02652335de6abae53945ace2c7e57b7a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02652335de6abae53945ace2c7e57b7a_JaffaCakes118
Size

14.0MB
MD5

02652335de6abae53945ace2c7e57b7a
SHA1

388beae6d1b6bd86c8853409fd34dc37057f2e15
SHA256

a8135844216f23ac28e6ced4f8a4573ab62b60527159c1e31c974f9baca9006a
SHA512

d0ec4054ad8e6d2406d43bef91569a5bb5b8e264ca7b717dec70d7c6cb915efc9ac18dc9eda263b9e1b7a9d79abed8cacf00613425a24d1fa8761ba7653d1194
SSDEEP

393216:TnzYyd2LhV/wKWGErhf5vWU+HH9TQLFVcmL1G5F5mMe:9dSHEXvH+nxQLbceMQ

Score

7^/10

qr link upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/HttpFtp.dll	acprotect

Requests dangerous framework permissions 13 IoCs

description	ioc
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to read or write the system settings.	android.permission.WRITE_SETTINGS
Required to be able to access the camera device.	android.permission.CAMERA
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to initiate a phone call without going through the Dialer user interface for the user to confirm the call.	android.permission.CALL_PHONE
Allows an app to access approximate location.	android.permission.ACCESS_COARSE_LOCATION
Allows an application to read SMS messages.	android.permission.READ_SMS
Allows an application to read the user's contacts data.	android.permission.READ_CONTACTS
Allows an application to write the user's contacts data.	android.permission.WRITE_CONTACTS
Allows an application to receive SMS messages.	android.permission.RECEIVE_SMS
Allows an application to send SMS messages.	android.permission.SEND_SMS

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/HttpFtp.dll	upx

One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
qr link

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/$PLUGINSDIR/BgWorker.dll
unpack002/$PLUGINSDIR/SkinBtn.dll
unpack002/$PLUGINSDIR/SkinProgress.dll
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/WndProc.dll
unpack002/$PLUGINSDIR/nsDialogs.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack003/out.upx

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/zds_setup_5.6.1.0_OPDA.exe	nsis_installer_1
static1/unpack001/zds_setup_5.6.1.0_OPDA.exe	nsis_installer_2

Files

02652335de6abae53945ace2c7e57b7a_JaffaCakes118
.zip
Readme-说明.htm
zds_setup_5.6.1.0_OPDA.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

aa:e8:f5:9c:a6:29:ca:94:76:5d:8d:40:46:27:f5:98:9b:6b:7d:76
Signer

Actual PE Digest

aa:e8:f5:9c:a6:29:ca:94:76:5d:8d:40:46:27:f5:98:9b:6b:7d:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BgWorker.dll
.dll windows:4 windows x86 arch:x86

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GetModuleHandleA
CloseHandle
SetThreadPriority
CreateThread

user32

IsWindowUnicode
PostMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects

Exports

Exports

CallAndWait

Sections

.text
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinBtn.dll
.dll windows:4 windows x86 arch:x86

baf2d405231cd43dae48df474a521d01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpynA
GetModuleHandleA
GlobalFree

user32

InvalidateRect
GetParent
SetWindowLongA
CallWindowProcA
GetPropA
SendMessageA
DrawTextA
DrawStateA
LoadImageA
RemovePropA
GetWindowLongA
SetPropA

gdi32

GetObjectA
CreateCompatibleDC
DeleteObject
SelectObject
DeleteDC
SetBkMode

msimg32

TransparentBlt

comctl32

_TrackMouseEvent

Exports

Exports

Init
Set
onClick

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 947B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/SkinProgress.dll
.dll windows:4 windows x86 arch:x86

df38729be926f91d3390389029adf53b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalAlloc
GlobalFree
GetModuleHandleA

user32

GetWindowRect
BeginPaint
GetWindowDC
CallWindowProcA
ReleaseDC
EndPaint
GetWindowLongA
GetPropA
SetPropA
SetWindowLongA
RemovePropA
LoadImageA
SendMessageA

gdi32

DeleteDC
BitBlt
CreateCompatibleBitmap
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteObject

Exports

Exports

Set

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 797B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/WndProc.dll
.dll windows:4 windows x86 arch:x86

b3f659d7637a91b4fec12ff9b930080d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
GlobalAlloc

user32

CallWindowProcA
SetWindowLongA
GetPropA
SetPropA
wsprintfA

Exports

Exports

onCallback

Sections

.text
Size: 1024B - Virtual size: 934B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 377B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/bk.bmp
$PLUGINSDIR/btn_change.bmp
$PLUGINSDIR/btn_close.bmp
$PLUGINSDIR/btn_complete.bmp
$PLUGINSDIR/btn_install.bmp
$PLUGINSDIR/checkbox1.bmp
$PLUGINSDIR/checkbox2.bmp
$PLUGINSDIR/instdir.bmp
$PLUGINSDIR/loading1.bmp
$PLUGINSDIR/loading2.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/success.bmp
AdbWinApi.dll
.dll windows:6 windows x86 arch:x86

c64cac39044626770353879245ea25e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:8e:ec:b8:71:f3:54:1d:8d:23:fa:6f:ef:41:75:99:a0:70:3f:7b
Signer

Actual PE Digest

2a:8e:ec:b8:71:f3:54:1d:8d:23:fa:6f:ef:41:75:99:a0:70:3f:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\code\android\donut\development\host\windows\usb\api\objfre_wxp_x86\i386\AdbWinApi.pdb

Imports

ole32

CoCreateInstance

kernel32

GetACP
SetLastError
CloseHandle
GetLastError
DeviceIoControl
WriteFile
ReadFile
GetOverlappedResult
CreateFileW
WideCharToMultiByte
Sleep
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryW
GetFileAttributesW
GetSystemDirectoryW
RaiseException
FreeLibrary
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetCommandLineA
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
OutputDebugStringA
VirtualAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetModuleHandleW
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW

Exports

Exports

??0AdbEndpointObject@@QAE@ABV0@@Z
??0AdbEndpointObject@@QAE@PAVAdbInterfaceObject@@EE@Z
??0AdbIOCompletion@@QAE@ABV0@@Z
??0AdbIOCompletion@@QAE@PAVAdbEndpointObject@@KPAX@Z
??0AdbInterfaceObject@@QAE@ABV0@@Z
??0AdbInterfaceObject@@QAE@PBG@Z
??0AdbObjectHandle@@QAE@ABV0@@Z
??0AdbObjectHandle@@QAE@W4AdbObjectType@@@Z
??1AdbEndpointObject@@MAE@XZ
??1AdbIOCompletion@@MAE@XZ
??1AdbInterfaceObject@@MAE@XZ
??1AdbObjectHandle@@MAE@XZ
??4AdbEndpointObject@@QAEAAV0@ABV0@@Z
??4AdbIOCompletion@@QAEAAV0@ABV0@@Z
??4AdbInterfaceObject@@QAEAAV0@ABV0@@Z
??4AdbObjectHandle@@QAEAAV0@ABV0@@Z
??_7AdbEndpointObject@@6B@
??_7AdbIOCompletion@@6B@
??_7AdbInterfaceObject@@6B@
??_7AdbObjectHandle@@6B@
?AddRef@AdbObjectHandle@@UAEJXZ
?AsyncRead@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?AsyncWrite@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?CloseHandle@AdbObjectHandle@@UAE_NXZ
?CreateHandle@AdbObjectHandle@@UAEPAXXZ
?GetEndpointInformation@AdbEndpointObject@@UAE_NPAU_AdbEndpointInformation@@@Z
?GetInterfaceName@AdbInterfaceObject@@UAE_NPAXPAK_N@Z
?GetParentInterfaceHandle@AdbEndpointObject@@QBEPAXXZ
?GetParentObjectHandle@AdbIOCompletion@@QBEPAXXZ
?GetUsbConfigurationDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_CONFIGURATION_DESCRIPTOR@@@Z
?GetUsbDeviceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_DEVICE_DESCRIPTOR@@@Z
?GetUsbInterfaceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_INTERFACE_DESCRIPTOR@@@Z
?IsCompleted@AdbIOCompletion@@UAE_NXZ
?IsObjectOfType@AdbObjectHandle@@UBE_NW4AdbObjectType@@@Z
?IsOpened@AdbObjectHandle@@QBE_NXZ
?LastReferenceReleased@AdbObjectHandle@@MAEXXZ
?Lookup@AdbObjectHandle@@SGPAV1@PAX@Z
?Release@AdbObjectHandle@@UAEJXZ
?SyncRead@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?SyncWrite@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?Type@AdbEndpointObject@@SG?AW4AdbObjectType@@XZ
?Type@AdbIOCompletion@@SG?AW4AdbObjectType@@XZ
?Type@AdbInterfaceObject@@SG?AW4AdbObjectType@@XZ
?adb_handle@AdbObjectHandle@@QBEPAXXZ
?endpoint_id@AdbEndpointObject@@QBEEXZ
?endpoint_index@AdbEndpointObject@@QBEEXZ
?interface_name@AdbInterfaceObject@@QBEABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?object_type@AdbObjectHandle@@QBE?AW4AdbObjectType@@XZ
?overlapped@AdbIOCompletion@@QAEPAU_OVERLAPPED@@XZ
?parent_interface@AdbEndpointObject@@QBEPAVAdbInterfaceObject@@XZ
?parent_io_object@AdbIOCompletion@@QBEPAVAdbEndpointObject@@XZ
?usb_config_descriptor@AdbInterfaceObject@@QBEPBU_USB_CONFIGURATION_DESCRIPTOR@@XZ
?usb_device_descriptor@AdbInterfaceObject@@QBEPBU_USB_DEVICE_DESCRIPTOR@@XZ
?usb_interface_descriptor@AdbInterfaceObject@@QBEPBU_USB_INTERFACE_DESCRIPTOR@@XZ
AdbCloseHandle
AdbCreateInterface
AdbCreateInterfaceByName
AdbEnumInterfaces
AdbGetDefaultBulkReadEndpointInformation
AdbGetDefaultBulkWriteEndpointInformation
AdbGetEndpointInformation
AdbGetEndpointInterface
AdbGetInterfaceName
AdbGetOvelappedIoResult
AdbGetSerialNumber
AdbGetUsbConfigurationDescriptor
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbHasOvelappedIoComplated
AdbNextInterface
AdbOpenDefaultBulkReadEndpoint
AdbOpenDefaultBulkWriteEndpoint
AdbOpenEndpoint
AdbQueryInformationEndpoint
AdbReadEndpointAsync
AdbReadEndpointSync
AdbResetInterfaceEnum
AdbWriteEndpointAsync
AdbWriteEndpointSync

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AdbWinUsbApi.dll
.dll windows:6 windows x86 arch:x86

fda9f9f5f569ddd0dbf3ad8a275a2eb8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c2:24:23:13:16:2b:c3:b5:50:15:12:92:d3:31:17:ff:30:85:32:e2
Signer

Actual PE Digest

c2:24:23:13:16:2b:c3:b5:50:15:12:92:d3:31:17:ff:30:85:32:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\code\android\donut\development\host\windows\usb\winusb\objfre_wxp_x86\i386\AdbWinUsbApi.pdb

Imports

ole32

CoCreateInstance

kernel32

TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
WriteFile
OutputDebugStringA
ExitProcess
LoadLibraryA
GetModuleHandleW
GetCPInfo
GetACP
GetOEMCP
GetModuleHandleA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
VirtualProtect
GetSystemInfo
VirtualQuery
GetProcAddress
HeapAlloc
HeapFree
RtlUnwind
GetVersionExA
GetCommandLineA
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
Sleep
CreateFileW
WideCharToMultiByte
CreateEventW
CloseHandle
GetLastError
SetLastError
InterlockedDecrement
GetLocaleInfoA

winusb

WinUsb_GetDescriptor
WinUsb_Free
WinUsb_QueryPipe
WinUsb_GetOverlappedResult
WinUsb_ReadPipe
WinUsb_WritePipe
WinUsb_QueryInterfaceSettings
WinUsb_GetCurrentAlternateSetting
WinUsb_Initialize
WinUsb_SetPipePolicy

adbwinapi

?IsCompleted@AdbIOCompletion@@UAE_NXZ
??0AdbIOCompletion@@QAE@PAVAdbEndpointObject@@KPAX@Z
?GetUsbConfigurationDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_CONFIGURATION_DESCRIPTOR@@@Z
?GetUsbDeviceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_DEVICE_DESCRIPTOR@@@Z
?GetInterfaceName@AdbInterfaceObject@@UAE_NPAXPAK_N@Z
??0AdbInterfaceObject@@QAE@PBG@Z
??1AdbEndpointObject@@MAE@XZ
?SyncWrite@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?SyncRead@AdbEndpointObject@@UAE_NPAXKPAKK@Z
?AsyncWrite@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?AsyncRead@AdbEndpointObject@@UAEPAXPAXKPAK0K@Z
?GetEndpointInformation@AdbEndpointObject@@UAE_NPAU_AdbEndpointInformation@@@Z
?LastReferenceReleased@AdbObjectHandle@@MAEXXZ
?IsObjectOfType@AdbObjectHandle@@UBE_NW4AdbObjectType@@@Z
?CloseHandle@AdbObjectHandle@@UAE_NXZ
?CreateHandle@AdbObjectHandle@@UAEPAXXZ
?AddRef@AdbObjectHandle@@UAEJXZ
??0AdbEndpointObject@@QAE@PAVAdbInterfaceObject@@EE@Z
??1AdbIOCompletion@@MAE@XZ
??1AdbInterfaceObject@@MAE@XZ
?GetUsbInterfaceDescriptor@AdbInterfaceObject@@UAE_NPAU_USB_INTERFACE_DESCRIPTOR@@@Z

Exports

Exports

InstantiateWinUsbInterface

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AndroidAssistHelper.dll
.dll windows:5 windows x86 arch:x86

f5027d98b7006d8dd206835ea58da9cd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:70:bd:93:cf:3f:18:9a:e6:45:2b:51:4c:49:34:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

17/01/2013, 00:00

Not After

16/02/2016, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

95:18:8a:69:45:ca:8a:31:78:be:dc:2d:45:31:94:a5:fe:f1:3f:d7
Signer

Actual PE Digest

95:18:8a:69:45:ca:8a:31:78:be:dc:2d:45:31:94:a5:fe:f1:3f:d7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\Projects\5070\ConnectServiceSrc\Output\Pdb\AndroidAssistHelper.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

SetFilePointerEx
WriteFile
CopyFileW
DeleteFileW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetLastError
lstrlenW
WideCharToMultiByte
GlobalFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
lstrlenA
MultiByteToWideChar
ReleaseMutex
WaitForSingleObject
CreateMutexW
LocalAlloc
LocalFree
OpenMutexW
MoveFileW
FindFirstFileW
FindNextFileW
FindClose
GetModuleHandleW
GetProcAddress
GetFileSize
MapViewOfFile
UnmapViewOfFile
GetModuleHandleExW
QueryPerformanceCounter
GetTickCount
GetPrivateProfileStringW
SystemTimeToFileTime
WritePrivateProfileStringW
GetModuleFileNameW
GetTempPathW
GetLongPathNameW
CreateDirectoryW
GetFileAttributesW
ReadFile
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
SetFilePointer
WriteConsoleW
LoadLibraryW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
CreateFileW
CloseHandle
FlushFileBuffers
SetEnvironmentVariableA
InterlockedCompareExchange
InitializeCriticalSection
GetCommandLineA
TerminateProcess
GetCurrentProcess
OpenFileMappingW
GetStringTypeW
RtlUnwind
GetCurrentProcessId
GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedExchange
GetConsoleMode
GetConsoleCP
SetStdHandle
GetStartupInfoW
SetHandleCount
CompareStringW
GetTimeZoneInformation
GetLocaleInfoW
GetStdHandle
HeapCreate
ExitProcess
LCMapStringW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
HeapDestroy
HeapSize
RaiseException
EncodePointer
DecodePointer
GetCurrentThreadId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

advapi32

RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
RegSetValueExW

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoLoadLibrary
CoFreeLibrary
CoTaskMemFree

shlwapi

PathFileExistsW
wnsprintfW
PathAppendW

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpConnect
WinHttpCrackUrl
WinHttpReadData
WinHttpSetOption
WinHttpCloseHandle
WinHttpOpen
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpQueryDataAvailable

ws2_32

ntohs
ntohl
htonl
htons

Exports

Exports

CreateAndroidAssist
GetRunningAndroidServerVersion
RepairAndroidAssist

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ApkFont/AndroidManifest.xml
.xml
ApkFont/apktool.yml
ApkFont/assets/xml/AiFont.xml
ApkFont/res/drawable/icon.png
.png
ApkFont/res/values/public.xml
.xml
ApkFont/res/values/strings.xml
.xml
ApkFont/smali/com/monotype/android/font/AiFont/R$attr.smali
ApkFont/smali/com/monotype/android/font/AiFont/R$drawable.smali
ApkFont/smali/com/monotype/android/font/AiFont/R$string.smali
ApkFont/smali/com/monotype/android/font/AiFont/R.smali
ApkTool/aapt.exe
.exe windows:4 windows x86 arch:x86

6cae795410282b03a8c84b120ba75b69

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

62:fb:a6:1f:e7:59:f9:e0:ff:e0:80:2c:29:3b:2c:d9:f6:98:09:0a
Signer

Actual PE Digest

62:fb:a6:1f:e7:59:f9:e0:ff:e0:80:2c:29:3b:2c:d9:f6:98:09:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateEventA
CreateFileMappingA
CreateMutexA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemInfo
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MapViewOfFile
MultiByteToWideChar
ReleaseMutex
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
WaitForSingleObject
WideCharToMultiByte

msvcrt

_access
_close
_dup
_fdopen
_fstat
_getpid
_lseek
_open
_read
_stat
_strdup
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_chsize
_errno
_filbuf
_findclose
_findfirst
_findnext
_fullpath
_get_osfhandle
_iob
_isctype
_lseeki64
_mkdir
_onexit
_pctype
_setjmp
_setmode
_stricmp
_strnicmp
abort
atexit
atoi
calloc
exit
fclose
fflush
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
gmtime
localeconv
localtime
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
pow
printf
putchar
puts
qsort
rand
realloc
remove
rewind
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strncpy
strrchr
strstr
strtok
strtol
time
tolower
toupper
wcslen

Sections

.text
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ApkTool/apktool.bat
.bat .vbs
ApkTool/apktool.jar
.jar
AutoSign/README
AutoSign/Sign.bat
AutoSign/libhgl.so
.elf linux arm
AutoSign/signapk.jar
.jar
AutoSign/testkey.pk8
AutoSign/testkey.x509.pem
AutoSign/ziti_pc.key
DuiLib.dll
.dll windows:5 windows x86 arch:x86

10ab227f1eb10615548a0617a8dfb08b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1e:68:3b:88:ac:5f:a2:58:ae:9c:ee:c8:7b:a8:f3:d0:44:ae:28:da
Signer

Actual PE Digest

1e:68:3b:88:ac:5f:a2:58:ae:9c:ee:c8:7b:a8:f3:d0:44:ae:28:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetConsoleMode
GetConsoleCP
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
DeleteCriticalSection
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetStringTypeW
HeapDestroy
HeapCreate
HeapSize
Sleep
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
SetLastError
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
GetCommandLineA
GetCurrentThreadId
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
EncodePointer
DecodePointer
SetStdHandle
WriteConsoleW
CreateFileW
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetLocalTime
MulDiv
GetFileSize
MultiByteToWideChar
GetTickCount
GetModuleHandleA
LoadLibraryA
GetProcAddress
SetCurrentDirectoryA
GetModuleFileNameA
GetLastError
WriteFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
DosDateTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
DisableThreadLibraryCalls
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
GetACP
WideCharToMultiByte
FindResourceA
LoadResource
FreeResource
SizeofResource
LockResource
ExitProcess
LCMapStringW
FlushFileBuffers

user32

SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
CreateAcceleratorTableA
MoveWindow
InvalidateRgn
SetRect
CreateCaret
DrawTextA
FillRect
GetCursorPos
IsIconic
GetMonitorInfoA
MonitorFromWindow
IsZoomed
SetWindowRgn
HideCaret
ShowCaret
SetCaretPos
ClientToScreen
GetSysColor
CharPrevA
GetWindowRect
GetWindowLongA
GetClientRect
ScreenToClient
MessageBoxA
SetWindowPos
SetWindowLongA
OffsetRect
InflateRect
UnionRect
SetCursor
LoadCursorA
wvsprintfA
wsprintfA
DefWindowProcA
IsWindow
ShowWindow
PostQuitMessage
DispatchMessageA
GetUpdateRect
BeginPaint
EndPaint
MapWindowPoints
GetFocus
DestroyWindow
ReleaseDC
ReleaseCapture
SetCapture
KillTimer
SetTimer
InvalidateRect
GetDC
GetKeyState
CharNextA
IsRectEmpty
IntersectRect
PtInRect
CreateWindowExA
GetClassInfoExA
RegisterClassExA
RegisterClassA
GetMenu
AdjustWindowRectEx
PostMessageA
SetPropA
GetPropA
CallWindowProcA
GetSystemMetrics
LoadImageA
SendMessageA
GetParent
GetWindow
EnableWindow
GetMessageA
SetFocus
TranslateMessage

gdi32

ExtSelectClipRgn
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
SaveDC
BitBlt
RestoreDC
Rectangle
SetWindowOrgEx
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
SelectObject
GetTextMetricsA
CreateRoundRectRgn
DeleteObject
CreateRectRgnIndirect
CreateDIBSection
SetStretchBltMode
ExtTextOutA
SetBkColor
CreateSolidBrush
LineTo
MoveToEx
CreatePenIndirect
RoundRect
SetTextColor
SetBkMode
TextOutA
GetTextExtentPoint32A
GetCharABCWidthsA
GdiFlush
GetDeviceCaps
GetClipBox
StretchBlt
CreatePen
CombineRgn

ole32

OleLockRunning
CLSIDFromString
CLSIDFromProgID
CoCreateInstance

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
VariantInit

gdiplus

GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawString
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateLineBrushI
GdiplusStartup
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipAlloc
GdipFree
GdipDeleteBrush
GdiplusShutdown

comctl32

ord17
_TrackMouseEvent

Exports

Exports

??0CActiveXUI@DuiLib@@QAE@ABV01@@Z
??0CActiveXUI@DuiLib@@QAE@XZ
??0CButtonUI@DuiLib@@QAE@ABV01@@Z
??0CButtonUI@DuiLib@@QAE@XZ
??0CCheckBoxUI@DuiLib@@QAE@ABV01@@Z
??0CCheckBoxUI@DuiLib@@QAE@XZ
??0CChildLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CChildLayoutUI@DuiLib@@QAE@XZ
??0CComboBoxUI@DuiLib@@QAE@ABV01@@Z
??0CComboBoxUI@DuiLib@@QAE@XZ
??0CComboUI@DuiLib@@QAE@ABV01@@Z
??0CComboUI@DuiLib@@QAE@XZ
??0CContainerUI@DuiLib@@QAE@ABV01@@Z
??0CContainerUI@DuiLib@@QAE@XZ
??0CControlUI@DuiLib@@QAE@ABV01@@Z
??0CControlUI@DuiLib@@QAE@XZ
??0CDateTimeUI@DuiLib@@QAE@ABV01@@Z
??0CDateTimeUI@DuiLib@@QAE@XZ
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
??0CDuiRect@DuiLib@@QAE@HHHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CDuiString@DuiLib@@QAE@D@Z
??0CDuiString@DuiLib@@QAE@PBDH@Z
??0CDuiString@DuiLib@@QAE@XZ
??0CEditUI@DuiLib@@QAE@ABV01@@Z
??0CEditUI@DuiLib@@QAE@XZ
??0CEventSource@DuiLib@@QAE@ABV01@@Z
??0CEventSource@DuiLib@@QAE@XZ
??0CHorizontalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??0CLabelUI@DuiLib@@QAE@ABV01@@Z
??0CLabelUI@DuiLib@@QAE@XZ
??0CListBodyUI@DuiLib@@QAE@ABV01@@Z
??0CListBodyUI@DuiLib@@QAE@PAVCListUI@1@@Z
??0CListContainerElementUI@DuiLib@@QAE@ABV01@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??0CListElementUI@DuiLib@@QAE@ABV01@@Z
??0CListElementUI@DuiLib@@QAE@XZ
??0CListHeaderItemUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderItemUI@DuiLib@@QAE@XZ
??0CListHeaderUI@DuiLib@@QAE@ABV01@@Z
??0CListHeaderUI@DuiLib@@QAE@XZ
??0CListLabelElementUI@DuiLib@@QAE@ABV01@@Z
??0CListLabelElementUI@DuiLib@@QAE@XZ
??0CListTextElementUI@DuiLib@@QAE@ABV01@@Z
??0CListTextElementUI@DuiLib@@QAE@XZ
??0CListUI@DuiLib@@QAE@ABV01@@Z
??0CListUI@DuiLib@@QAE@XZ
??0CMarkup@DuiLib@@QAE@PBD@Z
??0CMarkupNode@DuiLib@@AAE@PAVCMarkup@1@H@Z
??0CMarkupNode@DuiLib@@AAE@XZ
??0CNotifyPump@DuiLib@@QAE@ABV01@@Z
??0CNotifyPump@DuiLib@@QAE@XZ
??0COptionUI@DuiLib@@QAE@ABV01@@Z
??0COptionUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@ABV01@@Z
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CPoint@DuiLib@@QAE@ABUtagPOINT@@@Z
??0CPoint@DuiLib@@QAE@HH@Z
??0CPoint@DuiLib@@QAE@J@Z
??0CPoint@DuiLib@@QAE@XZ
??0CProgressUI@DuiLib@@QAE@ABV01@@Z
??0CProgressUI@DuiLib@@QAE@XZ
??0CRichEditUI@DuiLib@@QAE@ABV01@@Z
??0CRichEditUI@DuiLib@@QAE@XZ
??0CScrollBarUI@DuiLib@@QAE@ABV01@@Z
??0CScrollBarUI@DuiLib@@QAE@XZ
??0CSize@DuiLib@@QAE@ABUtagSIZE@@@Z
??0CSize@DuiLib@@QAE@HH@Z
??0CSize@DuiLib@@QAE@UtagRECT@@@Z
??0CSize@DuiLib@@QAE@XZ
??0CSliderUI@DuiLib@@QAE@ABV01@@Z
??0CSliderUI@DuiLib@@QAE@XZ
??0CStdPtrArray@DuiLib@@QAE@ABV01@@Z
??0CStdPtrArray@DuiLib@@QAE@H@Z
??0CStdStringPtrMap@DuiLib@@QAE@H@Z
??0CStdValArray@DuiLib@@QAE@HH@Z
??0CTabLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTabLayoutUI@DuiLib@@QAE@XZ
??0CTextUI@DuiLib@@QAE@ABV01@@Z
??0CTextUI@DuiLib@@QAE@XZ
??0CTileLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CTileLayoutUI@DuiLib@@QAE@XZ
??0CTreeNodeUI@DuiLib@@QAE@ABV01@@Z
??0CTreeNodeUI@DuiLib@@QAE@PAV01@@Z
??0CTreeViewUI@DuiLib@@QAE@ABV01@@Z
??0CTreeViewUI@DuiLib@@QAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
??0CWaitCursor@DuiLib@@QAE@XZ
??0CWebBrowserUI@DuiLib@@QAE@ABV01@@Z
??0CWebBrowserUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@ABV01@@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0WindowImplBase@DuiLib@@QAE@ABV01@@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??1CActiveXUI@DuiLib@@UAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
??1CCheckBoxUI@DuiLib@@UAE@XZ
??1CChildLayoutUI@DuiLib@@UAE@XZ
??1CComboBoxUI@DuiLib@@UAE@XZ
??1CComboUI@DuiLib@@UAE@XZ
??1CContainerUI@DuiLib@@UAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??1CDateTimeUI@DuiLib@@UAE@XZ
??1CDelegateBase@DuiLib@@UAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
??1CEditUI@DuiLib@@UAE@XZ
??1CEventSource@DuiLib@@QAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
??1CLabelUI@DuiLib@@UAE@XZ
??1CListBodyUI@DuiLib@@UAE@XZ
??1CListContainerElementUI@DuiLib@@UAE@XZ
??1CListElementUI@DuiLib@@UAE@XZ
??1CListHeaderItemUI@DuiLib@@UAE@XZ
??1CListHeaderUI@DuiLib@@UAE@XZ
??1CListLabelElementUI@DuiLib@@UAE@XZ
??1CListTextElementUI@DuiLib@@UAE@XZ
??1CListUI@DuiLib@@UAE@XZ
??1CMarkup@DuiLib@@QAE@XZ
??1CNotifyPump@DuiLib@@QAE@XZ
??1COptionUI@DuiLib@@UAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
??1CProgressUI@DuiLib@@UAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
??1CRichEditUI@DuiLib@@UAE@XZ
??1CScrollBarUI@DuiLib@@UAE@XZ
??1CSliderUI@DuiLib@@UAE@XZ
??1CStdPtrArray@DuiLib@@QAE@XZ
??1CStdStringPtrMap@DuiLib@@QAE@XZ
??1CStdValArray@DuiLib@@QAE@XZ
??1CTabLayoutUI@DuiLib@@UAE@XZ
??1CTextUI@DuiLib@@UAE@XZ
??1CTileLayoutUI@DuiLib@@UAE@XZ
??1CTreeNodeUI@DuiLib@@UAE@XZ
??1CTreeViewUI@DuiLib@@UAE@XZ
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??1CWaitCursor@DuiLib@@QAE@XZ
??1CWebBrowserUI@DuiLib@@UAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??4CActiveXUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CButtonUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CCheckBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CChildLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboBoxUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CComboUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CContainerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CControlUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDateTimeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CDelegateBase@DuiLib@@QAEAAV01@ABV01@@Z
??4CDialogBuilder@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiRect@DuiLib@@QAEAAV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
??4CDuiString@DuiLib@@QAEABV01@D@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
??4CDuiString@DuiLib@@QAEABV01@PB_W@Z
??4CEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CEventSource@DuiLib@@QAEAAV01@ABV01@@Z
??4CHorizontalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CLabelUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListBodyUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListContainerElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderItemUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListHeaderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListLabelElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListTextElementUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CListUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkup@DuiLib@@QAEAAV01@ABV01@@Z
??4CMarkupNode@DuiLib@@QAEAAV01@ABV01@@Z
??4CNotifyPump@DuiLib@@QAEAAV01@ABV01@@Z
??4COptionUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPaintManagerUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CPoint@DuiLib@@QAEAAV01@ABV01@@Z
??4CProgressUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderClip@DuiLib@@QAEAAV01@ABV01@@Z
??4CRenderEngine@DuiLib@@QAEAAV01@ABV01@@Z
??4CRichEditUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CScrollBarUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CSize@DuiLib@@QAEAAV01@ABV01@@Z
??4CSliderUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdPtrArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdStringPtrMap@DuiLib@@QAEAAV01@ABV01@@Z
??4CStdValArray@DuiLib@@QAEAAV01@ABV01@@Z
??4CTabLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTextUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTileLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeNodeUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CTreeViewUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CVerticalLayoutUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWaitCursor@DuiLib@@QAEAAV01@ABV01@@Z
??4CWebBrowserUI@DuiLib@@QAEAAV01@ABV01@@Z
??4CWindowWnd@DuiLib@@QAEAAV01@ABV01@@Z
??4WindowImplBase@DuiLib@@QAEAAV01@ABV01@@Z
??8CDuiString@DuiLib@@QBE_NPBD@Z
??9CDuiString@DuiLib@@QBE_NPBD@Z
??ACDuiString@DuiLib@@QBEDH@Z
??ACStdPtrArray@DuiLib@@QBEPAXH@Z
??ACStdStringPtrMap@DuiLib@@QBEPBDH@Z
??ACStdValArray@DuiLib@@QBEPAXH@Z
??BCDuiString@DuiLib@@QBEPBDXZ
??BCEventSource@DuiLib@@QAE_NXZ
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
??HCDuiString@DuiLib@@QBE?AV01@ABV01@@Z
??HCDuiString@DuiLib@@QBE?AV01@PBD@Z
??MCDuiString@DuiLib@@QBE_NPBD@Z
??NCDuiString@DuiLib@@QBE_NPBD@Z
??OCDuiString@DuiLib@@QBE_NPBD@Z
??PCDuiString@DuiLib@@QBE_NPBD@Z
??RCDelegateBase@DuiLib@@QAE_NPAX@Z
??RCEventSource@DuiLib@@QAE_NPAX@Z
??YCDuiString@DuiLib@@QAEABV01@ABV01@@Z
??YCDuiString@DuiLib@@QAEABV01@D@Z
??YCDuiString@DuiLib@@QAEABV01@PBD@Z
??YCDuiString@DuiLib@@QAEABV01@PB_W@Z
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??YCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??ZCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??ZCEventSource@DuiLib@@QAEXP6A_NPAX@Z@Z
??_7CActiveXUI@DuiLib@@6BCControlUI@1@@
??_7CActiveXUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CButtonUI@DuiLib@@6B@
??_7CCheckBoxUI@DuiLib@@6B@
??_7CChildLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CChildLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CComboBoxUI@DuiLib@@6B@
??_7CComboBoxUI@DuiLib@@6BCControlUI@1@@
??_7CComboBoxUI@DuiLib@@6BIContainerUI@1@@
??_7CComboUI@DuiLib@@6B@
??_7CComboUI@DuiLib@@6BCControlUI@1@@
??_7CComboUI@DuiLib@@6BIContainerUI@1@@
??_7CContainerUI@DuiLib@@6BCControlUI@1@@
??_7CContainerUI@DuiLib@@6BIContainerUI@1@@
??_7CControlUI@DuiLib@@6B@
??_7CDateTimeUI@DuiLib@@6B@
??_7CDelegateBase@DuiLib@@6B@
??_7CEditUI@DuiLib@@6B@
??_7CHorizontalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CHorizontalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CLabelUI@DuiLib@@6B@
??_7CListBodyUI@DuiLib@@6BCControlUI@1@@
??_7CListBodyUI@DuiLib@@6BIContainerUI@1@@
??_7CListContainerElementUI@DuiLib@@6B@
??_7CListContainerElementUI@DuiLib@@6BCControlUI@1@@
??_7CListContainerElementUI@DuiLib@@6BIContainerUI@1@@
??_7CListElementUI@DuiLib@@6BCControlUI@1@@
??_7CListElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListHeaderItemUI@DuiLib@@6B@
??_7CListHeaderUI@DuiLib@@6BCControlUI@1@@
??_7CListHeaderUI@DuiLib@@6BIContainerUI@1@@
??_7CListLabelElementUI@DuiLib@@6BCControlUI@1@@
??_7CListLabelElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListTextElementUI@DuiLib@@6BCControlUI@1@@
??_7CListTextElementUI@DuiLib@@6BIListItemUI@1@@
??_7CListUI@DuiLib@@6B@
??_7CListUI@DuiLib@@6BCControlUI@1@@
??_7CListUI@DuiLib@@6BIContainerUI@1@@
??_7CNotifyPump@DuiLib@@6B@
??_7COptionUI@DuiLib@@6B@
??_7CProgressUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6B@
??_7CRichEditUI@DuiLib@@6BCControlUI@1@@
??_7CRichEditUI@DuiLib@@6BIContainerUI@1@@
??_7CScrollBarUI@DuiLib@@6B@
??_7CSliderUI@DuiLib@@6B@
??_7CTabLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTabLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTextUI@DuiLib@@6B@
??_7CTileLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CTileLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeNodeUI@DuiLib@@6B@
??_7CTreeNodeUI@DuiLib@@6BCControlUI@1@@
??_7CTreeNodeUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BCControlUI@1@@
??_7CTreeViewUI@DuiLib@@6BCListUI@1@@
??_7CTreeViewUI@DuiLib@@6BIContainerUI@1@@
??_7CTreeViewUI@DuiLib@@6BINotifyUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BCControlUI@1@@
??_7CVerticalLayoutUI@DuiLib@@6BIContainerUI@1@@
??_7CWebBrowserUI@DuiLib@@6BCControlUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIDispatch@@@
??_7CWebBrowserUI@DuiLib@@6BIDocHostUIHandler@@@
??_7CWebBrowserUI@DuiLib@@6BIMessageFilterUI@1@@
??_7CWebBrowserUI@DuiLib@@6BIOleCommandTarget@@@
??_7CWebBrowserUI@DuiLib@@6BIServiceProvider@@@
??_7CWebBrowserUI@DuiLib@@6BITranslateAccelerator@1@@
??_7CWindowWnd@DuiLib@@6B@
??_7WindowImplBase@DuiLib@@6BCNotifyPump@1@@
??_7WindowImplBase@DuiLib@@6BCWindowWnd@1@@
??_7WindowImplBase@DuiLib@@6BIDialogBuilderCallback@1@@
??_7WindowImplBase@DuiLib@@6BIMessageFilterUI@1@@
??_7WindowImplBase@DuiLib@@6BINotifyUI@1@@
??_FCMarkup@DuiLib@@QAEXXZ
??_FCStdPtrArray@DuiLib@@QAEXXZ
??_FCStdStringPtrMap@DuiLib@@QAEXXZ
??_FCTreeNodeUI@DuiLib@@QAEXXZ
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?Activate@CComboUI@DuiLib@@UAE_NXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?Activate@CListElementUI@DuiLib@@UAE_NXZ
?Activate@COptionUI@DuiLib@@UAE_NXZ
?Add@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CListUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CStdPtrArray@DuiLib@@QAE_NPAX@Z
?Add@CStdValArray@DuiLib@@QAE_NPBX@Z
?Add@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?Add@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@@Z
?AddAt@CComboUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CListUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTabLayoutUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeNodeUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAEJPAVCTreeNodeUI@2@H@Z
?AddAt@CTreeViewUI@DuiLib@@UAE_NPAVCTreeNodeUI@2@0@Z
?AddChildNode@CTreeNodeUI@DuiLib@@QAE_NPAV12@@Z
?AddDefaultAttributeList@CPaintManagerUI@DuiLib@@QAEXPBD0@Z
?AddDelayedCleanup@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?AddFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@PBDH_N11@Z
?AddFontAt@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@HPBDH_N11@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBD0K@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBDPAUHBITMAP__@@HH_N@Z
?AddMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AddOptionGroup@CPaintManagerUI@DuiLib@@QAE_NPBDPAVCControlUI@2@@Z
?AddPostPaint@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddPreMessageFilter@CPaintManagerUI@DuiLib@@QAE_NPAVIMessageFilterUI@2@@Z
?AddRef@CWebBrowserUI@DuiLib@@UAGKXZ
?AddTranslateAccelerator@CPaintManagerUI@DuiLib@@QAE_NPAVITranslateAccelerator@2@@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?AdjustColor@CRenderEngine@DuiLib@@SAKKFFF@Z
?Append@CDuiString@DuiLib@@QAEXPBD@Z
?AppendText@CRichEditUI@DuiLib@@QAEHPBD_N@Z
?ApplyAttributeList@CControlUI@DuiLib@@QAEPAV12@PBD@Z
?Assign@CDuiString@DuiLib@@QAEXPBDH@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?BeforeNavigate2@CWebBrowserUI@DuiLib@@IAEXPAUIDispatch@@AAPAUtagVARIANT@@1111AAPAF@Z
?CalLocation@CTreeNodeUI@DuiLib@@AAEPAV12@PAV12@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?CharFromPos@CRichEditUI@DuiLib@@QBEHVCPoint@2@@Z
?CheckBoxSelected@CTreeNodeUI@DuiLib@@QAEX_N@Z
?Clear@CRichEditUI@DuiLib@@QAEXXZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?CommandStateChange@CWebBrowserUI@DuiLib@@IAEXJF@Z
?Compare@CDuiString@DuiLib@@QBEHPBD@Z
?CompareNoCase@CDuiString@DuiLib@@QBEHPBD@Z
?Copy@CRichEditUI@DuiLib@@QAEXXZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@PAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PBDPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKKHHHHPAUHMENU__@@@Z
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKKUtagRECT@@PAUHMENU__@@@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NPBD@Z
?CreateControl@CActiveXUI@DuiLib@@QAE_NU_GUID@@@Z
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PBD@Z
?CreateDuiWindow@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKK@Z
?Cut@CRichEditUI@DuiLib@@QAEXXZ
?DUI__Trace@DuiLib@@YAXPBDZZ
?DUI__TraceMsg@DuiLib@@YAPBDI@Z
?Deflate@CDuiRect@DuiLib@@QAEXHH@Z
?DoCreateControl@CActiveXUI@DuiLib@@MAE_NXZ
?DoCreateControl@CWebBrowserUI@DuiLib@@UAE_NXZ
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CComboUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CDateTimeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListBodyUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListContainerElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListHeaderItemUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListLabelElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListTextElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CListUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CRichEditUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CScrollBarUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CSliderUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTextUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CTreeNodeUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CComboUI@DuiLib@@UAEXXZ
?DoInit@CControlUI@DuiLib@@UAEXXZ
?DoInit@CRichEditUI@DuiLib@@UAEXXZ
?DoPaint@CActiveXUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CComboUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CRichEditUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CScrollBarUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?Download@CWebBrowserUI@DuiLib@@UAGJPAUIMoniker@@PAUIBindCtx@@KJPAU_tagBINDINFO@@PB_W3I@Z
?DrawColor@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@K@Z
?DrawGradient@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@KK_NH@Z
?DrawHtmlText@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PBDKPAU5@PAVCDuiString@2@AAHI@Z
?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@PBD1@Z
?DrawImage@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAUHBITMAP__@@ABUtagRECT@@222_NE333@Z
?DrawImageString@CRenderEngine@DuiLib@@SA_NPAUHDC__@@PAVCPaintManagerUI@2@ABUtagRECT@@2PBD3@Z
?DrawItemBk@CListContainerElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemBk@CListElementUI@DuiLib@@QAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListLabelElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawItemText@CListTextElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DrawLine@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HKH@Z
?DrawRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HK@Z
?DrawRoundRect@CRenderEngine@DuiLib@@SAXPAUHDC__@@ABUtagRECT@@HHHK@Z
?DrawTextA@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAVCPaintManagerUI@2@AAUtagRECT@@PBDKHI@Z
?Empty@CDuiRect@DuiLib@@QAEXXZ
?Empty@CDuiString@DuiLib@@QAEXXZ
?Empty@CStdPtrArray@DuiLib@@QAEXXZ
?Empty@CStdValArray@DuiLib@@QAEXXZ
?EmptyUndoBuffer@CRichEditUI@DuiLib@@QAEXXZ
?EnableModeless@CWebBrowserUI@DuiLib@@UAGJH@Z
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EnableScrollBar@CListUI@DuiLib@@UAEX_N0@Z
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CListUI@DuiLib@@UAEXXZ
?EndDown@CRichEditUI@DuiLib@@UAEXXZ
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?EndRight@CListUI@DuiLib@@UAEXXZ
?EndRight@CRichEditUI@DuiLib@@UAEXXZ
?EnsureVisible@CListUI@DuiLib@@QAEXH@Z
?Equals@CDelegateBase@DuiLib@@QBE_NABV12@@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CComboUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CEditUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListHeaderItemUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListHeaderUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListLabelElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CListTextElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@COptionUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CRichEditUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?EstimateSize@CTextUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?Exec@CWebBrowserUI@DuiLib@@UAGJPBU_GUID@@KKPAUtagVARIANT@@1@Z
?Expand@CListContainerElementUI@DuiLib@@UAE_N_N@Z
?Expand@CListElementUI@DuiLib@@UAE_N_N@Z
?ExpandItem@CListUI@DuiLib@@UAE_NH_N@Z
?FilterDataObject@CWebBrowserUI@DuiLib@@UAGJPAUIDataObject@@PAPAU3@@Z
?Find@CDuiString@DuiLib@@QBEHDH@Z
?Find@CDuiString@DuiLib@@QBEHPBDH@Z
?Find@CStdPtrArray@DuiLib@@QBEHPAX@Z
?Find@CStdStringPtrMap@DuiLib@@QBEPAXPBD_N@Z
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBD@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?FindFont@CPaintManagerUI@DuiLib@@QAE_NPAUHFONT__@@@Z
?FindFont@CPaintManagerUI@DuiLib@@QAE_NPBDH_N11@Z
?FindId@CWebBrowserUI@DuiLib@@SAJPAUIDispatch@@PA_W@Z
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PBD@Z
?FindSubControlByClass@CPaintManagerUI@DuiLib@@QAEPAVCControlUI@2@PAV32@PBDH@Z
?FindSubControlByName@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@PBD@Z
?FindSubControlByPoint@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@UtagPOINT@@@Z
?FindSubControlsByClass@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PAVCControlUI@2@PBD@Z
?Format@CDuiString@DuiLib@@QAAHPBDZZ
?FreeImage@CRenderEngine@DuiLib@@SAXPBUtagTImageInfo@2@@Z
?GenerateBitmap@CRenderEngine@DuiLib@@SAPAUHBITMAP__@@PAVCPaintManagerUI@2@PAVCControlUI@2@UtagRECT@@@Z
?GenerateClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@AAV12@@Z
?GenerateRoundClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@1HHAAV12@@Z
?GetAdjustColor@CControlUI@DuiLib@@QAEKK@Z
?GetAt@CDuiString@DuiLib@@QBEDH@Z
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?GetAt@CStdStringPtrMap@DuiLib@@QBEPBDH@Z
?GetAt@CStdValArray@DuiLib@@QBEPAXH@Z
?GetAttributeCount@CMarkupNode@DuiLib@@QAEHXZ
?GetAttributeName@CMarkupNode@DuiLib@@QAEPBDH@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAEPBDH@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAEPBDPBD@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAE_NHPADK@Z
?GetAttributeValue@CMarkupNode@DuiLib@@QAE_NPBDPADK@Z
?GetAutoURLDetect@CRichEditUI@DuiLib@@QBE_NXZ
?GetBkColor2@CControlUI@DuiLib@@QBEKXZ
?GetBkColor3@CControlUI@DuiLib@@QBEKXZ
?GetBkColor@CControlUI@DuiLib@@QBEKXZ
?GetBkDisabledImage@CScrollBarUI@DuiLib@@QAEPBDXZ
?GetBkHotImage@CScrollBarUI@DuiLib@@QAEPBDXZ
?GetBkImage@CControlUI@DuiLib@@QAEPBDXZ
?GetBkNormalImage@CScrollBarUI@DuiLib@@QAEPBDXZ
?GetBkPushedImage@CScrollBarUI@DuiLib@@QAEPBDXZ
?GetBorderColor@CControlUI@DuiLib@@QBEKXZ
?GetBorderRound@CControlUI@DuiLib@@QBE?AUtagSIZE@@XZ
?GetBorderSize@CControlUI@DuiLib@@QBEHXZ
?GetBorderStyle@CControlUI@DuiLib@@QBEHXZ
?GetBottomBorderSize@CControlUI@DuiLib@@QBEHXZ

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HttpFtp.dll
.dll windows:4 windows x86 arch:x86

Code Sign

19:9d:f8:72
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=Time-Stamping Authority WoSign,O=WoSign eCommerce Services Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

17:bb:91:d4:2a:cd:31
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

26/04/2013, 18:33

Not After

29/04/2016, 22:44

Subject

CN=点量软件有限公司,O=点量软件有限公司,L=济南市,ST=山东省,C=CN,1.2.840.113549.1.9.1=#0c10737570706f727440646f6c69742e636e

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 19:46

Not After

17/09/2036, 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

75:4f:c6:d5:0d:ff:cc:58:41:42:58:3a:d8:72:04:67:2d:ad:9c:d4
Signer

Actual PE Digest

75:4f:c6:d5:0d:ff:cc:58:41:42:58:3a:d8:72:04:67:2d:ad:9c:d4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

HttpFtp_Downloader_AddMirrorUrl
HttpFtp_Downloader_DeleteStatuseFile
HttpFtp_Downloader_GetDownloadRunningTime
HttpFtp_Downloader_GetDownloadTime
HttpFtp_Downloader_GetDownloadedSize
HttpFtp_Downloader_GetFileName
HttpFtp_Downloader_GetFileSize
HttpFtp_Downloader_GetLastError
HttpFtp_Downloader_GetLeftSize
HttpFtp_Downloader_GetLeftTime
HttpFtp_Downloader_GetPercentDone
HttpFtp_Downloader_GetSpeed
HttpFtp_Downloader_GetState
HttpFtp_Downloader_GetUrl
HttpFtp_Downloader_Initialize
HttpFtp_Downloader_Load
HttpFtp_Downloader_Release
HttpFtp_Downloader_Resume
HttpFtp_Downloader_Stop
HttpFtp_GetSetting
HttpFtp_GetVerInfo
HttpFtp_SetLogLanguage
HttpFtp_SetMaxConns
HttpFtp_SetMaxConnsPS
HttpFtp_SetMaxTraffic
HttpFtp_SetProxy
HttpFtp_SetReceiveLogFunc
HttpFtp_SetSetting
HttpFtp_SetVerInfo
HttpFtp_Shutdown
HttpFtp_Startup

Sections

UPX0
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 201KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ToolBoxDownloader.exe
.exe windows:5 windows x86 arch:x86

22a58c9800f4a35592f87ada6a425138

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1e:eb:29:3e:fe:16:c3:60:f1:73:09:ce:ef:c1:43:74:4e:7c:02:1b
Signer

Actual PE Digest

1e:eb:29:3e:fe:16:c3:60:f1:73:09:ce:ef:c1:43:74:4e:7c:02:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\zhuodashi\Release\ToolBoxDownloader.pdb

Imports

kernel32

GetUserDefaultLCID
GetStringTypeW
LCMapStringW
GetLocaleInfoA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
EnumSystemLocalesA
IsValidLocale
SetEndOfFile
GetProcessHeap
WriteConsoleW
CreateFileW
InitializeCriticalSection
MultiByteToWideChar
GetTempPathA
WideCharToMultiByte
GetCommandLineW
HeapReAlloc
Sleep
GetLastError
GetFileAttributesA
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
HeapAlloc
HeapFree
GetProcAddress
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
CloseHandle
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
WriteFile
GetModuleFileNameW
HeapCreate
ReadFile
InterlockedExchange
LoadLibraryW
GetLocaleInfoW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
CreateFileA
SetStdHandle

shell32

ShellExecuteA
CommandLineToArgvW

wininet

InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetOpenA

netapi32

Netbios

httpftp

HttpFtp_Downloader_GetDownloadedSize
HttpFtp_Downloader_GetFileSize
HttpFtp_Downloader_Release
HttpFtp_Downloader_GetLastError
HttpFtp_Downloader_GetState
HttpFtp_Downloader_Initialize
HttpFtp_Startup
HttpFtp_SetVerInfo

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZDSRooter.exe
.exe windows:5 windows x86 arch:x86

0b9b9f2fc47b9b3a18253c3d6d427f62

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

8e:f8:5a:f9:d1:3b:a5:b6:15:30:14:b4:59:d2:fe:24:6e:43:ad:74
Signer

Actual PE Digest

8e:f8:5a:f9:d1:3b:a5:b6:15:30:14:b4:59:d2:fe:24:6e:43:ad:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\zhuodashi\Release\ZDSRooter.pdb

Imports

kernel32

ExitThread
GetCurrentThreadId
CreateThread
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapReAlloc
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
GetCPInfo
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFullPathNameA
GetFileType
GetCurrentDirectoryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
HeapFree
HeapAlloc
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
InterlockedExchange
DecodePointer
EncodePointer
InterlockedDecrement
GetModuleFileNameW
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapSize
LoadLibraryW
GetLocaleInfoW
SetHandleCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
InterlockedIncrement
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetDriveTypeW
SetStdHandle
SetEndOfFile
GetProcessHeap
WriteConsoleW
CompareStringW
GetExitCodeProcess
CreateFileW
SetLastError
GetFileInformationByHandle
FileTimeToSystemTime
GetStartupInfoA
GetProcessId
CreateMutexA
GetTickCount
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
FindNextFileA
FindClose
GetModuleFileNameA
PeekNamedPipe
GetTempPathA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceA
CreateDirectoryA
ReleaseSemaphore
OpenSemaphoreA
MultiByteToWideChar
WideCharToMultiByte
CreateSemaphoreA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForMultipleObjects
ResetEvent
WaitForSingleObject
DeleteCriticalSection
SetEvent
InitializeCriticalSection
CreateEventA
SetFilePointer
WriteFile
GetFileSize
CreateFileA
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
ReadFile
CreateProcessA
GetStdHandle
SetHandleInformation
GetLastError
CreatePipe
CloseHandle
WaitForSingleObjectEx
TerminateThread
DeleteFileA
FlushFileBuffers
SetFileAttributesA

user32

UnregisterDeviceNotification
PostQuitMessage
SetTimer
SetWindowPos
IsWindow
SetActiveWindow
GetWindowThreadProcessId
SetForegroundWindow
IsZoomed
LoadImageA
SendMessageA
PostMessageA
GetWindowLongA
SetWindowLongA
IsIconic
GetWindowRect
SetWindowRgn
ScreenToClient
GetClientRect
GetMonitorInfoA
wsprintfA
MonitorFromWindow
KillTimer
RegisterDeviceNotificationA
FindWindowA
SetFocus

gdi32

StretchBlt
SetStretchBltMode
GetObjectA
CreateCompatibleDC
DeleteDC
SelectObject
DeleteObject
CreateRoundRectRgn

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA
SHFileOperationA

ole32

CoInitialize
CoUninitialize

wininet

InternetOpenUrlA
InternetReadFile
InternetReadFileExA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
HttpEndRequestA
InternetConnectA
InternetCloseHandle
InternetSetStatusCallback
InternetOpenA

shlwapi

PathFileExistsA

duilib

??1CDelegateBase@DuiLib@@UAE@XZ
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
??0CDuiString@DuiLib@@QAE@PBDH@Z
??1CContainerUI@DuiLib@@UAE@XZ
??0CContainerUI@DuiLib@@QAE@XZ
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPBD_N@Z
??HCDuiString@DuiLib@@QBE?AV01@PBD@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBD@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKKHHHHPAUHMENU__@@@Z
??1CVerticalLayoutUI@DuiLib@@UAE@XZ
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBDXZ
?HandleMessage@CWindowWnd@DuiLib@@MAEJIIJ@Z
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?GetCaptionRect@CPaintManagerUI@DuiLib@@QAEAAUtagRECT@@XZ
?Offset@CDuiRect@DuiLib@@QAEXHH@Z
??0CDuiRect@DuiLib@@QAE@XZ
?GetRoundCorner@CPaintManagerUI@DuiLib@@QBE?AUtagSIZE@@XZ
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?Init@CPaintManagerUI@DuiLib@@QAEXPAUHWND__@@@Z
?SetFont@CRichEditUI@DuiLib@@QAEXH@Z
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?SelectItem@CTabLayoutUI@DuiLib@@QAE_NH@Z
?OnFinalMessage@CWindowWnd@DuiLib@@MAEXPAUHWND__@@@Z
??1CPaintManagerUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@XZ
??0CWindowWnd@DuiLib@@QAE@XZ
?SetAttribute@CProgressUI@DuiLib@@UAEXPBD0@Z
?GetInterface@CProgressUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CProgressUI@DuiLib@@UBEPBDXZ
?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@PBD1@Z
?SmallFormat@CDuiString@DuiLib@@QAAHPBDZZ
?Empty@CDuiString@DuiLib@@QAEXXZ
?IsEmpty@CDuiString@DuiLib@@QBE_NXZ
?LoadImageA@CRenderEngine@DuiLib@@SAPAUtagTImageInfo@2@VSTRINGorID@2@PBDK@Z
?GetImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBD@Z
??0CProgressUI@DuiLib@@QAE@XZ
??1CHorizontalLayoutUI@DuiLib@@UAE@XZ
?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CHorizontalLayoutUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetPos@CHorizontalLayoutUI@DuiLib@@UAEXUtagRECT@@@Z
?GetControlFlags@CHorizontalLayoutUI@DuiLib@@UBEIXZ
?GetInterface@CHorizontalLayoutUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CHorizontalLayoutUI@DuiLib@@UBEPBDXZ
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
??1CButtonUI@DuiLib@@UAE@XZ
?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CButtonUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?GetInterface@CButtonUI@DuiLib@@UAEPAXPBD@Z
?SetPushedImage@CButtonUI@DuiLib@@QAEXPBD@Z
?SetHotImage@CButtonUI@DuiLib@@QAEXPBD@Z
?SetNormalImage@CButtonUI@DuiLib@@QAEXPBD@Z
??0CButtonUI@DuiLib@@QAE@XZ
?GetObjectA@CDelegateBase@DuiLib@@IAEPAXXZ
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CLabelUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetText@CLabelUI@DuiLib@@UAEXPBD@Z
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetInterface@CLabelUI@DuiLib@@UAEPAXPBD@Z
??1CLabelUI@DuiLib@@UAE@XZ
??0CLabelUI@DuiLib@@QAE@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PBDPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z
?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z
?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EndRight@CContainerUI@DuiLib@@UAEXXZ
?HomeLeft@CContainerUI@DuiLib@@UAEXXZ
?PageRight@CContainerUI@DuiLib@@UAEXXZ
?PageLeft@CContainerUI@DuiLib@@UAEXXZ
?LineRight@CContainerUI@DuiLib@@UAEXXZ
?LineLeft@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?HomeUp@CContainerUI@DuiLib@@UAEXXZ
?PageDown@CContainerUI@DuiLib@@UAEXXZ
?PageUp@CContainerUI@DuiLib@@UAEXXZ
?LineDown@CContainerUI@DuiLib@@UAEXXZ
?LineUp@CContainerUI@DuiLib@@UAEXXZ
?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@@Z
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
?GetClass@CContainerUI@DuiLib@@UBEPBDXZ
?GetInterface@CContainerUI@DuiLib@@UAEPAXPBD@Z
?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ
?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z
?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ
?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CVerticalLayoutUI@DuiLib@@UAEXPBD0@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetPos@CVerticalLayoutUI@DuiLib@@UAEXUtagRECT@@@Z
?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?GetControlFlags@CVerticalLayoutUI@DuiLib@@UBEIXZ
?GetInterface@CVerticalLayoutUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CVerticalLayoutUI@DuiLib@@UBEPBDXZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBD@Z
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?RemoveAll@CContainerUI@DuiLib@@UAEXXZ
?RemoveAt@CContainerUI@DuiLib@@UAE_NH@Z
?Remove@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?GetCount@CContainerUI@DuiLib@@UBEHXZ
?SetItemIndex@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?GetItemIndex@CContainerUI@DuiLib@@UBEHPAVCControlUI@2@@Z
?GetItemAt@CContainerUI@DuiLib@@UBEPAVCControlUI@2@H@Z
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetPos@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CContainerUI@DuiLib@@UAEXPBD0@Z
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PBD@Z
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?NavigateHomePage@CWebBrowserUI@DuiLib@@QAEXXZ
?SetHomePage@CWebBrowserUI@DuiLib@@QAEXPBD@Z
?SendMessageA@CWindowWnd@DuiLib@@QAEJIIJ@Z
?GetCurSel@CTabLayoutUI@DuiLib@@QBEHXZ
?GetCheck@CCheckBoxUI@DuiLib@@QBE_NXZ
??0CControlUI@DuiLib@@QAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??0CDuiString@DuiLib@@QAE@XZ
??1CDuiString@DuiLib@@QAE@XZ
?KillTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@I@Z
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@II@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?Format@CDuiString@DuiLib@@QAAHPBDZZ
?GetData@CDuiString@DuiLib@@QBEPBDXZ
?SetBkImage@CControlUI@DuiLib@@QAEXPBD@Z
??BCDuiString@DuiLib@@QBEPBDXZ
??8CDuiString@DuiLib@@QBE_NPBD@Z
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
?SendNotify@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@PBDIJ_N@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPBD0@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetName@CControlUI@DuiLib@@UAEXPBD@Z
?GetInterface@CControlUI@DuiLib@@UAEPAXPBD@Z
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CControlUI@DuiLib@@UAEXPBD@Z
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z
?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetToolTip@CControlUI@DuiLib@@UAEXPBD@Z
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?GetShortcut@CControlUI@DuiLib@@UBEDXZ
?SetShortcut@CControlUI@DuiLib@@UAEXD@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetUserData@CControlUI@DuiLib@@UAEXPBD@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?SetValue@CProgressUI@DuiLib@@QAEXH@Z

zlib

?GetZipFileList@@YAXHPAD@Z
?ReadZipFile@@YAHHPAD0PAXH@Z
?OpenZip1@@YAHPBD@Z
?CompareFile@@YA_NHPBD@Z
?CloseZip1@@YAXH_N@Z
?GetZipFileSize@@YAHHPAD@Z

devices

?get@DEVICE_MODEL@@YAHPAD0PBD1@Z

ws2_32

WSAGetLastError
WSACleanup
recv
shutdown
setsockopt
send
inet_addr
WSAEventSelect
WSAEnumNetworkEvents
connect
socket
htonl
htons
WSAStartup
closesocket
WSACreateEvent

httpftp

HttpFtp_Downloader_GetLeftTime
HttpFtp_Downloader_GetPercentDone
HttpFtp_Downloader_GetSpeed
HttpFtp_SetVerInfo
HttpFtp_Downloader_GetDownloadedSize
HttpFtp_Downloader_GetFileSize
HttpFtp_Downloader_Release
HttpFtp_Downloader_GetLastError
HttpFtp_Downloader_GetState
HttpFtp_Downloader_Initialize
HttpFtp_Startup
HttpFtp_Downloader_GetLeftSize

libeay32

ord260
ord2656
ord266
ord3067
ord256
ord2894
ord255
ord3836
ord3873
ord2644
ord961
ord323

netapi32

Netbios

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 461KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZLib.dll
.dll windows:5 windows x86 arch:x86

b5b300482ea974029733841929c26746

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

66:cb:72:90:98:34:3e:35:68:17:15:d6:a1:31:80:d1:dc:21:50:0a
Signer

Actual PE Digest

66:cb:72:90:98:34:3e:35:68:17:15:d6:a1:31:80:d1:dc:21:50:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToDosDateTime
FindFirstFileA
FindClose
FileTimeToLocalFileTime
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
ReadFile
CreateFileW
GetLastError
CloseHandle
MoveFileA
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
ExitProcess
LoadLibraryW
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapCreate
HeapDestroy
Sleep
MultiByteToWideChar
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
GetStringTypeW
FlushFileBuffers
SetStdHandle
HeapSize
HeapReAlloc
SetEndOfFile
GetProcessHeap

Exports

Exports

?AddUpdateFileToBack@@YA_NHPBDPADHH@Z
?AddUpdateFileToFront@@YA_NHPBDPADHH@Z
?CloseZip1@@YAXH_N@Z
?CompareCrc@@YA_NHPBDK@Z
?CompareFile@@YA_NHPBD@Z
?GetZipFileList@@YAXHPAD@Z
?GetZipFileSize@@YAHHPAD@Z
?OpenZip1@@YAHPBD@Z
?ReadZipFile@@YAHHPAD0PAXH@Z
?UpdateZipFile@@YA_NH@Z

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adb.exe
.exe windows:5 windows x86 arch:x86

766f85d53db15a7896be40fa8cd63030

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a5:42:ba:4f:3d:ce:25:ef:db:5c:16:52:78:3b:a6:7f:ab:0c:84:f3
Signer

Actual PE Digest

a5:42:ba:4f:3d:ce:25:ef:db:5c:16:52:78:3b:a6:7f:ab:0c:84:f3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WORK\project\adc\Release\adb.pdb

Imports

ws2_32

WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSAGetLastError
WSACleanup
WSAStartup
gethostbyname
socket
shutdown
send
recv
listen
htons
htonl
connect
closesocket
bind
accept
setsockopt

libeay32

ord3823
ord419
ord400
ord495
ord484
ord3686
ord497
ord486
ord281
ord283
ord2063
ord57
ord144
ord160
ord129
ord133
ord161
ord2802
ord126
ord125
ord150
ord110
ord111
ord67
ord85
ord87
ord52
ord109
ord66
ord78
ord82
ord93

adbwinapi

AdbWriteEndpointSync
AdbReadEndpointSync
AdbOpenDefaultBulkWriteEndpoint
AdbOpenDefaultBulkReadEndpoint
AdbGetEndpointInformation
AdbGetUsbInterfaceDescriptor
AdbGetUsbDeviceDescriptor
AdbGetSerialNumber
AdbGetInterfaceName
AdbCreateInterfaceByName
AdbNextInterface
AdbEnumInterfaces
AdbCloseHandle

kernel32

GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
OutputDebugStringW
WriteConsoleW
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualQuery
GetTimeZoneInformation
SetStdHandle
CreateDirectoryW
GetDriveTypeW
EnumSystemLocalesW
FileTimeToLocalFileTime
GetProcessHeap
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeLibrary
InterlockedExchange
GetModuleFileNameW
CreateSemaphoreW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
ReadConsoleW
SetEndOfFile
GetFullPathNameA
DeleteFileW
GetFileAttributesExW
FindFirstFileExW
SetFileAttributesW
GetLastError
Sleep
GetStdHandle
WriteFile
ReadFile
CloseHandle
SetHandleInformation
CreatePipe
GetModuleFileNameA
CreateProcessA
GetTempPathA
SetConsoleCtrlHandler
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
InitializeCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
GetFileSize
SetFilePointer
CreateEventA
CreateFileA
SetLastError
GetCurrentThread
InterlockedIncrement
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
ResumeThread
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindClose
FindFirstFileExA
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
RaiseException
LoadLibraryExW
lstrlenA
LoadLibraryW
WideCharToMultiByte
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
HeapSize
InitializeCriticalSectionAndSpinCount
FatalAppExitA
FlushFileBuffers
GetConsoleCP
GetConsoleMode
RtlUnwind
GetFileType
GetStartupInfoW
GetDateFormatW

shell32

SHGetFolderPathA

Sections

.text
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin.zip.crypt
data.crypt
data_download.db
devices.dll
.dll windows:5 windows x86 arch:x86

a513fcc03222d7ee15e4231ccc752d5b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ba:2f:05:a1:98:94:a9:3e:bc:51:7a:e7:16:d6:c4:f5:fa:4e:76:40
Signer

Actual PE Digest

ba:2f:05:a1:98:94:a9:3e:bc:51:7a:e7:16:d6:c4:f5:fa:4e:76:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
HeapReAlloc
HeapSize
RtlUnwind
GetStringTypeW
LCMapStringW
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
Sleep
IsProcessorFeaturePresent
SetLastError
GetLastError
HeapFree
HeapAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FlushFileBuffers

shell32

SHGetFolderPathA

shlwapi

StrStrIA

sqlite3

sqlite3_step
sqlite3_finalize
sqlite3_busy_timeout
sqlite3_errmsg
sqlite3_column_text
sqlite3_open
sqlite3_close
sqlite3_column_name
sqlite3_column_type
sqlite3_free
sqlite3_mprintf
sqlite3_prepare_v2
sqlite3_column_count

Exports

Exports

?get@DEVICE_MODEL@@YAHPAD0PBD1@Z

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fastboot.exe
.exe windows:4 windows x86 arch:x86

e8dd22d058018b76ae00e5f0e01fee2f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

96:4e:6d:7e:9b:48:15:1c:e8:ff:bb:b3:1d:99:55:0e:54:a2:ef:78
Signer

Actual PE Digest

96:4e:6d:7e:9b:48:15:1c:e8:ff:bb:b3:1d:99:55:0e:54:a2:ef:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReadFile
SetLastError
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte

msvcrt

_close
_fstat
_lseek
_open
_read
_strdup
_tempnam
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_isctype
_lseeki64
_onexit
_pctype
_setjmp
_setmode
_vsnprintf
atexit
calloc
exit
fprintf
fputc
free
fwrite
getenv
localeconv
longjmp
malloc
memchr
memcpy
memmove
memset
perror
printf
signal
sprintf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strtoul
vfprintf
wcslen

ws2_32

htonl
ntohl
ntohs

adbwinapi

AdbCloseHandle
AdbCreateInterfaceByName
AdbEnumInterfaces
AdbGetInterfaceName
AdbGetSerialNumber
AdbGetUsbDeviceDescriptor
AdbGetUsbInterfaceDescriptor
AdbNextInterface
AdbOpenDefaultBulkReadEndpoint
AdbOpenDefaultBulkWriteEndpoint
AdbReadEndpointSync
AdbWriteEndpointSync

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
libcurl.dll
.dll windows:5 windows x86 arch:x86

95b78a5fbeca1b852f8e81a6e4869c7b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:f8:90:8a:66:be:0c:c4:4e:50:48:ab:79:c0:a5:fe:fa:d0:9c:bd
Signer

Actual PE Digest

46:f8:90:8a:66:be:0c:c4:4e:50:48:ab:79:c0:a5:fe:fa:d0:9c:bd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

sendto
recvfrom
send
select
__WSAFDIsSet
inet_ntoa
WSASetLastError
gethostbyname
listen
accept
WSACleanup
WSAStartup
WSAGetLastError
socket
setsockopt
recv
ntohs
inet_addr
htons
getsockopt
getsockname
ioctlsocket
connect
closesocket
bind

wldap32

ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord60
ord211
ord46
ord143

kernel32

SetFilePointerEx
SetEndOfFile
HeapSize
SetEnvironmentVariableA
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
WriteConsoleW
LoadLibraryW
OutputDebugStringW
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
SetFilePointer
FlushFileBuffers
GetTimeZoneInformation
GetDriveTypeW
FindFirstFileExW
FindClose
SetStdHandle
GetConsoleCP
WideCharToMultiByte
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
WriteFile
GetProcessHeap
GetCPInfo
SleepEx
ExpandEnvironmentStringsA
CloseHandle
DuplicateHandle
GetLastError
SetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateEventA
GetCurrentProcess
TerminateThread
GetExitCodeThread
WaitForMultipleObjects
Sleep
FormatMessageA
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
FreeLibrary
GetProcAddress
LoadLibraryA
GetTickCount
IsDebuggerPresent
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
EncodePointer
DecodePointer
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
DeleteCriticalSection
InterlockedDecrement
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
RtlUnwind
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:6 windows x86 arch:x86

644ebc0c3c33e6718652b1a580086218

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:c1:8b:72:d0:09:fd:61:21:e0:c0:27:ec:18:82:82:01:ba:87:32
Signer

Actual PE Digest

27:c1:8b:72:d0:09:fd:61:21:e0:c0:27:ec:18:82:82:01:ba:87:32

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

sendto
recvfrom
WSACancelBlockingCall
WSACleanup
WSAStartup
getservbyname
gethostbyname
ntohs
ntohl
listen
getsockopt
inet_ntoa
bind
accept
socket
setsockopt
htons
htonl
connect
WSAGetLastError
WSASetLastError
shutdown
send
recv
closesocket

gdi32

SelectObject
GetDeviceCaps
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

user32

GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

kernel32

GetStringTypeW
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
CreateFileW
LoadLibraryExW
CompareStringW
LCMapStringW
SetEnvironmentVariableA
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
HeapSize
GetCurrentDirectoryW
SetEndOfFile
OutputDebugStringW
GetConsoleMode
FileTimeToSystemTime
GetDriveTypeW
FindFirstFileExW
FileTimeToLocalFileTime
SetFileAttributesW
ExitProcess
GetModuleHandleA
GetProcAddress
GetStdHandle
GetFileType
GetLastError
GetCurrentThreadId
GetVersion
GetCurrentThread
GetThreadTimes
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
LoadLibraryA
SetLastError
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetVersionExA
GlobalMemoryStatus
FlushConsoleInputBuffer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
ReadFile
MultiByteToWideChar
ReadConsoleW
WriteFile
WideCharToMultiByte
GetConsoleCP
IsDebuggerPresent
GetTimeZoneInformation
EncodePointer
DecodePointer
InterlockedDecrement
GetModuleHandleExW
AreFileApisANSI
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
Sleep
GetStartupInfoW
GetProcessHeap
GetModuleFileNameW
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
SetFilePointerEx
WriteConsoleW
FlushFileBuffers
RtlUnwind
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetFileAttributesExW

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_cfbr_encrypt_block
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_asn1_meth
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_HEADER_free
ASN1_HEADER_new
ASN1_IA5STRING_asn1_meth
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_encode
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_to_generalizedtime
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_sign
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new
BUF_memdup
BUF_strdup
BUF_strlcat
BUF_strlcpy
BUF_strndup
CAST_cbc_encrypt
CAST_cfb64_encrypt
CAST_decrypt
CAST_ecb_encrypt
CAST_encrypt
CAST_ofb64_encrypt
CAST_set_key
CBIGNUM_it
CERTIFICATEPOLICIES_free
CERTIFICATEPOLICIES_it
CERTIFICATEPOLICIES_new
COMP_CTX_free
COMP_CTX_new
COMP_compress_block
COMP_expand_block
COMP_rle
COMP_zlib
COMP_zlib_cleanup
CONF_dump_bio
CONF_dump_fp
CONF_free
CONF_get1_default_config_file
CONF_get_number

Sections

.text
Size: 708KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
skin/rooter.zip
.zip
ZCourseStepRoot.xml
.xml
ZDSAD.xml
.xml
ZDSConnectPhone.xml
.xml
ZDSPhoneNoRoot.xml
.xml
ZDSPhoneRemoveRooting.xml
.xml
ZDSPhoneRoot.xml
.xml
ZDSPhoneRooting.xml
.xml
ZDSRemoveRootFail.xml
.xml
ZDSRemoveRootSuc.xml
.xml
ZDSRootFail.xml
.xml
ZDSRootSuc.xml
.xml
ZDSWebShare.xml
.xml
about.png
.png
aboutwnd.xml
ad_install_zhuanjia.png
.png
banner.png
.png
banner_default.jpg
.jpg
banner_default.png
.png
banner_huishou.jpg
.jpg
btn_commonbule_down.png
.png
btn_commonbule_hot.png
.png
btn_commonbule_normal.png
.png
btn_commongreen_down.png
.png
btn_commongreen_hot.png
.png
btn_commongreen_normal.png
.png
btn_printscreen_save_down.png
.png
btn_printscreen_save_hot.png
.png
btn_printscreen_save_normal.png
.png
check_hot.png
.png
check_off.png
.png
check_on.png
.png
close.png
.png
close_small.png
.png
course_root.png
.png
find_dashi.jpg
.jpg
- http://weixin.qq.com/r/GnUaAm-E1jKprSth9yAI
flash.png
.png
game.png
.png
get_root.png
.png
gray.png
.png
green.png
.png
green_1.png
.png
green_2.png
.png
icon.png
.png
image_ret_main.png
.png
label_image_retbk.png
.png
label_image_rootsucbk.jpg
.jpg
label_image_rootsucbk.png
.png
logo.png
.png
main.xml
.xml
mainwnd.xml
.xml
meihua.png
.png
min.png
.png
msgbox.xml
.xml
opt.png
.png
progress_opt.png
.png
qq.png
.png
qqqunwnd.xml
.xml
red.png
.png
red_1.png
.png
red_2.png
.png
remove_root_finish.png
.png
reset_root.png
.png
rom.png
.png
root_logo.png
.png
rooting_bk.png
.png
rooting_progress.png
.png
uninstall.png
.png
uninstall_old.png
.png
usb_icon.png
.png
weibo.png
.png
skin/skin4.zip
.zip
BeautifyNext1.xml
.xml
BeautifyPreview.xml
.xml
BootAnimationPreview.xml
.xml
DownManager.png
.png
DownloadViewer.xml
.xml
FlashNext1.xml
.xml
FlashNext2.xml
.xml
FlashNext3.xml
.xml
FlashingStepGoFlash.xml
.xml
OperatorLogoPreview.xml
.xml
Star0.png
.png
Star1.png
.png
Star2.png
.png
Z2.png
.png
ZCourseStepRoot.xml
.xml
ZScreenshot.xml
.xml
aboutwnd.xml
.xml
ad_info.xml
.xml
adappmanage.xml
.xml
adappremove.xml
.xml
adappshowwnd.xml
.xml
apk.png
.png
app_list_item.xml
.xml
app_manager_refresh.png
.png
app_manager_remove.png
.png
app_manager_sys.png
.png
app_manager_user.png
.png
app_sys_list_item.xml
.xml
backup_phone_wnd.xml
.xml
baidurom.jpg
.jpg
baidurom.png
.png
banner.png
.png
being_dl_list_item.xml
.xml
blue.png
.png
blue_1.png
.png
blue_2.png
.png
blue_3.png
.png
bootanimation.jpg
.jpg
bootanimation.png
.png
btn_backup.png
.png
btn_backup_restore.png
.png
btn_beautify_install.png
.png
btn_beautifypage_disable.png
.png
btn_beautifypage_down.png
.png
btn_beautifypage_hot.png
.png
btn_beautifypage_normal.png
.png
btn_blue_disable.png
.png
btn_blue_down.png
.png
btn_blue_hover.png
.png
btn_blue_normal.png
.png
btn_bootani_install.png
.png
btn_bootani_preview.png
.png
btn_clean_psw.png
.png
btn_close.png
.png
btn_commongray_down.png
.png
btn_commongray_hot.png
.png
btn_commongray_normal.png
.png
btn_commongreen_down.png
.png
btn_commongreen_hot.png
.png
btn_commongreen_normal.png
.png
btn_course_down.png
.png
btn_evaluatevalue_down.png
.png
btn_evaluatevalue_hot.png
.png
btn_evaluatevalue_normal.png
.png
btn_finish_disable.png
.png
btn_finish_down.png
.png
btn_finish_hot.png
.png
btn_finish_normal.png
.png
btn_flashcommon_disable.png
.png
btn_flashcommon_down.png
.png
btn_flashcommon_hot.png
.png
btn_flashcommon_normal.png
.png
btn_gujia.png
.png
btn_modify_font.png
.png
btn_modify_skin.png
.png
btn_operatorlogo_install.png
.png
btn_operatorlogo_preview.png
.png
btn_phone_manager.png
.png
btn_printscreen_save_down.png
.png
btn_printscreen_save_hot.png
.png
btn_printscreen_save_normal.png
.png
btn_reboot.png
.png
btn_reboot_bootloader.png
.png
btn_reboot_recovery.png
.png
btn_rebootnow_down.png
.png
btn_rebootnow_hot.png
.png
btn_rebootnow_normal.png
.png
btn_refresh.png
.png
btn_restore_googlesvc.png
.png
btn_rom_down.png
.png
btn_save.png
.png
btn_screen_shot.png
.png
btn_small_sliver.png
.png
btn_tengxun_manager.png
.png
btn_ttf_trans.png
.jpg
btn_unlock.png
.png
canvas_cut_normal.png
.png
check_hot.png
.png
check_off.png
.png
check_on.png
.png
checkoff.png
.png
checkon.png
.png
choose.png
.png
choose_1.png
.png
choose_2.png
.png
chs.png
.png
cht.png
.png
clear_sl_pwd_wnd.xml
.xml
close.png
.png
close_small.png
.png
common_blue.png
.png
common_greemixblue.png
.png
common_orange.png
.png
connectui_error_block.png
.png
del_hot.png
.png
del_normal.png
.png
del_pressed.png
.png
deviceinfo.xml
.xml
dl_doing_list_item.xml
.xml
dl_finish_list_item.xml
.xml
down_hotimage.png
.png
down_normalimage.png
.png
down_pushimage.png
.png
download_done_button.png
.png
download_logo.png
.png
downloading_del.png
.png
downloading_paused.png
.png
downloading_start.png
.png
downviewer_button_normal.png
.png
downviewer_greemixblue.png
.png
dym_unconnect_usb.png
.png
dynamicbk.jpg
.jpg
en.png
.png
evaluatephone.xml
.xml
exitwnd.xml
.xml
flash.xml
.xml
flash_fail.png
.png
flash_folder.png
.png
flash_prepare_chking.png
.png
flash_suc.png
.png
flashprogress_bkimage.png
.png
flashprogress_foreimage.png
.png
font_install_down.png
.png
font_install_hot.png
.png
font_install_normal.png
.png
fontformat_transfer_wnd.xml
.xml
fontmanager.xml
.xml
godesktop_effect1.png
.png
godesktop_effect2.png
.png
godesktop_effect3.png
.png
godesktop_effect4.png
.png
godesktop_install_wnd.xml
godesktop_logo.png
.png
godesktop_typetip.png
.png
godesktop_use.png
.png
goscheme.png
.png
gray.png
.png
gray_1.png
.png
gray_2.png
.png
gray_3.png
.png
gray_down.png
.png
gray_font.png
.png
green.png
.png
green_1.png
.png
green_2.png
.png
hscroll.png
.png
icon.png
.png
iconb.png
.png
image_ROOTbanner.png
.png
jxyy.png
.png
labe_image_previewdefault.png
.png
label_bkimage_fonttrans.png
.png
label_image_beginflash.png
.png
label_image_calendarsyn.png
.png
label_image_clear_pwd.png
.png
label_image_contactssyn.png
.png
label_image_enterautoflash.png
.png
label_image_evalutevalue.png
.png
label_image_flashfail.png
.png
label_image_flashprepare.png
.png
label_image_gmail.png
.png
label_image_goflashcaption.png
.png
label_image_googleinstallfail.png
.png
label_image_googleinstallok.png
.png
label_image_googleplay.png
.png
label_image_installrecovery.png
.png
label_image_partofphone.png
.png
label_image_preparedone.png
.png
label_image_preparefail.png
.png
label_image_pushrom.png
.png
label_image_unlock_phone.png
.png
label_operatorlogo_bkimage.png
.png
label_operatorlogo_statusbar.jpg
.jpg
label_operatorlogo_statusbar.png
.png
linked.png
.png
list_header_sep.png
.png
load_bk.png
.png
loading.png
.png
lockbk.jpg
.jpg
lockbk.png
.png
logo.png
.png
main_logo.png
.png
mainbk.png
.png
mainwnd.xml
.xml
message.png
.png
min.png
.png
min_gray.png
.png
miuirom.jpg
.jpg
miuirom.png
.png
mobileicon.jpg
.jpg
mobileicon.png
.png
more.png
.png
more.xml
.xml
msgbox.xml
.xml
new.png
.png
offline_auth.png
.png
page_1.png
.png
page_2.png
.png
page_3.png
.png
page_4.png
.png
paused_hot.png
.png
paused_normal.png
.png
paused_pressed.png
.png
phoneunconnectview.png
.png
pic.png
.png
qqqunwnd.xml
.xml
rar.png
.png
reboot_phone_wnd.xml
.xml
red.png
.png
red_1.png
.png
red_2.png
.png
regroup_down.png
.png
regroup_normal.png
.png
regroup_stay.png
.png
remove_app_list_item.xml
.xml
replacefont.jpg
.jpg
replacefont.png
.png
restore_defaultres_wnd.xml
.xml
restore_googlesvc_wnd.xml
.xml
restore_list_item.xml
.xml
restore_list_item_test.xml
restore_phone_wnd.xml
.xml
return.png
.png
romzj.jpg
.jpg
romzj.png
.png
root.xml
.xml
root_fail.png
.png
root_suc.png
.png
run_adtool_pgs.png
.png
run_adtool_pgs_bk.png
.png
runtoolboxad.xml
.xml
save.png
.png
save_1.png
.png
save_2.png
.png
sc_bootloader.png
.png
sc_bootloader_hot.png
.png
sc_bootloader_pressed.png
.png
sc_reboot.png
.png
sc_reboot_hot.png
.png
sc_reboot_pressed.png
.png
sc_recovery.png
.png
sc_recovery_hot.png
.png
sc_recovery_pressed.png
.png
sc_remove_system_app.png
.png
sc_remove_system_app_hot.png
.png
sc_remove_system_app_pressed.png
.png
sc_root.png
.png
sc_root_hot.png
.png
sc_root_pressed.png
.png
sc_yanji.png
.png
sc_yanji_hot.png
.png
sc_yanji_pressed.png
.png
screenshot_unlink.png
.png
screenshotwnd.xml
.xml
scroll.png
.png
selected.png
.png
shortcut.xml
.xml
sjrom.jpg
.jpg
sjrom.png
.png
start_hot.png
.png
start_normal.png
.png
start_pressed.png
.png
staticbk.jpg
.jpg
staticbk.png
.png
step1.png
.png
step2.png
.png
step3.png
.png
toolbox.xml
.xml
toolbox_popup_loading.png
.png
toolbox_root.png
.png
toolbox_root_new.png
.png
toolbox_test.xml
.xml
unconnect_default_nom.png
.png
uninstall_down.png
.png
uninstall_normal.png
.png
uninstall_stay.png
.png
unlinked.png
.png
unlockphone.xml
.xml
web_navi_back.png
.png
web_navi_forward.png
.png
web_navi_home.png
.png
web_navi_reload.png
.png
weixin.jpg
.jpg
- http://weixin.qq.com/r/GnUaAm-E1jKprSth9yAI
white.png
.png
xfrom.jpg
.jpg
xfrom.png
.png
zmaster.jpg
.png
sqlite3.dll
.dll windows:4 windows x86 arch:x86

b8e22dd782d9c959454fa4df2d5b336f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bd:1c:56:11:aa:70:e3:d1:c3:78:03:19:7d:83:14:b2:e3:e4:d9:0f
Signer

Actual PE Digest

bd:1c:56:11:aa:70:e3:d1:c3:78:03:19:7d:83:14:b2:e3:e4:d9:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FreeLibrary
GetCurrentThreadId
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetProcAddress
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetVersionExA
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LockFile
LockFileEx
MultiByteToWideChar
ReadFile
SetEndOfFile
SetFilePointer
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
UnlockFile
WideCharToMultiByte
WriteFile

msvcrt

atoi
free
isalnum
isdigit
isspace
isxdigit
localtime
malloc
memcpy
memmove
memset
realloc
strcmp
strncmp
strncpy
tolower
toupper

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_apis
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_realloc
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_step
sqlite3_thread_cleanup
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vmprintf

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssleay32.dll
.dll windows:6 windows x86 arch:x86

801b79e192bc3089d0195b3735f2832e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

35:96:47:38:0b:e9:25:c2:b9:aa:41:5d:06:fe:aa:b3:1f:37:ed:9b
Signer

Actual PE Digest

35:96:47:38:0b:e9:25:c2:b9:aa:41:5d:06:fe:aa:b3:1f:37:ed:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libeay32

ord2927
ord285
ord3695
ord3570
ord2924
ord2929
ord3010
ord3178
ord2578
ord3663
ord3422
ord3729
ord3575
ord3512
ord3608
ord3459
ord3480
ord3550
ord3666
ord3644
ord866
ord635
ord2747
ord2784
ord2572
ord964
ord965
ord3489
ord907
ord87
ord486
ord497
ord484
ord205
ord206
ord216
ord3165
ord282
ord2877
ord3711
ord3682
ord3719
ord577
ord763
ord572
ord4046
ord170
ord481
ord3418
ord1096
ord1097
ord3896
ord3816
ord3888
ord3891
ord2589
ord2915
ord333
ord1144
ord1145
ord3823
ord3846
ord2292
ord1081
ord623
ord622
ord679
ord3837
ord267
ord503
ord1012
ord3631
ord3479
ord3664
ord3737
ord3633
ord3675
ord341
ord1011
ord266
ord264
ord541
ord3925
ord3922
ord3124
ord2702
ord2898
ord3288
ord3767
ord3758
ord3704
ord3647
ord3857
ord3365
ord3766
ord3460
ord4114
ord3454
ord3394
ord3754
ord1655
ord914
ord1041
ord1027
ord1025
ord1004
ord3315
ord1005
ord187
ord3866
ord3826
ord78
ord66
ord53
ord67
ord65
ord74
ord98
ord58
ord892
ord890
ord897
ord248
ord364
ord316
ord1010
ord629
ord626
ord628
ord630
ord3437
ord3527
ord3378
ord3414
ord3495
ord3399
ord3559
ord575
ord636
ord2051
ord2478
ord246
ord3657
ord3396
ord93
ord1100
ord1023
ord2524
ord3505
ord3595
ord3610
ord657
ord401
ord891
ord887
ord889
ord4045
ord2475
ord1671
ord189
ord1147
ord314
ord315
ord956
ord750
ord3205
ord279
ord283
ord748
ord280
ord774
ord751
ord2181
ord1959
ord400
ord399
ord3513
ord716
ord822
ord718
ord824
ord8
ord7
ord3700
ord32
ord3623
ord37
ord35
ord703
ord1091
ord88
ord2426
ord86
ord680
ord1101
ord3314
ord3312
ord3313
ord299
ord304
ord329
ord318
ord325
ord3155
ord2996
ord292
ord293
ord2252
ord91
ord955
ord225
ord247
ord3724
ord313
ord256
ord274
ord276
ord3883
ord3899
ord219
ord830
ord727
ord201
ord203
ord202
ord498
ord495
ord2760
ord31
ord128
ord120
ord118
ord123
ord151
ord110
ord111
ord912
ord909
ord3239
ord3879
ord109
ord89
ord961
ord3067
ord2894
ord3874
ord3841
ord323
ord2936
ord3844
ord354
ord3244
ord3245
ord464
ord289
ord3836
ord493
ord3906
ord911
ord2201
ord2206
ord654
ord857
ord754
ord641
ord281
ord290
ord269
ord3109
ord2821
ord2630
ord3873
ord222
ord252
ord490
ord85
ord52
ord181
ord188
ord176
ord903
ord910
ord904
ord901
ord905
ord2411
ord1653
ord1654
ord168
ord167
ord1007
ord169

kernel32

SetEnvironmentVariableA
LCMapStringW
CompareStringW
HeapSize
LoadLibraryW
OutputDebugStringW
WriteConsoleW
SetFilePointerEx
SetStdHandle
CloseHandle
GetStringTypeW
RtlUnwind
LoadLibraryExW
HeapReAlloc
HeapAlloc
GetModuleFileNameW
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
InterlockedIncrement
GetStartupInfoW
GetFileType
GetStdHandle
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
InterlockedDecrement
Sleep
HeapFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WideCharToMultiByte
DecodePointer
IsDebuggerPresent
EncodePointer
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLastError
SetLastError
CreateFileW

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_cmp
SSL_SESSION_free
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_hash
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_free
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_shutdown
SSL_set_ssl_method
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe.nsis
zdsspriter.apk
.apk android

com.dashi.shuajizhuanjia

.SocketPointActivity

Activities

.SocketPointActivity

android.intent.action.MAIN

.StartScreenActivity

android.intent.action.MAIN

.ZhuanqianZhushouAppInstallActivity

android.intent.action.MAIN

.SendNotificationActivity

android.intent.action.VIEW

com.igexin.sdk.SdkActivity

com.igexin.action.popupact.com.dashi.shuajizhuanjia

com.dashi.mypush.Push_WebViewActivity

android.intent.action.VIEW

Permissions

android.permission.WRITE_EXTERNAL_STORAGE
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.ACCESS_NETWORK_STATE
android.permission.ACCESS_WIFI_STATE
android.permission.INTERNET
android.permission.READ_PHONE_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.SYSTEM_OVERLAY_WINDOW
android.permission.GET_TASKS
android.permission.RESTART_PACKAGES
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.WRITE_SETTINGS
android.permission.CAMERA
android.permission.GET_PACKAGE_SIZE
android.permission.CLEAR_APP_CACHE
android.permission.CHANGE_NETWORK_STATE
android.permission.BLUETOOTH
android.permission.BLUETOOTH_ADMIN
android.permission.CHANGE_WIFI_STATE
android.permission.FLASHLIGHT
android.permission.READ_CONTACTS
android.permission.CALL_PHONE
com.android.launcher.permission.UNINSTALL_SHORTCUT
com.android.launcher.permission.INSTALL_SHORTCUT
android.permission.READ_LOGS
android.permission.WAKE_LOCK
android.permission.VIBRATE
android.permission.RECEIVE_USER_PRESENT
android.permission.BROADCAST_STICKY
android.permission.DISABLE_KEYGUARD
android.permission.ACCESS_COARSE_LOCATION
android.permission.INTERACT_ACROSS_USERS_FULL
android.permission.MOUNT_UNMOUNT_FILESYSTEMS
android.permission.READ_LOGS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.READ_CONTACTS
android.permission.WRITE_CONTACTS
android.permission.RECEIVE_SMS
android.permission.SEND_SMS
android.permission.WAKE_LOCK

Receivers

.service.AcceptMessageBroadcast

shuajizhuanjia.start.CONNECTPC

.service.ClosePC_Broardcast

shuajizhuanjia.start.Close_CONNECTPC

.service.PowerBroardcastReceiver

android.intent.action.ACTION_POWER_DISCONNECTED

.service.NotificationRunAppReceiver

android.intent.action.ACTION_NOTIFICATION_RUNAPP_New

.UpdateAdEventBroadcastReceiver

com.dashi.shuajizhuanjia_com.dashi.smartstore.updateEvent

com.dashi.shuajizhuanjia.GexinSdkMsgReceiver

com.igexin.sdk.action.MZE1XX5kwx8Wu12z5JyXTA

com.igexin.sdk.SdkReceiver

android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

com.igexin.sdk.coordinator.NotificationCenterAIDLReceiver

com.igexin.sdk.action.refreshls

sdk.download.DownloadReceiver

android.net.conn.CONNECTIVITY_CHANGE

com.dashi.mypush.Push_NetWorkBroadCast

android.net.conn.CONNECTIVITY_CHANGE
android.intent.action.USER_PRESENT

Services

.service.AcceptMessageService

shuajizhuanjia.start.CONNECTPC

.service.ClosePC_ConnectService

shuajizhuanjia.start.Close_CONNECTPC
zhuodashi3.exe
.exe windows:5 windows x86 arch:x86

284dddff13303359938c286a139a6d3d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

04/02/2015, 00:00

Not After

05/05/2016, 23:59

Subject

CN=北京耘升天下科技有限公司,OU=IT,O=北京耘升天下科技有限公司,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:9f:0b:7d:1b:d1:44:66:1b:af:21:a6:89:88:ae:f2:3d:56:62:e8
Signer

Actual PE Digest

3a:9f:0b:7d:1b:d1:44:66:1b:af:21:a6:89:88:ae:f2:3d:56:62:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\work\zhuodashi\Release\zhuodashi3.pdb

Imports

kernel32

SetCurrentDirectoryA
HeapReAlloc
GetModuleHandleW
ExitProcess
GetSystemTimeAsFileTime
Sleep
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetFullPathNameA
GetFileType
GetCurrentDirectoryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetEnvironmentVariableA
GetCurrentThreadId
ExitThread
HeapFree
HeapAlloc
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
lstrlenW
LocalFree
DecodePointer
SetLastError
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetModuleFileNameW
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapSize
LoadLibraryW
GetLocaleInfoW
SetHandleCount
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetDriveTypeW
EncodePointer
SetEndOfFile
GetProcessHeap
WriteConsoleW
CompareStringW
GetExitCodeProcess
CreateFileW
DeviceIoControl
FreeEnvironmentStringsA
GetEnvironmentStrings
GetDiskFreeSpaceA
GlobalMemoryStatus
LoadLibraryA
InterlockedDecrement
GetFileInformationByHandle
FileTimeToSystemTime
SetFileTime
GetFileAttributesA
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
CreateMutexA
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
GetStartupInfoA
GetTickCount
RemoveDirectoryA
FindNextFileA
FindClose
FindFirstFileA
PeekNamedPipe
GetVersionExA
InterlockedIncrement
MoveFileExA
GetTempPathA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceA
CreateDirectoryA
GetExitCodeThread
MoveFileA
CopyFileA
OutputDebugStringA
GetModuleFileNameA
TerminateProcess
ReleaseSemaphore
OpenSemaphoreA
MultiByteToWideChar
WideCharToMultiByte
CreateSemaphoreA
lstrlenA
CreateThread
InterlockedExchange
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
WaitForMultipleObjects
ResetEvent
WaitForSingleObject
DeleteCriticalSection
SetEvent
InitializeCriticalSection
CreateEventA
SetFilePointer
WriteFile
GetFileSize
CreateFileA
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
ReadFile
CreateProcessA
GetStdHandle
SetHandleInformation
GetLastError
CreatePipe
CloseHandle
WaitForSingleObjectEx
TerminateThread
DeleteFileA
SetStdHandle
SetFileAttributesA

user32

IsWindow
SendMessageA
PostMessageA
GetWindowLongA
SetWindowLongA
IsIconic
GetWindowRect
SetWindowRgn
ScreenToClient
GetClientRect
GetMonitorInfoA
MonitorFromWindow
ClientToScreen
UnregisterDeviceNotification
IsZoomed
RegisterDeviceNotificationA
FindWindowA
GetForegroundWindow
SetActiveWindow
GetSystemMetrics
LoadImageA
wsprintfA
SetFocus
GetParent
ShowWindow
PtInRect
SetTimer
KillTimer
SendMessageTimeoutA
PostQuitMessage
SetForegroundWindow
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
SetWindowPos

gdi32

StretchBlt
SetStretchBltMode
CreateCompatibleDC
DeleteDC
SelectObject
GetObjectA
CreateDIBSection
CreateRectRgn
DeleteObject
CreateRoundRectRgn

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetFolderPathA
SHFileOperationA
SHGetMalloc
ShellExecuteA
ShellExecuteExA
SHGetSpecialFolderPathA

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VariantCopy
SysFreeString
VariantChangeType
VariantInit
VariantClear
SysAllocString

wininet

InternetCloseHandle
InternetOpenA
InternetSetStatusCallback
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFileExA
HttpEndRequestA
InternetOpenUrlA
InternetReadFile
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
InternetQueryOptionA
HttpAddRequestHeadersA

shlwapi

PathFileExistsA
StrStrIA
PathIsDirectoryA

sqlite3

sqlite3_column_double
sqlite3_mprintf
sqlite3_step
sqlite3_finalize
sqlite3_column_int
sqlite3_busy_timeout
sqlite3_prepare_v2
sqlite3_column_int64
sqlite3_column_text
sqlite3_column_count
sqlite3_open
sqlite3_free
sqlite3_changes
sqlite3_column_type
sqlite3_column_name
sqlite3_errmsg
sqlite3_close
sqlite3_exec

gdiplus

GdipGetImageEncoders
GdipGetImageEncodersSize
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipSaveImageToFile
GdipDisposeImage

duilib

?GetLinkContent@CTextUI@DuiLib@@QAEPAVCDuiString@2@H@Z
?Invalidate@CControlUI@DuiLib@@QAEXXZ
??0CHorizontalLayoutUI@DuiLib@@QAE@XZ
?InitWindow@WindowImplBase@DuiLib@@UAEXXZ
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?DoPaint@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CListContainerElementUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CListContainerElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetEnabled@CListContainerElementUI@DuiLib@@UAEX_N@Z
?SetVisible@CListContainerElementUI@DuiLib@@UAEX_N@Z
?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ
?GetControlFlags@CListContainerElementUI@DuiLib@@UBEIXZ
?GetInterface@CListContainerElementUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CListContainerElementUI@DuiLib@@UBEPBDXZ
?GetValue@CProgressUI@DuiLib@@QBEHXZ
?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
??0CListContainerElementUI@DuiLib@@QAE@XZ
??1WindowImplBase@DuiLib@@UAE@XZ
??0WindowImplBase@DuiLib@@QAE@XZ
?messageMap@WindowImplBase@DuiLib@@1UDUI_MSGMAP@2@B
??1CButtonUI@DuiLib@@UAE@XZ
?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CButtonUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CButtonUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z
?Activate@CButtonUI@DuiLib@@UAE_NXZ
?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ
?GetInterface@CButtonUI@DuiLib@@UAEPAXPBD@Z
?SetPushedImage@CButtonUI@DuiLib@@QAEXPBD@Z
?SetHotImage@CButtonUI@DuiLib@@QAEXPBD@Z
?SetNormalImage@CButtonUI@DuiLib@@QAEXPBD@Z
??0CButtonUI@DuiLib@@QAE@XZ
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttribute@CLabelUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetText@CLabelUI@DuiLib@@UAEXPBD@Z
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetInterface@CLabelUI@DuiLib@@UAEPAXPBD@Z
??1CLabelUI@DuiLib@@UAE@XZ
??0CLabelUI@DuiLib@@QAE@XZ
?DoPostPaint@CVerticalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CVerticalLayoutUI@DuiLib@@UAEXPBD0@Z
?SetPos@CVerticalLayoutUI@DuiLib@@UAEXUtagRECT@@@Z
?GetControlFlags@CVerticalLayoutUI@DuiLib@@UBEIXZ
?GetInterface@CVerticalLayoutUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CVerticalLayoutUI@DuiLib@@UBEPBDXZ
?DoEvent@CVerticalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?PostMessageA@CWindowWnd@DuiLib@@QAEJIIJ@Z
?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z
?SetVirtualWnd@CControlUI@DuiLib@@QAEXPBD@Z
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z
?GetPaintWindow@CPaintManagerUI@DuiLib@@QBEPAUHWND__@@XZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PBDKKHHHHPAUHMENU__@@@Z
?NotifyPump@CNotifyPump@DuiLib@@QAEXAAUtagTNotifyUI@2@@Z
?SetValue@CProgressUI@DuiLib@@QAEXH@Z
??1CNotifyPump@DuiLib@@QAE@XZ
??0CNotifyPump@DuiLib@@QAE@XZ
?messageMap@CNotifyPump@DuiLib@@1UDUI_MSGMAP@2@B
?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CContainerUI@DuiLib@@UAEXPBD0@Z
?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z
?DoEvent@CContainerUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetPos@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?GetInterface@CContainerUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CContainerUI@DuiLib@@UBEPBDXZ
?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z
?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z
?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ
?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z
?EndRight@CContainerUI@DuiLib@@UAEXXZ
??0CProgressUI@DuiLib@@QAE@XZ
?PageRight@CContainerUI@DuiLib@@UAEXXZ
?PageLeft@CContainerUI@DuiLib@@UAEXXZ
?LineRight@CContainerUI@DuiLib@@UAEXXZ
?LineLeft@CContainerUI@DuiLib@@UAEXXZ
?EndDown@CContainerUI@DuiLib@@UAEXXZ
?HomeUp@CContainerUI@DuiLib@@UAEXXZ
?PageDown@CContainerUI@DuiLib@@UAEXXZ
?PageUp@CContainerUI@DuiLib@@UAEXXZ
?LineDown@CContainerUI@DuiLib@@UAEXXZ
?LineUp@CContainerUI@DuiLib@@UAEXXZ
?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ
?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z
?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ
?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z
?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ
?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z
?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ
?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z
?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ
?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?SetAttribute@CHorizontalLayoutUI@DuiLib@@UAEXPBD0@Z
?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z
?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z
?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetVisible@CContainerUI@DuiLib@@UAEX_N@Z
?SetPos@CHorizontalLayoutUI@DuiLib@@UAEXUtagRECT@@@Z
?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z
?GetControlFlags@CHorizontalLayoutUI@DuiLib@@UBEIXZ
?GetInterface@CHorizontalLayoutUI@DuiLib@@UAEPAXPBD@Z
?GetClass@CHorizontalLayoutUI@DuiLib@@UBEPBDXZ
??0CDelegateBase@DuiLib@@QAE@PAX0@Z
??0CDelegateBase@DuiLib@@QAE@ABV01@@Z
?GetObjectA@CDelegateBase@DuiLib@@IAEPAXXZ
??1CDelegateBase@DuiLib@@UAE@XZ
??YCEventSource@DuiLib@@QAEXABVCDelegateBase@1@@Z
?GetCurSel@CTabLayoutUI@DuiLib@@QBEHXZ
?Refresh@CWebBrowserUI@DuiLib@@QAEXXZ
?GoForward@CWebBrowserUI@DuiLib@@QAEXXZ
?GetImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBD@Z
?LoadImageA@CRenderEngine@DuiLib@@SAPAUtagTImageInfo@2@VSTRINGorID@2@PBDK@Z
?IsEmpty@CDuiString@DuiLib@@QBE_NXZ
?Empty@CDuiString@DuiLib@@QAEXXZ
?SmallFormat@CDuiString@DuiLib@@QAAHPBDZZ
?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@PBD1@Z
?GetClass@CProgressUI@DuiLib@@UBEPBDXZ
?GetInterface@CProgressUI@DuiLib@@UAEPAXPBD@Z
?GoBack@CWebBrowserUI@DuiLib@@QAEXXZ
?SelectItem@CTabLayoutUI@DuiLib@@QAE_NH@Z
?SetWebBrowserEventHandler@CWebBrowserUI@DuiLib@@QAEXPAVCWebBrowserEventHandler@2@@Z
??1CContainerUI@DuiLib@@UAE@XZ
??0CContainerUI@DuiLib@@QAE@XZ
?RemoveAll@CContainerUI@DuiLib@@UAEXXZ
?RemoveAt@CContainerUI@DuiLib@@UAE_NH@Z
?Remove@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z
?GetCount@CContainerUI@DuiLib@@UBEHXZ
?SetItemIndex@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z
?GetItemIndex@CContainerUI@DuiLib@@UBEHPAVCControlUI@2@@Z
?GetItemAt@CContainerUI@DuiLib@@UBEPAVCControlUI@2@H@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?GetResourceID@WindowImplBase@DuiLib@@UBEPBDXZ
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?SetCheck@CCheckBoxUI@DuiLib@@QAEX_N@Z
?SendMessageA@CWindowWnd@DuiLib@@QAEJIIJ@Z
?SetAttribute@CProgressUI@DuiLib@@UAEXPBD0@Z
?GetRoot@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@XZ
?HomeLeft@CContainerUI@DuiLib@@UAEXXZ
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?SetTextColor@CRichEditUI@DuiLib@@QAEXK@Z
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PBD@Z
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
??0CDuiString@DuiLib@@QAE@PBDH@Z
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?GetWebBrowser2@CWebBrowserUI@DuiLib@@QAEPAUIWebBrowser2@@XZ
?SetDisabledTextColor@CLabelUI@DuiLib@@QAEXK@Z
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?GetCheck@CCheckBoxUI@DuiLib@@QBE_NXZ
??0CDuiString@DuiLib@@QAE@ABV01@@Z
??0CVerticalLayoutUI@DuiLib@@QAE@XZ
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPBD_N@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
??HCDuiString@DuiLib@@QBE?AV01@PBD@Z
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPBD@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?MakeLower@CDuiString@DuiLib@@QAEXXZ
?ApplyAttributeList@CControlUI@DuiLib@@QAEPAV12@PBD@Z
?Empty@CStdPtrArray@DuiLib@@QAEXXZ
?Add@CStdPtrArray@DuiLib@@QAE_NPAX@Z
??ACStdPtrArray@DuiLib@@QBEPAXH@Z
?GetSize@CStdPtrArray@DuiLib@@QBEHXZ
?DrawImageString@CRenderEngine@DuiLib@@SA_NPAUHDC__@@PAVCPaintManagerUI@2@ABUtagRECT@@2PBD3@Z
?RemoveImage@CPaintManagerUI@DuiLib@@QAE_NPBD@Z
?AddImage@CPaintManagerUI@DuiLib@@QAEPBUtagTImageInfo@2@PBD0K@Z
??1CStdPtrArray@DuiLib@@QAE@XZ
??0CStdPtrArray@DuiLib@@QAE@H@Z
?SetFont@CRichEditUI@DuiLib@@QAEXH@Z
?GetClass@CControlUI@DuiLib@@UBEPBDXZ
?FreeImage@CRenderEngine@DuiLib@@SAXPBUtagTImageInfo@2@@Z
?DrawImage@CRenderEngine@DuiLib@@SAXPAUHDC__@@PAUHBITMAP__@@ABUtagRECT@@222_NE333@Z
?SetScrollRange@CScrollBarUI@DuiLib@@QAEXH@Z
?SendNotify@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@PBDIJ_N@Z
??0CWindowWnd@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@XZ
??1CPaintManagerUI@DuiLib@@QAE@XZ
?OnFinalMessage@CWindowWnd@DuiLib@@MAEXPAUHWND__@@@Z
??8CDuiString@DuiLib@@QBE_NPBD@Z
??1CDuiString@DuiLib@@QAE@XZ
?Close@CWindowWnd@DuiLib@@QAEXI@Z
??BCWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?Init@CPaintManagerUI@DuiLib@@QAEXPAUHWND__@@@Z
??0CDialogBuilder@DuiLib@@QAE@XZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PBDPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PBD@Z
?GetRoundCorner@CPaintManagerUI@DuiLib@@QBE?AUtagSIZE@@XZ
??0CDuiRect@DuiLib@@QAE@XZ
?Offset@CDuiRect@DuiLib@@QAEXHH@Z
?GetCaptionRect@CPaintManagerUI@DuiLib@@QAEAAUtagRECT@@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z
?GetWidth@CDuiRect@DuiLib@@QBEHXZ
?GetHeight@CDuiRect@DuiLib@@QBEHXZ
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?HandleMessage@CWindowWnd@DuiLib@@MAEJIIJ@Z
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPBDXZ
??1CDialogBuilder@DuiLib@@QAE@XZ
?SetHomePage@CWebBrowserUI@DuiLib@@QAEXPBD@Z
?NavigateHomePage@CWebBrowserUI@DuiLib@@QAEXXZ
??0CControlUI@DuiLib@@QAE@XZ
??1CControlUI@DuiLib@@UAE@XZ
??0CDuiString@DuiLib@@QAE@XZ
?KillTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@I@Z
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?SetTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@II@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
?Format@CDuiString@DuiLib@@QAAHPBDZZ
?GetData@CDuiString@DuiLib@@QBEPBDXZ
?SetBkImage@CControlUI@DuiLib@@QAEXPBD@Z
??BCDuiString@DuiLib@@QBEPBDXZ
??4CDuiString@DuiLib@@QAEABV01@PBD@Z
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPBD0@Z
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetName@CControlUI@DuiLib@@UAEXPBD@Z
?GetInterface@CControlUI@DuiLib@@UAEPAXPBD@Z
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CControlUI@DuiLib@@UAEXPBD@Z
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z
?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ
?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetToolTip@CControlUI@DuiLib@@UAEXPBD@Z
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?GetShortcut@CControlUI@DuiLib@@UBEDXZ
?SetShortcut@CControlUI@DuiLib@@UAEXD@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?SetUserData@CControlUI@DuiLib@@UAEXPBD@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?Init@CControlUI@DuiLib@@UAEXXZ

zlib

?GetZipFileList@@YAXHPAD@Z
?CompareFile@@YA_NHPBD@Z
?CloseZip1@@YAXH_N@Z
?GetZipFileSize@@YAHHPAD@Z
?ReadZipFile@@YAHHPAD0PAXH@Z
?OpenZip1@@YAHPBD@Z

devices

?get@DEVICE_MODEL@@YAHPAD0PBD1@Z

ws2_32

socket
connect
gethostbyname
WSAEnumNetworkEvents
WSAEventSelect
inet_addr
htons
htonl
setsockopt
shutdown
WSAGetLastError
WSACreateEvent
closesocket
recv
send
WSACleanup
WSAStartup

httpftp

HttpFtp_Downloader_GetSpeed
HttpFtp_Downloader_GetLeftTime
HttpFtp_Downloader_GetLeftSize
HttpFtp_Downloader_Load
HttpFtp_Startup
HttpFtp_SetVerInfo
HttpFtp_Downloader_GetDownloadedSize
HttpFtp_Downloader_GetFileSize
HttpFtp_Downloader_GetLastError
HttpFtp_Downloader_Stop
HttpFtp_Downloader_Resume
HttpFtp_Downloader_GetState
HttpFtp_Downloader_Release
HttpFtp_Downloader_Initialize
HttpFtp_Downloader_GetPercentDone

libeay32

ord657
ord181
ord653
ord641
ord251
ord260
ord2656
ord266
ord3067
ord256
ord2894
ord255
ord3836
ord3873
ord2644
ord961
ord323
ord585

ssleay32

ord108
ord78
ord74
ord183
ord110
ord75
ord87
ord43
ord130
ord127
ord61
ord96
ord48
ord8
ord12

netapi32

Netbios

Sections

.text
Size: 997KB - Virtual size: 996KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cbCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19Certificate

Extended Key Usages

Key Usages

aa:e8:f5:9c:a6:29:ca:94:76:5d:8d:40:46:27:f5:98:9b:6b:7d:76Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 72KB

.rsrc Size: 17KB - Virtual size: 17KB

db2755f409b81c4dbfc04f648cfb80b9

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 987B

.reloc Size: 512B - Virtual size: 66B

baf2d405231cd43dae48df474a521d01

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comctl32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 947B

.data Size: - Virtual size: 24B

.reloc Size: 512B - Virtual size: 284B

df38729be926f91d3390389029adf53b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 797B

.data Size: - Virtual size: 16B

.reloc Size: 512B - Virtual size: 254B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

15:9a:b5:bc:01:e8:84:59:95:4d:bf:d1:8a:a1:75:19
Certificate

aa:e8:f5:9c:a6:29:ca:94:76:5d:8d:40:46:27:f5:98:9b:6b:7d:76
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 72KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 1024B - Virtual size: 987B

.reloc
Size: 512B - Virtual size: 66B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 947B

.data
Size: - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 284B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 797B

.data
Size: - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 254B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 1024B - Virtual size: 934B

.rdata
Size: 512B - Virtual size: 377B

.data
Size: - Virtual size: 20B

.reloc
Size: 512B - Virtual size: 284B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate