath_s
strncmp
isalpha
__RTDynamicCast
??0exception@std@@QAE@ABQBDH@Z
_aligned_malloc
_aligned_free
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??9type_info@@QBE_NABV0@@Z
??0exception@std@@QAE@XZ
_strnicmp
_beginthreadex
isspace
isalnum
_waccess
_localtime64_s
_wtoi64
sscanf
??0exception@std@@QAE@ABQBD@Z
memmove
free
vswprintf_s
??_V@YAXPAX@Z
_snwprintf_s
_purecall
swscanf_s
_vsnwprintf
_time64
rand
strcpy_s
srand
atoi
?terminate@@YAXXZ
memmove_s
wmemcpy_s
memcpy_s
toupper
wcscpy_s
malloc
wcsncpy_s
_wcsnicmp
wcsstr
wcsncat_s
_wtoi
wcsrchr
_mktime64
_snprintf_s
isdigit
strncpy_s
_wcsicmp
_vsnprintf_s
_vsnwprintf_s
_vscwprintf
strchr
memchr
fflush
fopen_s
_vswprintf_c_l
fopen
fwrite
strrchr
_vscprintf
fclose
strtod
sprintf_s
??8type_info@@QBE_NABV0@@Z
_strtoi64
strtol
tolower
isupper
strtoul
wcschr
fputc
??0exception@std@@QAE@ABV01@@Z
sprintf
fputs
__iob_func
printf
_ultow_s
swprintf_s
strpbrk
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

AlphaBlend

gdiplus

GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipCreateStringFormat
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipSetStringFormatTrimming
GdipSetTextRenderingHint
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipDrawString
GdipSetWorldTransform
GdipGetImageGraphicsContext
GdipRotateMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipMeasureString
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipDeleteBrush
GdipFree
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageHeight
GdipDeletePen
GdipCloneBrush
GdipDrawRectangleI
GdipCreatePen1
GdipFillRectangleI
GdipCreateFromHDC
GdipAlloc
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDeleteGraphics
GdipGraphicsClear

ws2_32

getsockopt
WSAStartup
WSACleanup
recv
setsockopt
getsockname
ntohs
socket
WSAGetLastError
closesocket
WSAIoctl
getpeername
__WSAFDIsSet
select
send
ioctlsocket
freeaddrinfo
getaddrinfo
connect
WSASetLastError
WSAEventSelect
htons
bind

iphlpapi

GetIpForwardTable

dbghelp

MiniDumpWriteDump

netapi32

Netbios

Sections

.text
Size: 746KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XiaogZip.exe
.exe windows:5 windows x86 arch:x86

375f6d6a3b197e1a8b6d6b2c7d71f6d7

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

21/10/2022, 00:00

Not After

21/10/2023, 23:59

Subject

CN=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,O=Ma'anshan Lianmeng Network Technology Service Co.\, Ltd.,ST=安徽省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:c7:fe:5d:4e:5b:6e:d7:5a:47:c9:75:55:08:a4:6d:cd:01:8b:cc:b5:92:fc:53:0a:0c:5d:5b:b6:b8:b7:74
Signer

Actual PE Digest

d3:c7:fe:5d:4e:5b:6e:d7:5a:47:c9:75:55:08:a4:6d:cd:01:8b:cc:b5:92:fc:53:0a:0c:5d:5b:b6:b8:b7:74

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\xgzip\xgzip\output\Bin\Release\XiaogZip.pdb

Imports

kernel32

lstrlenA
FindFirstChangeNotificationW
FindCloseChangeNotification
GetModuleHandleA
HeapDestroy
GetVolumeInformationW
GetSystemTime
QueryDosDeviceW
LoadLibraryA
SetFileTime
SystemTimeToFileTime
GlobalMemoryStatusEx
GetThreadPriority
CreatePipe
SetProcessWorkingSetSize
OpenThread
SetThreadPriorityBoost
GetStartupInfoW
SetThreadPriority
Thread32Next
GetExitCodeProcess
ReadProcessMemory
Thread32First
GetPriorityClass
SetProcessPriorityBoost
GetCurrentThread
GetProcessPriorityBoost
SetPriorityClass
GetThreadIOPendingFlag
CreateSemaphoreW
QueryPerformanceFrequency
ResetEvent
WaitForMultipleObjects
CreateEventW
GetPrivateProfileIntW
InterlockedIncrement
InterlockedDecrement
IsWow64Process
GetModuleHandleExW
VerifyVersionInfoW
VerSetConditionMask
QueryPerformanceCounter
MoveFileW
TerminateProcess
GetThreadTimes
FormatMessageA
ExpandEnvironmentStringsA
SleepEx
DeviceIoControl
IsDBCSLeadByte
GetCPInfo
GetSystemInfo
GetComputerNameW
GetSystemTimeAsFileTime
EncodePointer
IsDebuggerPresent
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
ReleaseSemaphore
SetCurrentDirectoryW
GetCurrentDirectoryW
SetFilePointer
GetLogicalDriveStringsW
WaitForSingleObject
GetCurrentProcess
OpenProcess
ProcessIdToSessionId
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateProcessW
SetErrorMode
FormatMessageW
LocalFree
GetProcessHeap
SetFileAttributesW
DeleteFileW
FileTimeToLocalFileTime
GetDiskFreeSpaceExW
GetFileTime
FindNextFileW
RemoveDirectoryW
FindClose
GetDiskFreeSpaceW
GetFileSizeEx
GetTempPathW
FileTimeToSystemTime
GetTimeFormatW
GetFileAttributesA
CopyFileW
GetPrivateProfileStringW
MoveFileExW
FindResourceExW
SetEndOfFile
FindFirstFileW
GetTempFileNameW
GetDateFormatW
CreateFileA
ExpandEnvironmentStringsW
MultiByteToWideChar
LoadLibraryExW
IsProcessorFeaturePresent
LocalAlloc
LocalLock
LocalUnlock
CreateFileMappingW
GetTickCount
MulDiv
WriteFile
GetVersionExW
GlobalReAlloc
SizeofResource
LockResource
FreeResource
LoadResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
GetFileSize
CreateFileW
GetModuleHandleW
CloseHandle
OutputDebugStringA
GetCurrentThreadId
OpenEventW
OpenFileMappingW
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
SetLastError
GetFileAttributesW
LeaveCriticalSection
WideCharToMultiByte
InitializeCriticalSection
OutputDebugStringW
SetEvent
CreateDirectoryW
VirtualQuery
UnmapViewOfFile
MapViewOfFile
GetWindowsDirectoryW
GetModuleFileNameW
LoadLibraryW
lstrcatW
lstrlenW
lstrcpynW
GetSystemDirectoryW
GetDriveTypeW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
GetCommandLineW
GetLastError
GetProcAddress
FreeLibrary
Sleep
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
GetCurrentProcessId

user32

GetDC
GetThreadDesktop
IsHungAppWindow
GetUserObjectInformationW
CloseDesktop
IsWindow
FindWindowW
PtInRect
OpenDesktopW
CharUpperBuffW
GetIconInfo
GetForegroundWindow
EnumChildWindows
GetShellWindow
LoadStringW
EqualRect
SetRectEmpty
GetSubMenu
DeleteMenu
GetMenuInfo
SetMenuInfo
IsMenu
SetMenuItemInfoW
GetMenuItemCount
GetMonitorInfoW
MonitorFromPoint
GetWindowThreadProcessId
GetMenuItemInfoW
RegisterClassExW
DefWindowProcW
GetDlgItem
CreateWindowExW
GetClassInfoW
DestroyMenu
MapWindowPoints
GetWindow
PeekMessageW
DrawFocusRect
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
TranslateMessage
GetMessageW
GetAncestor
IsZoomed
SetWindowRgn
GetActiveWindow
RedrawWindow
GetSystemMenu
GetMenuState
GetClassInfoExW
GetClassNameW
GetFocus
TrackMouseEvent
WindowFromPoint
LoadCursorW
ShowWindow
UpdateWindow
GetDesktopWindow
SendMessageW
PostQuitMessage
SetTimer
KillTimer
GetSystemMetrics
CopyRect
LoadImageW
UnregisterClassW
SetWindowTextW
EnableWindow
IsWindowVisible
MessageBoxW
FindWindowExW
SetWindowPos
SetWindowLongW
CreateCaret
UpdateLayeredWindow
EndPaint
BeginPaint
InvalidateRect
SystemParametersInfoW
GetWindowTextW
GetWindowLongW
EnumWindows
SetFocus
SetCaretPos
HideCaret
ShowCaret
GetClientRect
GetParent
SetForegroundWindow
SetActiveWindow
GetWindowRect
PostMessageW
MoveWindow
CharUpperW
FindWindowA
SendMessageTimeoutW
ReleaseDC
OffsetRect
SetRect
FillRect
DrawTextW
DrawIconEx
IntersectRect
DestroyWindow
SetCapture
CharNextW
ReleaseCapture
GetCapture
GetKeyState
SetCursor
DestroyIcon
UnionRect
RegisterWindowMessageW
CallWindowProcW
IsRectEmpty
GetCaretPos
GetCursorPos
InflateRect
GetSysColor
ClientToScreen
ScreenToClient
PrivateExtractIconsW

gdi32

GetTextExtentExPointW
TextOutW
PatBlt
LPtoDP
CreateBitmap
SetRectRgn
CreateRectRgnIndirect
DPtoLP
Polyline
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
GetObjectA
CreateDIBSection
GetStockObject
CreatePen
Rectangle
MoveToEx
LineTo
CreateSolidBrush
SetTextColor
GetTextExtentPoint32W
RoundRect
GetCurrentObject
StretchBlt
ExtCreateRegion
CombineRgn
CreateFontIndirectW
SetViewportOrgEx
CreateDCW
GetDeviceCaps
SelectPalette
RealizePalette
GetDIBits
GetTextMetricsW
GetClipBox
ExcludeClipRect
CreateRectRgn
SetBkColor
ExtTextOutW
GetClipRgn
ExtSelectClipRgn
SelectClipRgn
CreatePatternBrush
RestoreDC
GetTextColor
GetStretchBltMode
SetStretchBltMode
RectVisible
SaveDC
CreatePenIndirect
GetBkMode
ExtCreatePen
CreateDCA
GetObjectW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

ChangeServiceConfigW
QueryServiceConfigW
ControlService
QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
QueryServiceConfig2W
OpenServiceW
EnumDependentServicesW
OpenSCManagerW
DeleteService
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyW
RegOpenKeyW
RegEnumKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetKeySecurity
RegGetKeySecurity
CryptAcquireContextA
CryptDeriveKey
CryptSetKeyParam
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptImportKey
QueryServiceStatus
CreateServiceW
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
GetUserNameW
LookupAccountSidW
GetAclInformation
GetSecurityDescriptorDacl
AdjustTokenPrivileges
AccessCheck
MapGenericMask
DuplicateToken
GetFileSecurityW
AddAce
InitializeSid
InitializeAcl
GetSidLengthRequired
GetAce
GetSidIdentifierAuthority
IsValidSid
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
FreeSid
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetEntriesInAclW
AllocateAndInitializeSid
ConvertSidToStringSidW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
RegSetValueExW
OpenProcessToken
GetTokenInformation
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
GetSidSubAuthorityCount
GetSidSubAuthority
ConvertStringSidToSidW
SetTokenInformation
GetLengthSid

shell32

ord165
ord51
SHFileOperationW
SHBindToParent
SHGetFolderLocation
SHGetFolderPathW
SHGetFileInfoW
ExtractIconExW
SHGetPathFromIDListW
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW
SHChangeNotify
DragFinish
SHGetSpecialFolderPathW
DragQueryFileW

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
OleInitialize
OleUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
StringFromIID
IIDFromString
CoCreateGuid
CoCreateInstance
CoInitialize

oleaut32

CreateErrorInfo
SetErrorInfo
VariantChangeType
GetErrorInfo
SafeArrayGetLBound
VariantTimeToSystemTime
SafeArrayGetElement
SysStringByteLen
VarBstrCmp
VariantInit
SysAllocStringByteLen
VariantClear
SysStringLen
SysAllocString
SysFreeString
SysAllocStringLen
SafeArrayGetUBound

shlwapi

PathIsDirectoryW
UrlIsW
PathFindFileNameW
wnsprintfW
SHDeleteKeyW
StrCmpNIW
PathRemoveFileSpecW
PathAppendW
StrCmpNIA
StrStrIA
StrChrA
PathRemoveBackslashW
PathStripPathW
StrStrW
PathStripToRootW
StrTrimW
PathFileExistsW
PathAddBackslashW
StrRetToStrW
StrRetToBufW

msimg32

AlphaBlend

msvcp120

??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
_Xtime_get_ticks
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_Xbad_function_call@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEDD@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?setf@ios_base@std@@QAEHHH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setf@ios_base@std@@QAEHH@Z
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
??Bios_base@std@@QBE_NXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?ws@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Lockit@std@@QAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?rdstate@ios_base@std@@QBEHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
??0id@locale@std@@QAE@I@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z
?eof@ios_base@std@@QBE_NXZ

msvcr120

floor
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
ceil
_local_unwind4
_stricmp
_write
_read
_strdup
??1type_info@@UAE@XZ
_recalloc
strstr
iswalpha
_strnicmp
_beginthreadex
_wstat64
_wmkdir
_wsplitpath_s
_waccess_s
_waccess
_findclose
_wfindnext64i32
_wfindfirst64i32
_itoa_s
_localtime64_s
_mktime64
_wtoi64
_ultow_s
swprintf_s
sprintf
strtoul
isupper
strtol
_strtoi64
_strtoui64
_except1
__clean_type_info_names_internal
clock
_libm_sse2_pow_precise
_libm_sse2_log_precise
wcstombs_s
mbstowcs_s
_invalid_parameter_noinfo_noreturn
??0exception@std@@QAE@ABQBDH@Z
_aligned_malloc
_aligned_free
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
??9type_info@@QBE_NABV0@@Z
_wcslwr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_gmtime64
__sys_nerr
strerror
getenv
fgets
strtoll
fputs
qsort
fseek
ftell
_errno
isxdigit
strpbrk
isalpha
strncpy
sscanf
fread
__iob_func
_stat64
calloc
_free_locale
__pctype_func
isprint
_create_locale
_isctype_l
strncmp
_strupr_s
iswprint
_wcsupr_s
_strlwr_s
sprintf_s
strtod
wcsstr
_wrename
_snwprintf_s
memmove
memcpy_s
??_V@YAXPAX@Z
toupper
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
wcscpy_s
__RTDynamicCast
_purecall
_vsnwprintf
free
_hypot
wcsncpy_s
wcsncat_s
_vscwprintf
vsprintf
fwprintf
_snprintf_s
_vsnprintf_s
malloc
strchr
memchr
fflush
vswprintf_s
fopen_s
vsprintf_s
_vswprintf_c_l
fopen
fprintf
fwrite
strrchr
iswspace
_memicmp
_vsnwprintf_s
_vscprintf
fclose
strncpy_s
wcschr
_wcslwr_s
isdigit
_wtoi
towlower
wcsrchr
tolower
wcsncpy
realloc
_wcsicmp
wcsncmp
wcstol
_wcsdup
wcstok_s
??8type_info@@QBE_NABV0@@Z
wcstoul
isspace
_wcsnicmp
isalnum
rand
_itow_s
_vsnprintf
srand
swscanf_s
wcsspn
wcscspn
_time64
wcsncat
_ftime64
memmove_s
fputc
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABV01@@Z
wmemcpy_s
_unlock_file
wcsnlen
ungetc
fgetpos
_fseeki64
fgetc
fsetpos
setvbuf
_lock_file
_wfullpath

gdiplus

GdipBitmapGetPixel
GdipCreateBitmapFromHBITMAP
GdipGetImageThumbnail
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipDrawImageRectRect
GdipGetImageRawFormat
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipFillPath
GdipFillPieI
GdipDrawPath
GdipDrawArcI
GdipSetInterpolationMode
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdipSetPenDashArray
GdipSetPenWidth
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImagePointsI
GdipDrawImageRectI
GdipGraphicsClear
GdipSetWorldTransform
GdipGetImageGraphicsContext
GdipDisposeImage
GdipRotateMatrix
GdipScaleMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipMeasureString
GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDeleteStringFormat
GdipDeleteGraphics
GdipDrawRectangleI
GdipAlloc
GdipFree
GdipDrawLineI
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipCloneBrush
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipSetSmoothingMode
GdipAddPathString
GdipCreateStringFormat

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetContext

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

GetUrlCacheEntryInfoExW

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

psapi

GetProcessMemoryInfo
GetModuleFileNameExW

ntdll

NtQueryInformationProcess
NtSetSystemInformation
RtlNtPathNameToDosPathName
RtlInitUnicodeString
NtCreatePagingFile
NtDuplicateObject
NtUnlockVirtualMemory
NtOpenProcess
NtLockVirtualMemory
NtSetInformationProcess
NtResumeProcess
NtClose
RtlNtStatusToDosError
NtSuspendProcess
NtTerminateProcess
NtQuerySystemInformation

ws2_32

getpeername
__WSAFDIsSet
select
send
ioctlsocket
freeaddrinfo
WSASetLastError
getaddrinfo
WSAIoctl
ntohl
closesocket
getsockopt
WSAStartup
connect
WSAGetLastError
WSACleanup
bind
recv
ntohs
getsockname
setsockopt
htons
WSAEventSelect
htonl
socket

dbghelp

MiniDumpWriteDump

mpr

WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

crypt32

CertGetNameStringW
CertNameToStrW

imagehlp

ImageGetCertificateHeader

netapi32

NetApiBufferFree
NetWkstaTransportEnum
Netbios

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:6 windows x86 arch:x86

c3edb07c6cec72157974f88fdf8fcd9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Download\openssl-OpenSSL_1_0_2o\out32dll\libeay32.pdb

Imports

ws2_32

sendto
recvfrom
WSACleanup
WSAStartup
getservbyname
gethostbyname
ntohs
ntohl
listen
getsockopt
ioctlsocket
bind
accept
socket
setsockopt
htons
htonl
connect
WSAGetLastError
WSASetLastError
shutdown
send
recv
closesocket

gdi32

GetDIBits
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap
GetObjectA

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

user32

ReleaseDC
GetDC
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

msvcr120

__clean_type_info_names_internal
_onexit
_snprintf
_exit
getenv
strtoul
strchr
wcsstr
__iob_func
sscanf
_vsnprintf
raise
realloc
malloc
free
memcpy
_localtime64
_time64
memset
_gmtime64
_stricmp
_strnicmp
_errno
strncpy
memmove
_read
_write
isdigit
isxdigit
atoi
sprintf
strstr
fputs
fclose
feof
ferror
fflush
fgets
_fileno
fopen
fread
fseek
ftell
fwrite
_wfopen
_setmode
perror
qsort
strcmp
_fdopen
setvbuf
_chmod
_open
_stat64i32
strerror
isspace
isalnum
tolower
strncmp
isupper
strrchr
fprintf
memchr
strtol
signal
_getch
printf
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit

kernel32

QueryPerformanceCounter
SystemTimeToFileTime
GetSystemTime
MultiByteToWideChar
SetLastError
LoadLibraryA
FreeLibrary
GetCurrentProcessId
FindNextFileA
FindFirstFileA
FindClose
GetCurrentThreadId
GetLastError
WriteFile
GetFileType
GetTickCount
GlobalMemoryStatus
FlushConsoleInputBuffer
IsDebuggerPresent
EncodePointer
IsProcessorFeaturePresent
DecodePointer
GetSystemTimeAsFileTime
CloseHandle
GetStdHandle
GetProcAddress
GetModuleHandleA
ExitProcess

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_consttime_swap
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one

Sections

.text
Size: 839KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp120.dll
.dll windows:6 windows x86 arch:x86

6ccda270a497a2c5a36a7f385cc9910d

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13
Signer

Actual PE Digest

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13

Digest Algorithm

sha256

PE Digest Matches

true

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e
Signer

Actual PE Digest

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp120.i386.pdb

Imports

msvcr120

?what@exception@std@@UBEPBDXZ
_CxxThrowException
__CxxFrameHandler3
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
memset
_fsopen
fseek
_wfsopen
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Free@Concurrency@@YAXPAX@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0critical_section@Concurrency@@QAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
?wait@event@Concurrency@@QAEII@Z
?set@event@Concurrency@@QAEXXZ
ldexp
sprintf_s
strcspn
wcslen
_Strftime
_Wcsftime
strcmp
setlocale
_malloc_crt
_realloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fgetwc
fputwc
ungetwc
__uncaught_exception
_errno
memcmp
_wcsdup
___lc_locale_name_func
___lc_collate_cp_func
__crtCompareStringA
__crtLCMapStringA
___lc_codepage_func
_ismbblead
remove
rename
_wremove
strcpy_s
wcscpy_s
_wgetcwd
_wchdir
_wmkdir
_wrmdir
??1bad_cast@std@@UAE@XZ
_getcwd
_chdir
_mkdir
_rmdir
__crtIsPackagedApp
__crtCreateSymbolicLinkW
__crtGetFileInformationByHandleEx
__crtSetFileInformationByHandle
_calloc_crt
??0_Condition_variable@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
__crtSleep
_beginthreadex
_endthreadex
?lock@critical_section@Concurrency@@QAEXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?unlock@critical_section@Concurrency@@QAEXXZ
?terminate@@YAXXZ
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
calloc
??0operation_timed_out@Concurrency@@QAE@XZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0bad_target@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
_lock
_unlock
__pctype_func
isupper
__crtGetLocaleInfoEx
islower
__crtLCMapStringW
isspace
tolower
memchr
sqrt
isdigit
isxdigit
isalnum
__crtCompareStringW
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
??0bad_cast@std@@QAE@ABV01@@Z
_W_Gettnames
_W_Getmonths
_W_Getdays
_Gettnames
_Getmonths
_Getdays
localeconv
??0bad_cast@std@@QAE@PBD@Z
??_V@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
memmove
strlen
memcpy
malloc
free
___mb_cur_max_func
_purecall
rand_s
fputs
fputc
__iob_func
abort
log
__crtInitializeCriticalSectionEx
??3@YAXPAX@Z
??2@YAPAXI@Z
_wrename

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
AreFileApisANSI
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Pad@std@@QAE@ABV01@@Z
??0_Pad@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Pad@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Pad@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7_Pad@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_10@placeholders@std@@3V?$_Ph@$09@2@A
?_11@placeholders@std@@3V?$_Ph@$0L@@2@A
?_12@placeholders@std@@3V?$_Ph@$0M@@2@A
?_13@placeholders@std@@3V?$_Ph@$0N@@2@A
?_14@placeholders@std@@3V?$_Ph@$0O@@2@A
?_15@placeholders@std@@3V?$_Ph@$0P@@2@A
?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A
?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A
?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A
?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_5@placeholders@std@@3V?$_Ph@$04@2@A
?_6@placeholders@std@@3V?$_Ph@$05@2@A
?_7@placeholders@std@@3V?$_Ph@$06@2@A
?_8@placeholders@std@@3V?$_Ph@$07@2@A
?_9@placeholders@std@@3V?$_Ph@$08@2@A
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Copy_file@sys@tr2@std@@YAHPBD0_N@Z
?_Copy_file@sys@tr2@std@@YAHPB_W0_N@Z
?_Current_get@sys@tr2@std@@YAPADAAY0BAE@D@Z
?_Current_get@sys@tr2@std@@YAPA_WAAY0BAE@_W@Z
?_Current_set@sys@tr2@std@@YA_NPBD@Z
?_Current_set@sys@tr2@std@@YA_NPB_W@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Equivalent@sys@tr2@std@@YAHPBD0@Z
?_Equivalent@sys@tr2@std@@YAHPB_W0@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_File_size@sys@tr2@std@@YA_KPBD@Z
?_File_size@sys@tr2@std@@YA_KPB_W@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_Future_error_map@std@@YAPBDH@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcr120.dll
.dll windows:6 windows x86 arch:x86

aa8d086deb6960b10f8791df466a5610

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88
Signer

Actual PE Digest

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88

Digest Algorithm

sha256

PE Digest Matches

true

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78
Signer

Actual PE Digest

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr120.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
IsProcessorFeaturePresent
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z
??0_Interruption_exception@details@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@Concurrency@@QAE@PBD@Z
??0task_canceled@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??3@YAXPAXHPBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
??_V@YAXPAXHPBDH@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrSwap@@YAXPAX0@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBE_NABV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FCbuild
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active

Sections

.text
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skin/btn_close.png
.png
skin/btn_compress.png
.png
skin/btn_del.png
.png
skin/btn_extract.png
.png
skin/btn_info.png
.png
skin/btn_orient.png
.png
skin/btn_test.png
.png
skin/checkbox.png
.png
skin/dropandup.png
.png
skin/image_ok.png
.png
skin/loading.png
.png
skin/logo_16x16.png
.png
skin/new.png
.png
skin/openfolder.png
.png
skin/radiobox.png
.png
skin/slogen.png
.png
skin/tips_bkg.png
.png
skin/title_icon_image.png
.png
skin/xiaogzilogo.png
skin/xiaogzip.ico

Sharing

General

Malware Config

Signatures

Files

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 932KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 4KB - Virtual size: 3KB

039bcbc605477e8e87ec550c2e60e748

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7bCertificate

Extended Key Usages

Key Usages

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0aCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

51:ac:3c:38:0a:c6:b3:9f:aa:aa:aa:67:b6:98:b3:b5:e3:3b:a1:7c:90:59:79:a5:c0:fb:98:c4:6b:63:8e:12Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

d6ed743c1613db95ce8ec2ee5d7a28c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

version

psapi

msimg32

imm32

gdiplus

ntdll

mpr

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 932KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 4KB - Virtual size: 3KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

51:ac:3c:38:0a:c6:b3:9f:aa:aa:aa:67:b6:98:b3:b5:e3:3b:a1:7c:90:59:79:a5:c0:fb:98:c4:6b:63:8e:12
Signer

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 427KB - Virtual size: 427KB

.data
Size: 57KB - Virtual size: 87KB

.rsrc
Size: 199KB - Virtual size: 199KB

.reloc
Size: 115KB - Virtual size: 114KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 170KB - Virtual size: 169KB

.data
Size: 15KB - Virtual size: 55KB

.rsrc
Size: 96KB - Virtual size: 95KB

.reloc
Size: 45KB - Virtual size: 45KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

15:01:a7:82:bf:fe:70:95:ce:ad:d6:18:62:86:fe:dd:06:22:9d:6e:37:de:45:5e:cb:f7:dc:7f:7e:67:50:49
Signer

.text
Size: 356KB - Virtual size: 356KB

.rdata
Size: 82KB - Virtual size: 81KB

.data
Size: 10KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 18KB - Virtual size: 17KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

59:6b:3b:53:cf:bf:7e:a7:9e:2a:3b:f0:ea:26:3c:7b
Certificate